funkynator | 18.09.2013 19:18 | Gut hat sich doch installieren lassen :)
Hier die FRST.txt und danach die Additions:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-09-2013 03
Ran by Nonnweiler (administrator) on DER0815 on 18-09-2013 20:15:44
Running from C:\Users\Nonnweiler\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Just Develop It) C:\Program Files\MyPC Backup\BackupStack.exe
() C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
() C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Windows\system32\PnkBstrA.exe
(Pear Media, LLC) C:\Program Files\Chatango\Chatango.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(MyPCBackup.com) C:\Program Files\MyPC Backup\MyPC Backup.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\IELowutil.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_174_ActiveX.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [My Web Search Bar Search Scope Monitor] - "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [DataMgr] - C:\Users\Nonnweiler\AppData\Roaming\DataMgr\datamgr.exe [168264 2012-10-16] (HTTO Group, Ltd.)
HKCU\...\Run: [Protector] - C:\Users\Nonnweiler\AppData\Roaming\SDIV 2.0\Prot\prot.vbs [289 2012-09-12] ()
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [Google Update] - C:\Users\Nonnweiler\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-16] (Google Inc.)
HKCU\...\Run: [Chatango] - C:\Program Files\Chatango\Chatango.exe [356352 2008-02-05] (Pear Media, LLC)
HKCU\...\Run: [Steam] - C:\Program Files\Steam\Steam.exe [1811368 2013-09-06] (Valve Corporation)
Startup: C:\Users\Nonnweiler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
BootExecute: sasnative32autocheck autochk *
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.fbdownloader.com/?channel=sfde203fbdgy21
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x303D08A28A75CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = https://www.google.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKLM - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ts=1366530748457&tguid=43169-3580-1366530725006-437770&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1817084517134310&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=865195055&q={searchTerms}
SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.good-results.info/?l=1&q={searchTerms}
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ts=1366530748457&tguid=43169-3580-1366530725006-437770&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://isearch.babylon.com/?q={searchTerms}&babsrc=SP_ss_Btisdt4&mntrId=DC4F7071BCB83C56&affID=121565&tsp=5007
SearchScopes: HKCU - BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://isearch.babylon.com/?q={searchTerms}&babsrc=SP_ss_Btisdt4&mntrId=DC4F7071BCB83C56&affID=121565&tsp=5007
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {6F141E82-4B40-4282-900D-5513149F6DBB} URL = hxxp://search.softonic.com/INF1205T01/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=46
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://search.fbdownloader.com/search.php?channel=sfde203fbdgy21&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1817084517134310&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.good-results.info/?l=1&q={searchTerms}
SearchScopes: HKCU - {BC07CE8D-C742-4D41-97A5-26AB4E0F759A} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=112542&tt=120912_cpc_3812_4&babsrc=SP_ss&mntrId=dc4f98f80000000000007071bcb83c56
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb178/?search={searchTerms}&loc=IB_DS&a=6R8ELn5TKV&i=26
SearchScopes: HKCU - {D6097053-BE8C-446B-87B2-1CE75F3A11BF} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=3537D75B-458D-4A5E-8ECA-ED764A87E77C&apn_sauid=0F5C1127-AA35-43C4-A13D-890830C3B1D4
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=12&q={searchTerms}
BHO: No Name - {2EECD738-5844-4a99-B4B6-146BF802613B} - No File
BHO: No Name - {553318DA-D010-469E-84B1-496563CAE1BF} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {34DC66DB-E913-40A1-A2DD-53A1B9E90CAC} https://col0-sec.mail.live.com/mail/resources/MailMigrationTool.cab
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.203.0.cab
DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab
DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin: @ei.Retrogamer_4w.com/Plugin - C:\Program Files\Retrogamer_4wEI\Installr\1.bin\NP4wEISB.dll (Retrogamer)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/DownloadManager,version=1.1 - C:\Windows\ ()
FF Plugin: @mywebsearch.com/Plugin - C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll No File
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Nonnweiler\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Nonnweiler\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Web Search.xml
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM\...\Firefox\Extensions: [m3ffxtbr@mywebsearch.com] - C:\Program Files\MyWebSearch\bar\1.bin
FF Extension: My Web Search - C:\Program Files\MyWebSearch\bar\1.bin
FF HKLM\...\Firefox\Extensions: [ocr@babylon.com] - C:\Program Files\Babylon\Babylon-Pro\Utils\ocr@babylon.com
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\NONNWE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\NONNWE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\NONNWE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Battlefield Heroes) - C:\Users\NONNWE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0
CHR Extension: (Google Search) - C:\Users\NONNWE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Delta Toolbar) - C:\Users\NONNWE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4
CHR Extension: (New tab for Chrome\u2122) - C:\Users\NONNWE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\NONNWE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\NONNWE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files\OnlineHD.TV\onhd11.crx
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx
CHR HKLM\...\Chrome\Extension: [jgceplfonlgodadnpognljgdjlcnpjnh] - C:\Program Files\NetRatingsNetSight\NetSight\meter2\extension.crx
CHR HKLM\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files\Perion\NewTab\newTab.crx
========================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-12-19] (Advanced Micro Devices, Inc.)
R2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [32808 2013-07-01] (Just Develop It)
R2 BitGuard; C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2845152 2013-09-10] ()
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1440080 2013-06-28] (LogMeIn Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-04-02] ()
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S2 MyWebSearchService; C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe [x]
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2010-07-01] (Screaming Bee LLC)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-03-05] (Duplex Secure Ltd.)
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [17920 2009-07-31] (Creative Technology Ltd.)
S3 XDva397; \??\C:\Windows\system32\XDva397.sys [x]
S3 XDva401; \??\C:\Windows\system32\XDva401.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-18 20:13 - 2013-09-18 20:13 - 00000000 ____D C:\FRST
2013-09-18 16:10 - 2013-09-18 16:10 - 01083437 _____ (Farbar) C:\Users\Nonnweiler\Downloads\FRST.exe
2013-09-18 16:10 - 2013-09-18 16:10 - 01083437 _____ (Farbar) C:\Users\Nonnweiler\Desktop\FRST.exe
2013-09-17 15:36 - 2013-09-17 15:38 - 00000000 ____D C:\Users\Nonnweiler\.smplayer
2013-09-17 15:36 - 2013-09-17 15:36 - 00000971 _____ C:\Users\Public\Desktop\SMPlayer.lnk
2013-09-17 15:36 - 2013-09-17 15:36 - 00000000 ____D C:\Program Files\SMPlayer
2013-09-17 14:58 - 2013-09-17 14:58 - 00001073 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-17 14:58 - 2013-09-17 14:58 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-17 14:58 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-16 19:29 - 2013-09-16 19:29 - 00000000 ____D C:\Users\Nonnweiler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-09-16 19:28 - 2013-09-16 19:28 - 00002235 _____ C:\Users\Public\Desktop\Free WebM Video Converter.lnk
2013-09-16 19:28 - 2013-09-16 19:28 - 00001858 _____ C:\Users\Nonnweiler\Desktop\Search.lnk
2013-09-16 19:28 - 2013-09-16 19:28 - 00001203 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-09-16 19:28 - 2013-09-16 19:28 - 00000000 ____D C:\Users\Nonnweiler\AppData\Local\avgchrome
2013-09-16 19:28 - 2013-09-16 19:28 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-15 17:17 - 2013-09-15 17:17 - 00000000 ____D C:\ProgramData\BitGuard
2013-09-11 12:22 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 12:22 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 12:22 - 2013-08-10 05:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 12:22 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 12:22 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 12:22 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 12:22 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 12:22 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 12:22 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 12:22 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 12:22 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 12:22 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 12:22 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 12:22 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 12:22 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 12:22 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 06:58 - 2013-08-08 03:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 06:58 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 06:58 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 06:58 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 06:58 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 06:58 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 06:58 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 06:58 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 06:58 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-08-25 10:39 - 2013-08-25 10:39 - 00000000 ____D C:\Users\Nonnweiler\Desktop\Myriam Fuerte
2013-08-24 19:57 - 2013-08-24 16:27 - 00717609 _____ C:\Users\Nonnweiler\Desktop\Intro.wmv
2013-08-24 19:54 - 2013-08-24 19:54 - 00000000 ____D C:\Program Files\7-Zip
2013-08-24 16:37 - 2013-08-24 16:37 - 00542167 _____ C:\Users\Nonnweiler\Documents\Intro_BETA.zip
2013-08-24 10:44 - 2013-09-18 20:12 - 00005992 _____ C:\Windows\setupact.log
2013-08-24 10:44 - 2013-09-18 06:40 - 00076150 _____ C:\Windows\PFRO.log
2013-08-24 10:44 - 2013-08-24 10:44 - 00000000 _____ C:\Windows\setuperr.log
2013-08-24 10:31 - 2013-08-24 10:31 - 00000000 ____D C:\Users\Nonnweiler\AppData\Roaming\Malwarebytes
2013-08-24 10:31 - 2013-08-24 10:31 - 00000000 ____D C:\ProgramData\Malwarebytes
==================== One Month Modified Files and Folders =======
2013-09-18 20:15 - 2012-08-08 19:15 - 01426333 _____ C:\Windows\WindowsUpdate.log
2013-09-18 20:13 - 2013-09-18 20:13 - 00000000 ____D C:\FRST
2013-09-18 20:13 - 2013-07-19 11:28 - 00000000 ____D C:\Program Files\Steam
2013-09-18 20:12 - 2013-08-24 10:44 - 00005992 _____ C:\Windows\setupact.log
2013-09-18 20:12 - 2012-09-06 18:44 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-18 20:12 - 2012-08-08 19:58 - 00000000 ____D C:\Users\Nonnweiler\AppData\Local\LogMeIn Hamachi
2013-09-18 20:12 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-18 19:44 - 2013-02-16 15:59 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2906294217-3088318799-3869448690-1001UA.job
2013-09-18 19:44 - 2012-08-08 19:30 - 00000000 ____D C:\Users\Nonnweiler\AppData\Roaming\Skype
2013-09-18 19:09 - 2012-09-06 18:44 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-18 18:58 - 2012-08-08 19:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-18 16:10 - 2013-09-18 16:10 - 01083437 _____ (Farbar) C:\Users\Nonnweiler\Downloads\FRST.exe
2013-09-18 16:10 - 2013-09-18 16:10 - 01083437 _____ (Farbar) C:\Users\Nonnweiler\Desktop\FRST.exe
2013-09-18 13:54 - 2009-07-14 06:34 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-18 13:54 - 2009-07-14 06:34 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-18 06:40 - 2013-08-24 10:44 - 00076150 _____ C:\Windows\PFRO.log
2013-09-17 19:24 - 2012-10-13 10:22 - 00000000 ____D C:\Users\Nonnweiler\AppData\Roaming\TS3Client
2013-09-17 15:38 - 2013-09-17 15:36 - 00000000 ____D C:\Users\Nonnweiler\.smplayer
2013-09-17 15:36 - 2013-09-17 15:36 - 00000971 _____ C:\Users\Public\Desktop\SMPlayer.lnk
2013-09-17 15:36 - 2013-09-17 15:36 - 00000000 ____D C:\Program Files\SMPlayer
2013-09-17 15:36 - 2012-08-08 19:23 - 00000000 ____D C:\Users\Nonnweiler
2013-09-17 14:58 - 2013-09-17 14:58 - 00001073 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-17 14:58 - 2013-09-17 14:58 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-17 14:51 - 2013-01-24 21:35 - 00000000 ____D C:\Users\Nonnweiler\AppData\Local\CrashDumps
2013-09-17 12:29 - 2013-02-16 15:59 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2906294217-3088318799-3869448690-1001Core.job
2013-09-16 19:29 - 2013-09-16 19:29 - 00000000 ____D C:\Users\Nonnweiler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-09-16 19:28 - 2013-09-16 19:28 - 00002235 _____ C:\Users\Public\Desktop\Free WebM Video Converter.lnk
2013-09-16 19:28 - 2013-09-16 19:28 - 00001858 _____ C:\Users\Nonnweiler\Desktop\Search.lnk
2013-09-16 19:28 - 2013-09-16 19:28 - 00001203 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-09-16 19:28 - 2013-09-16 19:28 - 00000000 ____D C:\Users\Nonnweiler\AppData\Local\avgchrome
2013-09-16 19:28 - 2013-09-16 19:28 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-16 19:28 - 2013-05-10 17:35 - 00000000 ____D C:\Program Files\DVDVideoSoft
2013-09-16 19:28 - 2013-05-10 17:35 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-09-16 19:28 - 2013-04-13 17:44 - 00000000 ____D C:\Users\Nonnweiler\AppData\Roaming\DVDVideoSoft
2013-09-16 19:28 - 2013-02-25 19:27 - 00000000 ____D C:\Users\Nonnweiler\AppData\Roaming\Babylon
2013-09-16 19:28 - 2012-10-17 14:46 - 00000000 ____D C:\Users\Nonnweiler\AppData\Roaming\OpenCandy
2013-09-16 12:13 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-09-15 17:17 - 2013-09-15 17:17 - 00000000 ____D C:\ProgramData\BitGuard
2013-09-14 11:40 - 2012-08-08 20:15 - 00000000 ____D C:\Users\Nonnweiler\AppData\Roaming\.minecraft
2013-09-13 16:58 - 2012-08-08 19:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-13 16:58 - 2012-08-08 19:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-11 14:43 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-11 14:20 - 2012-08-08 20:09 - 00000000 ____D C:\Windows\Panther
2013-09-11 14:19 - 2009-07-14 06:33 - 00276232 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 14:17 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-09-11 06:59 - 2013-08-14 23:30 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 06:57 - 2012-08-13 15:55 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-11 06:56 - 2012-08-08 19:32 - 01492188 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-10 17:08 - 2013-04-17 15:06 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-09-04 16:32 - 2013-02-16 16:00 - 00002396 _____ C:\Users\Nonnweiler\Desktop\Google Chrome.lnk
2013-08-31 12:21 - 2012-12-21 16:19 - 00000000 ____D C:\Users\Nonnweiler\AppData\Local\PokerStars.EU
2013-08-28 19:48 - 2012-09-10 15:13 - 00282104 _____ C:\Windows\system32\PnkBstrB.xtr
2013-08-28 19:48 - 2012-08-09 10:41 - 00282104 _____ C:\Windows\system32\PnkBstrB.exe
2013-08-28 19:48 - 2012-08-09 10:41 - 00234768 _____ C:\Windows\system32\PnkBstrB.ex0
2013-08-28 19:48 - 2012-08-09 10:41 - 00139424 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2013-08-25 14:27 - 2012-10-13 10:22 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-08-25 10:39 - 2013-08-25 10:39 - 00000000 ____D C:\Users\Nonnweiler\Desktop\Myriam Fuerte
2013-08-24 19:54 - 2013-08-24 19:54 - 00000000 ____D C:\Program Files\7-Zip
2013-08-24 16:37 - 2013-08-24 16:37 - 00542167 _____ C:\Users\Nonnweiler\Documents\Intro_BETA.zip
2013-08-24 16:27 - 2013-08-24 19:57 - 00717609 _____ C:\Users\Nonnweiler\Desktop\Intro.wmv
2013-08-24 10:44 - 2013-08-24 10:44 - 00000000 _____ C:\Windows\setuperr.log
2013-08-24 10:44 - 2013-05-05 11:19 - 00000000 ____D C:\Users\Nonnweiler\Documents\DCSCMIN
2013-08-24 10:44 - 2013-03-02 22:08 - 00000000 ____D C:\Program Files\ChatZum Toolbar
2013-08-24 10:44 - 2012-09-25 16:17 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-08-24 10:31 - 2013-08-24 10:31 - 00000000 ____D C:\Users\Nonnweiler\AppData\Roaming\Malwarebytes
2013-08-24 10:31 - 2013-08-24 10:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-23 16:10 - 2012-10-13 15:45 - 00006656 _____ C:\Users\Nonnweiler\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-23 16:09 - 2013-01-08 15:48 - 00000000 ____D C:\Users\Nonnweiler\Documents\Camtasia Studio
Some content of TEMP:
====================
C:\Users\Nonnweiler\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Nonnweiler\AppData\Local\Temp\uninst1.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-16 12:06
==================== End Of Log ============================ --- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-09-2013 03
Ran by Nonnweiler at 2013-09-18 20:16:27
Running from C:\Users\Nonnweiler\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
7-Zip 9.22beta
Adobe Flash Player 11 ActiveX (Version: 11.8.800.174)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.1219.1521.27485)
AMD Media Foundation Decoders (Version: 1.0.71219.1540)
AMD VISION Engine Control Center (Version: 2012.1219.1521.27485)
Apple Software Update (Version: 2.1.3.127)
AquaSoft DiaShow 8 Ultimate (Version: 8.0.19)
Battlefield Heroes
Battlefield Play4Free
BitGuard
Call of Duty: Black Ops II
Call of Duty: Black Ops II - Multiplayer
Call of Duty: Black Ops II - Zombies
Camtasia Studio 7 (Version: 7.0.1)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.1219.1521.27485)
Catalyst Control Center InstallProxy (Version: 2012.1219.1521.27485)
Catalyst Control Center Localization All (Version: 2012.1219.1521.27485)
CCC Help Chinese Standard (Version: 2012.1219.1520.27485)
CCC Help Chinese Traditional (Version: 2012.1219.1520.27485)
CCC Help Czech (Version: 2012.1219.1520.27485)
CCC Help Danish (Version: 2012.1219.1520.27485)
CCC Help Dutch (Version: 2012.1219.1520.27485)
CCC Help English (Version: 2012.1219.1520.27485)
CCC Help Finnish (Version: 2012.1219.1520.27485)
CCC Help French (Version: 2012.1219.1520.27485)
CCC Help German (Version: 2012.1219.1520.27485)
CCC Help Greek (Version: 2012.1219.1520.27485)
CCC Help Hungarian (Version: 2012.1219.1520.27485)
CCC Help Italian (Version: 2012.1219.1520.27485)
CCC Help Japanese (Version: 2012.1219.1520.27485)
CCC Help Korean (Version: 2012.1219.1520.27485)
CCC Help Norwegian (Version: 2012.1219.1520.27485)
CCC Help Polish (Version: 2012.1219.1520.27485)
CCC Help Portuguese (Version: 2012.1219.1520.27485)
CCC Help Russian (Version: 2012.1219.1520.27485)
CCC Help Spanish (Version: 2012.1219.1520.27485)
CCC Help Swedish (Version: 2012.1219.1520.27485)
CCC Help Thai (Version: 2012.1219.1520.27485)
CCC Help Turkish (Version: 2012.1219.1520.27485)
ccc-utility (Version: 2012.1219.1521.27485)
CCleaner (Version: 4.02)
Chatango Message Catcher
Correctif pour Microsoft Visual*C++ 2008 Express*SP1 -*Français (KB945282) (Version: 1)
Correctif pour Microsoft Visual*C++ 2008 Express*SP1 -*Français (KB946040) (Version: 1)
Correctif pour Microsoft Visual*C++ 2008 Express*SP1 -*Français (KB946308) (Version: 1)
Correctif pour Microsoft Visual*C++ 2008 Express*SP1 -*Français (KB947540) (Version: 1)
Correctif pour Microsoft Visual*C++ 2008 Express*SP1 -*Français (KB947789) (Version: 1)
Correctif pour Microsoft Visual*C++ 2008 Express*SP1 -*Français (KB948127) (Version: 1)
Free Pdf Perfect Prereq (Version: 1.0.0.28)
Free WebM Video Converter version 5.0.28.827 (Version: 5.0.28.827)
Free YouTube to MP3 Converter version 3.12.2.430 (Version: 3.12.2.430)
Google Chrome (HKCU Version: 29.0.1547.66)
Google Earth (Version: 6.2.2.6613)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4413.1752)
Google Update Helper (Version: 1.3.21.153)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
League of Legends (Version: 3.0.1)
LogMeIn Hamachi (Version: 2.1.0.374)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Download Manager (Version: 1.2.1)
Microsoft SQL Server 2008 Management Objects (Version: 10.0.1600.22)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Express Edition with SP1 - FRA (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual*C++ 2008 Express*SP1 -*Français
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - fra (Version: 3.5.30729)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (Version: 6.1.5295.17011)
MyPC Backup (Version: )
Notepad++ (Version: 6.4.1)
OnlineHDTV (Version: 2.1 Build 26473)
PokerStars.eu
PunkBuster Services (Version: 0.990)
Realtek High Definition Audio Driver (Version: 6.0.1.6531)
Skype™ 6.5 (Version: 6.5.158)
SMPlayer 0.8.6.0 (Version: 0.8.6.0)
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
Synthesia (Version: 8.5)
TeamSpeak 3 Client (Version: 3.0.11.1)
TeamViewer 8 (Version: 8.0.16642)
TmNationsForever
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Vandal 1.0.0.0 (D) (Version: 1.0.0.0)
WinRAR 4.20 (32-Bit) (Version: 4.20.0)
XMedia Recode Version 3.1.6.4 (Version: 3.1.6.4)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {048A0864-9BD7-493C-8584-139B930D0552} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-06] (Google Inc.)
Task: {0D9B5D92-3A22-486D-A887-3AA21597CF27} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {23DE43AB-7704-4781-84DB-E51457BC4891} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13] (Adobe Systems Incorporated)
Task: {2B5E14E7-2A76-44BD-9A79-ED24E38B5127} - System32\Tasks\Driver Mender-RTMScan => C:\Program Files\Driver Mender\Driver Mender\DriverMender.exe
Task: {377EC81D-A71B-4ED3-A63E-BC3A521D4EEE} - System32\Tasks\BitGuard => Sc.exe start BitGuard
Task: {4865A1AB-A055-43BD-96C3-D57A3E64F56A} - System32\Tasks\0 => Iexplore.exe
Task: {49D40FD1-25BE-4707-BC27-46AE3BBC61D4} - System32\Tasks\Driver Mender-RTMRules => C:\Program Files\Driver Mender\Driver Mender\DriverMender.exe
Task: {5083C5A2-BC7B-4CF8-8DC2-0A0FD4FC0591} - System32\Tasks\Express FilesUpdate => C:\Program Files\ExpressFiles\EFUpdater.exe
Task: {55A01FB3-8B55-4B04-BEC7-DA2661171F4C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2906294217-3088318799-3869448690-1001UA => C:\Users\Nonnweiler\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-16] (Google Inc.)
Task: {830D1344-4F99-4D33-86E5-8832EDE53C9F} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {C66473A0-4FEE-45EF-833F-2CA72CF16AE8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2906294217-3088318799-3869448690-1001Core => C:\Users\Nonnweiler\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-16] (Google Inc.)
Task: {CCA536D0-7C0B-496C-B9FC-12F2E80C6126} - System32\Tasks\Driver Mender-RTMUpdater => C:\Program Files\Driver Mender\Driver Mender\DriverMender.exe
Task: {D328BA38-D008-4F12-A205-A61661B095F2} - System32\Tasks\4825 => C:\Windows\System32\wscript.exe [2009-07-14] (Microsoft Corporation)
Task: {E02FE3D8-A22D-412C-BCE4-8AD4BCE9A8C0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {E559DA5A-2750-44B3-B4F5-8690BEE8A443} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)
Task: {F42844C5-9F33-49D5-8D7A-A650F9B25F19} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-06] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2906294217-3088318799-3869448690-1001Core.job => C:\Users\Nonnweiler\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2906294217-3088318799-3869448690-1001UA.job => C:\Users\Nonnweiler\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-09-16 19:29 - 2013-09-10 16:34 - 02700768 _____ () C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll
2013-06-03 16:21 - 2013-06-03 16:21 - 00088680 ____R (Skype Technologies) C:\Program Files\Skype\Updater\Updater.dll
2013-07-01 19:48 - 2013-07-01 19:48 - 02772992 _____ (mypcbackup.com) C:\Program Files\MyPC Backup\Shared Stack.dll
2013-07-01 19:47 - 2013-07-01 19:47 - 00012288 _____ () C:\Program Files\MyPC Backup\GetText.dll
2013-07-01 19:43 - 2013-07-01 19:43 - 00904704 _____ () C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll
2013-07-01 19:43 - 2013-07-01 19:43 - 03483136 _____ (Amazon.com, Inc) C:\Program Files\MyPC Backup\AWSSDK.dll
2012-12-19 17:31 - 2012-12-19 17:31 - 00095232 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-09-13 16:58 - 2013-09-13 16:58 - 16244616 ____R (Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\Flash32_11_8_800_174.ocx
2013-09-13 16:58 - 2013-09-13 16:58 - 00479112 _____ (Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_174_ActiveX.dll
2013-07-01 08:20 - 2013-08-22 00:18 - 00687104 _____ () C:\Program Files\Steam\SDL2.dll
2013-07-09 17:56 - 2013-09-06 22:55 - 01120680 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2013-07-09 13:45 - 2013-08-07 21:31 - 20625832 _____ () C:\Program Files\Steam\bin\libcef.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files\Steam\bin\avcodec-53.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files\Steam\bin\avutil-51.dll
2013-06-14 15:49 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files\Steam\bin\avformat-53.dll
==================== Alternate Data Streams (whitelisted) ==========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/18/2013 05:03:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe_aepdu.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc637
Name des fehlerhaften Moduls: bitguard.dll, Version: 2.6.1673.238, Zeitstempel: 0x522f2dcc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001793a8
ID des fehlerhaften Prozesses: 0xc714
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe_aepdu.dll0
Pfad der fehlerhaften Anwendung: rundll32.exe_aepdu.dll1
Pfad des fehlerhaften Moduls: rundll32.exe_aepdu.dll2
Berichtskennung: rundll32.exe_aepdu.dll3
Error: (09/18/2013 06:49:58 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/18/2013 06:49:58 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/17/2013 03:52:09 PM) (Source: Application Hang) (User: )
Description: Programm t6mp.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1768
Startzeit: 01ceb3ad1176de40
Endzeit: 81
Anwendungspfad: C:\Program Files\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
Berichts-ID: 568d1da1-1fa0-11e3-b1a6-7071bcb83c56
Error: (09/17/2013 02:51:43 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a485
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x172c
Startzeit der fehlerhaften Anwendung: 0xwmplayer.exe0
Pfad der fehlerhaften Anwendung: wmplayer.exe1
Pfad des fehlerhaften Moduls: wmplayer.exe2
Berichtskennung: wmplayer.exe3
Error: (09/17/2013 02:48:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a485
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x127c
Startzeit der fehlerhaften Anwendung: 0xwmplayer.exe0
Pfad der fehlerhaften Anwendung: wmplayer.exe1
Pfad des fehlerhaften Moduls: wmplayer.exe2
Berichtskennung: wmplayer.exe3
Error: (09/17/2013 02:48:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a485
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1594
Startzeit der fehlerhaften Anwendung: 0xwmplayer.exe0
Pfad der fehlerhaften Anwendung: wmplayer.exe1
Pfad des fehlerhaften Moduls: wmplayer.exe2
Berichtskennung: wmplayer.exe3
Error: (09/13/2013 05:11:53 PM) (Source: RasClient) (User: )
Description: CoID={71FCF135-1715-427E-96A1-22D7500BD103}: Der Benutzer "Der0815\Nonnweiler" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.
Error: (09/13/2013 05:11:45 PM) (Source: RasClient) (User: )
Description: CoID={573FF2BE-73A4-4321-8B5F-62DFCE3DC7D0}: Der Benutzer "Der0815\Nonnweiler" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 691.
Error: (09/12/2013 05:01:54 PM) (Source: Application Hang) (User: )
Description: Programm t6mp.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 19fc
Startzeit: 01ceafc8c78187f0
Endzeit: 389
Anwendungspfad: C:\Program Files\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
Berichts-ID:
System errors:
=============
Error: (09/18/2013 08:12:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "My Web Search Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/18/2013 06:58:46 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (09/18/2013 03:38:44 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LUCAS",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{6BDBEFCC-15EB-4F3B-B36E-E3E4EB5B80F8-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (09/18/2013 01:46:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "My Web Search Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/18/2013 10:42:44 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "My Web Search Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/18/2013 06:40:29 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "My Web Search Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/17/2013 02:47:02 PM) (Source: Microsoft-Windows-Application-Experience) (User: NT-AUTORITÄT)
Description: Der Dienst "Programmkompatibilitäts-Assistent" konnte Phase 2 nicht initialisieren.
Error: (09/17/2013 02:46:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "My Web Search Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/17/2013 11:10:09 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "My Web Search Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/17/2013 11:09:59 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 16.09.2013 um 20:05:45 unerwartet heruntergefahren.
Microsoft Office Sessions:
=========================
Error: (09/18/2013 05:03:49 PM) (Source: Application Error)(User: )
Description: rundll32.exe_aepdu.dll6.1.7600.163854a5bc637bitguard.dll2.6.1673.238522f2dccc0000005001793a8c71401ceb48022123820C:\Windows\system32\rundll32.exec:\progra~3\bitguard\261673~1.238\{c16c1~2\bitguard.dll85947de0-2073-11e3-8bdb-7071bcb83c56
Error: (09/18/2013 06:49:58 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Users\Nonnweiler\Desktop\Windows.old\Windows\regedit.exe
Error: (09/18/2013 06:49:58 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Users\Nonnweiler\Desktop\Windows.old\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
Error: (09/17/2013 03:52:09 PM) (Source: Application Hang)(User: )
Description: t6mp.exe1.0.0.1176801ceb3ad1176de4081C:\Program Files\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe568d1da1-1fa0-11e3-b1a6-7071bcb83c56
Error: (09/17/2013 02:51:43 PM) (Source: Application Error)(User: )
Description: wmplayer.exe12.0.7601.175144ce7a485unknown0.0.0.000000000c000000500000000172c01ceb3a4a7a2e4d0C:\Program Files\Windows Media Player\wmplayer.exeunknowne6e97870-1f97-11e3-b1a6-7071bcb83c56
Error: (09/17/2013 02:48:49 PM) (Source: Application Error)(User: )
Description: wmplayer.exe12.0.7601.175144ce7a485unknown0.0.0.000000000c000000500000000127c01ceb3a441225ab0C:\Program Files\Windows Media Player\wmplayer.exeunknown7f4536a0-1f97-11e3-b1a6-7071bcb83c56
Error: (09/17/2013 02:48:37 PM) (Source: Application Error)(User: )
Description: wmplayer.exe12.0.7601.175144ce7a485unknown0.0.0.000000000c000000500000000159401ceb3a4372a7970C:\Program Files\Windows Media Player\wmplayer.exeunknown77dbc870-1f97-11e3-b1a6-7071bcb83c56
Error: (09/13/2013 05:11:53 PM) (Source: RasClient)(User: )
Description: {71FCF135-1715-427E-96A1-22D7500BD103}Der0815\NonnweilerBreitbandverbindung0
Error: (09/13/2013 05:11:45 PM) (Source: RasClient)(User: )
Description: {573FF2BE-73A4-4321-8B5F-62DFCE3DC7D0}Der0815\NonnweilerBreitbandverbindung691
Error: (09/12/2013 05:01:54 PM) (Source: Application Hang)(User: )
Description: t6mp.exe1.0.0.119fc01ceafc8c78187f0389C:\Program Files\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
==================== Memory info ===========================
Percentage of memory in use: 35%
Total physical RAM: 3583.3 MB
Available physical RAM: 2320.33 MB
Total Pagefile: 7164.9 MB
Available Pagefile: 5614.47 MB
Total Virtual: 2047.88 MB
Available Virtual: 1889.3 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:97.66 GB) (Free:20.9 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: () (Fixed) (Total:820.15 GB) (Free:817.08 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:13.6 GB) (Free:1.64 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: B99DD3BF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=820 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
==================== End Of Log ============================ |