Hier das Ergebnis:FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-01-2014 03
Ran by MarcBillmann at 2014-01-18 12:43:32
Running from C:\Users\MarcBillmann\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
µTorrent (x32 Version: 3.3.0.29625 - BitTorrent Inc.)
Adobe After Effects CS6 (x32 Version: 11 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.1060 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (x32 Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.3 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
AIMP3 (x32 Version: v3.55.1332, 21.12.2013 - AIMP DevTeam)
Akamai NetSession Interface (HKCU Version: - Akamai Technologies, Inc)
AMD Accelerated Video Transcoding (Version: 13.15.100.31008 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1008.932.15229 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81008.0920 - Advanced Micro Devices, Inc.) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.14 - Atheros Communications Inc.)
ATI AVIVO64 Codecs (Version: 11.1.0.50406 - ATI Technologies Inc.) Hidden
Audacity 2.0.4 (x32 Version: 2.0.4 - Audacity Team)
Audition Online (x32 Version: 1.2.6064 - Burda:ic)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 4.09 - Piriform)
Effects Suite 64-bit (Version: 10.0.1 - Red Giant Software) Hidden
Effects Suite 64-bit (x32 Version: 10.0.1 - Red Giant Software)
Elsword_DE (x32 Version: - )
Fraps (remove only) (x32 Version: - )
Google Chrome (HKCU Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.0 - BonanzaDeals) Hidden <==== ATTENTION
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
HydraVision (x32 Version: 4.2.242.0 - Advanced Micro Devices, Inc.) Hidden
Keying Suite 64-bit (Version: 11.0 - Red Giant Software) Hidden
Keying Suite 64-bit (x32 Version: 11.0 - Red Giant Software)
League of Legends (x32 Version: 1.3 - Riot Games)
Magic Bullet Suite 64-bit (Version: 11.4.1 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (x32 Version: 11.4.1 - Red Giant Software)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (x32 Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
NewBlue 3D Explosions for Windows (x32 Version: - )
NewBlue 3D Transformations for Windows (x32 Version: - )
NewBlue Art Blends for Windows (x32 Version: - )
NewBlue Art Effects for Windows (x32 Version: - )
NewBlue Film Effects for Windows (x32 Version: - )
NewBlue Motion Blends for Windows (x32 Version: - )
NewBlue Motion Effects for Windows (x32 Version: - )
NewBlue Paint Blends for Windows (x32 Version: - )
NewBlue Paint Effects for Windows (x32 Version: - )
NewBlue Sampler Pack for Windows (x32 Version: - )
NewBlue Video Essentials for Windows (x32 Version: - )
NewBlue Video Essentials II for Windows (x32 Version: - )
NewBlue Video Essentials III for Windows (x32 Version: - )
Nexon Game Manager (x32 Version: - )
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation)
Open Broadcaster Software (x32 Version: - )
osu! (x32 Version: 0.0.0.0 - peppy)
Pando Media Booster (x32 Version: 2.6.0.8 - Pando Networks Inc.)
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
Razer Lycosa (x32 Version: 1.00.0000 - Razer USA Ltd.)
Razer Synapse 2.0 (x32 Version: 1.9.5 - Razer USA Ltd.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6093 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (x32 Version: 1.00.0000 - Rockstar Games)
Skype Click to Call (x32 Version: 6.4.11328 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Trapcode Suite 64-bit (Version: 11.0.2 - Red Giant Software) Hidden
Trapcode Suite 64-bit (x32 Version: 11.0.2 - Red Giant Software)
Unity Web Player (HKCU Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
Vegas Pro 12.0 (64-bit) (Version: 12.0.394 - Sony)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
==================== Restore Points =========================
08-01-2014 16:15:48 Ende der Bereinigung
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {32469C4F-CF54-436A-A4D2-DD69689CD707} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe
Task: {3B741268-E8E2-4B2F-AE11-2DF4432DFF27} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-431367838-947226339-2228069364-1000UA => C:\Users\MarcBillmann\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-28] (Google Inc.)
Task: {521D5699-1305-4B90-B7AC-101B1BC7D065} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {671726FE-23A2-4ED7-9692-C4FF221BF200} - \BrowserDefendert No Task File
Task: {E7A4CC77-5C38-45CD-8C23-05F08F725F7F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: {F529167E-0080-43A4-A293-47569C760E17} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-431367838-947226339-2228069364-1000Core => C:\Users\MarcBillmann\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-28] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-431367838-947226339-2228069364-1000Core1cef0ea6886ca59.job => C:\Users\MarcBillmann\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-431367838-947226339-2228069364-1000UA.job => C:\Users\MarcBillmann\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-10-26 12:11 - 2012-10-26 12:11 - 01912704 _____ () C:\Program Files\Sony\Vegas Pro 12.0\OpenColorIO.dll
2012-10-26 12:10 - 2012-10-26 12:10 - 00058240 _____ () C:\Program Files\Sony\Vegas Pro 12.0\FileIOProxyStubx64.dll
2009-10-04 08:38 - 2009-10-04 08:38 - 01282048 _____ () C:\Program Files (x86)\NewBlue\Art Effects for Windows\vegas64\ArtEffectsVegasHost.dll
2009-10-04 08:37 - 2009-10-04 08:37 - 00232960 _____ () C:\Program Files (x86)\NewBlue\Art Effects for Windows\Resources64.dll
2009-10-04 09:15 - 2009-10-04 09:15 - 01461760 _____ () C:\Program Files (x86)\NewBlue\Paint Blends for Windows\vegas64\PaintBlendsVegasHost.dll
2009-10-04 09:15 - 2009-10-04 09:15 - 00232960 _____ () C:\Program Files (x86)\NewBlue\Paint Blends for Windows\Resources64.dll
2009-10-04 09:23 - 2009-10-04 09:23 - 01443328 _____ () C:\Program Files (x86)\NewBlue\Paint Effects for Windows\vegas64\PaintEffectsVegasHost.dll
2009-10-04 09:23 - 2009-10-04 09:23 - 00232960 _____ () C:\Program Files (x86)\NewBlue\Paint Effects for Windows\Resources64.dll
2009-10-04 09:09 - 2009-10-04 09:09 - 01286144 _____ () C:\Program Files (x86)\NewBlue\Motion Effects for Windows\vegas64\MotionEffectsVegasHost.dll
2009-10-04 09:09 - 2009-10-04 09:09 - 00232960 _____ () C:\Program Files (x86)\NewBlue\Motion Effects for Windows\Resources64.dll
2009-10-04 09:03 - 2009-10-04 09:03 - 01302016 _____ () C:\Program Files (x86)\NewBlue\Motion Blends for Windows\vegas64\MotionBlendsVegasHost.dll
2009-10-04 09:02 - 2009-10-04 09:02 - 00232960 _____ () C:\Program Files (x86)\NewBlue\Motion Blends for Windows\Resources64.dll
2009-10-04 08:52 - 2009-10-04 08:52 - 01259520 _____ () C:\Program Files (x86)\NewBlue\Film Effects for Windows\vegas64\FilmEffectsVegasHost.dll
2009-10-04 08:52 - 2009-10-04 08:52 - 00232960 _____ () C:\Program Files (x86)\NewBlue\Film Effects for Windows\Resources64.dll
2009-11-05 19:33 - 2009-11-05 19:33 - 01401344 _____ () C:\Program Files (x86)\NewBlue\Video Essentials III for Windows\vegas64\VideoEssentials3VegasHost.dll
2009-11-05 19:33 - 2009-11-05 19:33 - 13279232 _____ () C:\Program Files (x86)\NewBlue\Video Essentials III for Windows\VideoEssentials364.dll
2009-11-05 19:33 - 2009-11-05 19:33 - 00232960 _____ () C:\Program Files (x86)\NewBlue\Video Essentials III for Windows\Resources64.dll
2009-10-04 08:24 - 2009-10-04 08:24 - 01494016 _____ () C:\Program Files (x86)\NewBlue\3D Transformations for Windows\vegas64\D3DTransformationsVegasHost.dll
2009-10-04 08:24 - 2009-10-04 08:24 - 00232960 _____ () C:\Program Files (x86)\NewBlue\3D Transformations for Windows\Resources64.dll
2009-10-04 08:45 - 2009-10-04 08:45 - 01386496 _____ () C:\Program Files (x86)\NewBlue\Video Essentials for Windows\vegas64\VideoEssentialsVegasHost.dll
2009-10-04 08:45 - 2009-10-04 08:45 - 00232960 _____ () C:\Program Files (x86)\NewBlue\Video Essentials for Windows\Resources64.dll
2009-10-05 01:42 - 2009-10-05 01:42 - 01403392 _____ () C:\Program Files (x86)\NewBlue\Video Essentials II for Windows\vegas64\VideoEssentials2VegasHost.dll
2009-10-05 01:41 - 2009-10-05 01:41 - 06393856 _____ () C:\Program Files (x86)\NewBlue\Video Essentials II for Windows\VideoEssentials264.dll
2009-10-05 01:41 - 2009-10-05 01:41 - 00232960 _____ () C:\Program Files (x86)\NewBlue\Video Essentials II for Windows\Resources64.dll
2009-10-05 01:49 - 2009-10-05 01:49 - 01411072 _____ () C:\Program Files (x86)\NewBlue\Sampler Pack for Windows\vegas64\SamplerPackVegasHost.dll
2009-10-05 01:49 - 2009-10-05 01:49 - 06039552 _____ () C:\Program Files (x86)\NewBlue\Sampler Pack for Windows\SamplerPack64.dll
2009-10-05 01:49 - 2009-10-05 01:49 - 00232960 _____ () C:\Program Files (x86)\NewBlue\Sampler Pack for Windows\Resources64.dll
2009-10-04 08:18 - 2009-10-04 08:18 - 01489408 _____ () C:\Program Files (x86)\NewBlue\3D Explosions for Windows\vegas64\D3DExplosionsVegasHost.dll
2009-10-04 08:17 - 2009-10-04 08:17 - 00232960 _____ () C:\Program Files (x86)\NewBlue\3D Explosions for Windows\Resources64.dll
2009-10-04 08:30 - 2009-10-04 08:30 - 01461760 _____ () C:\Program Files (x86)\NewBlue\Art Blends for Windows\vegas64\ArtBlendsVegasHost.dll
2009-10-04 08:30 - 2009-10-04 08:30 - 00232960 _____ () C:\Program Files (x86)\NewBlue\Art Blends for Windows\Resources64.dll
2012-06-07 12:53 - 2012-06-07 12:53 - 04901376 _____ () C:\Windows\system32\LS3Renderer_x64.dll
2012-10-26 12:11 - 2012-10-26 12:11 - 00038784 _____ () C:\Program Files\Sony\Vegas Pro 12.0\de\Sony.Vegas.resources.dll
2012-10-26 12:11 - 2012-10-26 12:11 - 00018816 _____ () C:\Program Files\Sony\Vegas Pro 12.0\de\Sony.Vegas.Publish.resources.dll
2012-10-26 12:11 - 2012-10-26 12:11 - 00223104 _____ () C:\Program Files\Sony\Vegas Pro 12.0\de\Sony.MediaSoftware.XDCAMExp.resources.dll
2012-10-26 12:11 - 2012-10-26 12:11 - 00096128 _____ () C:\Program Files\Sony\Vegas Pro 12.0\de\Sony.MediaSoftware.DeviceExp.resources.dll
2012-10-26 12:10 - 2012-10-26 12:10 - 00010112 _____ () C:\Program Files\Sony\Vegas Pro 12.0\de\Sony.Monitor3D.resources.dll
2012-10-26 12:10 - 2012-10-26 12:10 - 12491136 _____ () C:\Program Files\Sony\Vegas Pro 12.0\OFX Video Plug-Ins\Vfx1.ofx.bundle\Contents\Win64\Vfx1.ofx
2013-11-17 01:07 - 2013-10-31 19:25 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-11-28 16:33 - 2013-12-24 00:23 - 00505344 _____ () C:\Program Files (x86)\AIMP3\Sqlite3.dll
2013-11-10 11:55 - 2013-12-24 00:23 - 00218112 _____ () C:\Program Files (x86)\AIMP3\libsoxr.dll
2013-12-24 00:23 - 2013-12-24 00:23 - 00220672 _____ () C:\Program Files (x86)\AIMP3\Modules\MACDll.dll
2013-12-24 00:23 - 2013-12-24 00:23 - 00294400 _____ () C:\Program Files (x86)\AIMP3\Modules\libFLAC.dll
2013-12-24 00:23 - 2013-12-24 00:23 - 01733120 _____ () C:\Program Files (x86)\AIMP3\Modules\aimp_libvorbis.dll
2012-11-28 16:33 - 2013-12-24 00:23 - 00071624 _____ () C:\Program Files (x86)\AIMP3\Plugins\aimp_lastfm.dll
2012-11-28 16:33 - 2013-12-24 00:23 - 00026624 _____ () C:\Program Files (x86)\AIMP3\Plugins\Aorta.svp
2012-11-28 16:33 - 2013-12-24 00:23 - 00237568 _____ () C:\Program Files (x86)\AIMP3\Plugins\OptimFROG.dll
2012-11-28 16:33 - 2013-12-24 00:23 - 00141768 _____ () C:\Program Files (x86)\AIMP3\Plugins\PandemicAnalogMeter.dll
2014-01-16 13:20 - 2014-01-11 11:28 - 00715544 _____ () C:\Users\MarcBillmann\AppData\Local\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-16 13:20 - 2014-01-11 11:28 - 00100120 _____ () C:\Users\MarcBillmann\AppData\Local\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-16 13:20 - 2014-01-11 11:29 - 04055320 _____ () C:\Users\MarcBillmann\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-16 13:20 - 2014-01-11 11:29 - 00399640 _____ () C:\Users\MarcBillmann\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-16 13:20 - 2014-01-11 11:28 - 01634584 _____ () C:\Users\MarcBillmann\AppData\Local\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2012-10-26 12:10 - 2012-10-26 12:10 - 00046976 _____ () C:\Program Files\Sony\Vegas Pro 12.0\x86\FileIOProxyStubx86.dll
2014-01-16 13:20 - 2014-01-11 11:29 - 13615896 _____ () C:\Users\MarcBillmann\AppData\Local\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/17/2014 01:11:16 PM) (Source: MsiInstaller) (User: MarcBillmann-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011006}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (01/16/2014 01:09:56 PM) (Source: MsiInstaller) (User: MarcBillmann-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011006}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (01/15/2014 01:15:24 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (01/14/2014 07:20:53 AM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (01/14/2014 07:20:53 AM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (01/14/2014 07:20:53 AM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (01/14/2014 07:20:53 AM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Error: (01/14/2014 07:20:51 AM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (01/14/2014 07:20:50 AM) (Source: Windows Search Service) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
Error: (01/14/2014 07:20:50 AM) (Source: Windows Search Service) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (01/18/2014 11:27:21 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/18/2014 11:27:21 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.
Error: (01/18/2014 11:25:14 AM) (Source: DCOM) (User: )
Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (01/18/2014 11:25:01 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/18/2014 11:25:01 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.
Error: (01/17/2014 11:59:21 PM) (Source: DCOM) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (01/17/2014 01:15:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (01/17/2014 01:10:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/17/2014 01:10:31 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.
Error: (01/17/2014 01:09:36 PM) (Source: DCOM) (User: )
Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2012-11-28 16:01:19.350
Description: Windows konnte die Abbildintegrität der Datei "\Device\CdRom0\NTGLM7X.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-11-28 16:01:19.334
Description: Windows konnte die Abbildintegrität der Datei "\Device\CdRom0\NTGLM7X.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-11-28 16:01:14.997
Description: Windows konnte die Abbildintegrität der Datei "\Device\CdRom0\Install\GMSIPCI.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-11-28 16:01:14.966
Description: Windows konnte die Abbildintegrität der Datei "\Device\CdRom0\Install\GMSIPCI.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 50%
Total physical RAM: 4095.12 MB
Available physical RAM: 2014.13 MB
Total Pagefile: 8188.41 MB
Available Pagefile: 5558.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:292.87 GB) (Free:80.85 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:292.97 GB) (Free:227.9 GB) NTFS
Drive e: () (Fixed) (Total:345.57 GB) (Free:345.45 GB) NTFS
Drive f: (GTA IV Disc 1) (CDROM) (Total:7.03 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 61377488)
Partition 1: (Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=346 GB) - (Type=07 NTFS)
==================== End Of Log ============================ --- --- ---
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 03
Ran by MarcBillmann (administrator) on MARCBILLMANN-PC on 18-01-2014 12:41:43
Running from C:\Users\MarcBillmann\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Users\MarcBillmann\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Akamai Technologies, Inc.) C:\Users\MarcBillmann\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Razer USA Ltd.) C:\Program Files (x86)\Razer\Lycosa\razerhid.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Akamai Technologies, Inc.) C:\Users\MarcBillmann\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Razer\Lycosa\razertra.exe
(BitTorrent Inc.) C:\Users\MarcBillmann\AppData\Roaming\uTorrent\uTorrent.exe
(AIMP DevTeam) C:\Program Files (x86)\AIMP3\AIMP3.exe
(Sony Creative Software Inc.) C:\Program Files\Sony\Vegas Pro 12.0\vegas120.exe
(Google Inc.) C:\Users\MarcBillmann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MarcBillmann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MarcBillmann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\MarcBillmann\AppData\Local\Google\Chrome\Application\chrome.exe
(Sony Creative Software Inc.) C:\Program Files\Sony\Vegas Pro 12.0\ErrorReportLauncher.exe
(Google Inc.) C:\Users\MarcBillmann\AppData\Local\Google\Chrome\Application\chrome.exe
(Sony Creative Software Inc.) C:\Program Files\Sony\Vegas Pro 12.0\x86\FileIOSurrogate.exe
(Sony Creative Software Inc.) C:\Program Files\Sony\Vegas Pro 12.0\x86\sfvstserver.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10151968 2010-04-20] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [608104 2013-04-22] (Razer USA Ltd)
HKLM-x32\...\Run: [Lycosa] - C:\Program Files (x86)\Razer\Lycosa\razerhid.exe [147456 2007-11-20] (Razer USA Ltd.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKCU\...\Run: [Google Update] - C:\Users\MarcBillmann\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-11-28] (Google Inc.)
HKCU\...\Run: [Steam] - D:\Steam\steam.exe [1815464 2014-01-07] (Valve Corporation)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-09] ()
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\MarcBillmann\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [RGSC] - C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [306088 2008-12-12] (Take-Two Interactive Software, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20588704 2013-11-15] (Skype Technologies S.A.)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-09-28] (AMD)
MountPoints2: {236b868e-3967-11e2-bcfd-806e6f6e6963} - F:\Autorun.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x10DF91D67ACDCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.11.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nexon.com/NxGame - C:\ProgramData\Nexon\NGM\npNxGame.dll No File
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\MarcBillmann\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\MarcBillmann\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\MarcBillmann\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Extension: No Name - C:\Users\MarcBillmann\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-07-14]
FF Extension: Movie2kDownloader - C:\Users\MarcBillmann\AppData\Roaming\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13]
Chrome:
=======
CHR Extension: (Katekyo Hitman Reborn Theme2) - C:\Users\MarcBillmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceogpcdigfifkcjhekbncbfbnhmlpkdd [2013-11-30]
CHR Extension: (Google Wallet) - C:\Users\MarcBillmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-30]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-12] (Avira Operations GmbH & Co. KG)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5434008 2013-08-25] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-12] ()
==================== Drivers (Whitelisted) ====================
S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
R3 Lycosa; C:\Windows\System32\drivers\Lycosa.sys [18816 2008-01-17] (Razer USA Ltd.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-02] (INCA Internet Co., Ltd.)
S3 cxasbt; \??\C:\CherryDeGames\Avatar Star\avital\cxasbt64.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS [x]
S3 NTACCESS; \??\F:\NTACCESS_64.sys [x]
S3 SetupNTGLM7X; \??\F:\NTGLM7X.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
S3 X6va003; \??\C:\Users\MARCBI~1\AppData\Local\Temp\003B7D7.tmp [x]
S3 X6va008; \??\C:\Users\MARCBI~1\AppData\Local\Temp\00834B9.tmp [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 X6va013; \??\C:\Windows\SysWOW64\Drivers\X6va013 [x]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-18 12:41 - 2014-01-18 12:42 - 00012626 _____ C:\Users\MarcBillmann\Downloads\FRST.txt
2014-01-18 12:41 - 2014-01-18 12:41 - 00000000 ____D C:\FRST
2014-01-18 12:35 - 2014-01-18 12:35 - 02076160 _____ (Farbar) C:\Users\MarcBillmann\Downloads\FRST64.exe
2014-01-17 20:09 - 2014-01-17 20:09 - 00037553 _____ C:\Users\MarcBillmann\Downloads\Ao no Exorcist - 1-25 END.torrent
2014-01-14 07:16 - 2014-01-18 12:32 - 00000728 _____ C:\Windows\setupact.log
2014-01-14 07:16 - 2014-01-18 11:22 - 00005496 _____ C:\Windows\PFRO.log
2014-01-14 07:16 - 2014-01-14 07:16 - 00000000 _____ C:\Windows\setuperr.log
2014-01-13 11:06 - 2014-01-13 11:06 - 00001166 _____ C:\Users\Public\Desktop\Elsword.lnk
2014-01-13 11:06 - 2014-01-13 11:06 - 00000000 ____D C:\Program Files (x86)\Gameforge4D
2014-01-13 11:05 - 2014-01-13 11:05 - 01914248 _____ (Gameforge4D ) C:\Users\MarcBillmann\Downloads\Elsword_DE_3.0807.8.2.exe
2014-01-13 11:05 - 2014-01-13 11:05 - 00569487 _____ (Gameforge 4D ) C:\Users\MarcBillmann\Downloads\Downloader_Elsword_de.exe
2014-01-12 16:25 - 2014-01-12 16:25 - 00370472 _____ C:\Users\MarcBillmann\Downloads\Naruto Shippuden - Naruto vs Sasuke Story.mp4.sfk
2014-01-12 16:24 - 2014-01-12 16:24 - 46357311 _____ C:\Users\MarcBillmann\Downloads\Naruto Shippuden - Naruto vs Sasuke Story.mp4
2014-01-12 15:29 - 2014-01-12 15:30 - 00248296 _____ C:\Users\MarcBillmann\Downloads\Thousand Foot Krutch - Phenomenon.mp3.sfk
2014-01-12 14:38 - 2014-01-12 14:39 - 00367560 _____ C:\Users\MarcBillmann\Downloads\Two Steps From Hell - Blackheart (Thomas Bergersen - Epic Dark Melancho.mp3.sfk
2014-01-12 14:04 - 2014-01-12 14:04 - 00028848 _____ C:\Users\MarcBillmann\Downloads\[Raws-4U] 「K」 - K-Project (TBS 1280x720 x264).torrent
2014-01-12 14:04 - 2014-01-12 14:04 - 00011667 _____ C:\Users\MarcBillmann\Downloads\[Leopard-Raws] Project-K - 13 (TBS 1440x1080 MPEG2 AAC).ts.torrent
2014-01-12 14:02 - 2014-01-12 14:02 - 00021239 _____ C:\Users\MarcBillmann\Downloads\K.torrent
2014-01-10 22:54 - 2014-01-11 11:06 - 00000000 ____D C:\Program Files (x86)\Audition Online
2014-01-10 22:33 - 2014-01-10 22:33 - 01047960 _____ (Solid State Networks) C:\Users\MarcBillmann\Downloads\audition-dlm.exe
2014-01-10 20:52 - 2014-01-10 20:58 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\MarcBillmann\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2014-01-10 20:51 - 2014-01-10 21:11 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2014-01-10 20:48 - 2014-01-10 20:49 - 19368272 _____ (Gameforge ) C:\Users\MarcBillmann\Downloads\SKILL_GameforgeLiveSetup.exe
2014-01-08 17:29 - 2014-01-08 17:29 - 04645232 _____ (Piriform Ltd) C:\Users\MarcBillmann\Downloads\ccsetup409.exe
2014-01-08 17:15 - 2014-01-08 17:16 - 00001292 _____ C:\DelFix.txt
2014-01-08 17:15 - 2014-01-08 17:15 - 00000000 ____D C:\Windows\ERUNT
2014-01-05 16:02 - 2014-01-05 16:02 - 00000181 _____ C:\console.log
2013-12-24 00:24 - 2013-12-24 00:24 - 00000905 _____ C:\Users\Public\Desktop\AIMP3.lnk
2013-12-23 16:33 - 2013-12-23 16:33 - 00000000 ____D C:\Users\MarcBillmann\AppData\Roaming\LolClientID1
==================== One Month Modified Files and Folders =======
2014-01-18 12:43 - 2012-12-09 11:50 - 00000000 ____D C:\Users\MarcBillmann\AppData\Local\PMB Files
2014-01-18 12:42 - 2014-01-18 12:41 - 00012626 _____ C:\Users\MarcBillmann\Downloads\FRST.txt
2014-01-18 12:42 - 2013-01-05 13:00 - 01254878 _____ C:\Windows\WindowsUpdate.log
2014-01-18 12:42 - 2012-12-02 11:26 - 00000000 ____D C:\Users\MarcBillmann\AppData\Roaming\uTorrent
2014-01-18 12:41 - 2014-01-18 12:41 - 00000000 ____D C:\FRST
2014-01-18 12:36 - 2012-11-28 16:33 - 00000000 ____D C:\Users\MarcBillmann\AppData\Roaming\AIMP3
2014-01-18 12:35 - 2014-01-18 12:35 - 02076160 _____ (Farbar) C:\Users\MarcBillmann\Downloads\FRST64.exe
2014-01-18 12:35 - 2013-09-28 13:34 - 00000000 ____D C:\Users\MarcBillmann\Desktop\AMV
2014-01-18 12:34 - 2012-11-28 16:50 - 00000000 ____D C:\Users\MarcBillmann\AppData\Roaming\Skype
2014-01-18 12:32 - 2014-01-14 07:16 - 00000728 _____ C:\Windows\setupact.log
2014-01-18 11:34 - 2009-07-14 05:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-18 11:34 - 2009-07-14 05:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-18 11:22 - 2014-01-14 07:16 - 00005496 _____ C:\Windows\PFRO.log
2014-01-17 20:10 - 2013-09-27 20:25 - 00000000 ____D C:\Users\MarcBillmann\Desktop\Animes
2014-01-17 20:09 - 2014-01-17 20:09 - 00037553 _____ C:\Users\MarcBillmann\Downloads\Ao no Exorcist - 1-25 END.torrent
2014-01-17 17:18 - 2012-12-09 11:50 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-16 13:20 - 2012-11-28 16:14 - 00002447 _____ C:\Users\MarcBillmann\Desktop\Google Chrome.lnk
2014-01-14 07:16 - 2014-01-14 07:16 - 00000000 _____ C:\Windows\setuperr.log
2014-01-13 11:06 - 2014-01-13 11:06 - 00001166 _____ C:\Users\Public\Desktop\Elsword.lnk
2014-01-13 11:06 - 2014-01-13 11:06 - 00000000 ____D C:\Program Files (x86)\Gameforge4D
2014-01-13 11:05 - 2014-01-13 11:05 - 01914248 _____ (Gameforge4D ) C:\Users\MarcBillmann\Downloads\Elsword_DE_3.0807.8.2.exe
2014-01-13 11:05 - 2014-01-13 11:05 - 00569487 _____ (Gameforge 4D ) C:\Users\MarcBillmann\Downloads\Downloader_Elsword_de.exe
2014-01-13 11:00 - 2012-11-30 17:42 - 00000000 ____D C:\Users\MarcBillmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-01-12 16:25 - 2014-01-12 16:25 - 00370472 _____ C:\Users\MarcBillmann\Downloads\Naruto Shippuden - Naruto vs Sasuke Story.mp4.sfk
2014-01-12 16:24 - 2014-01-12 16:24 - 46357311 _____ C:\Users\MarcBillmann\Downloads\Naruto Shippuden - Naruto vs Sasuke Story.mp4
2014-01-12 15:30 - 2014-01-12 15:29 - 00248296 _____ C:\Users\MarcBillmann\Downloads\Thousand Foot Krutch - Phenomenon.mp3.sfk
2014-01-12 14:39 - 2014-01-12 14:38 - 00367560 _____ C:\Users\MarcBillmann\Downloads\Two Steps From Hell - Blackheart (Thomas Bergersen - Epic Dark Melancho.mp3.sfk
2014-01-12 14:04 - 2014-01-12 14:04 - 00028848 _____ C:\Users\MarcBillmann\Downloads\[Raws-4U] 「K」 - K-Project (TBS 1280x720 x264).torrent
2014-01-12 14:04 - 2014-01-12 14:04 - 00011667 _____ C:\Users\MarcBillmann\Downloads\[Leopard-Raws] Project-K - 13 (TBS 1440x1080 MPEG2 AAC).ts.torrent
2014-01-12 14:02 - 2014-01-12 14:02 - 00021239 _____ C:\Users\MarcBillmann\Downloads\K.torrent
2014-01-11 11:06 - 2014-01-10 22:54 - 00000000 ____D C:\Program Files (x86)\Audition Online
2014-01-10 23:02 - 2013-01-24 12:42 - 00000000 ____D C:\Users\MarcBillmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audition Online
2014-01-10 22:33 - 2014-01-10 22:33 - 01047960 _____ (Solid State Networks) C:\Users\MarcBillmann\Downloads\audition-dlm.exe
2014-01-10 21:11 - 2014-01-10 20:51 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2014-01-10 20:58 - 2014-01-10 20:52 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\MarcBillmann\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe
2014-01-10 20:49 - 2014-01-10 20:48 - 19368272 _____ (Gameforge ) C:\Users\MarcBillmann\Downloads\SKILL_GameforgeLiveSetup.exe
2014-01-10 16:25 - 2012-11-29 14:29 - 00000000 ____D C:\Program Files (x86)\osu!
2014-01-08 17:32 - 2012-11-30 17:47 - 00000000 ____D C:\Users\MarcBillmann\AppData\Roaming\Sony
2014-01-08 17:29 - 2014-01-08 17:29 - 04645232 _____ (Piriform Ltd) C:\Users\MarcBillmann\Downloads\ccsetup409.exe
2014-01-08 17:29 - 2012-11-29 17:08 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-08 17:29 - 2012-11-29 17:08 - 00000000 ____D C:\Program Files\CCleaner
2014-01-08 17:16 - 2014-01-08 17:15 - 00001292 _____ C:\DelFix.txt
2014-01-08 17:15 - 2014-01-08 17:15 - 00000000 ____D C:\Windows\ERUNT
2014-01-05 16:02 - 2014-01-05 16:02 - 00000181 _____ C:\console.log
2014-01-01 22:44 - 2013-01-12 12:20 - 00000000 ____D C:\Users\MarcBillmann\AppData\Local\Razer
2014-01-01 22:43 - 2013-01-12 12:20 - 00000000 ____D C:\ProgramData\Razer
2014-01-01 22:43 - 2013-01-12 12:20 - 00000000 ____D C:\Program Files (x86)\Razer
2013-12-24 00:24 - 2013-12-24 00:24 - 00000905 _____ C:\Users\Public\Desktop\AIMP3.lnk
2013-12-24 00:23 - 2012-11-28 16:33 - 00000000 ____D C:\Program Files (x86)\AIMP3
2013-12-23 16:33 - 2013-12-23 16:33 - 00000000 ____D C:\Users\MarcBillmann\AppData\Roaming\LolClientID1
2013-12-23 11:25 - 2012-11-28 16:50 - 00000000 ____D C:\ProgramData\Skype
2013-12-23 11:24 - 2012-11-28 16:50 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-21 00:25 - 2009-07-14 18:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2013-12-21 00:25 - 2009-07-14 18:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2013-12-21 00:25 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
Some content of TEMP:
====================
C:\Users\MarcBillmann\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-01 09:16
==================== End Of Log ============================ --- --- --- |