Zitat:

Zitat von Warlord711

Sieht nach defektem Benutzerprofil aus.

Das ausweichen auf C:\Windows\System32\config\systemprofile\Desktop ist ein Indiz.

Wird dieser Pfad denn als temp. Pfad benutzt bei defektem Userprofil? Kann eigentlich nicht sein.
Für mich sieht dieser Desktop wie der eines Systemusers aus sonst würde das Ding ja auch nicht systemprofile heißen.......normale Nutzer haben definitiv keine Schreibrechte in C:\Windows\System32\config\systemprofile sondern nur Administratoren und der User SYSTEM

Zitat:

Zitat von cosinus

Ich glaub, der Dreck den du da von deinem Kumpel bekommen hast, hat dein System verbogen, sodass du da einen anderen Ordner für den Desktop hast....



Also sowas geht garnicht....man verwendet wenn überhaupt nur einen derartiger Scanner! Einer muss runter, am besten Avira. Bevor du den runterschmeißt aber bitte nach Logs schauen siehe http://www.trojaner-board.de/125889-...tml#post941534

ja genau das denke ich auch! weil wie schon erwähnt,,,,ich hab zum glück meine ganzen Ordner und Dateien, die auf dem üblichen desktop waren, gefunden und gesichert!

LOG AVIRA (ERGEBNISSE)

Code: Alles auswählenAufklappen

ATTFilter

 Exportierte Ereignisse:

22.05.2014 13:57 [Updater] Update erfolgreich durchgeführt
      Update von Avira Free Antivirus auf Computer RAFA-PC (77.23.24.100) erfolgreich 
      durchgeführt.
      Folgende Dateien wurden von "hxxp://92.122.212.49/update" aktualisiert:
      avnetflt.sys 14.0.2.180
      vbase031.vdf 7.11.150.246
      aevdf.dat 7.11.150.246
      webcat2.dat
      webcat3.dat
      webcat4.dat
      repair.rdf 1.0.0.60

22.05.2014 13:57 [Planer] Auftrag gestartet
      Auftrag "Automatisches Update"
      wurde erfolgreich gestartet.

22.05.2014 13:53 [Echtzeit-Scanner] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:	14.0.4.620
      Engine Version:	
      VDF Version:	

22.05.2014 13:53 [Hilfsdienst] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:	14.0.4.620
      Engine Version:	8.3.18.22
      VDF Version:	7.11.150.216

22.05.2014 13:52 [Planer] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version 14.0.4.620

22.05.2014 00:47 [Echtzeit-Scanner] Dienst gestoppt
      Der Dienst wurde gestoppt.

22.05.2014 00:47 [Planer] Dienst gestoppt
      Der Dienst wurde gestoppt.

21.05.2014 23:08 [Updater] Update erfolgreich durchgeführt
      Update von Avira Free Antivirus auf Computer RAFA-PC (77.22.149.234) 
      erfolgreich durchgeführt.
      Folgende Dateien wurden von "hxxp://23.62.61.33/update" aktualisiert:
      vbase031.vdf 7.11.150.216
      aevdf.dat 7.11.150.216
      webcat3.dat
      webcat4.dat

21.05.2014 23:07 [Planer] Auftrag gestartet
      Auftrag "Automatisches Update"
      wurde erfolgreich gestartet.

21.05.2014 21:20 [Echtzeit-Scanner] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:	14.0.4.620
      Engine Version:	
      VDF Version:	

21.05.2014 21:20 [Hilfsdienst] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:	14.0.4.620
      Engine Version:	8.3.18.22
      VDF Version:	7.11.150.194

21.05.2014 21:19 [Planer] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version 14.0.4.620

21.05.2014 21:17 [System-Scanner] Malware gefunden
      Die Datei 'C:\Program Files (x86)\Synchro Arts Ltd\Revoice Pro 
      (32bit)\RevoicePro.exe'
      enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan].
      Durchgeführte Aktion(en):
      Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler 
      aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.
      Die Quelldatei konnte nicht gefunden werden.
      Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
      Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
      Die Datei existiert nicht!

21.05.2014 21:17 [System-Scanner] Suche
      Suchlauf beendet [Der Suchlauf wurde vollständig durchgeführt.].
      Anzahl Dateien:	2453387
      Anzahl Verzeichnisse:	112984
      Anzahl Malware:	6
      Anzahl Warnungen:	4

21.05.2014 21:17 [System-Scanner] Malware gefunden
      Die Datei 'D:\4.0 - PRODUKTION\Samples\FreeDrumKits.net - TRAP PACK 2!!!\HUSTLE 
      SQUAD PRESENTS TRAP PACK 2\VST\Tone2.Firebird.VSTi.v1.2.1.incl.Keygen-AiR.rar'
      enthielt einen Virus oder unerwünschtes Programm 'TR/Offend.2.7079' [trojan].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4f0a7d5c.qua' 
      verschoben!

21.05.2014 21:17 [System-Scanner] Malware gefunden
      Die Datei 'C:\ProgramData\Browser 
      Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx'
      enthielt einen Virus oder unerwünschtes Programm 'TR/BProtector.Gen2' [trojan].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1d5427b7.qua' 
      verschoben!

21.05.2014 21:17 [System-Scanner] Malware gefunden
      Die Datei 'E:\4.0 - PRODUKTION\Samples\FreeDrumKits.net - TRAP PACK 2!!!\HUSTLE 
      SQUAD PRESENTS TRAP PACK 2\VST\Tone2.Firebird.VSTi.v1.2.1.incl.Keygen-AiR.rar'
      enthielt einen Virus oder unerwünschtes Programm 'TR/Offend.2.7079' [trojan].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '579d52f0.qua' 
      verschoben!

21.05.2014 17:08 [Updater] Update erfolgreich durchgeführt
      Update von Avira Free Antivirus auf Computer RAFA-PC (77.22.149.234) 
      erfolgreich durchgeführt.
      Folgende Dateien wurden von "hxxp://92.122.48.88/update" aktualisiert:
      vbase031.vdf 7.11.150.194
      aevdf.dat 7.11.150.194
      webcat2.dat
      webcat3.dat
      webcat4.dat

21.05.2014 17:07 [Planer] Auftrag gestartet
      Auftrag "Automatisches Update"
      wurde erfolgreich gestartet.

21.05.2014 15:10 [System-Scanner] Malware gefunden
      Die Datei 'C:\program files (x86)\Synchro Arts Ltd\Revoice Pro 
      (32bit)\RevoicePro.exe'
      enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5bd03052.qua' 
      verschoben!

21.05.2014 15:10 [System-Scanner] Suche
      Suchlauf beendet [Der Suchlauf wurde vollständig durchgeführt.].
      Anzahl Dateien:	1046
      Anzahl Verzeichnisse:	0
      Anzahl Malware:	1
      Anzahl Warnungen:	0

21.05.2014 14:46 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\synchro arts ltd\revoice pro 
      (32bit)\revoicepro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 14:46 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\synchro arts ltd\revoice pro 
      (32bit)\revoicepro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

21.05.2014 14:46 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\synchro arts ltd\revoice pro 
      (32bit)\revoicepro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 14:46 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\synchro arts ltd\revoice pro 
      (32bit)\revoicepro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 12:46 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\Synchro Arts Ltd\Revoice Pro 
      (32bit)\RevoicePro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 12:46 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\Synchro Arts Ltd\Revoice Pro 
      (32bit)\RevoicePro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

21.05.2014 12:46 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\Synchro Arts Ltd\Revoice Pro 
      (32bit)\RevoicePro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 12:46 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\Synchro Arts Ltd\Revoice Pro 
      (32bit)\RevoicePro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 12:44 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\Synchro Arts Ltd\Revoice Pro 
      (32bit)\RevoicePro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

21.05.2014 11:52 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Rafa\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe'
      enthielt einen Virus oder unerwünschtes Programm 'Adware/DealPly.F' [adware].
      Durchgeführte Aktion(en):
      Die Datei wurde gelöscht.

21.05.2014 11:52 [System-Scanner] Suche
      Suchlauf beendet [Der Suchlauf wurde vollständig durchgeführt.].
      Anzahl Dateien:	1049
      Anzahl Verzeichnisse:	0
      Anzahl Malware:	1
      Anzahl Warnungen:	0

21.05.2014 11:16 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Rafa\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.F' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 11:16 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Rafa\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.F' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 11:16 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Rafa\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.F' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

21.05.2014 11:16 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Rafa\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.F' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 11:16 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Rafa\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.F' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 11:16 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Rafa\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.F' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 11:12 [System-Scanner] Suche
      Suchlauf beendet [Der Suchlauf wurde vollständig durchgeführt.].
      Anzahl Dateien:	9210
      Anzahl Verzeichnisse:	0
      Anzahl Malware:	0
      Anzahl Warnungen:	0

21.05.2014 11:08 [Planer] Auftrag gestartet
      Auftrag "Vollständige Systemprüfung"
      wurde erfolgreich gestartet.

21.05.2014 11:08 [Planer] Auftrag gestartet
      Auftrag "scan_after_installation"
      wurde erfolgreich gestartet.

21.05.2014 11:08 [Updater] Update erfolgreich durchgeführt
      Update von Avira Free Antivirus auf Computer RAFA-PC (77.22.149.234) 
      erfolgreich durchgeführt.
      Folgende Dateien wurden von "hxxp://92.122.48.89/update" aktualisiert:
      aeheur.dll 8.1.4.1066
      aepack.dll 8.4.0.24
      aescript.dll 8.1.4.204
      aeset.dat 8.3.18.22
      aecrypto.dll 8.1.0.0
      aedroid.dll 8.1.0.0
      aelibinf.dll 8.1.0.0
      aemobile.dll 8.1.0.0
      avlode.rdf 14.0.4.22
      vbase019.vdf 7.11.148.149
      vbase020.vdf 7.11.148.241
      vbase021.vdf 7.11.149.61
      vbase022.vdf 7.11.149.169
      vbase023.vdf 7.11.150.31
      vbase024.vdf 7.11.150.119
      vbase025.vdf 7.11.150.120
      vbase026.vdf 7.11.150.121
      vbase027.vdf 7.11.150.122
      vbase028.vdf 7.11.150.123
      vbase029.vdf 7.11.150.124
      vbase030.vdf 7.11.150.125
      vbase031.vdf 7.11.150.190
      aevdf.dat 7.11.150.190
      webcat0.dat
      webcat1.dat
      webcat2.dat
      webcat3.dat
      webcat4.dat
      repair.rdf 1.0.0.56

21.05.2014 11:07 [Planer] Auftrag gestartet
      Auftrag "update_after_installation"
      wurde erfolgreich gestartet.

21.05.2014 11:07 [Planer] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version 14.0.4.620

21.05.2014 11:07 [Echtzeit-Scanner] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:	14.0.4.620
      Engine Version:	
      VDF Version:	

21.05.2014 11:07 [Hilfsdienst] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:	14.0.4.620
      Engine Version:	8.3.18.18
      VDF Version:	7.11.148.126
         

Wenn ich jetzt z.b. TROJAN HUNTER installieren möchte...sagt er mir:

DAS SYSTEM KANN DIE ANGEGEBENE DATEI NICHT FINDEN


oder

ich will Malwarebytes installieren, dann kommt:

COULDN#T NOT OPEN ARCHIVE FILE C://WINDOWS/SYSTEM32/CONFIG/SYSTEMPROFILE/DESKTOP/mbar-1.07.0.1009.exe.
DAS SYSTEM KANN DIE ANGEGEBENE DATEI NICHT FINDEN

Zitat:

21.05.2014 21:17 [System-Scanner] Malware gefunden
Die Datei 'D:\4.0 - PRODUKTION\Samples\FreeDrumKits.net - TRAP PACK 2!!!\HUSTLE
SQUAD PRESENTS TRAP PACK 2\VST\Tone2.Firebird.VSTi.v1.2.1.incl.Keygen-AiR.rar'

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

hab ich erledigt! tut mir leid!

danke nochmal

Du hast auch alles andere runtergschmissen? Sämtliche Keygens und Cracks? Und die installierten gecrackten Spiele und Programme auch?

spiele habe ich eigentlich garkeine drauf! und programme hab ich gelöscht ja!

Dann bitte jetzt Combofix ausführen:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

• WICHTIG: Speichere Combofix auf deinem Desktop.
• Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
• Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
• Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
• Wenn Combofix fertig ist, wird es ein Logfile erstellen.
• Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

so habs geschafft

COMBI LOG

Combofix Logfile:

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 14-05-19.01 - SYSTEM 22.05.2014  16:15:54.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.16297.14125 [GMT 2:00]
ausgeführt von:: c:\windows\SysWOW64\config\systemprofile\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{0904D6ED-EE39-48D7-8F28-39CA9D8A7906}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{2B8CC93A-9D39-4E45-92B2-75BEAFEB8BD8}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{653AC8B9-BEC7-4C71-8E6A-34F8F263A7F8}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{7F49A7AF-D89C-4AF1-9B70-C6CCC5EB0F23}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{8C0182F0-D8BB-4DA8-928E-9001C8CDEB88}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{92D7D1A2-0ED9-4954-8D88-2E39F25BC15C}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{AF2EEF1C-6930-45AB-AFC0-66F72930AF05}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{B2E065D9-7C08-406F-A94F-7EDA50A703F1}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{D7FBBA52-2D68-4825-B19F-C528848ED495}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{E811012E-0053-47A4-BC8D-7DA0336F123E}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{10BD5412-1AC2-419B-BB91-6F16F6946689}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{3D657213-4FBF-4625-9C10-029A603BA0CC}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{3EFE3162-713D-4C6F-BD2B-256AA63BED8D}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{5E91861D-C3F2-4693-9BD2-C74F403E872A}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{7AC79284-BC91-46E4-9FFD-D01F6D410F04}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{A3A96759-4F81-419B-BA94-EF459EBE3A54}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{A56DBE6C-09C2-4C12-868E-3E3318DD2495}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{B4C78930-42C3-49A5-B878-A19283A51565}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{C1894907-0B21-456A-8BF3-615187C2B1D3}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{E6FB537A-0BDC-4827-9735-E9C9338F8A65}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\OCS\ICSharpCode.SharpZipLib.dll
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\OCS\ocs_v71b.exe
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{0904D6ED-EE39-48D7-8F28-39CA9D8A7906}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{2B8CC93A-9D39-4E45-92B2-75BEAFEB8BD8}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{653AC8B9-BEC7-4C71-8E6A-34F8F263A7F8}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{7F49A7AF-D89C-4AF1-9B70-C6CCC5EB0F23}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{8C0182F0-D8BB-4DA8-928E-9001C8CDEB88}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{92D7D1A2-0ED9-4954-8D88-2E39F25BC15C}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{AF2EEF1C-6930-45AB-AFC0-66F72930AF05}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{B2E065D9-7C08-406F-A94F-7EDA50A703F1}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{D7FBBA52-2D68-4825-B19F-C528848ED495}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{E811012E-0053-47A4-BC8D-7DA0336F123E}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{10BD5412-1AC2-419B-BB91-6F16F6946689}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{3D657213-4FBF-4625-9C10-029A603BA0CC}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{3EFE3162-713D-4C6F-BD2B-256AA63BED8D}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{5E91861D-C3F2-4693-9BD2-C74F403E872A}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{7AC79284-BC91-46E4-9FFD-D01F6D410F04}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{A3A96759-4F81-419B-BA94-EF459EBE3A54}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{A56DBE6C-09C2-4C12-868E-3E3318DD2495}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{B4C78930-42C3-49A5-B878-A19283A51565}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{C1894907-0B21-456A-8BF3-615187C2B1D3}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{E6FB537A-0BDC-4827-9735-E9C9338F8A65}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\System32\config\systemprofile\AppData\Local\Temp\OCS\ICSharpCode.SharpZipLib.dll
c:\windows\System32\config\systemprofile\AppData\Local\Temp\OCS\ocs_v71b.exe
.
---- Vorheriger Suchlauf -------
.
C:\Install.exe
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\DealPly.crx
c:\program files (x86)\DealPly\icon.ico
c:\program files (x86)\DealPly\uninst.exe
C:\uninstall.exe
c:\users\Rafa\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences
c:\users\Rafa\AppData\Roaming\convert\convert.exe
c:\users\Rafa\Taskmgr.exe
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\_iu14D2N.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{0904D6ED-EE39-48D7-8F28-39CA9D8A7906}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{2B8CC93A-9D39-4E45-92B2-75BEAFEB8BD8}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{653AC8B9-BEC7-4C71-8E6A-34F8F263A7F8}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{7F49A7AF-D89C-4AF1-9B70-C6CCC5EB0F23}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{8C0182F0-D8BB-4DA8-928E-9001C8CDEB88}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{92D7D1A2-0ED9-4954-8D88-2E39F25BC15C}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{AF2EEF1C-6930-45AB-AFC0-66F72930AF05}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{B2E065D9-7C08-406F-A94F-7EDA50A703F1}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{D7FBBA52-2D68-4825-B19F-C528848ED495}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{E811012E-0053-47A4-BC8D-7DA0336F123E}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{10BD5412-1AC2-419B-BB91-6F16F6946689}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{3D657213-4FBF-4625-9C10-029A603BA0CC}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{3EFE3162-713D-4C6F-BD2B-256AA63BED8D}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{5E91861D-C3F2-4693-9BD2-C74F403E872A}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{7AC79284-BC91-46E4-9FFD-D01F6D410F04}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{A3A96759-4F81-419B-BA94-EF459EBE3A54}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{A56DBE6C-09C2-4C12-868E-3E3318DD2495}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{B4C78930-42C3-49A5-B878-A19283A51565}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{C1894907-0B21-456A-8BF3-615187C2B1D3}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{E6FB537A-0BDC-4827-9735-E9C9338F8A65}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\OCS\ICSharpCode.SharpZipLib.dll
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\OCS\ocs_v71b.exe
c:\windows\system32\config\systemprofile\AppData\Local\Temp\_iu14D2N.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{0904D6ED-EE39-48D7-8F28-39CA9D8A7906}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{2B8CC93A-9D39-4E45-92B2-75BEAFEB8BD8}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{653AC8B9-BEC7-4C71-8E6A-34F8F263A7F8}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{7F49A7AF-D89C-4AF1-9B70-C6CCC5EB0F23}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{8C0182F0-D8BB-4DA8-928E-9001C8CDEB88}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{92D7D1A2-0ED9-4954-8D88-2E39F25BC15C}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{AF2EEF1C-6930-45AB-AFC0-66F72930AF05}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{B2E065D9-7C08-406F-A94F-7EDA50A703F1}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{D7FBBA52-2D68-4825-B19F-C528848ED495}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{E811012E-0053-47A4-BC8D-7DA0336F123E}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{10BD5412-1AC2-419B-BB91-6F16F6946689}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{3D657213-4FBF-4625-9C10-029A603BA0CC}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{3EFE3162-713D-4C6F-BD2B-256AA63BED8D}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{5E91861D-C3F2-4693-9BD2-C74F403E872A}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{7AC79284-BC91-46E4-9FFD-D01F6D410F04}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{A3A96759-4F81-419B-BA94-EF459EBE3A54}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{A56DBE6C-09C2-4C12-868E-3E3318DD2495}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{B4C78930-42C3-49A5-B878-A19283A51565}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{C1894907-0B21-456A-8BF3-615187C2B1D3}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{E6FB537A-0BDC-4827-9735-E9C9338F8A65}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\system32\config\systemprofile\AppData\Local\Temp\OCS\ICSharpCode.SharpZipLib.dll
c:\windows\System32\config\systemprofile\AppData\Local\Temp\OCS\ocs_v71b.exe
c:\windows\SysWow64\Cache
c:\windows\SysWow64\Cache\12c07d8834c79ba4.fb
c:\windows\SysWow64\Cache\12c07d8834c79ba4__exp__1400846112
c:\windows\SysWow64\Cache\26c630d098e22dd5.fb
c:\windows\SysWow64\Cache\26c630d098e22dd5__exp__1400709644
c:\windows\SysWow64\Cache\272512937d9e61a4.fb
c:\windows\SysWow64\Cache\272512937d9e61a4__exp__1400846143
c:\windows\SysWow64\Cache\287204568329e189.fb
c:\windows\SysWow64\Cache\287204568329e189__exp__1400709657
c:\windows\SysWow64\Cache\28bc8f716fd76a47.fb
c:\windows\SysWow64\Cache\28bc8f716fd76a47__exp__1400846126
c:\windows\SysWow64\Cache\31a0997e9a5b5eb3.fb
c:\windows\SysWow64\Cache\31a0997e9a5b5eb3__exp__1400709653
c:\windows\SysWow64\Cache\32c84fe32bb74d60.fb
c:\windows\SysWow64\Cache\32c84fe32bb74d60__exp__1400846146
c:\windows\SysWow64\Cache\3917078cb68ec657.fb
c:\windows\SysWow64\Cache\3917078cb68ec657__exp__1400709615
c:\windows\SysWow64\Cache\590ba23ce359fd0c.fb
c:\windows\SysWow64\Cache\590ba23ce359fd0c__exp__1400846145
c:\windows\SysWow64\Cache\610289e025a3ee9a.fb
c:\windows\SysWow64\Cache\610289e025a3ee9a__exp__1400709640
c:\windows\SysWow64\Cache\651c5d3cdbfb8bd1.fb
c:\windows\SysWow64\Cache\651c5d3cdbfb8bd1__exp__1400846141
c:\windows\SysWow64\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\SysWow64\Cache\6c59ac5e7e7a3ad0__exp__1400846142
c:\windows\SysWow64\Cache\6d03dad1035885d3.fb
c:\windows\SysWow64\Cache\6d03dad1035885d3__exp__1400846150
c:\windows\SysWow64\Cache\935ee77178548e84.fb
c:\windows\SysWow64\Cache\935ee77178548e84__exp__1400846137
c:\windows\SysWow64\Cache\95f567698be8a182.fb
c:\windows\SysWow64\Cache\95f567698be8a182__exp__1400709648
c:\windows\SysWow64\Cache\ad10a52aff5e038d.fb
c:\windows\SysWow64\Cache\ad10a52aff5e038d__exp__1400846132
c:\windows\SysWow64\Cache\c1fa887b03019701.fb
c:\windows\SysWow64\Cache\c1fa887b03019701__exp__1400846149
c:\windows\SysWow64\Cache\c4d28dca2e7648be.fb
c:\windows\SysWow64\Cache\c4d28dca2e7648be__exp__1400846138
c:\windows\SysWow64\Cache\d201ef9910cd39de.fb
c:\windows\SysWow64\Cache\d201ef9910cd39de__exp__1400846139
c:\windows\SysWow64\Cache\d2e94710a5708128.fb
c:\windows\SysWow64\Cache\d2e94710a5708128__exp__1400709624
c:\windows\SysWow64\Cache\d79b9dfe81484ec4.fb
c:\windows\SysWow64\Cache\d79b9dfe81484ec4__exp__1400709632
c:\windows\SysWow64\Cache\f998975c9cc711ee.fb
c:\windows\SysWow64\Cache\f998975c9cc711ee__exp__1400846148
c:\windows\SysWow64\msvcsv60.dll
c:\windows\SysWow64\winsh320
c:\windows\SysWow64\winsh321
c:\windows\SysWow64\winsh322
c:\windows\SysWow64\winsh323
c:\windows\SysWow64\winsh324
c:\windows\SysWow64\winsh325
c:\windows\wininit.ini
E:\install.exe
.
-- Vorheriger Suchlauf --
.
Infizierte Kopie von c:\windows\SysWow64\user32.dll wurde gefunden und desinfiziert 
Kopie von - c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll wurde wiederhergestellt 
.
--------
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-22 bis 2014-05-22  ))))))))))))))))))))))))))))))
.
.
2014-05-22 14:28 . 2014-05-22 14:28	--------	d-----w-	c:\users\Rafa\AppData\Local\temp
2014-05-22 14:28 . 2014-05-22 14:28	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-21 13:12 . 2014-05-21 22:18	--------	d-----w-	C:\FRST
2014-05-21 08:57 . 2014-05-21 08:58	--------	d-----w-	c:\program files (x86)\TrojanHunter 5.5
2014-05-21 08:57 . 2014-05-21 08:57	--------	d-----w-	c:\programdata\TrojanHunter
2014-05-20 23:26 . 2014-05-21 10:02	119512	----a-w-	c:\windows\system32\drivers\48230029.sys
2014-05-20 21:28 . 2014-05-20 21:28	--------	d-----w-	c:\windows\system32\%LOCALAPPDATA%
2014-05-20 20:56 . 2014-05-20 20:56	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-05-20 20:56 . 2014-05-22 13:26	119512	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-20 20:22 . 2014-05-20 20:22	--------	d-----w-	c:\windows\SysWow64\%LOCALAPPDATA%
2014-05-20 20:22 . 2014-05-20 20:23	--------	d-----w-	c:\windows\system32\config\systemprofile\lucidlogix
2014-05-20 20:21 . 2014-05-22 14:28	--------	d-----w-	c:\windows\system32\config\systemprofile\AppData\Local\Temp
2014-05-20 20:16 . 2014-05-20 20:16	--------	d-----w-	c:\users\Default\AppData\Local\Amazon Cloud Player
2014-05-20 20:16 . 2014-05-20 20:16	--------	d-----w-	c:\users\Default\AppData\Local\NVIDIA
2014-05-20 20:16 . 2014-05-20 20:17	--------	d-----w-	c:\users\TEMP
2014-05-20 19:10 . 2014-05-20 19:10	--------	d-----w-	c:\users\Rafa\AppData\Roaming\SWAM
2014-05-19 14:03 . 2014-05-19 14:03	--------	d-----w-	c:\programdata\DirectX
2014-05-14 15:03 . 2014-05-14 15:03	--------	d-----w-	c:\program files (x86)\Vintage Amp Room
2014-05-14 15:00 . 2009-11-05 07:50	9535488	----a-w-	c:\program files (x86)\Tube Delay.dll
2014-05-14 14:53 . 2014-05-14 15:03	--------	d-----w-	c:\program files (x86)\Softube
2014-05-11 17:47 . 2014-05-11 17:49	--------	d-----w-	c:\programdata\VideoCopilot
2014-05-11 17:05 . 2014-05-21 00:53	--------	d-----w-	c:\program files (x86)\GenArts
2014-05-11 17:05 . 2014-05-11 17:05	--------	d-----w-	c:\programdata\GenArts
2014-05-11 13:04 . 2014-05-11 13:04	--------	d-----w-	c:\programdata\Juicer3
2014-05-11 11:56 . 2014-05-11 11:56	159744	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
2014-05-11 11:56 . 2014-05-11 11:56	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2014-05-11 11:56 . 2014-05-11 11:56	159744	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2014-05-11 11:56 . 2014-05-11 11:56	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2014-05-11 11:56 . 2014-05-11 11:56	159744	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2014-05-11 11:56 . 2014-05-11 11:56	159744	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2014-05-11 11:56 . 2014-05-11 11:56	159744	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2014-05-11 11:56 . 2014-05-11 11:56	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2014-05-11 11:56 . 2014-05-11 11:56	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2014-05-11 11:56 . 2014-05-11 11:56	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2014-05-11 11:56 . 2014-05-11 11:56	159744	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2014-05-11 11:56 . 2014-05-11 11:56	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2014-05-09 18:37 . 2014-05-09 18:37	--------	d-----w-	c:\programdata\Note
2014-05-08 17:08 . 2014-05-08 17:08	--------	d-----w-	c:\windows\system32\config\systemprofile\AppData\Roaming\McAfee
2014-05-08 13:48 . 2014-05-08 13:48	227704	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2014-05-08 13:48 . 2014-05-08 13:48	227704	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-05-07 16:49 . 2014-05-07 16:49	--------	d-----w-	c:\program files (x86)\Yamaha
2014-05-07 16:49 . 2014-05-07 16:49	--------	d-----w-	c:\program files (x86)\Common Files\Yamaha
2014-05-07 16:46 . 2014-05-07 16:46	--------	d-----w-	c:\users\Rafa\AppData\Local\Downloaded Installations
2014-05-03 09:25 . 2014-05-03 09:25	--------	d-----w-	c:\users\Rafa\AppData\Roaming\DropboxMaster
2014-04-27 11:15 . 2014-04-27 11:16	--------	d-----w-	c:\programdata\AVG Secure Search
2014-04-25 09:22 . 2014-04-25 09:22	--------	d-----w-	c:\users\Rafa\AppData\Roaming\Blue Cat Audio
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-27 11:15 . 2014-03-26 00:34	50464	----a-w-	c:\windows\system32\drivers\avgtpx64.sys
2014-04-17 17:22 . 2014-04-17 17:22	98304	----a-w-	c:\windows\SysWow64\firefaceusb.exe
2014-04-17 17:22 . 2014-04-17 17:22	98304	----a-w-	c:\windows\system32\firefaceusb.exe
2014-04-17 17:22 . 2014-04-17 17:22	84096	----a-w-	c:\windows\system32\drivers\fireface_usb.sys
2014-04-17 17:22 . 2014-04-17 17:22	35840	----a-w-	c:\windows\system32\fireface_usb_asio_64.dll
2014-04-17 17:22 . 2014-04-17 17:22	33792	----a-w-	c:\windows\SysWow64\fireface_usb_asio.dll
2014-04-17 17:22 . 2014-04-17 17:22	33792	----a-w-	c:\windows\system32\fireface_usb_asio.dll
2014-04-17 17:22 . 2014-04-17 17:22	22900440	----a-w-	c:\windows\system32\TotalMixFX.exe
2014-04-17 17:22 . 2014-04-17 17:22	101504	----a-w-	c:\windows\system32\drivers\fireface_usb_64.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}]
2011-09-12 06:06	413400	----a-w-	c:\progra~2\SITERA~1\SiteRank.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2014-04-27 11:15	3559448	----a-w-	c:\program files (x86)\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll" [2014-04-27 3559448]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"XFastUsb"="c:\program files (x86)\XFastUsb\XFastUsb.exe" [2011-08-30 4942336]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"SiteRanker"="c:\program files (x86)\SiteRanker\SiteRankTray.exe" [2011-09-12 320000]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-05-23 296056]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2012-06-28 74752]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2012-10-30 206448]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-10-16 1111432]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"UATrayIcon"="c:\program files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe" [2013-10-03 1404928]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-01-20 152392]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2014-04-27 2557976]
"yfwtray"="c:\program files (x86)\Yamaha\FWDriver\yfwtray.exe" [2008-03-06 110592]
"yfwcm"="c:\program files (x86)\Yamaha\FWDriver\yfwcm.exe" [2009-05-27 557056]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"THGuard"="c:\program files (x86)\TrojanHunter 5.5\THGuard.exe" [2012-10-22 1086880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~1\LUCIDL~1\VIRTU\x86\appinit_dll.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
"UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
2;2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 CltMngSvc;Search Protect by Conduit Service;c:\progra~2\SearchProtect\Main\bin\CltMngSvc.exe;c:\progra~2\SearchProtect\Main\bin\CltMngSvc.exe [x]
R2 WajamUpdaterV2;WajamUpdaterV2;c:\program files (x86)\Wajam\Updater\WajamUpdaterV2.exe;c:\program files (x86)\Wajam\Updater\WajamUpdaterV2.exe [x]
R3 DELTAII;Service for M-Audio Delta Driver (WDM);c:\windows\system32\DRIVERS\MAudioDelta.sys;c:\windows\SYSNATIVE\DRIVERS\MAudioDelta.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 firefaceu64;RME Fireface USB Audio Device;c:\windows\system32\drivers\fireface_usb_64.sys;c:\windows\SYSNATIVE\drivers\fireface_usb_64.sys [x]
R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS;c:\windows\SYSNATIVE\drivers\FNETTBOH_305.SYS [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
R3 t2usb64;Trigger II External Graphics;c:\windows\system32\drivers\t2usb64.sys;c:\windows\SYSNATIVE\drivers\t2usb64.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S0 mctkmdldr;mctkmdldr;c:\windows\system32\drivers\mctkmdldr64.sys;c:\windows\SYSNATIVE\drivers\mctkmdldr64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys;c:\windows\SYSNATIVE\DRIVERS\kl2.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\DRIVERS\diginet.sys;c:\windows\SYSNATIVE\DRIVERS\diginet.sys [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 GManager;GManager;c:\windows\system32\GManager.exe;c:\windows\SYSNATIVE\GManager.exe [x]
S2 MCTDesktopSvr;MCTDesktopSvr;c:\program files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe;c:\program files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PaceLicenseDServices;PACE License Services;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vToolbarUpdater18.1.0;vToolbarUpdater18.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 iLokDrvr;Usb Driver;c:\windows\system32\DRIVERS\iLokDrvr.sys;c:\windows\SYSNATIVE\DRIVERS\iLokDrvr.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 mctkmd;mctkmd;c:\windows\system32\drivers\mctkmd64.sys;c:\windows\SYSNATIVE\drivers\mctkmd64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SynUSB64;eLicenser;c:\windows\system32\DRIVERS\SynUSB64.sys;c:\windows\SYSNATIVE\DRIVERS\SynUSB64.sys [x]
S3 UAD2Pcie;Universal Audio UAD-2 DSP Accelerator;c:\windows\system32\DRIVERS\UAD2Pcie.sys;c:\windows\SYSNATIVE\DRIVERS\UAD2Pcie.sys [x]
S3 UAD2System;UAD-2 Global System Service;c:\windows\system32\DRIVERS\UAD2System.sys;c:\windows\SYSNATIVE\DRIVERS\UAD2System.sys [x]
S3 VirtuWDDM;VirtuWDDM;c:\windows\system32\DRIVERS\VirtuWDDM.sys;c:\windows\SYSNATIVE\DRIVERS\VirtuWDDM.sys [x]
S3 YFWBUS;Yamaha Steinberg FW Bus;c:\windows\system32\Drivers\yfwbus.sys;c:\windows\SYSNATIVE\Drivers\yfwbus.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-16 16:11	1077576	----a-w-	c:\program files (x86)\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26 12:44]
.
2014-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26 12:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VIRTU"="c:\program files\Lucidlogix Technologies\VIRTU\VirtuControlPanel.Exe" [2011-04-21 2619488]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
"MCTDUtil"="c:\program files (x86)\Common Files\DesktopUtil\Util-Desktop.exe" [2011-05-03 195200]
"FDispPos"="c:\program files (x86)\Common Files\DesktopUtil\Util-Desktop.exe" [2011-05-03 195200]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
"FirefaceUsbTray1"="firefaceusb.exe" [2014-04-17 98304]
"FirefaceMixTray2"="TotalMixFX.exe" [2014-04-17 22900440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~1\LUCIDL~1\VIRTU\appinit_dll.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 83.169.186.161 83.169.186.225
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll
FF - ProfilePath - 
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - c:\program files (x86)\DealPly\DealPlyIE.dll
BHO-{B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
Toolbar-{EFEED92A-A33D-4873-BA8F-32BAA631E54D} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-Camel Audio Camel Phat VST v3.15 - c:\progra~2\COMMON~1\DIGIDE~1\WAVESH~1\CAMELP~1\UNWISE.EXE
AddRemove-Camel Audio Camel Space VST v1.15 - c:\progra~2\COMMON~1\DIGIDE~1\WAVESH~1\CAMELS~1\UNWISE.EXE
AddRemove-claro - c:\program files (x86)\Claro LTD\claro\1.8.3.10\uninstall.exe
AddRemove-db audioware Sidechain Gate VST v1.1.0 - c:\progra~2\STEINB~1\VSTPLU~1\SIDECH~2\UNWISE.EXE
AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe
AddRemove-GmdeiaMusic Oddity bank5 Addon - c:\progra~2\STEINB~1\VSTPLU~1\GMEDIA~1\UNWISE.EXE
AddRemove-Native Instruments Battery 3 - c:\progra~2\STEINB~1\CUBASE~1\VSTPLU~1\STEINB~1\UNWISE.EXE
AddRemove-Pinguin Audio Meter v2.2 - c:\audio\PINGUI~1\UNWISE.EXE
AddRemove-Predator_is1 - c:\program files (x86)\Steinberg\Cubase 5\VSTPlugins\unins000.exe
AddRemove-Rob Papen Blue VSTi v1.01 - c:\progra~2\STEINB~1\CUBASE~1\VSTPLU~1\WAVESH~1\Blue\UNWISE.EXE
AddRemove-SearchProtect - c:\progra~2\SearchProtect\Main\bin\uninstall.exe
AddRemove-Sndbad Shaders 1.04 - c:\users\Rafa\Documents\Uninstall.exe
AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - c:\programdata\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe
AddRemove-{B2D9F699-B4A4-4D37-941E-1B55DF33A96D}_is1 - c:\program files (x86)\Steinberg\Cubase 5\VSTPlugins\BREVERB 2\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PaceLicenseDServices]
"ImagePath"="\"c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe\" -u https://activation.paceap.com/InitiateActivation"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:43,5c,05,7c,dc,a6,b6,31,2d,cf,25,00,89,1c,88,2e,db,dc,07,d7,49,
   ec,1f,bd,03,6d,3b,e5,a9,cf,a0,41,f3,05,cf,d7,c9,f1,ae,61,e8,3d,d4,9a,15,ee,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:43,5c,05,7c,dc,a6,b6,31,2d,cf,25,00,89,1c,88,2e,db,dc,07,d7,49,
   ec,1f,bd,03,6d,3b,e5,a9,cf,a0,41,f3,05,cf,d7,c9,f1,ae,61,e8,3d,d4,9a,15,ee,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-05-22  16:35:12
ComboFix-quarantined-files.txt  2014-05-22 14:35
.
Vor Suchlauf: 23 Verzeichnis(se), 216.157.560.832 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 215.517.421.568 Bytes frei
.
- - End Of File - - DE643549854A0AAA3965A2C599D375E3
         

--- --- ---
A36C5E4F47E84449FF07ED3517B43A31
[/CODE]

Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Dankeschön, mach ich°!

LOG

AdwCleaner (SO)

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v3.210 - Bericht erstellt am 22/05/2014 um 16:58:49
# Aktualisiert 19/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Rafa - RAFA-PC
# Gestartet von : C:\Windows\SysWOW64\config\systemprofile\Desktop\adwcleaner_3.210.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : CltMngSvc
[#] Dienst Gelöscht : WajamUpdaterV2

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : \DeviceVM
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\DeviceVM
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiteRanker
Ordner Gelöscht : C:\Program Files (x86)\Application Updater
Ordner Gelöscht : C:\Program Files (x86)\Astroburn Toolbar
Ordner Gelöscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Claro LTD
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\GreenTree Applications
Ordner Gelöscht : C:\Program Files (x86)\SiteRanker
Ordner Gelöscht : C:\Program Files (x86)\Wajam
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Spigot
Ordner Gelöscht : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Datei Gelöscht : C:\Windows\System32\Tasks\Browser Manager
Datei Gelöscht : C:\Windows\System32\Tasks\Dealply

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [siteranker@siteranker.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hahpjplbmicfkmoccokbjejahjjpnena
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.claroappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.claroappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.clarodskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.clarodskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.claroHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.claroHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.claroESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.claroESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\e6dbdeb43de848
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3282722
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_ashampoo-clipfinder-hd_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_ashampoo-clipfinder-hd_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_windows-live-messenger-2012_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_windows-live-messenger-2012_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F398D871-ED00-42A8-BEAA-0209E9E59FCC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A903AC15-686E-4D67-A355-86FCBE9F60DA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60295942-9E5F-4EE8-B785-3A655904D24F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Wajam
Schlüssel Gelöscht : HKLM\Software\AVG Secure Search
Schlüssel Gelöscht : HKLM\Software\AVG Security Toolbar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Claro LTD
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\DealPly
Schlüssel Gelöscht : HKLM\Software\pdfforge
Schlüssel Gelöscht : HKLM\Software\Search Settings
Schlüssel Gelöscht : HKLM\Software\SearchProtect
Schlüssel Gelöscht : HKLM\Software\Wajam
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\claro
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\loadtbs-3.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16502


*************************

AdwCleaner[R0].txt - [20338 octets] - [22/05/2014 16:58:21]
AdwCleaner[S0].txt - [19950 octets] - [22/05/2014 16:58:49]

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [20011 octets] ##########
         

JRT.TxT

Code: Alles auswählenAufklappen

ATTFilter

 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by SYSTEM on 22.05.2014 at 17:08:02,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\siteranker



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Softonic_chr_1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Softonic_chr_1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Softonic_chr_1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Softonic_chr_1_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Windows\system32\config\systemprofile\appdata\locallow\application updater"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.05.2014 at 17:13:10,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Frisches LOG

FRST


FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by Rafa (administrator) on RAFA-PC on 22-05-2014 17:15:15
Running from C:\Windows\SysWOW64\config\systemprofile\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\System32\GManager.exe
() C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Users\Rafa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtblfs.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [VIRTU] => C:\Program Files\Lucidlogix Technologies\VIRTU\VirtuControlPanel.Exe [2619488 2011-04-21] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [MCTDUtil] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [FDispPos] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [FirefaceUsbTray1] => C:\Windows\system32\firefaceusb.exe [98304 2014-04-17] (RME)
HKLM\...\Run: [FirefaceMixTray2] => C:\Windows\system32\TotalMixFX.exe [22900440 2014-04-17] (RME)
HKLM-x32\...\Run: [XFastUsb] => C:\Program Files (x86)\XFastUsb\XFastUsb.exe [4942336 2011-08-30] (FNet Co., Ltd.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2012-05-23] (RealNetworks, Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UATrayIcon] => C:\Program Files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe [1404928 2013-10-03] (Universal Audio, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [yfwtray] => C:\Program Files (x86)\Yamaha\FWDriver\yfwtray.exe [110592 2008-03-06] (Yamaha Corporation)
HKLM-x32\...\Run: [yfwcm] => C:\Program Files (x86)\Yamaha\FWDriver\yfwcm.exe [557056 2009-05-27] (Yamaha Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [THGuard] => C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe [1086880 2012-10-23] (Mischel Internet Security)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
AppInit_DLLs: C:\PROGRA~1\LUCIDL~1\VIRTU\appinit_dll.dll => C:\Program Files\Lucidlogix Technologies\VIRTU\appinit_dll.dll [183904 2011-04-21] (Lucidlogix Inc.)
AppInit_DLLs-x32: c:\PROGRA~1\LUCIDL~1\VIRTU\x86\appinit_dll.dll => C:\Program Files\Lucidlogix Technologies\VIRTU\x86\appinit_dll.dll [154208 2011-04-21] (Lucidlogix Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x56B17733CB75CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Astroburn Toolbar - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Tcpip\Parameters: [DhcpNameServer] 83.169.186.161 83.169.186.225

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.666 - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-09-19]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-09-19]
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012-06-09]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012-06-09]
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012-06-09]

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
R2 GManager; C:\Windows\system32\GManager.exe [313432 2012-08-28] ()
R2 MCTDesktopSvr; C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe [199296 2011-05-03] ()
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-04-27] (AVG Technologies)
S3 Cardex; C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [15648 2007-03-16] (Windows (R) Server 2003 DDK provider)
S3 firefaceu64; C:\Windows\System32\drivers\fireface_usb_64.sys [101504 2014-04-17] (RME)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2011-08-31] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2011-08-30] (FNet Co., Ltd.)
R3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25808 2013-04-11] ()
R3 iLokDrvr; C:\Windows\SysWOW64\DRIVERS\iLokDrvr.sys [54256 2008-09-08] (PACE Anti-Piracy, Inc.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-30] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-22] (Malwarebytes Corporation)
R3 mctkmd; C:\Windows\system32\drivers\mctkmd64.sys [146712 2013-03-11] (Magic Control Technology Corporation)
R0 mctkmdldr; C:\Windows\System32\drivers\mctkmdldr64.sys [19584 2011-04-08] (Magic Control Technology Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R3 RDID1027; C:\Windows\System32\Drivers\rdwm1027.sys [81920 2009-09-18] (Roland Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2011-12-23] ()
R3 SynUSB64; C:\Windows\System32\DRIVERS\SynUSB64.sys [30352 2009-06-26] (Steinberg Media Technologies GmbH)
S3 t2usb64; C:\Windows\System32\drivers\t2usb64.sys [428664 2013-03-29] (Magic Control Technology Corp.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 TBPanel; No ImagePath
R3 UAD2Pcie; C:\Windows\System32\DRIVERS\UAD2Pcie.sys [47616 2013-10-03] (Universal Audio Inc.)
R3 UAD2System; C:\Windows\System32\DRIVERS\UAD2System.sys [89088 2013-10-03] (Universal Audio Inc.)
R3 YFWBUS; C:\Windows\System32\Drivers\yfwbus.sys [228096 2013-09-12] (Yamaha Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-22 17:07 - 2014-05-22 17:07 - 00000000 ____D () C:\Windows\ERUNT
2014-05-22 16:58 - 2014-05-22 16:58 - 00000000 ____D () C:\AdwCleaner
2014-05-22 16:35 - 2014-05-22 16:35 - 00043346 _____ () C:\Windows\system32\config\systemprofile\Desktop\ComboFix.txt
2014-05-22 15:50 - 2014-05-22 16:35 - 00000000 ____D () C:\Qoobox
2014-05-22 15:50 - 2014-05-22 16:33 - 00000000 ____D () C:\Windows\erdnt
2014-05-22 15:50 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-22 15:50 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-22 15:50 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-22 15:48 - 2014-05-22 15:48 - 05200426 ____R (Swearware) C:\Windows\system32\config\systemprofile\Desktop\ComboFix.exe
2014-05-22 15:48 - 2014-05-22 15:48 - 04760795 _____ (Swearware) C:\Windows\system32\config\systemprofile\Desktop\ComboFix.exe.715n8x2.partial
2014-05-21 15:12 - 2014-05-22 17:15 - 00000000 ____D () C:\FRST
2014-05-21 10:57 - 2014-05-21 10:58 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.5
2014-05-21 10:57 - 2014-05-21 10:57 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll
2014-05-21 01:48 - 2014-05-21 01:48 - 00001061 _____ () C:\OpenOffice.org 3.4.1.lnk
2014-05-21 01:26 - 2014-05-21 12:02 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-20 23:28 - 2014-05-20 23:28 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-05-20 22:56 - 2014-05-22 15:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-20 22:39 - 2014-05-20 22:39 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\WinRAR
2014-05-20 22:23 - 2014-05-20 22:23 - 00158416 _____ () C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-20 22:22 - 2014-05-20 22:23 - 00000000 ____D () C:\Windows\system32\config\systemprofile\lucidlogix
2014-05-20 22:22 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\SysWOW64\%LOCALAPPDATA%
2014-05-20 22:18 - 2014-05-20 23:46 - 00001451 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-20 22:18 - 2014-05-20 23:46 - 00001417 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-20 22:18 - 2014-05-20 22:18 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 22:17 - 2014-05-20 23:46 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-20 22:17 - 2014-05-20 23:46 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 17:03 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Vintage Amp Room
2014-05-14 17:00 - 2009-11-05 09:50 - 09535488 _____ (Softube) C:\Program Files (x86)\Tube Delay.dll
2014-05-14 16:53 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Softube
2014-05-11 20:01 - 2014-05-11 20:01 - 00003209 _____ () C:\Windows\SysWOW64\adorage-protocol.txt
2014-05-11 20:01 - 2014-05-11 20:01 - 00003058 _____ () C:\Windows\SysWOW64\heroglyph-protocol.txt
2014-05-11 19:05 - 2014-05-21 02:53 - 00000000 ____D () C:\Program Files (x86)\GenArts
2014-05-11 19:05 - 2014-05-11 19:05 - 00000098 _____ () C:\Windows\MSUTIL.INI
2014-05-08 19:33 - 2014-05-08 18:58 - 00000426 _____ () C:\AVScanner.ini
2014-05-08 19:08 - 2014-05-08 19:08 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\McAfee
2014-05-07 18:49 - 2014-05-07 18:49 - 00000000 ____D () C:\Program Files (x86)\Yamaha

==================== One Month Modified Files and Folders =======

2014-05-22 17:15 - 2014-05-21 15:12 - 00000000 ____D () C:\FRST
2014-05-22 17:11 - 2013-01-26 14:44 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-22 17:09 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-22 17:09 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-22 17:07 - 2014-05-22 17:07 - 00000000 ____D () C:\Windows\ERUNT
2014-05-22 17:05 - 2011-08-30 19:00 - 01486931 _____ () C:\Windows\WindowsUpdate.log
2014-05-22 17:01 - 2013-08-26 22:04 - 00002812 _____ () C:\Windows\system32\GManager.ini
2014-05-22 17:01 - 2013-01-26 14:44 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-22 17:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-22 17:01 - 2009-07-14 06:51 - 00332172 _____ () C:\Windows\setupact.log
2014-05-22 17:00 - 2010-11-21 05:47 - 00364192 _____ () C:\Windows\PFRO.log
2014-05-22 16:58 - 2014-05-22 16:58 - 00000000 ____D () C:\AdwCleaner
2014-05-22 16:35 - 2014-05-22 16:35 - 00043346 _____ () C:\Windows\system32\config\systemprofile\Desktop\ComboFix.txt
2014-05-22 16:35 - 2014-05-22 15:50 - 00000000 ____D () C:\Qoobox
2014-05-22 16:33 - 2014-05-22 15:50 - 00000000 ____D () C:\Windows\erdnt
2014-05-22 16:29 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-22 15:48 - 2014-05-22 15:48 - 05200426 ____R (Swearware) C:\Windows\system32\config\systemprofile\Desktop\ComboFix.exe
2014-05-22 15:48 - 2014-05-22 15:48 - 04760795 _____ (Swearware) C:\Windows\system32\config\systemprofile\Desktop\ComboFix.exe.715n8x2.partial
2014-05-22 15:26 - 2014-05-20 22:56 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-22 15:25 - 2011-11-03 19:04 - 00000286 _____ () C:\Windows\TWAIN.LOG
2014-05-22 15:25 - 2011-11-03 19:04 - 00000156 _____ () C:\Windows\Twunk001.MTX
2014-05-22 15:25 - 2011-11-03 19:04 - 00000005 _____ () C:\Windows\Twain001.Mtx
2014-05-21 21:26 - 2011-04-12 09:43 - 06517380 _____ () C:\Windows\system32\perfh007.dat
2014-05-21 21:26 - 2011-04-12 09:43 - 01963164 _____ () C:\Windows\system32\perfc007.dat
2014-05-21 21:26 - 2009-07-14 07:13 - 00006216 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-21 15:32 - 2012-09-30 13:50 - 00000000 ____D () C:\Program Files (x86)\butt
2014-05-21 12:02 - 2014-05-21 01:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-21 10:58 - 2014-05-21 10:57 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.5
2014-05-21 10:57 - 2014-05-21 10:57 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll
2014-05-21 02:55 - 2011-11-03 23:54 - 00000000 ____D () C:\Program Files\RdDrv001
2014-05-21 02:53 - 2014-05-11 19:05 - 00000000 ____D () C:\Program Files (x86)\GenArts
2014-05-21 01:48 - 2014-05-21 01:48 - 00001061 _____ () C:\OpenOffice.org 3.4.1.lnk
2014-05-20 23:46 - 2014-05-20 22:18 - 00001451 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-20 23:46 - 2014-05-20 22:18 - 00001417 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-20 23:46 - 2014-05-20 22:17 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-20 23:46 - 2014-05-20 22:17 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 23:42 - 2011-10-04 02:10 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-20 23:42 - 2011-10-04 02:10 - 00000000 ____D () C:\Program Files\Adobe
2014-05-20 23:41 - 2011-08-30 21:28 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-20 23:28 - 2014-05-20 23:28 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-05-20 22:39 - 2014-05-20 22:39 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\WinRAR
2014-05-20 22:23 - 2014-05-20 22:23 - 00158416 _____ () C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-20 22:23 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\system32\config\systemprofile\lucidlogix
2014-05-20 22:22 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\SysWOW64\%LOCALAPPDATA%
2014-05-20 22:22 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-20 22:18 - 2014-05-20 22:18 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-19 15:42 - 2013-06-13 10:28 - 00000000 ____D () C:\Program Files (x86)\iZotope
2014-05-19 15:41 - 2011-09-05 23:53 - 00000000 ____D () C:\Program Files (x86)\Vstplugins
2014-05-19 15:08 - 2012-02-05 22:23 - 00000000 ____D () C:\Program Files\Common Files\Digidesign
2014-05-14 17:03 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Vintage Amp Room
2014-05-14 17:03 - 2014-05-14 16:53 - 00000000 ____D () C:\Program Files (x86)\Softube
2014-05-13 08:23 - 2009-07-14 06:45 - 05338400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-11 20:01 - 2014-05-11 20:01 - 00003209 _____ () C:\Windows\SysWOW64\adorage-protocol.txt
2014-05-11 20:01 - 2014-05-11 20:01 - 00003058 _____ () C:\Windows\SysWOW64\heroglyph-protocol.txt
2014-05-11 19:05 - 2014-05-11 19:05 - 00000098 _____ () C:\Windows\MSUTIL.INI
2014-05-11 13:56 - 2011-09-03 22:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-05-08 19:08 - 2014-05-08 19:08 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\McAfee
2014-05-08 18:58 - 2014-05-08 19:33 - 00000426 _____ () C:\AVScanner.ini
2014-05-08 00:06 - 2013-01-26 14:44 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 00:06 - 2013-01-26 14:44 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 18:49 - 2014-05-07 18:49 - 00000000 ____D () C:\Program Files (x86)\Yamaha
2014-05-07 18:49 - 2011-08-30 21:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-27 13:16 - 2014-03-26 02:34 - 00000000 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-04-27 13:15 - 2014-03-26 02:34 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-04-25 10:20 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-02-19 19:04

==================== End Of Log ============================
         

--- --- ---


Frisches LOG

Addition

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2014
Ran by Rafa at 2014-05-22 17:15:41
Running from C:\Windows\SysWOW64\config\systemprofile\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Disabled - Up to date) {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
AS: Kaspersky Internet Security (Disabled - Up to date) {95CBD341-38DB-14AC-AF6A-08054B41A339}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {1691B380-548E-1A7A-BE85-9A42CE15AEFF}

==================== Installed Programs ======================

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.135 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.4.402.265 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_719d6f144d0c086a0dfa7ff76bb9ac1) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
AKAI professional Plugins Pack v1.01-OxYGeN (HKLM-x32\...\AKAI professional Plugins Pack v1.01-OxYGeN) (Version:  - )
Amazon MP3 Downloader 1.0.9 (HKLM-x32\...\Amazon MP3 Downloader) (Version:  - )
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AnalogX SayIt (HKLM-x32\...\AnalogX SayIt) (Version:  - AnalogX)
Antares Autotune VST v5.09 (HKLM-x32\...\Antares Autotune VST_is1) (Version:  - )
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arturia minimoog V v1.6 (HKLM-x32\...\Arturia minimoog V_is1) (Version:  - )
Ashampoo ClipFinder HD v.2.21 (HKLM-x32\...\Ashampoo ClipFinder HD_is1) (Version: 2.2.1 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ASRock eXtreme Tuner v0.1.71 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.6.1.0171 - DT Soft Ltd)
Audacity 1.3.14 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
AudioEase Altiverb VST RTAS v6.12 (HKLM-x32\...\AudioEase Altiverb VST RTAS_is1) (Version:  - )
Auto-Tune EFX VST (HKLM-x32\...\{95292902-411B-4390-BCBD-8EA445F9456C}) (Version: 1.0.0 - Antares Audio Technologies)
Avid Effects (HKLM-x32\...\{A86F1158-A7F7-4E8C-98E3-88F4996E85EB}) (Version: 10.3.2 - Avid Technology, Inc.)
Avid HD Driver (x64) (HKLM\...\{658E112A-8776-4430-A275-D9248732DFB9}) (Version: 10.3.2 - Avid Technology, Inc.)
Avid Pro Tools (HKLM-x32\...\{8E60BB71-7EF3-42ED-9F10-AA041F25841A}) (Version: 10.3.2 - Avid Technology, Inc.)
Best Service Ethno World 4 Pro (HKLM-x32\...\Best Service Ethno World 4 Pro) (Version:  - )
Best Service Orient World (HKLM-x32\...\Best Service Orient World) (Version:  - )
Bitsonic Waspy 2.1 Mini (HKLM-x32\...\{84770ED7-BAF6-4E12-B1D5-AF15645389C8}_is1) (Version: 2.1 - Bitsonic LP)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BREVERB 2 2.0 (HKLM-x32\...\{B2D9F699-B4A4-4D37-941E-1B55DF33A96D}_is1) (Version: 2.0 - Overloud)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.3 - Broadcom Corporation)
butt (HKLM-x32\...\butt) (Version:  - )
Cakewalk RgcAudio z3ta Plus v1.5.2 VSTi DXi (HKLM-x32\...\Cakewalk RgcAudio z3ta Plus v1.5.2 VSTi DXi) (Version:  - )
Camel Audio Camel Phat VST v3.15 (HKLM-x32\...\Camel Audio Camel Phat VST v3.15) (Version:  - )
Camel Audio Camel Space VST v1.15 (HKLM-x32\...\Camel Audio Camel Space VST v1.15) (Version:  - )
Chromium PlugIns 3.0 (HKLM-x32\...\Chromium PlugIns 3.0) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
db audioware Sidechain Gate VST v1.1.0 (HKLM-x32\...\db audioware Sidechain Gate VST v1.1.0) (Version:  - )
Digieffects Phenomena Particle Effects (HKLM-x32\...\MAGIX_{AC64C316-5914-4741-84C4-CC4A2729544D}) (Version: 1.0.0.1 - MAGIX AG)
Digieffects Phenomena Particle Effects (x32 Version: 1.0.0.1 - MAGIX AG) Hidden
DirectWave (HKLM-x32\...\DirectWave) (Version:  - Image-Line bvba)
discoDSP HighLife v1.4 (HKLM-x32\...\discoDSP HighLife v1.4_is1) (Version: 1.4 - discoDSP)
Druckerdeinstallation für EPSON SX125 Series (HKLM\...\EPSON SX125 Series) (Version:  - SEIKO EPSON Corporation)
E²Deesser (HKLM-x32\...\E²Deesser_is1) (Version: 1.2.0 - Eiosis, Inc.)
East West Colossus (HKLM-x32\...\East West Colossus) (Version:  - )
East West EWQLSO Gold Edition (HKLM-x32\...\East West EWQLSO Gold Edition) (Version:  - )
East West Ra (HKLM-x32\...\East West Ra) (Version:  - )
ElastikVst (x32 Version: 1.00.0000 - ueberschall sample service GmbH) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.6.6.2134 - Steinberg Media Technologies GmbH)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EXPERTool 7.20 (HKLM-x32\...\MySSID_is1) (Version:  - Gainward Co., Ltd)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
FormatFactory 2.70 (HKLM-x32\...\FormatFactory) (Version: 2.70 - Free Time)
Free Dailymotion Download version 1.0.4.1028 (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.4.1028 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Gladiator  full (HKLM-x32\...\Tone2 Gladiator full_is1) (Version:  - Tone2)
Gladiator v1.2.2.0 (HKLM-x32\...\Tone2 Gladiator Retail_is1) (Version:  - )
GmdeiaMusic Oddity bank5 Addon (HKLM-x32\...\GmdeiaMusic Oddity bank5 Addon) (Version:  - )
GMedia Music impOSCar VSTi v1.0.0.1 (HKLM-x32\...\GMedia Music impOSCar VSTi v1.0.0.1) (Version:  - )
GMediaMusic - Oddity VST2 (HKLM-x32\...\Oddity VST2) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{36A52BCF-AC3D-32F1-AD5F-A09769EB8887}) (Version: 4.1.3.13728 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GRM Tools Spectral Transform VST v1.6.52 (HKLM-x32\...\GRM Tools Spectral Transform VST v1.6.52) (Version:  - )
Halls Of Fame Free -  Origami Edition 2.5.2 (HKLM-x32\...\Halls Of Fame Free -  Origami Edition 2.5.2) (Version:  - )
HOFA-Plugins Uninstall (HKLM-x32\...\HOFA-Plugins) (Version:  - HOFA-Plugins)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line bvba)
INTEGRA (HKLM-x32\...\INTEGRA_is1) (Version:  - )
INTEGRA-7 (HKLM-x32\...\INTEGRA-7_is1) (Version: 1.0 - Cakewalk Music Software)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
ISO Workshop 5.2 (HKLM-x32\...\ISO Workshop_is1) (Version:  - Glorylogic)
IsoBuster 3.1 (HKLM-x32\...\IsoBuster_is1) (Version: 3.1 - Smart Projects)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.290 - Oracle)
Juicer 3.90 (HKLM-x32\...\{640EAE56-81A2-49D4-9B8C-00DA3C0031AF}_is1) (Version:  - Digital Juice, Inc.)
Kaspersky Internet Security 2012 (HKLM-x32\...\InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}) (Version: 12.0.0.374 - Kaspersky Lab)
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374 - Kaspersky Lab) Hidden
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
License Support (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
LiquidInstrumentVst 1.1 (HKLM-x32\...\{A2453C21-B185-437A-933D-EAFC19D0E2D2}) (Version: 1.01.0007 - ueberschall sample service GmbH)
LiquidInstrumentVst 1.1 (x32 Version: 1.01.0007 - ueberschall sample service GmbH) Hidden
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Macromedia Flash 8 (HKLM-x32\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Magic Bullet Quick Looks (for MAGIX) (HKLM-x32\...\{B2CF1869-8727-4F9C-BA7D-807CA9F7C528}) (Version: 1.0.0 - Red Giant)
MAGIX PanoramaStudio 2.2.5 Pro (HKLM-x32\...\MAGIX_{C4A9E247-9949-4D95-AB8C-45FE1469847F}) (Version: 2.2.5.129 - MAGIX AG)
MAGIX PanoramaStudio 2.2.5 Pro (x32 Version: 2.2.5.129 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\MAGIX_{EE79A8D3-6676-41FF-967C-242017CEC0F2}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{838A0DDB-239D-4668-94E7-7E8AC329D1C4}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Designelemente) (HKLM-x32\...\MAGIX_{A86B6747-7E5B-4E7A-9614-D466E31482CE}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Designelemente) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Digieffects Phenomena Particle Effects) (HKLM-x32\...\MAGIX_{AC0D8298-8D48-44A2-AE6D-444167493C60}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Digieffects Phenomena Particle Effects) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Filmvorlagen) (HKLM-x32\...\MAGIX_{31837320-F3EB-43B9-85FD-72916279C5DA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Filmvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Fotoshow Maker-Stile) (HKLM-x32\...\MAGIX_{83AB7E66-A59E-43BD-94B2-274ABEF2524B}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Fotoshow Maker-Stile) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (HKLM-x32\...\MAGIX_{E9CF5DD7-A414-4C00-8651-A60933B36410}) (Version: 11.0.5.26 - MAGIX AG)
MAGIX Video Pro X4 (Individuelle Menüvorlagen) (HKLM-x32\...\MAGIX_{3BE17CC6-BE68-4528-A80B-1CA3FE4A7DB7}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Individuelle Menüvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Menüvorlagen) (HKLM-x32\...\MAGIX_{440FA05F-BB9E-4735-B2FF-0B67C10183DA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Menüvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (NewBlueFX Light Blends) (HKLM-x32\...\MAGIX_{CE970FCE-0971-4EFF-996D-546D1AC3ECE2}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (NewBlueFX Light Blends) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Red Giant Magic Bullet Quick Looks) (HKLM-x32\...\MAGIX_{C0502363-A610-4D5B-B5A0-7F8447491B21}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Red Giant Magic Bullet Quick Looks) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Titeleffekte) (HKLM-x32\...\MAGIX_{9F2049D9-A3BF-4711-94E5-53E85855C5BF}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Titeleffekte) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Überblendeffekte) (HKLM-x32\...\MAGIX_{9F17B0CC-9ED8-4B53-97CB-E0CB022DC16A}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Überblendeffekte) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Video Plugins) (HKLM-x32\...\MAGIX_{B1DA7E9C-4822-41DD-8797-43C5B42F275F}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Video Plugins) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (x32 Version: 11.0.5.26 - MAGIX AG) Hidden
MAGIX Video Pro X4 Update (Version: 11.0.7.8 - MAGIX AG) Hidden
MAGIX Video Pro X4 Update (Version: 11.0.9.0 - MAGIX AG) Hidden
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1003 - Marvell)
Melodyne 3.1 (HKLM-x32\...\{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}) (Version: 3.1.0200 - Celemony Software GmbH)
Melodyne 3.1 (x32 Version: 3.1.0200 - Celemony Software GmbH) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Miroslav Philharmonik (HKLM-x32\...\{BA0D0121-A3BA-487D-9C78-7AB0E676C722}) (Version: 1.0.0 - IK Multimedia)
Miroslav Philharmonik Instruments (HKLM-x32\...\{9FCCC8D1-3152-4699-8793-6CB0B9E26EBB}) (Version: 1.0 - IK Multimedia)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
mocha Pro V3.2.1-7276 (HKLM-x32\...\{110ABF3B-74FA-45A4-B893-8482DA52AA9D}) (Version: 3.21.7276 - Imagineer Systems)
Mopis VSTi v1.1 (HKLM-x32\...\Mopis VSTi v1.1) (Version:  - )
Mozilla Firefox 23.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 23.0.1 (x86 de)) (Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
Mp3tag v2.49a (HKLM-x32\...\Mp3tag) (Version: v2.49a - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Native Instruments B4 II (HKLM-x32\...\Native Instruments B4 II) (Version:  - )
Native Instruments Battery 3 (HKLM-x32\...\Native Instruments Battery 3) (Version:  - )
Native Instruments Guitar Combo III (HKLM-x32\...\Native Instruments Guitar Combo III) (Version:  - )
Native Instruments Kinetic Metal (HKLM-x32\...\Native Instruments Kinetic Metal) (Version: 1.0.0.12 - Native Instruments)
Native Instruments Kinetic Metal (Version: 1.0.0.12 - Native Instruments) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (Version: 5.1.0.6066 - Native Instruments) Hidden
Native Instruments Kontakt 5 Demo Content (HKLM-x32\...\Native Instruments Kontakt 5 Demo Content) (Version:  - Native Instruments)
Native Instruments Kontakt 5 Demo Content (Version: 1.0.0.000 - Native Instruments) Hidden
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Massive (Version: 1.3.0.2050 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments)
Native Instruments Service Center (Version: 2.5.2.1549 - Native Instruments) Hidden
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.1.0.418 - Native Instruments)
Native Instruments Supercharger (Version: 1.1.0.418 - Native Instruments) Hidden
Native Power Pack vol 1 v2.5 (HKLM-x32\...\NPP vol 1) (Version:  - )
Native Power Pack vol 2 v2.5 (HKLM-x32\...\NPP vol 2) (Version:  - )
Nero Burning ROM 11 (HKLM-x32\...\{E656D89A-8CBB-497F-918F-8361A4071C26}) (Version: 11.0.10400 - Nero AG)
Nero Burning ROM 11 (x32 Version: 11.0.12200.23.100 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero ControlCenter 11 (x32 Version: 11.0.12300.0.23 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Core Components 11 (x32 Version: 11.0.14700.1.9 - Nero AG) Hidden
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.10623.22.0 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20007 - Nero AG) Hidden
NewBlueFX Light Blends (HKLM-x32\...\NewBlueFX Light Blends) (Version: 1.4 - NewBlue)
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Octopus (HKLM-x32\...\Octopus) (Version:  - )
Ohm Force - Ohmicide VST (HKLM-x32\...\Ohmicide VST) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.) Hidden
PCM Native Reverb Bundle (HKLM-x32\...\PCM Native Reverb Bundle) (Version:  - Lexicon)
PCM Native Reverb Bundle (x32 Version: 1.1.3 - Lexicon) Hidden
PCR-Treiber (HKLM\...\RolandRDID0027) (Version:  - Roland Corporation)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.1 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v6.5 (HKLM-x32\...\{169917C4-4A77-45F4-B20E-860703FD5E6F}) (Version: 6.5 - Spigot, Inc.) <==== ATTENTION
Photo to Cartoon (HKLM-x32\...\{3A6A34D3-37EE-40F3-BF81-EC7A4BF7F24D}) (Version: 1.0.0 - Caricature Software)
Pinguin Audio Meter v2.2 (HKLM-x32\...\Pinguin Audio Meter v2.2) (Version:  - )
proDAD DeFishr 1.0 (HKLM-x32\...\proDAD-DeFishr-1.0) (Version: 1.0.59.1 - proDAD GmbH)
proDAD Mercalli 1.0 (HKLM-x32\...\proDAD-Mercalli-1.0) (Version:  - )
proDAD Mercalli 2.0 (HKLM-x32\...\proDAD-Mercalli-2.0) (Version: 2.0.112.2 - proDAD GmbH)
proDAD Mercalli 3.0 (HKLM-x32\...\proDAD-Mercalli-3.0) (Version: 3.0.215.1 - proDAD GmbH)
proDAD ProDRENALIN 1.0 (HKLM-x32\...\proDAD-ProDRENALIN-1.0) (Version: 1.0.22.1 - proDAD GmbH)
proDAD Vitascene 1.0 (HKLM-x32\...\proDAD-Vitascene-1.0) (Version:  - )
proDAD Vitascene 2.0 (64bit) (HKLM\...\proDAD-Vitascene-2.0) (Version: 2.0.108 - proDAD GmbH)
proDAD Vitascene 2.0 (HKLM-x32\...\proDAD-Vitascene-2.0) (Version: 2.0.108 - proDAD GmbH)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
Revoice Pro (32 bit) (HKLM-x32\...\{7481C12D-51CF-4747-B1D5-3D7FE7612F0F}) (Version: 2.3.0.5 - Synchro Arts Ltd)
RgcAudio Pentagon I v1.4 (HKLM-x32\...\RgcAudio Pentagon I v1.4) (Version:  - )
RME Fireface USB (HKLM\...\FIREFACE_USB) (Version: 1.0.46.0 - RME Intelligent Audio Solutions)
Rob Papen Albino 3 (HKLM-x32\...\Rob Papen Albino 3) (Version:  - )
Rob Papen Blue VSTi v1.01  (HKLM-x32\...\Rob Papen Blue VSTi v1.01 ) (Version:  - )
Rob Papen Predator V1.1 b (HKLM-x32\...\Predator_is1) (Version:  - RPCX)
Saints Row The Third (HKLM-x32\...\Saints Row The Third_is1) (Version:  - )
SheepDog 1.0 (HKLM-x32\...\{8DDD8A6E-C353-4489-9935-63B8F0E4C6C4}) (Version: 1.0.0.0 - Josh Sklare)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Sndbad Shaders 1.04 (HKLM-x32\...\Sndbad Shaders 1.04) (Version: 1.04 - Sndbad)
Softube Acoustic Feedback VST RTAS v1.0.7 (HKLM-x32\...\Softube Acoustic Feedback VST RTAS_is1) (Version:  - )
Softube Bass Amp Room VST RTAS v1.0.2 (HKLM-x32\...\Softube Bass Amp Room VST RTAS_is1) (Version:  - )
Softube FET Compressor VST RTAS v1.0.3 (HKLM-x32\...\Softube FET Compressor VST RTAS_is1) (Version:  - )
Softube Metal Amp Room VST RTAS v1.1.5 (HKLM-x32\...\Softube Metal Amp Room VST RTAS_is1) (Version:  - )
Softube Passive-Active Pack VST RTAS v1.0.2 (HKLM-x32\...\Softube Passive-Active Pack VST RTAS_is1) (Version:  - )
Softube Spring Reverb VST RTAS v1.0.4 (HKLM-x32\...\Softube Spring Reverb VST RTAS_is1) (Version:  - )
Softube Tonelux Tilt VST RTAS v1.0 (HKLM-x32\...\Softube Tonelux Tilt_is1) (Version:  - )
Softube Trident A-Range VST RTAS v1.0.2 (HKLM-x32\...\Softube Trident A-Range VST RTAS_is1) (Version:  - )
Softube Tube Delay VST RTAS v1.0.5 (HKLM-x32\...\Softube Tube Delay VST RTAS_is1) (Version:  - )
Softube Tube-Tech CL 1B VST RTAS v1.0.3 (HKLM-x32\...\Softube Tube-Tech CL 1B VST RTAS_is1) (Version:  - )
Softube Tube-Tech PE 1C VST RTAS v1.0.1 (HKLM-x32\...\Softube Tube-Tech PE 1C_is1) (Version:  - )
Softube Valley People Dyna-mite VST RTAS v1.0.1 (HKLM-x32\...\Softube Valley People Dyna-mite VST RTAS_is1) (Version:  - )
Softube Vintage Amp Room VST RTAS v1.05 (HKLM-x32\...\Softube Vintage Amp Room VST RTAS_is1) (Version:  - )
Sonalksis Plug-Ins for Windows 3.00 (HKLM-x32\...\Sonalksis Plug-Ins for Windows_is1) (Version:  - Sonalksis)
Sonnox Oxford Inflator Native VST v1.5.1 (HKLM-x32\...\Sonnox Oxford Inflator Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Inflator PowerCore VST v1.5.1 (HKLM-x32\...\Sonnox Oxford Inflator PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Limiter Native VST v1.1.1 (HKLM-x32\...\Sonnox Oxford Limiter Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Limiter PowerCore VST v1.1.1 (HKLM-x32\...\Sonnox Oxford Limiter PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 Dynamics Native VST v1.3.1 (HKLM-x32\...\Sonnox Oxford R3 Dynamics Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 Dynamics PowerCore VST v1.3.1 (HKLM-x32\...\Sonnox Oxford R3 Dynamics PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 EQ Native VST v1.6.1 (HKLM-x32\...\Sonnox Oxford R3 EQ Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 EQ PowerCore VST v1.6.1 (HKLM-x32\...\Sonnox Oxford R3 EQ PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Reverb Native VST v1.0 (HKLM-x32\...\Sonnox Oxford Reverb Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford TransMod Native VST v1.3.1 (HKLM-x32\...\Sonnox Oxford TransMod Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford TransMod PowerCore VST v1.3.1 (HKLM-x32\...\Sonnox Oxford TransMod PowerCore VST_is1) (Version:  - Team AiR 2007)
Sony ACID 4.0f (HKLM-x32\...\{36235A3F-92C7-4F90-84E7-3697C59AD369}) (Version: 4.0.446 - Sony)
SoundToys Devil-Loc Deluxe - Academic V1 (HKLM-x32\...\Devil-Loc Deluxe - Academic V1_is1) (Version:  - SoundToys Inc)
SoundToys MicroShift V1 (HKLM-x32\...\MicroShift V1_is1) (Version:  - SoundToys Inc)
SoundToys NTV FX V4 - Academic V4 (HKLM\...\SoundToys NTV FX V4 - Academic V4_is1) (Version:  - SoundToys Inc)
SoundToys NTV FX V4 - Academic V4 (HKLM-x32\...\SoundToys NTV FX V4 - Academic V4_is1) (Version:  - SoundToys Inc)
SP ver 4.71 (HKLM-x32\...\SP Inc. Panoramic Tools, SP_STITCHER_is1) (Version:  - )
SPL Analog Code Vitalizer MK2-T VST RTAS v1.2 (HKLM-x32\...\SPL Analog Code Vitalizer MK2-T VST RTAS_is1) (Version:  - )
Steinberg Cubase 7 (HKLM-x32\...\{36035C23-2361-495A-9AE9-D1FF9A9F70B7}) (Version: 7.0.5 - Steinberg Media Technologies GmbH)
Steinberg Cubase 7.5 (HKLM-x32\...\{C75F4809-1E91-49F4-8093-45D9B053E89D}) (Version: 7.5.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg EDM Toolbox MIDI Loops (HKLM-x32\...\{8C9B2EA8-9A30-4347-95E9-10E919C4F32E}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Eucon Adapter 6.5 (HKLM-x32\...\{000F81EC-1EF7-4926-BE38-1B5E3A41E109}) (Version: 6.5.2 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Allen Morgan Signature Drums (HKLM-x32\...\{611A7035-0172-4B9B-8BB6-5046F6867D8A}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE (HKLM-x32\...\{A6790D47-D653-4B88-BED4-96878DBE5191}) (Version: 4.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE (HKLM-x32\...\{EF7800A8-575E-4776-95A5-A9D904A85D5F}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 1.6.1 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop (HKLM-x32\...\{DC0A50F1-AD2A-4B8C-BD9E-C047B3D8F9E5}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue (HKLM-x32\...\{0EB4D2B3-9410-4FB7-AD46-C48CE45B9498}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Stereoizer3 v3.1 (HKLM\...\Stereoizer3_is1) (Version:  - NUGEN Audio)
Sugar Bytes Cyclop 1.0.1 (HKLM\...\Cyclop_is1) (Version: 1.0.1 - Sugar Bytes)
Sugar Bytes Guitarist 1.0.2 (HKLM\...\Guitarist_is1) (Version: 1.0.2 - Sugar Bytes)
Sugar Bytes Guitarist Library 1.0 (HKLM-x32\...\Guitarist Library_is1) (Version: 1.0 - Sugar Bytes)
Sugar Bytes Turnado 1.5 (HKLM\...\Turnado_is1) (Version: 1.5 - Sugar Bytes)
Sylenth1 v2.20 (HKLM\...\Sylenth1_is1) (Version:  - )
SynthMaker 1.0 (HKLM-x32\...\SynthMaker) (Version:  - Outsim)
TC Native Bundle v3.1 (HKLM-x32\...\TC Native Bundle v3.1) (Version:  - )
TerraTec Komplexer VSTi v1.0.2.0 (HKLM-x32\...\TerraTec Komplexer_is1) (Version:  - )
Timeworks ReverbX (HKLM-x32\...\Timeworks ReverbX) (Version:  - )
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version:  - Image-Line bvba)
Tpkd x64 (HKLM\...\{6347E7B5-806F-4302-906A-05C62CCEA502}) (Version: 5.9.6 - PACE Anti-Piracy, Inc.)
Trilogy (HKLM-x32\...\Trilogy_is1) (Version:  - Spectrasonics, Inc.)
TrojanHunter 5.5 (HKLM-x32\...\TrojanHunter_is1) (Version: 5.5 - Mischel Internet Security)
TruePianos 1.4.1 (HKLM\...\TruePianos_is1) (Version:  - 4Front Technologies)
TruePianos: Amber Module 1.4.0 (HKLM-x32\...\TruePianos: Amber Module_is1) (Version:  - 4Front Technologies)
TruePianos: Diamond Module 1.4.0 (HKLM-x32\...\TruePianos: Diamond Module_is1) (Version:  - 4Front Technologies)
TruePianos: Emerald Module 1.4.0 (HKLM-x32\...\TruePianos: Emerald Module_is1) (Version:  - 4Front Technologies)
Tunatic (HKLM-x32\...\Tunatic) (Version:  - )
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
UAD drivers. This may take a while... (x32 Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{b5c448f3-fa31-47bf-85ed-13451fbdfe90}) (Version: 7.3.0.4295 - Universal Audio, Inc.)
UAD Powered Plug-Ins (Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (x32 Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
URS Classic Console EQ Bundle VST Native (HKLM-x32\...\URS Classic Console EQ Bundle VST Native1.0) (Version: 1.0 - URS Unique Recording Software)
URS Everything EQ Bundle v4.0 (HKLM-x32\...\URS Everything EQ Bundle v4.0) (Version:  - )
USB Display Device (Trigger Family) 13.02.0329.3679 (HKLM-x32\...\{81C5AD1D-C7C6-48AC-AC85-8F04293B1780}) (Version: 13.02.0329.3679 - StarTech)
Vengeance Producer Suite - Glitch Bitch 1.0.3 (HKLM-x32\...\{67715E04-59FB-442A-9A23-76F9C0F0D78D}_is1) (Version:  - keilwerth Audio / Vengeance Sound)
Vengeance Producer Suite - TapeStop 1.0.1 (HKLM-x32\...\{24293F25-0C00-4DD9-8DCD-257E415FF5E4}_is1) (Version:  - keilwerth Audio / Vengeance Sound)
Viral Outbreak v1.00 VSTi (HKLM-x32\...\Viral Outbreak v1.00 VSTi_is1) (Version:  - )
VIRTU 1.0.0 (HKLM\...\VIRTU_is1) (Version: 1.0.0 - Lucidlogix Technologies LTD)
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ 64-bit Redistributables (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (x32 Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
VocALign Pro 4 VST (HKLM-x32\...\{EB77C666-B349-4046-8BD3-E4941119E1EF}) (Version: 4.2 - Synchro Arts Ltd)
V-Station 1.5.1 (HKLM-x32\...\{842C6AFC-7856-4fd9-99AF-8900554ACAA2}_is1) (Version: 1.5.1 - Novation Digital Music Systems Ltd.)
Waves Mercury Bundle (HKLM-x32\...\Waves Mercury Bundle) (Version: 5.0 - Team AiR)
Waves SSL Collection v1.2 (HKLM-x32\...\Waves SSL Collection v1.2) (Version:  - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - RME Fireface USB (04/02/2014 1.0.46.0) (HKLM\...\EA40120374767D22CA5438C62B3763D87EB7BEB0) (Version: 04/02/2014 1.0.46.0 - RME)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WordBuilder (HKLM-x32\...\{B7DAD844-34CD-456B-83CC-88065323DD69}) (Version: 1.1.21 - East West)
XFastUsb (HKLM-x32\...\XFastUsb) (Version:  - )
Yamaha Steinberg FW Driver (HKLM-x32\...\InstallShield_{755036CF-6EC8-48E3-A193-B3434E8A4F59}) (Version: 1.6.5 - Yamaha Corporation)
Yamaha Steinberg FW Driver (Version: 1.6.5 - Yamaha Corporation) Hidden
YTD Video Downloader 4.7.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.1 - GreenTree Applications SRL)
Zero-G Nostalgia (HKLM-x32\...\Zero-G Nostalgia) (Version:  - )

==================== Restore Points  =========================

06-06-2012 19:37:15 Installed Active@ ISO Burner
06-06-2012 19:37:45 SPTD setup V1.62
22-05-2014 13:50:35 ComboFix created restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-22 16:28 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {19BE80B5-54F2-4DBB-A5FE-5E5453896226} - System32\Tasks\Google Updater and Installer => C:\Users\Rafa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {1AB66A4A-F6E6-43CA-A080-197C00D1C61F} - System32\Tasks\AdobeAAMUpdater-1.0-Rafa-PC-Rafa => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {1B37D9E5-3425-46E7-8C57-2D94552EC7BB} - System32\Tasks\{F68D4C34-DD44-4E41-9633-193DC626206B} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {221B9D0C-B2DF-4B57-AC9D-33BE824FE9D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {4727FFD6-A804-4ECD-B1E9-BCD53AFF1D24} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-680937111-310360728-3594482816-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {4CE47BE3-3942-40B5-AE81-EC304CFC9577} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {5B98D882-72B5-422D-B9CA-E9D85DF1B5B6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {6AC39706-D091-468D-83C4-7A8DF6E979FA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-680937111-310360728-3594482816-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {7A07574B-B584-407D-81E2-3323EA442BD2} - \Browser Manager No Task File <==== ATTENTION
Task: {84326A1B-429A-4188-AB35-B2C558D03636} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {84AB0070-4A65-462A-BEDD-1CEC7CB02CB5} - System32\Tasks\{C7DD9DD2-B840-48A2-A54F-E67DADD4518E} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {88B6246D-3C3C-43D3-BF7F-BE11C23B88DC} - System32\Tasks\{B8B5160B-43C2-44F5-ABB5-A6C7375B9D91} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {8946CD17-40AD-41EA-BFC9-A92971E73976} - \DealPly No Task File <==== ATTENTION
Task: {8F18BF3C-4BCB-4A2D-B28E-F067F95B17D9} - System32\Tasks\Amazon Music Helper => C:\Users\Rafa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2013-12-12] ()
Task: {C0D44A6D-9C3C-46A6-8135-1075D0504BD1} - System32\Tasks\{7EE3FCBD-EA2D-43A4-97C5-8D3A75FF8DF4} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {DA3623FC-BFCA-4CE2-8BA9-E09CA4E5744E} - System32\Tasks\{A17CBABF-DCC3-4AC2-B912-F5108225B8C7} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {F294DDB7-8BC5-4E5A-BFAE-5E0189AAF08F} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-05-23] (RealNetworks, Inc.)
Task: {FF4983CF-5622-4E85-8ED6-062DF8FD97CA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-03-20 17:33 - 2014-02-08 19:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-26 22:12 - 2012-08-28 14:20 - 00313432 _____ () C:\Windows\system32\GManager.exe
2013-08-26 22:12 - 2011-05-03 18:13 - 00199296 _____ () C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
2014-01-02 15:00 - 2013-12-12 21:56 - 03145536 _____ () C:\Users\Rafa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:6B2C3EB805B95CCC

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.


==================== Memory info =========================== 

Percentage of memory in use: 14%
Total physical RAM: 16296.58 MB
Available physical RAM: 13898.95 MB
Total Pagefile: 32591.35 MB
Available Pagefile: 30102.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.5 GB) (Free:201.02 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Rafau) (Fixed) (Total:465.76 GB) (Free:3.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F99A8EF3)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 1CB12ABD)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Dein Benutzerprofil macht mir noch etwas Sorgen. Erstell mal einen neuen Adminbenutzer über die Systemsteuerung, log dich in diesem ein und erstell neuer FRST-Logs.

hmm ich bin total am ende...ich kann auch nichts mehr installieren und sonstiges!
Vieleicht doch formatieren ????ß

Du gehst auf meinen letzten Beitrag genau garnicht ein

so habs gemacht...ne sorry ... aber ich kann seit Tagen nicht mehr am pc arbeiten das macht mich hibbelig...

schau mal ob es sich da was geändetr hat? ich konnte aufjedenfall mit dem neuen Administrator Malware installieren und durchscannen lassen, ohne probleme!
Ich hab das gefühl der alte Admin ist irgendwie gesperrt oder so...

FRST LOG NEU


FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by Mama (administrator) on RAFA-PC on 23-05-2014 00:28:13
Running from C:\Users\Mama\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\System32\GManager.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Magic Control Technology Corporation) C:\Program Files (x86)\Common Files\DesktopUtil\MCTDUtil.exe
(Magic Control Technology Corporation) C:\Program Files (x86)\Common Files\DesktopUtil\FDispPos.exe
(RME) C:\Windows\System32\firefaceusb.exe
(RME) C:\Windows\System32\TotalMixFX.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUsb\XFastUsb.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Universal Audio, Inc.) C:\Program Files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Yamaha Corporation) C:\Program Files (x86)\Yamaha\FWDriver\yfwtray.exe
(Yamaha Corporation) C:\Program Files (x86)\Yamaha\FWDriver\yfwcm.exe
(Mischel Internet Security) C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [VIRTU] => C:\Program Files\Lucidlogix Technologies\VIRTU\VirtuControlPanel.Exe [2619488 2011-04-21] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [MCTDUtil] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [FDispPos] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [FirefaceUsbTray1] => C:\Windows\system32\firefaceusb.exe [98304 2014-04-17] (RME)
HKLM\...\Run: [FirefaceMixTray2] => C:\Windows\system32\TotalMixFX.exe [22900440 2014-04-17] (RME)
HKLM-x32\...\Run: [XFastUsb] => C:\Program Files (x86)\XFastUsb\XFastUsb.exe [4942336 2011-08-30] (FNet Co., Ltd.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2012-05-23] (RealNetworks, Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UATrayIcon] => C:\Program Files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe [1404928 2013-10-03] (Universal Audio, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [yfwtray] => C:\Program Files (x86)\Yamaha\FWDriver\yfwtray.exe [110592 2008-03-06] (Yamaha Corporation)
HKLM-x32\...\Run: [yfwcm] => C:\Program Files (x86)\Yamaha\FWDriver\yfwcm.exe [557056 2009-05-27] (Yamaha Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [THGuard] => C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe [1086880 2012-10-23] (Mischel Internet Security)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
AppInit_DLLs: C:\PROGRA~1\LUCIDL~1\VIRTU\appinit_dll.dll => C:\Program Files\Lucidlogix Technologies\VIRTU\appinit_dll.dll [183904 2011-04-21] (Lucidlogix Inc.)
AppInit_DLLs-x32: c:\PROGRA~1\LUCIDL~1\VIRTU\x86\appinit_dll.dll => C:\Program Files\Lucidlogix Technologies\VIRTU\x86\appinit_dll.dll [154208 2011-04-21] (Lucidlogix Inc.)
Startup: C:\Users\Rafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Mama\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Rafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Rafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SheepDog.lnk
ShortcutTarget: SheepDog.lnk -> C:\Users\Rafa\AppData\Roaming\Microsoft\Installer\{8DDD8A6E-C353-4489-9935-63B8F0E4C6C4}\SheepDog.exe (Josh Sklare)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA96AC7490876CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Astroburn Toolbar - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Tcpip\Parameters: [DhcpNameServer] 83.169.186.161 83.169.186.225

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.666 - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-09-19]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-09-19]
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012-06-09]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012-06-09]
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012-06-09]

Chrome: 
=======
CHR Extension: (FreeOnlineRadioPlayerRecorder V1) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\aicancafipiklohohmoognddncljhkio [2014-05-22]
CHR Extension: (Google Docs) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-22]
CHR Extension: (Google Drive) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-22]
CHR Extension: (Google-Suche) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-22]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-05-22]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-05-22]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-05-22]
CHR Extension: (Google Wallet) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-22]
CHR Extension: (Google Mail) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-22]
CHR Extension: (Anti-Banner) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-05-22]
CHR HKLM-x32\...\Chrome\Extension: [aicancafipiklohohmoognddncljhkio] - C:\Users\Rafa\AppData\Local\CRE\aicancafipiklohohmoognddncljhkio.crx [2013-02-11]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx [2011-10-13]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx [2011-10-13]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-09-19]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx [2011-10-13]

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
R2 GManager; C:\Windows\system32\GManager.exe [313432 2012-08-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MCTDesktopSvr; C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe [199296 2011-05-03] ()
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-04-27] (AVG Technologies)
S3 Cardex; C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [15648 2007-03-16] (Windows (R) Server 2003 DDK provider)
S3 firefaceu64; C:\Windows\System32\drivers\fireface_usb_64.sys [101504 2014-04-17] (RME)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2011-08-31] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2011-08-30] (FNet Co., Ltd.)
R3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25808 2013-04-11] ()
R3 iLokDrvr; C:\Windows\SysWOW64\DRIVERS\iLokDrvr.sys [54256 2008-09-08] (PACE Anti-Piracy, Inc.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-30] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 mctkmd; C:\Windows\system32\drivers\mctkmd64.sys [146712 2013-03-11] (Magic Control Technology Corporation)
R0 mctkmdldr; C:\Windows\System32\drivers\mctkmdldr64.sys [19584 2011-04-08] (Magic Control Technology Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R3 RDID1027; C:\Windows\System32\Drivers\rdwm1027.sys [81920 2009-09-18] (Roland Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2011-12-23] ()
R3 SynUSB64; C:\Windows\System32\DRIVERS\SynUSB64.sys [30352 2009-06-26] (Steinberg Media Technologies GmbH)
S3 t2usb64; C:\Windows\System32\drivers\t2usb64.sys [428664 2013-03-29] (Magic Control Technology Corp.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 TBPanel; No ImagePath
R3 UAD2Pcie; C:\Windows\System32\DRIVERS\UAD2Pcie.sys [47616 2013-10-03] (Universal Audio Inc.)
R3 UAD2System; C:\Windows\System32\DRIVERS\UAD2System.sys [89088 2013-10-03] (Universal Audio Inc.)
R3 YFWBUS; C:\Windows\System32\Drivers\yfwbus.sys [228096 2013-09-12] (Yamaha Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-23 00:28 - 2014-05-23 00:28 - 00023753 _____ () C:\Users\Mama\Desktop\FRST.txt
2014-05-23 00:27 - 2014-05-23 00:27 - 02067456 _____ (Farbar) C:\Users\Mama\Desktop\FRST64.exe
2014-05-23 00:24 - 2014-05-23 00:19 - 00032361 _____ () C:\Users\Mama\Desktop\äö.txt
2014-05-23 00:22 - 2014-05-23 00:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mama\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-22 23:54 - 2014-05-22 23:54 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-22 23:53 - 2014-05-22 23:53 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\RealNetworks
2014-05-22 23:53 - 2014-05-22 23:53 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Adobe
2014-05-22 23:50 - 2014-05-23 00:20 - 00000000 ____D () C:\Users\Mama\AppData\Local\TotalMixFX
2014-05-22 23:50 - 2014-05-22 23:53 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Real
2014-05-22 23:50 - 2014-05-22 23:50 - 00001439 _____ () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-22 23:50 - 2014-05-22 23:50 - 00001405 _____ () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-22 23:50 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\lucidlogix
2014-05-22 23:50 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Epson
2014-05-22 23:50 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Apple Computer
2014-05-22 23:50 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\AppData\Local\Adobe
2014-05-22 23:49 - 2014-05-22 23:51 - 00002247 _____ () C:\Users\Mama\Desktop\Google Chrome.lnk
2014-05-22 23:49 - 2014-05-22 23:50 - 00000000 ___RD () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-22 23:49 - 2014-05-22 23:50 - 00000000 ___RD () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-22 23:49 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama
2014-05-22 23:49 - 2014-05-22 23:49 - 00000020 ___SH () C:\Users\Mama\ntuser.ini
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Vorlagen
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Startmenü
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Netzwerkumgebung
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Lokale Einstellungen
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Eigene Dateien
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Druckumgebung
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Documents\Eigene Musik
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Documents\Eigene Bilder
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\AppData\Local\Verlauf
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\AppData\Local\Anwendungsdaten
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Anwendungsdaten
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 ____D () C:\Users\Mama\AppData\Local\Google
2014-05-22 23:49 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Mama\AppData\Local\NVIDIA
2014-05-22 23:49 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Mama\AppData\Local\Amazon Cloud Player
2014-05-22 23:49 - 2011-09-12 15:58 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Macromedia
2014-05-22 23:49 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-22 23:49 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-22 23:16 - 2014-05-22 23:16 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-22 23:13 - 2014-05-22 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-22 23:13 - 2014-05-22 23:54 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-22 23:13 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-22 23:13 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-22 23:13 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-22 17:07 - 2014-05-22 17:07 - 00000000 ____D () C:\Windows\ERUNT
2014-05-22 16:58 - 2014-05-22 16:58 - 00000000 ____D () C:\AdwCleaner
2014-05-22 15:50 - 2014-05-22 16:35 - 00000000 ____D () C:\Qoobox
2014-05-22 15:50 - 2014-05-22 16:33 - 00000000 ____D () C:\Windows\erdnt
2014-05-22 15:50 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-22 15:50 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-22 15:50 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-21 15:12 - 2014-05-23 00:28 - 00000000 ____D () C:\FRST
2014-05-21 10:57 - 2014-05-21 10:58 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.5
2014-05-21 10:57 - 2014-05-21 10:57 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll
2014-05-21 10:57 - 2014-05-21 10:57 - 00000000 ____D () C:\ProgramData\TrojanHunter
2014-05-21 10:57 - 2014-05-21 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrojanHunter
2014-05-21 02:02 - 2014-05-22 23:39 - 00000000 ____D () C:\Users\TEMP\AppData\Local\CrashDumps
2014-05-21 02:00 - 2014-05-21 02:00 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Adobe
2014-05-21 01:48 - 2014-05-21 01:48 - 00001061 _____ () C:\OpenOffice.org 3.4.1.lnk
2014-05-21 01:26 - 2014-05-21 12:02 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-21 01:18 - 2014-05-21 02:44 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Rafa\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-21 00:52 - 2014-05-21 00:52 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Amazon Cloud Player
2014-05-20 23:28 - 2014-05-20 23:28 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-05-20 22:56 - 2014-05-23 00:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-20 22:56 - 2014-05-20 22:56 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-20 22:26 - 2014-05-21 03:00 - 00000000 ____D () C:\Users\TEMP\AppData\Local\NVIDIA
2014-05-20 22:22 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\SysWOW64\%LOCALAPPDATA%
2014-05-20 22:17 - 2014-05-20 22:17 - 00000000 ____D () C:\Users\TEMP\AppData\Local\NVIDIA Corporation
2014-05-20 22:16 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Default\AppData\Local\NVIDIA
2014-05-20 22:16 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Default\AppData\Local\Amazon Cloud Player
2014-05-20 22:16 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\NVIDIA
2014-05-20 22:16 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\Amazon Cloud Player
2014-05-20 22:16 - 2011-09-12 15:58 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Macromedia
2014-05-20 22:16 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 22:16 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 21:10 - 2014-05-20 21:10 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\SWAM
2014-05-20 19:48 - 2014-05-20 19:48 - 00000000 ____D () C:\Users\Rafa\Desktop\[www.RnB4U.in] 19.05.2014 Pack
2014-05-19 16:03 - 2014-05-19 16:03 - 00000000 ____D () C:\ProgramData\DirectX
2014-05-19 15:51 - 2014-05-19 16:00 - 00000000 ____D () C:\Users\Public\Documents\Vengeance
2014-05-18 20:03 - 2014-05-19 19:47 - 00000000 ____D () C:\Users\Rafa\Desktop\POlska Beach Party (17.05.2014)
2014-05-17 14:04 - 2014-05-17 14:09 - 62886859 _____ (Synchro Arts Ltd ) C:\Users\Rafa\Desktop\RevoicePro2.6(1)(64bit).exe
2014-05-14 17:03 - 2014-05-14 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vintage Amp Room
2014-05-14 17:03 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Vintage Amp Room
2014-05-14 17:00 - 2009-11-05 09:50 - 09535488 _____ (Softube) C:\Program Files (x86)\Tube Delay.dll
2014-05-14 16:53 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Softube
2014-05-14 16:44 - 2014-05-14 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Softube
2014-05-14 13:30 - 2014-05-18 22:01 - 00000000 ____D () C:\Users\Rafa\Desktop\Deutsche POP Bilder Henning Scherf
2014-05-14 12:02 - 2014-05-14 14:08 - 00000000 ____D () C:\Users\Rafa\Desktop\Henning Scherf (Deutsche POP)
2014-05-13 14:31 - 2014-05-13 14:31 - 40388241 _____ () C:\Users\Rafa\Desktop\Iggy Azalea - Drop That Ft. Problem Lyrics.mp4
2014-05-13 14:30 - 2014-05-13 14:30 - 06531512 _____ () C:\Users\Rafa\Desktop\Iggy Azalea - Drop That Shit (Feat. Problem) (Acapella) (Ignorant Acapellas).mp4
2014-05-11 20:02 - 2014-05-11 20:04 - 00000000 ____D () C:\Users\Rafa\Desktop\AfterEffects_11_0_1_12_LS7
2014-05-11 20:01 - 2014-05-11 20:01 - 00003209 _____ () C:\Windows\SysWOW64\adorage-protocol.txt
2014-05-11 20:01 - 2014-05-11 20:01 - 00003058 _____ () C:\Windows\SysWOW64\heroglyph-protocol.txt
2014-05-11 19:47 - 2014-05-11 19:49 - 00000000 ____D () C:\ProgramData\VideoCopilot
2014-05-11 19:22 - 2014-05-11 19:22 - 00000000 ____D () C:\Users\Rafa\Documents\VideoCopilot
2014-05-11 19:05 - 2014-05-21 02:53 - 00000000 ____D () C:\Program Files (x86)\GenArts
2014-05-11 19:05 - 2014-05-11 19:05 - 00000098 _____ () C:\Windows\MSUTIL.INI
2014-05-11 19:05 - 2014-05-11 19:05 - 00000000 ____D () C:\ProgramData\GenArts
2014-05-11 19:05 - 2012-12-16 23:15 - 00000000 ____D () C:\Users\Rafa\Desktop\GenArts Sapphire Plug-ins 6.1.3 for After Effects
2014-05-11 17:30 - 2014-05-11 17:30 - 00000000 ____D () C:\Users\Rafa\Documents\Industrial Influence
2014-05-11 15:42 - 2014-05-11 15:42 - 00000000 ____D () C:\Users\Rafa\Documents\Different Angles
2014-05-11 15:04 - 2014-05-11 15:04 - 00000000 ____D () C:\ProgramData\Juicer3
2014-05-11 13:56 - 2014-05-11 13:56 - 00001845 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-05-11 13:56 - 2014-05-11 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-05-11 12:34 - 2014-05-11 14:26 - 79458141 _____ () C:\Users\Rafa\Desktop\Adrian Marcel.wmv
2014-05-10 22:09 - 2014-05-10 22:09 - 05490124 _____ () C:\Users\Rafa\Desktop\Furious - Wet (Feat. Jonn Hart & Rayven Justice).mp4
2014-05-10 22:09 - 2014-05-10 22:09 - 04666410 _____ () C:\Users\Rafa\Desktop\Furious Ft Jonn Hart & Rayven Justice - Wet (Instrumental).mp4
2014-05-09 20:37 - 2014-05-09 20:37 - 00000000 ____D () C:\ProgramData\Note
2014-05-09 10:34 - 2014-05-09 10:59 - 00000000 ____D () C:\Users\Rafa\Desktop\New acapella
2014-05-08 21:21 - 2014-05-08 21:21 - 00000000 ____D () C:\Users\Rafa\Desktop\Motif
2014-05-08 19:33 - 2014-05-08 18:58 - 00000426 _____ () C:\AVScanner.ini
2014-05-08 16:23 - 2014-05-08 16:23 - 00000000 ____D () C:\Users\Rafa\Desktop\P-Lo MBMGC2
2014-05-07 23:40 - 2014-05-10 15:04 - 00000000 ____D () C:\Users\Rafa\Desktop\E-40 IAMSU Too Short Yo Gotti D-LO Beeda Wee (DatPiff.com)
2014-05-07 23:35 - 2014-05-11 14:26 - 56225862 _____ () C:\Users\Rafa\Desktop\2014-05-0gg7.mp4
2014-05-07 20:18 - 2014-05-07 20:18 - 52681586 _____ () C:\Users\Rafa\Desktop\P-Lo - Goin' To Work (Remix).mp4
2014-05-07 20:15 - 2014-05-07 20:15 - 10181734 _____ () C:\Users\Rafa\Desktop\E-40 Revenue Retrievin- More Bass, More Treble.mp4
2014-05-07 18:49 - 2014-05-07 18:49 - 00000000 ____D () C:\Program Files (x86)\Yamaha
2014-05-07 18:46 - 2014-05-07 18:46 - 00000000 ____D () C:\Users\Rafa\AppData\Local\Downloaded Installations
2014-05-06 00:54 - 2014-05-06 00:54 - 00000000 ____D () C:\Users\Rafa\Desktop\wetransfer-9e1006
2014-05-04 21:50 - 2014-05-04 21:50 - 00000000 ____D () C:\Users\Rafa\Desktop\Feleke neuer Song
2014-05-04 15:32 - 2014-05-04 15:32 - 00000000 ____D () C:\Users\Rafa\Desktop\Extendet
2014-05-04 13:01 - 2014-05-07 20:12 - 00000000 ____D () C:\Users\Rafa\Desktop\Instrumentals machen
2014-05-03 13:57 - 2014-05-03 14:05 - 00000000 ____D () C:\Users\Rafa\Desktop\NEW shitt
2014-05-03 11:25 - 2014-05-03 11:25 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\DropboxMaster
2014-04-27 19:13 - 2014-05-11 11:40 - 00000000 ____D () C:\Users\Rafa\Desktop\DADDY YANKEE
2014-04-27 12:39 - 2014-04-27 12:39 - 00000013 _____ () C:\Users\Rafa\Desktop\Video Einstellung.txt
2014-04-25 11:22 - 2014-04-25 11:22 - 00000000 ____D () C:\Users\Rafa\Documents\Blue Cat Audio
2014-04-25 11:22 - 2014-04-25 11:22 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Blue Cat Audio

==================== One Month Modified Files and Folders =======

2014-05-23 00:28 - 2014-05-23 00:28 - 00023753 _____ () C:\Users\Mama\Desktop\FRST.txt
2014-05-23 00:28 - 2014-05-21 15:12 - 00000000 ____D () C:\FRST
2014-05-23 00:27 - 2014-05-23 00:27 - 02067456 _____ (Farbar) C:\Users\Mama\Desktop\FRST64.exe
2014-05-23 00:25 - 2011-08-30 19:00 - 01504413 _____ () C:\Windows\WindowsUpdate.log
2014-05-23 00:23 - 2014-05-20 22:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-23 00:22 - 2014-05-23 00:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mama\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-23 00:21 - 2013-08-26 22:04 - 00002812 _____ () C:\Windows\system32\GManager.ini
2014-05-23 00:21 - 2013-01-26 14:44 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-23 00:21 - 2012-08-23 20:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-23 00:21 - 2012-06-09 16:59 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-23 00:21 - 2011-11-03 19:04 - 00000286 _____ () C:\Windows\TWAIN.LOG
2014-05-23 00:21 - 2011-11-03 19:04 - 00000156 _____ () C:\Windows\Twunk001.MTX
2014-05-23 00:21 - 2011-11-03 19:04 - 00000005 _____ () C:\Windows\Twain001.Mtx
2014-05-23 00:21 - 2011-08-30 21:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-23 00:21 - 2010-11-21 05:47 - 00406608 _____ () C:\Windows\PFRO.log
2014-05-23 00:21 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-23 00:21 - 2009-07-14 06:51 - 00333012 _____ () C:\Windows\setupact.log
2014-05-23 00:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-05-23 00:20 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\AppData\Local\TotalMixFX
2014-05-23 00:19 - 2014-05-23 00:24 - 00032361 _____ () C:\Users\Mama\Desktop\äö.txt
2014-05-23 00:11 - 2013-01-26 14:44 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-22 23:54 - 2014-05-22 23:54 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-22 23:54 - 2014-05-22 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-22 23:54 - 2014-05-22 23:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-22 23:53 - 2014-05-22 23:53 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\RealNetworks
2014-05-22 23:53 - 2014-05-22 23:53 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Adobe
2014-05-22 23:53 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Real
2014-05-22 23:51 - 2014-05-22 23:49 - 00002247 _____ () C:\Users\Mama\Desktop\Google Chrome.lnk
2014-05-22 23:50 - 2014-05-22 23:50 - 00001439 _____ () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-22 23:50 - 2014-05-22 23:50 - 00001405 _____ () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-22 23:50 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\lucidlogix
2014-05-22 23:50 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Epson
2014-05-22 23:50 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Apple Computer
2014-05-22 23:50 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\AppData\Local\Adobe
2014-05-22 23:50 - 2014-05-22 23:49 - 00000000 ___RD () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-22 23:50 - 2014-05-22 23:49 - 00000000 ___RD () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-22 23:50 - 2014-05-22 23:49 - 00000000 ____D () C:\Users\Mama
2014-05-22 23:50 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-22 23:49 - 2014-05-22 23:49 - 00000020 ___SH () C:\Users\Mama\ntuser.ini
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Vorlagen
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Startmenü
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Netzwerkumgebung
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Lokale Einstellungen
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Eigene Dateien
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Druckumgebung
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Documents\Eigene Musik
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Documents\Eigene Bilder
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\AppData\Local\Verlauf
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\AppData\Local\Anwendungsdaten
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Anwendungsdaten
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 ____D () C:\Users\Mama\AppData\Local\Google
2014-05-22 23:39 - 2014-05-21 02:02 - 00000000 ____D () C:\Users\TEMP\AppData\Local\CrashDumps
2014-05-22 23:16 - 2014-05-22 23:16 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-22 23:16 - 2013-12-19 12:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-22 23:16 - 2012-08-23 20:44 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-22 23:11 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-22 23:11 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-22 17:07 - 2014-05-22 17:07 - 00000000 ____D () C:\Windows\ERUNT
2014-05-22 16:58 - 2014-05-22 16:58 - 00000000 ____D () C:\AdwCleaner
2014-05-22 16:35 - 2014-05-22 15:50 - 00000000 ____D () C:\Qoobox
2014-05-22 16:35 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-22 16:33 - 2014-05-22 15:50 - 00000000 ____D () C:\Windows\erdnt
2014-05-22 16:29 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-22 16:01 - 2012-07-04 16:32 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\convert
2014-05-22 16:01 - 2011-08-30 19:00 - 00000000 ____D () C:\Users\Rafa
2014-05-22 14:45 - 2012-02-05 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tone2 Firebird
2014-05-22 14:09 - 2013-09-04 14:14 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-21 21:26 - 2011-04-12 09:43 - 06517380 _____ () C:\Windows\system32\perfh007.dat
2014-05-21 21:26 - 2011-04-12 09:43 - 01963164 _____ () C:\Windows\system32\perfc007.dat
2014-05-21 21:26 - 2009-07-14 07:13 - 00006216 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-21 15:32 - 2012-09-30 13:50 - 00000000 ____D () C:\Program Files (x86)\butt
2014-05-21 12:02 - 2014-05-21 01:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-21 10:58 - 2014-05-21 10:57 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.5
2014-05-21 10:57 - 2014-05-21 10:57 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll
2014-05-21 10:57 - 2014-05-21 10:57 - 00000000 ____D () C:\ProgramData\TrojanHunter
2014-05-21 10:57 - 2014-05-21 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrojanHunter
2014-05-21 03:00 - 2014-05-20 22:26 - 00000000 ____D () C:\Users\TEMP\AppData\Local\NVIDIA
2014-05-21 02:55 - 2011-11-03 23:54 - 00000000 ____D () C:\Program Files\RdDrv001
2014-05-21 02:53 - 2014-05-11 19:05 - 00000000 ____D () C:\Program Files (x86)\GenArts
2014-05-21 02:44 - 2014-05-21 01:18 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Rafa\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-21 02:00 - 2014-05-21 02:00 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Adobe
2014-05-21 01:48 - 2014-05-21 01:48 - 00001061 _____ () C:\OpenOffice.org 3.4.1.lnk
2014-05-21 01:20 - 2012-06-09 16:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-21 00:52 - 2014-05-21 00:52 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Amazon Cloud Player
2014-05-20 23:42 - 2011-10-04 02:10 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-20 23:42 - 2011-10-04 02:10 - 00000000 ____D () C:\Program Files\Adobe
2014-05-20 23:41 - 2011-08-30 21:28 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-20 23:33 - 2011-08-30 21:29 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Adobe
2014-05-20 23:33 - 2011-08-30 21:28 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-20 23:28 - 2014-05-20 23:28 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-05-20 22:56 - 2014-05-20 22:56 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-20 22:22 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\SysWOW64\%LOCALAPPDATA%
2014-05-20 22:22 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-20 22:17 - 2014-05-20 22:17 - 00000000 ____D () C:\Users\TEMP\AppData\Local\NVIDIA Corporation
2014-05-20 22:17 - 2011-08-30 21:10 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-05-20 22:16 - 2014-05-22 23:49 - 00000000 ____D () C:\Users\Mama\AppData\Local\NVIDIA
2014-05-20 22:16 - 2014-05-22 23:49 - 00000000 ____D () C:\Users\Mama\AppData\Local\Amazon Cloud Player
2014-05-20 22:16 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Default\AppData\Local\NVIDIA
2014-05-20 22:16 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Default\AppData\Local\Amazon Cloud Player
2014-05-20 22:16 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\NVIDIA
2014-05-20 22:16 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\Amazon Cloud Player
2014-05-20 22:15 - 2012-07-21 20:56 - 00000000 ___RD () C:\Users\Rafa\Dropbox
2014-05-20 22:12 - 2012-02-05 15:58 - 00000000 ____D () C:\Users\Rafa\Documents\Cubase Projects
2014-05-20 21:44 - 2014-02-16 17:20 - 00000000 ____D () C:\ProgramData\DigitalJuice
2014-05-20 21:10 - 2014-05-20 21:10 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\SWAM
2014-05-20 21:07 - 2011-08-31 14:13 - 00000000 ____D () C:\Users\Rafa\AppData\Local\CrashDumps
2014-05-20 21:03 - 2012-07-21 20:53 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Dropbox
2014-05-20 19:54 - 2013-06-05 10:44 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Winamp
2014-05-20 19:48 - 2014-05-20 19:48 - 00000000 ____D () C:\Users\Rafa\Desktop\[www.RnB4U.in] 19.05.2014 Pack
2014-05-19 19:47 - 2014-05-18 20:03 - 00000000 ____D () C:\Users\Rafa\Desktop\POlska Beach Party (17.05.2014)
2014-05-19 19:03 - 2012-09-30 13:50 - 00000945 _____ () C:\Users\Rafa\AppData\Roaming\buttrc
2014-05-19 16:03 - 2014-05-19 16:03 - 00000000 ____D () C:\ProgramData\DirectX
2014-05-19 16:00 - 2014-05-19 15:51 - 00000000 ____D () C:\Users\Public\Documents\Vengeance
2014-05-19 15:42 - 2013-06-13 10:48 - 00000000 ____D () C:\Users\Rafa\Documents\iZotope
2014-05-19 15:42 - 2013-06-13 10:28 - 00000000 ____D () C:\Program Files (x86)\iZotope
2014-05-19 15:41 - 2011-09-05 23:53 - 00000000 ____D () C:\Program Files (x86)\Vstplugins
2014-05-19 15:30 - 2012-01-29 20:36 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\iZotope
2014-05-19 15:29 - 2013-06-13 10:28 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iZotope
2014-05-19 15:08 - 2012-02-05 22:23 - 00000000 ____D () C:\Program Files\Common Files\Digidesign
2014-05-18 22:01 - 2014-05-14 13:30 - 00000000 ____D () C:\Users\Rafa\Desktop\Deutsche POP Bilder Henning Scherf
2014-05-17 15:39 - 2014-01-19 20:14 - 00000000 ____D () C:\Users\Rafa\Desktop\MAC
2014-05-17 14:09 - 2014-05-17 14:04 - 62886859 _____ (Synchro Arts Ltd ) C:\Users\Rafa\Desktop\RevoicePro2.6(1)(64bit).exe
2014-05-16 17:57 - 2013-02-11 23:09 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-15 20:28 - 2012-02-05 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2014-05-15 18:32 - 2014-04-07 16:24 - 00000000 ____D () C:\Users\Rafa\Desktop\DJ Mustard VS DJRisow Project
2014-05-14 17:03 - 2014-05-14 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vintage Amp Room
2014-05-14 17:03 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Vintage Amp Room
2014-05-14 17:03 - 2014-05-14 16:53 - 00000000 ____D () C:\Program Files (x86)\Softube
2014-05-14 17:03 - 2014-05-14 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Softube
2014-05-14 14:08 - 2014-05-14 12:02 - 00000000 ____D () C:\Users\Rafa\Desktop\Henning Scherf (Deutsche POP)
2014-05-14 08:13 - 2012-07-21 20:56 - 00000976 _____ () C:\Users\Rafa\Desktop\Dropbox.lnk
2014-05-14 08:13 - 2012-07-21 20:55 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-14 08:13 - 2011-08-30 19:01 - 00000000 ___RD () C:\Users\Rafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-13 14:31 - 2014-05-13 14:31 - 40388241 _____ () C:\Users\Rafa\Desktop\Iggy Azalea - Drop That Ft. Problem Lyrics.mp4
2014-05-13 14:30 - 2014-05-13 14:30 - 06531512 _____ () C:\Users\Rafa\Desktop\Iggy Azalea - Drop That Shit (Feat. Problem) (Acapella) (Ignorant Acapellas).mp4
2014-05-13 14:16 - 2011-08-30 23:54 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\vlc
2014-05-13 08:23 - 2009-07-14 06:45 - 05338400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-13 00:13 - 2013-10-02 01:26 - 00000000 ____D () C:\Users\Rafa\AppData\Local\boost_interprocess
2014-05-12 22:58 - 2014-03-26 02:34 - 00000026 _____ () C:\Users\Rafa\AppData\Local\isoworkshop.ini
2014-05-12 21:06 - 2011-08-31 17:14 - 00000000 ____D () C:\Users\Rafa\Desktop\VJ Risow
2014-05-12 19:42 - 2012-01-29 02:07 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Audacity
2014-05-12 19:13 - 2011-08-30 21:18 - 00158416 _____ () C:\Users\Rafa\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-12 19:12 - 2014-03-06 21:03 - 00000000 ____D () C:\Users\Rafa\Desktop\After effects Effecte
2014-05-12 07:26 - 2014-05-22 23:13 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-22 23:13 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-22 23:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 20:04 - 2014-05-11 20:02 - 00000000 ____D () C:\Users\Rafa\Desktop\AfterEffects_11_0_1_12_LS7
2014-05-11 20:01 - 2014-05-11 20:01 - 00003209 _____ () C:\Windows\SysWOW64\adorage-protocol.txt
2014-05-11 20:01 - 2014-05-11 20:01 - 00003058 _____ () C:\Windows\SysWOW64\heroglyph-protocol.txt
2014-05-11 20:01 - 2011-09-01 00:05 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\proDAD
2014-05-11 20:01 - 2011-09-01 00:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD
2014-05-11 19:49 - 2014-05-11 19:47 - 00000000 ____D () C:\ProgramData\VideoCopilot
2014-05-11 19:37 - 2011-08-31 00:07 - 23391261 _____ () C:\Users\Rafa\Desktop\Dance Up - Jeden dzien i jedna noc NOWOŚĆ.mp4
2014-05-11 19:22 - 2014-05-11 19:22 - 00000000 ____D () C:\Users\Rafa\Documents\VideoCopilot
2014-05-11 19:05 - 2014-05-11 19:05 - 00000098 _____ () C:\Windows\MSUTIL.INI
2014-05-11 19:05 - 2014-05-11 19:05 - 00000000 ____D () C:\ProgramData\GenArts
2014-05-11 17:30 - 2014-05-11 17:30 - 00000000 ____D () C:\Users\Rafa\Documents\Industrial Influence
2014-05-11 15:42 - 2014-05-11 15:42 - 00000000 ____D () C:\Users\Rafa\Documents\Different Angles
2014-05-11 15:04 - 2014-05-11 15:04 - 00000000 ____D () C:\ProgramData\Juicer3
2014-05-11 14:26 - 2014-05-11 12:34 - 79458141 _____ () C:\Users\Rafa\Desktop\Adrian Marcel.wmv
2014-05-11 14:26 - 2014-05-07 23:35 - 56225862 _____ () C:\Users\Rafa\Desktop\2014-05-0gg7.mp4
2014-05-11 13:58 - 2014-02-16 17:21 - 00001276 _____ () C:\Users\Public\Desktop\Juicer 3.lnk
2014-05-11 13:58 - 2014-02-16 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digital Juice
2014-05-11 13:56 - 2014-05-11 13:56 - 00001845 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-05-11 13:56 - 2014-05-11 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-05-11 13:56 - 2011-09-03 22:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-05-11 11:40 - 2014-04-27 19:13 - 00000000 ____D () C:\Users\Rafa\Desktop\DADDY YANKEE
2014-05-10 22:09 - 2014-05-10 22:09 - 05490124 _____ () C:\Users\Rafa\Desktop\Furious - Wet (Feat. Jonn Hart & Rayven Justice).mp4
2014-05-10 22:09 - 2014-05-10 22:09 - 04666410 _____ () C:\Users\Rafa\Desktop\Furious Ft Jonn Hart & Rayven Justice - Wet (Instrumental).mp4
2014-05-10 15:04 - 2014-05-07 23:40 - 00000000 ____D () C:\Users\Rafa\Desktop\E-40 IAMSU Too Short Yo Gotti D-LO Beeda Wee (DatPiff.com)
2014-05-09 21:07 - 2014-04-04 18:15 - 00000000 ____D () C:\Users\Rafa\Desktop\DPP
2014-05-09 20:37 - 2014-05-09 20:37 - 00000000 ____D () C:\ProgramData\Note
2014-05-09 20:37 - 2014-03-27 19:09 - 00000000 ____D () C:\Users\Rafa\AppData\Local\Spectrasonics
2014-05-09 10:59 - 2014-05-09 10:34 - 00000000 ____D () C:\Users\Rafa\Desktop\New acapella
2014-05-08 21:21 - 2014-05-08 21:21 - 00000000 ____D () C:\Users\Rafa\Desktop\Motif
2014-05-08 19:33 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-08 18:58 - 2014-05-08 19:33 - 00000426 _____ () C:\AVScanner.ini
2014-05-08 16:23 - 2014-05-08 16:23 - 00000000 ____D () C:\Users\Rafa\Desktop\P-Lo MBMGC2
2014-05-08 00:06 - 2013-01-26 14:44 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 00:06 - 2013-01-26 14:44 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 20:18 - 2014-05-07 20:18 - 52681586 _____ () C:\Users\Rafa\Desktop\P-Lo - Goin' To Work (Remix).mp4
2014-05-07 20:15 - 2014-05-07 20:15 - 10181734 _____ () C:\Users\Rafa\Desktop\E-40 Revenue Retrievin- More Bass, More Treble.mp4
2014-05-07 20:12 - 2014-05-04 13:01 - 00000000 ____D () C:\Users\Rafa\Desktop\Instrumentals machen
2014-05-07 18:57 - 2011-08-30 22:11 - 00000000 ____D () C:\Users\Rafa\AppData\Local\Adobe
2014-05-07 18:49 - 2014-05-07 18:49 - 00000000 ____D () C:\Program Files (x86)\Yamaha
2014-05-07 18:49 - 2011-08-30 21:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-07 18:46 - 2014-05-07 18:46 - 00000000 ____D () C:\Users\Rafa\AppData\Local\Downloaded Installations
2014-05-06 00:54 - 2014-05-06 00:54 - 00000000 ____D () C:\Users\Rafa\Desktop\wetransfer-9e1006
2014-05-04 21:50 - 2014-05-04 21:50 - 00000000 ____D () C:\Users\Rafa\Desktop\Feleke neuer Song
2014-05-04 17:21 - 2013-09-26 11:13 - 00000278 _____ () C:\Users\Rafa\Desktop\Sounds Cubase funden.txt
2014-05-04 15:32 - 2014-05-04 15:32 - 00000000 ____D () C:\Users\Rafa\Desktop\Extendet
2014-05-03 14:05 - 2014-05-03 13:57 - 00000000 ____D () C:\Users\Rafa\Desktop\NEW shitt
2014-05-03 11:25 - 2014-05-03 11:25 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\DropboxMaster
2014-04-30 18:49 - 2012-01-16 20:24 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Mp3tag
2014-04-27 18:16 - 2012-02-03 17:31 - 00000000 ____D () C:\Users\Rafa\Desktop\VJRISOW KIT
2014-04-27 13:16 - 2014-03-26 02:34 - 00000000 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-04-27 13:15 - 2014-03-26 02:34 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-04-27 12:39 - 2014-04-27 12:39 - 00000013 _____ () C:\Users\Rafa\Desktop\Video Einstellung.txt
2014-04-25 11:22 - 2014-04-25 11:22 - 00000000 ____D () C:\Users\Rafa\Documents\Blue Cat Audio
2014-04-25 11:22 - 2014-04-25 11:22 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Blue Cat Audio
2014-04-25 10:20 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Files to move or delete:
====================
C:\ProgramData\sysid100.dat


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-02-19 19:04

==================== End Of Log ============================
         

--- --- ---



Adittion LOG

Code: Alles auswählenAufklappen

ATTFilter

 Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2014
Ran by Mama at 2014-05-23 00:28:51
Running from C:\Users\Mama\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Disabled - Up to date) {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
AS: Kaspersky Internet Security (Disabled - Up to date) {95CBD341-38DB-14AC-AF6A-08054B41A339}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {1691B380-548E-1A7A-BE85-9A42CE15AEFF}

==================== Installed Programs ======================

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.135 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.4.402.265 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_719d6f144d0c086a0dfa7ff76bb9ac1) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
AKAI professional Plugins Pack v1.01-OxYGeN (HKLM-x32\...\AKAI professional Plugins Pack v1.01-OxYGeN) (Version:  - )
Amazon MP3 Downloader 1.0.9 (HKLM-x32\...\Amazon MP3 Downloader) (Version:  - )
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AnalogX SayIt (HKLM-x32\...\AnalogX SayIt) (Version:  - AnalogX)
Antares Autotune VST v5.09 (HKLM-x32\...\Antares Autotune VST_is1) (Version:  - )
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arturia minimoog V v1.6 (HKLM-x32\...\Arturia minimoog V_is1) (Version:  - )
Ashampoo ClipFinder HD v.2.21 (HKLM-x32\...\Ashampoo ClipFinder HD_is1) (Version: 2.2.1 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ASRock eXtreme Tuner v0.1.71 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.6.1.0171 - DT Soft Ltd)
Audacity 1.3.14 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
AudioEase Altiverb VST RTAS v6.12 (HKLM-x32\...\AudioEase Altiverb VST RTAS_is1) (Version:  - )
Auto-Tune EFX VST (HKLM-x32\...\{95292902-411B-4390-BCBD-8EA445F9456C}) (Version: 1.0.0 - Antares Audio Technologies)
Avid Effects (HKLM-x32\...\{A86F1158-A7F7-4E8C-98E3-88F4996E85EB}) (Version: 10.3.2 - Avid Technology, Inc.)
Avid HD Driver (x64) (HKLM\...\{658E112A-8776-4430-A275-D9248732DFB9}) (Version: 10.3.2 - Avid Technology, Inc.)
Avid Pro Tools (HKLM-x32\...\{8E60BB71-7EF3-42ED-9F10-AA041F25841A}) (Version: 10.3.2 - Avid Technology, Inc.)
Best Service Ethno World 4 Pro (HKLM-x32\...\Best Service Ethno World 4 Pro) (Version:  - )
Best Service Orient World (HKLM-x32\...\Best Service Orient World) (Version:  - )
Bitsonic Waspy 2.1 Mini (HKLM-x32\...\{84770ED7-BAF6-4E12-B1D5-AF15645389C8}_is1) (Version: 2.1 - Bitsonic LP)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BREVERB 2 2.0 (HKLM-x32\...\{B2D9F699-B4A4-4D37-941E-1B55DF33A96D}_is1) (Version: 2.0 - Overloud)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.3 - Broadcom Corporation)
butt (HKLM-x32\...\butt) (Version:  - )
Cakewalk RgcAudio z3ta Plus v1.5.2 VSTi DXi (HKLM-x32\...\Cakewalk RgcAudio z3ta Plus v1.5.2 VSTi DXi) (Version:  - )
Camel Audio Camel Phat VST v3.15 (HKLM-x32\...\Camel Audio Camel Phat VST v3.15) (Version:  - )
Camel Audio Camel Space VST v1.15 (HKLM-x32\...\Camel Audio Camel Space VST v1.15) (Version:  - )
Chromium PlugIns 3.0 (HKLM-x32\...\Chromium PlugIns 3.0) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
db audioware Sidechain Gate VST v1.1.0 (HKLM-x32\...\db audioware Sidechain Gate VST v1.1.0) (Version:  - )
Digieffects Phenomena Particle Effects (HKLM-x32\...\MAGIX_{AC64C316-5914-4741-84C4-CC4A2729544D}) (Version: 1.0.0.1 - MAGIX AG)
Digieffects Phenomena Particle Effects (x32 Version: 1.0.0.1 - MAGIX AG) Hidden
DirectWave (HKLM-x32\...\DirectWave) (Version:  - Image-Line bvba)
discoDSP HighLife v1.4 (HKLM-x32\...\discoDSP HighLife v1.4_is1) (Version: 1.4 - discoDSP)
Druckerdeinstallation für EPSON SX125 Series (HKLM\...\EPSON SX125 Series) (Version:  - SEIKO EPSON Corporation)
E²Deesser (HKLM-x32\...\E²Deesser_is1) (Version: 1.2.0 - Eiosis, Inc.)
East West Colossus (HKLM-x32\...\East West Colossus) (Version:  - )
East West EWQLSO Gold Edition (HKLM-x32\...\East West EWQLSO Gold Edition) (Version:  - )
East West Ra (HKLM-x32\...\East West Ra) (Version:  - )
ElastikVst (x32 Version: 1.00.0000 - ueberschall sample service GmbH) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.6.6.2134 - Steinberg Media Technologies GmbH)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EXPERTool 7.20 (HKLM-x32\...\MySSID_is1) (Version:  - Gainward Co., Ltd)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
FormatFactory 2.70 (HKLM-x32\...\FormatFactory) (Version: 2.70 - Free Time)
Free Dailymotion Download version 1.0.4.1028 (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.4.1028 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Gladiator  full (HKLM-x32\...\Tone2 Gladiator full_is1) (Version:  - Tone2)
Gladiator v1.2.2.0 (HKLM-x32\...\Tone2 Gladiator Retail_is1) (Version:  - )
GmdeiaMusic Oddity bank5 Addon (HKLM-x32\...\GmdeiaMusic Oddity bank5 Addon) (Version:  - )
GMedia Music impOSCar VSTi v1.0.0.1 (HKLM-x32\...\GMedia Music impOSCar VSTi v1.0.0.1) (Version:  - )
GMediaMusic - Oddity VST2 (HKLM-x32\...\Oddity VST2) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{36A52BCF-AC3D-32F1-AD5F-A09769EB8887}) (Version: 4.1.3.13728 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GRM Tools Spectral Transform VST v1.6.52 (HKLM-x32\...\GRM Tools Spectral Transform VST v1.6.52) (Version:  - )
Halls Of Fame Free -  Origami Edition 2.5.2 (HKLM-x32\...\Halls Of Fame Free -  Origami Edition 2.5.2) (Version:  - )
HOFA-Plugins Uninstall (HKLM-x32\...\HOFA-Plugins) (Version:  - HOFA-Plugins)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line bvba)
INTEGRA (HKLM-x32\...\INTEGRA_is1) (Version:  - )
INTEGRA-7 (HKLM-x32\...\INTEGRA-7_is1) (Version: 1.0 - Cakewalk Music Software)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
ISO Workshop 5.2 (HKLM-x32\...\ISO Workshop_is1) (Version:  - Glorylogic)
IsoBuster 3.1 (HKLM-x32\...\IsoBuster_is1) (Version: 3.1 - Smart Projects)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.290 - Oracle)
Juicer 3.90 (HKLM-x32\...\{640EAE56-81A2-49D4-9B8C-00DA3C0031AF}_is1) (Version:  - Digital Juice, Inc.)
Kaspersky Internet Security 2012 (HKLM-x32\...\InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}) (Version: 12.0.0.374 - Kaspersky Lab)
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374 - Kaspersky Lab) Hidden
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
License Support (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
LiquidInstrumentVst 1.1 (HKLM-x32\...\{A2453C21-B185-437A-933D-EAFC19D0E2D2}) (Version: 1.01.0007 - ueberschall sample service GmbH)
LiquidInstrumentVst 1.1 (x32 Version: 1.01.0007 - ueberschall sample service GmbH) Hidden
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Macromedia Flash 8 (HKLM-x32\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Magic Bullet Quick Looks (for MAGIX) (HKLM-x32\...\{B2CF1869-8727-4F9C-BA7D-807CA9F7C528}) (Version: 1.0.0 - Red Giant)
MAGIX PanoramaStudio 2.2.5 Pro (HKLM-x32\...\MAGIX_{C4A9E247-9949-4D95-AB8C-45FE1469847F}) (Version: 2.2.5.129 - MAGIX AG)
MAGIX PanoramaStudio 2.2.5 Pro (x32 Version: 2.2.5.129 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\MAGIX_{EE79A8D3-6676-41FF-967C-242017CEC0F2}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{838A0DDB-239D-4668-94E7-7E8AC329D1C4}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Designelemente) (HKLM-x32\...\MAGIX_{A86B6747-7E5B-4E7A-9614-D466E31482CE}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Designelemente) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Digieffects Phenomena Particle Effects) (HKLM-x32\...\MAGIX_{AC0D8298-8D48-44A2-AE6D-444167493C60}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Digieffects Phenomena Particle Effects) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Filmvorlagen) (HKLM-x32\...\MAGIX_{31837320-F3EB-43B9-85FD-72916279C5DA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Filmvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Fotoshow Maker-Stile) (HKLM-x32\...\MAGIX_{83AB7E66-A59E-43BD-94B2-274ABEF2524B}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Fotoshow Maker-Stile) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (HKLM-x32\...\MAGIX_{E9CF5DD7-A414-4C00-8651-A60933B36410}) (Version: 11.0.5.26 - MAGIX AG)
MAGIX Video Pro X4 (Individuelle Menüvorlagen) (HKLM-x32\...\MAGIX_{3BE17CC6-BE68-4528-A80B-1CA3FE4A7DB7}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Individuelle Menüvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Menüvorlagen) (HKLM-x32\...\MAGIX_{440FA05F-BB9E-4735-B2FF-0B67C10183DA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Menüvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (NewBlueFX Light Blends) (HKLM-x32\...\MAGIX_{CE970FCE-0971-4EFF-996D-546D1AC3ECE2}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (NewBlueFX Light Blends) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Red Giant Magic Bullet Quick Looks) (HKLM-x32\...\MAGIX_{C0502363-A610-4D5B-B5A0-7F8447491B21}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Red Giant Magic Bullet Quick Looks) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Titeleffekte) (HKLM-x32\...\MAGIX_{9F2049D9-A3BF-4711-94E5-53E85855C5BF}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Titeleffekte) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Überblendeffekte) (HKLM-x32\...\MAGIX_{9F17B0CC-9ED8-4B53-97CB-E0CB022DC16A}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Überblendeffekte) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Video Plugins) (HKLM-x32\...\MAGIX_{B1DA7E9C-4822-41DD-8797-43C5B42F275F}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Video Plugins) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (x32 Version: 11.0.5.26 - MAGIX AG) Hidden
MAGIX Video Pro X4 Update (Version: 11.0.7.8 - MAGIX AG) Hidden
MAGIX Video Pro X4 Update (Version: 11.0.9.0 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1003 - Marvell)
Melodyne 3.1 (HKLM-x32\...\{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}) (Version: 3.1.0200 - Celemony Software GmbH)
Melodyne 3.1 (x32 Version: 3.1.0200 - Celemony Software GmbH) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Miroslav Philharmonik (HKLM-x32\...\{BA0D0121-A3BA-487D-9C78-7AB0E676C722}) (Version: 1.0.0 - IK Multimedia)
Miroslav Philharmonik Instruments (HKLM-x32\...\{9FCCC8D1-3152-4699-8793-6CB0B9E26EBB}) (Version: 1.0 - IK Multimedia)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
mocha Pro V3.2.1-7276 (HKLM-x32\...\{110ABF3B-74FA-45A4-B893-8482DA52AA9D}) (Version: 3.21.7276 - Imagineer Systems)
Mopis VSTi v1.1 (HKLM-x32\...\Mopis VSTi v1.1) (Version:  - )
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.49a (HKLM-x32\...\Mp3tag) (Version: v2.49a - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Native Instruments B4 II (HKLM-x32\...\Native Instruments B4 II) (Version:  - )
Native Instruments Battery 3 (HKLM-x32\...\Native Instruments Battery 3) (Version:  - )
Native Instruments Guitar Combo III (HKLM-x32\...\Native Instruments Guitar Combo III) (Version:  - )
Native Instruments Kinetic Metal (HKLM-x32\...\Native Instruments Kinetic Metal) (Version: 1.0.0.12 - Native Instruments)
Native Instruments Kinetic Metal (Version: 1.0.0.12 - Native Instruments) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (Version: 5.1.0.6066 - Native Instruments) Hidden
Native Instruments Kontakt 5 Demo Content (HKLM-x32\...\Native Instruments Kontakt 5 Demo Content) (Version:  - Native Instruments)
Native Instruments Kontakt 5 Demo Content (Version: 1.0.0.000 - Native Instruments) Hidden
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Massive (Version: 1.3.0.2050 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments)
Native Instruments Service Center (Version: 2.5.2.1549 - Native Instruments) Hidden
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.1.0.418 - Native Instruments)
Native Instruments Supercharger (Version: 1.1.0.418 - Native Instruments) Hidden
Native Power Pack vol 1 v2.5 (HKLM-x32\...\NPP vol 1) (Version:  - )
Native Power Pack vol 2 v2.5 (HKLM-x32\...\NPP vol 2) (Version:  - )
Nero Burning ROM 11 (HKLM-x32\...\{E656D89A-8CBB-497F-918F-8361A4071C26}) (Version: 11.0.10400 - Nero AG)
Nero Burning ROM 11 (x32 Version: 11.0.12200.23.100 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero ControlCenter 11 (x32 Version: 11.0.12300.0.23 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Core Components 11 (x32 Version: 11.0.14700.1.9 - Nero AG) Hidden
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.10623.22.0 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20007 - Nero AG) Hidden
NewBlueFX Light Blends (HKLM-x32\...\NewBlueFX Light Blends) (Version: 1.4 - NewBlue)
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Octopus (HKLM-x32\...\Octopus) (Version:  - )
Ohm Force - Ohmicide VST (HKLM-x32\...\Ohmicide VST) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.) Hidden
PCM Native Reverb Bundle (HKLM-x32\...\PCM Native Reverb Bundle) (Version:  - Lexicon)
PCM Native Reverb Bundle (x32 Version: 1.1.3 - Lexicon) Hidden
PCR-Treiber (HKLM\...\RolandRDID0027) (Version:  - Roland Corporation)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.1 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v6.5 (HKLM-x32\...\{169917C4-4A77-45F4-B20E-860703FD5E6F}) (Version: 6.5 - Spigot, Inc.) <==== ATTENTION
Photo to Cartoon (HKLM-x32\...\{3A6A34D3-37EE-40F3-BF81-EC7A4BF7F24D}) (Version: 1.0.0 - Caricature Software)
Pinguin Audio Meter v2.2 (HKLM-x32\...\Pinguin Audio Meter v2.2) (Version:  - )
proDAD DeFishr 1.0 (HKLM-x32\...\proDAD-DeFishr-1.0) (Version: 1.0.59.1 - proDAD GmbH)
proDAD Mercalli 1.0 (HKLM-x32\...\proDAD-Mercalli-1.0) (Version:  - )
proDAD Mercalli 2.0 (HKLM-x32\...\proDAD-Mercalli-2.0) (Version: 2.0.112.2 - proDAD GmbH)
proDAD Mercalli 3.0 (HKLM-x32\...\proDAD-Mercalli-3.0) (Version: 3.0.215.1 - proDAD GmbH)
proDAD ProDRENALIN 1.0 (HKLM-x32\...\proDAD-ProDRENALIN-1.0) (Version: 1.0.22.1 - proDAD GmbH)
proDAD Vitascene 1.0 (HKLM-x32\...\proDAD-Vitascene-1.0) (Version:  - )
proDAD Vitascene 2.0 (64bit) (HKLM\...\proDAD-Vitascene-2.0) (Version: 2.0.108 - proDAD GmbH)
proDAD Vitascene 2.0 (HKLM-x32\...\proDAD-Vitascene-2.0) (Version: 2.0.108 - proDAD GmbH)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
Revoice Pro (32 bit) (HKLM-x32\...\{7481C12D-51CF-4747-B1D5-3D7FE7612F0F}) (Version: 2.3.0.5 - Synchro Arts Ltd)
RgcAudio Pentagon I v1.4 (HKLM-x32\...\RgcAudio Pentagon I v1.4) (Version:  - )
RME Fireface USB (HKLM\...\FIREFACE_USB) (Version: 1.0.46.0 - RME Intelligent Audio Solutions)
Rob Papen Albino 3 (HKLM-x32\...\Rob Papen Albino 3) (Version:  - )
Rob Papen Blue VSTi v1.01  (HKLM-x32\...\Rob Papen Blue VSTi v1.01 ) (Version:  - )
Rob Papen Predator V1.1 b (HKLM-x32\...\Predator_is1) (Version:  - RPCX)
Saints Row The Third (HKLM-x32\...\Saints Row The Third_is1) (Version:  - )
SheepDog 1.0 (HKLM-x32\...\{8DDD8A6E-C353-4489-9935-63B8F0E4C6C4}) (Version: 1.0.0.0 - Josh Sklare)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Sndbad Shaders 1.04 (HKLM-x32\...\Sndbad Shaders 1.04) (Version: 1.04 - Sndbad)
Softube Acoustic Feedback VST RTAS v1.0.7 (HKLM-x32\...\Softube Acoustic Feedback VST RTAS_is1) (Version:  - )
Softube Bass Amp Room VST RTAS v1.0.2 (HKLM-x32\...\Softube Bass Amp Room VST RTAS_is1) (Version:  - )
Softube FET Compressor VST RTAS v1.0.3 (HKLM-x32\...\Softube FET Compressor VST RTAS_is1) (Version:  - )
Softube Metal Amp Room VST RTAS v1.1.5 (HKLM-x32\...\Softube Metal Amp Room VST RTAS_is1) (Version:  - )
Softube Passive-Active Pack VST RTAS v1.0.2 (HKLM-x32\...\Softube Passive-Active Pack VST RTAS_is1) (Version:  - )
Softube Spring Reverb VST RTAS v1.0.4 (HKLM-x32\...\Softube Spring Reverb VST RTAS_is1) (Version:  - )
Softube Tonelux Tilt VST RTAS v1.0 (HKLM-x32\...\Softube Tonelux Tilt_is1) (Version:  - )
Softube Trident A-Range VST RTAS v1.0.2 (HKLM-x32\...\Softube Trident A-Range VST RTAS_is1) (Version:  - )
Softube Tube Delay VST RTAS v1.0.5 (HKLM-x32\...\Softube Tube Delay VST RTAS_is1) (Version:  - )
Softube Tube-Tech CL 1B VST RTAS v1.0.3 (HKLM-x32\...\Softube Tube-Tech CL 1B VST RTAS_is1) (Version:  - )
Softube Tube-Tech PE 1C VST RTAS v1.0.1 (HKLM-x32\...\Softube Tube-Tech PE 1C_is1) (Version:  - )
Softube Valley People Dyna-mite VST RTAS v1.0.1 (HKLM-x32\...\Softube Valley People Dyna-mite VST RTAS_is1) (Version:  - )
Softube Vintage Amp Room VST RTAS v1.05 (HKLM-x32\...\Softube Vintage Amp Room VST RTAS_is1) (Version:  - )
Sonalksis Plug-Ins for Windows 3.00 (HKLM-x32\...\Sonalksis Plug-Ins for Windows_is1) (Version:  - Sonalksis)
Sonnox Oxford Inflator Native VST v1.5.1 (HKLM-x32\...\Sonnox Oxford Inflator Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Inflator PowerCore VST v1.5.1 (HKLM-x32\...\Sonnox Oxford Inflator PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Limiter Native VST v1.1.1 (HKLM-x32\...\Sonnox Oxford Limiter Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Limiter PowerCore VST v1.1.1 (HKLM-x32\...\Sonnox Oxford Limiter PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 Dynamics Native VST v1.3.1 (HKLM-x32\...\Sonnox Oxford R3 Dynamics Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 Dynamics PowerCore VST v1.3.1 (HKLM-x32\...\Sonnox Oxford R3 Dynamics PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 EQ Native VST v1.6.1 (HKLM-x32\...\Sonnox Oxford R3 EQ Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 EQ PowerCore VST v1.6.1 (HKLM-x32\...\Sonnox Oxford R3 EQ PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Reverb Native VST v1.0 (HKLM-x32\...\Sonnox Oxford Reverb Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford TransMod Native VST v1.3.1 (HKLM-x32\...\Sonnox Oxford TransMod Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford TransMod PowerCore VST v1.3.1 (HKLM-x32\...\Sonnox Oxford TransMod PowerCore VST_is1) (Version:  - Team AiR 2007)
Sony ACID 4.0f (HKLM-x32\...\{36235A3F-92C7-4F90-84E7-3697C59AD369}) (Version: 4.0.446 - Sony)
SoundToys Devil-Loc Deluxe - Academic V1 (HKLM-x32\...\Devil-Loc Deluxe - Academic V1_is1) (Version:  - SoundToys Inc)
SoundToys MicroShift V1 (HKLM-x32\...\MicroShift V1_is1) (Version:  - SoundToys Inc)
SoundToys NTV FX V4 - Academic V4 (HKLM\...\SoundToys NTV FX V4 - Academic V4_is1) (Version:  - SoundToys Inc)
SoundToys NTV FX V4 - Academic V4 (HKLM-x32\...\SoundToys NTV FX V4 - Academic V4_is1) (Version:  - SoundToys Inc)
SP ver 4.71 (HKLM-x32\...\SP Inc. Panoramic Tools, SP_STITCHER_is1) (Version:  - )
SPL Analog Code Vitalizer MK2-T VST RTAS v1.2 (HKLM-x32\...\SPL Analog Code Vitalizer MK2-T VST RTAS_is1) (Version:  - )
Steinberg Cubase 7 (HKLM-x32\...\{36035C23-2361-495A-9AE9-D1FF9A9F70B7}) (Version: 7.0.5 - Steinberg Media Technologies GmbH)
Steinberg Cubase 7.5 (HKLM-x32\...\{C75F4809-1E91-49F4-8093-45D9B053E89D}) (Version: 7.5.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg EDM Toolbox MIDI Loops (HKLM-x32\...\{8C9B2EA8-9A30-4347-95E9-10E919C4F32E}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Eucon Adapter 6.5 (HKLM-x32\...\{000F81EC-1EF7-4926-BE38-1B5E3A41E109}) (Version: 6.5.2 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Allen Morgan Signature Drums (HKLM-x32\...\{611A7035-0172-4B9B-8BB6-5046F6867D8A}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE (HKLM-x32\...\{A6790D47-D653-4B88-BED4-96878DBE5191}) (Version: 4.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE (HKLM-x32\...\{EF7800A8-575E-4776-95A5-A9D904A85D5F}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 1.6.1 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop (HKLM-x32\...\{DC0A50F1-AD2A-4B8C-BD9E-C047B3D8F9E5}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue (HKLM-x32\...\{0EB4D2B3-9410-4FB7-AD46-C48CE45B9498}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Stereoizer3 v3.1 (HKLM\...\Stereoizer3_is1) (Version:  - NUGEN Audio)
Sugar Bytes Cyclop 1.0.1 (HKLM\...\Cyclop_is1) (Version: 1.0.1 - Sugar Bytes)
Sugar Bytes Guitarist 1.0.2 (HKLM\...\Guitarist_is1) (Version: 1.0.2 - Sugar Bytes)
Sugar Bytes Guitarist Library 1.0 (HKLM-x32\...\Guitarist Library_is1) (Version: 1.0 - Sugar Bytes)
Sugar Bytes Turnado 1.5 (HKLM\...\Turnado_is1) (Version: 1.5 - Sugar Bytes)
Sylenth1 v2.20 (HKLM\...\Sylenth1_is1) (Version:  - )
SynthMaker 1.0 (HKLM-x32\...\SynthMaker) (Version:  - Outsim)
TC Native Bundle v3.1 (HKLM-x32\...\TC Native Bundle v3.1) (Version:  - )
TerraTec Komplexer VSTi v1.0.2.0 (HKLM-x32\...\TerraTec Komplexer_is1) (Version:  - )
Timeworks ReverbX (HKLM-x32\...\Timeworks ReverbX) (Version:  - )
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version:  - Image-Line bvba)
Tpkd x64 (HKLM\...\{6347E7B5-806F-4302-906A-05C62CCEA502}) (Version: 5.9.6 - PACE Anti-Piracy, Inc.)
Trilogy (HKLM-x32\...\Trilogy_is1) (Version:  - Spectrasonics, Inc.)
TrojanHunter 5.5 (HKLM-x32\...\TrojanHunter_is1) (Version: 5.5 - Mischel Internet Security)
TruePianos 1.4.1 (HKLM\...\TruePianos_is1) (Version:  - 4Front Technologies)
TruePianos: Amber Module 1.4.0 (HKLM-x32\...\TruePianos: Amber Module_is1) (Version:  - 4Front Technologies)
TruePianos: Diamond Module 1.4.0 (HKLM-x32\...\TruePianos: Diamond Module_is1) (Version:  - 4Front Technologies)
TruePianos: Emerald Module 1.4.0 (HKLM-x32\...\TruePianos: Emerald Module_is1) (Version:  - 4Front Technologies)
Tunatic (HKLM-x32\...\Tunatic) (Version:  - )
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
UAD drivers. This may take a while... (x32 Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{b5c448f3-fa31-47bf-85ed-13451fbdfe90}) (Version: 7.3.0.4295 - Universal Audio, Inc.)
UAD Powered Plug-Ins (Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (x32 Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
URS Classic Console EQ Bundle VST Native (HKLM-x32\...\URS Classic Console EQ Bundle VST Native1.0) (Version: 1.0 - URS Unique Recording Software)
URS Everything EQ Bundle v4.0 (HKLM-x32\...\URS Everything EQ Bundle v4.0) (Version:  - )
USB Display Device (Trigger Family) 13.02.0329.3679 (HKLM-x32\...\{81C5AD1D-C7C6-48AC-AC85-8F04293B1780}) (Version: 13.02.0329.3679 - StarTech)
Vengeance Producer Suite - Glitch Bitch 1.0.3 (HKLM-x32\...\{67715E04-59FB-442A-9A23-76F9C0F0D78D}_is1) (Version:  - keilwerth Audio / Vengeance Sound)
Vengeance Producer Suite - TapeStop 1.0.1 (HKLM-x32\...\{24293F25-0C00-4DD9-8DCD-257E415FF5E4}_is1) (Version:  - keilwerth Audio / Vengeance Sound)
Viral Outbreak v1.00 VSTi (HKLM-x32\...\Viral Outbreak v1.00 VSTi_is1) (Version:  - )
VIRTU 1.0.0 (HKLM\...\VIRTU_is1) (Version: 1.0.0 - Lucidlogix Technologies LTD)
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ 64-bit Redistributables (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (x32 Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
VocALign Pro 4 VST (HKLM-x32\...\{EB77C666-B349-4046-8BD3-E4941119E1EF}) (Version: 4.2 - Synchro Arts Ltd)
V-Station 1.5.1 (HKLM-x32\...\{842C6AFC-7856-4fd9-99AF-8900554ACAA2}_is1) (Version: 1.5.1 - Novation Digital Music Systems Ltd.)
Waves Mercury Bundle (HKLM-x32\...\Waves Mercury Bundle) (Version: 5.0 - Team AiR)
Waves SSL Collection v1.2 (HKLM-x32\...\Waves SSL Collection v1.2) (Version:  - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - RME Fireface USB (04/02/2014 1.0.46.0) (HKLM\...\EA40120374767D22CA5438C62B3763D87EB7BEB0) (Version: 04/02/2014 1.0.46.0 - RME)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WordBuilder (HKLM-x32\...\{B7DAD844-34CD-456B-83CC-88065323DD69}) (Version: 1.1.21 - East West)
XFastUsb (HKLM-x32\...\XFastUsb) (Version:  - )
Yamaha Steinberg FW Driver (HKLM-x32\...\InstallShield_{755036CF-6EC8-48E3-A193-B3434E8A4F59}) (Version: 1.6.5 - Yamaha Corporation)
Yamaha Steinberg FW Driver (Version: 1.6.5 - Yamaha Corporation) Hidden
YTD Video Downloader 4.7.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.1 - GreenTree Applications SRL)
Zero-G Nostalgia (HKLM-x32\...\Zero-G Nostalgia) (Version:  - )

==================== Restore Points  =========================

06-06-2012 19:37:15 Installed Active@ ISO Burner
06-06-2012 19:37:45 SPTD setup V1.62
22-05-2014 13:50:35 ComboFix created restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-22 16:28 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {19BE80B5-54F2-4DBB-A5FE-5E5453896226} - System32\Tasks\Google Updater and Installer => C:\Users\Rafa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {1AB66A4A-F6E6-43CA-A080-197C00D1C61F} - System32\Tasks\AdobeAAMUpdater-1.0-Rafa-PC-Rafa => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {1B37D9E5-3425-46E7-8C57-2D94552EC7BB} - System32\Tasks\{F68D4C34-DD44-4E41-9633-193DC626206B} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {221B9D0C-B2DF-4B57-AC9D-33BE824FE9D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {4727FFD6-A804-4ECD-B1E9-BCD53AFF1D24} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-680937111-310360728-3594482816-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {4CE47BE3-3942-40B5-AE81-EC304CFC9577} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {5B98D882-72B5-422D-B9CA-E9D85DF1B5B6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {6AC39706-D091-468D-83C4-7A8DF6E979FA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-680937111-310360728-3594482816-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {7A07574B-B584-407D-81E2-3323EA442BD2} - \Browser Manager No Task File <==== ATTENTION
Task: {84326A1B-429A-4188-AB35-B2C558D03636} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {84AB0070-4A65-462A-BEDD-1CEC7CB02CB5} - System32\Tasks\{C7DD9DD2-B840-48A2-A54F-E67DADD4518E} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {88B6246D-3C3C-43D3-BF7F-BE11C23B88DC} - System32\Tasks\{B8B5160B-43C2-44F5-ABB5-A6C7375B9D91} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {8946CD17-40AD-41EA-BFC9-A92971E73976} - \DealPly No Task File <==== ATTENTION
Task: {8F18BF3C-4BCB-4A2D-B28E-F067F95B17D9} - System32\Tasks\Amazon Music Helper => C:\Users\Rafa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2013-12-12] ()
Task: {C0D44A6D-9C3C-46A6-8135-1075D0504BD1} - System32\Tasks\{7EE3FCBD-EA2D-43A4-97C5-8D3A75FF8DF4} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {DA3623FC-BFCA-4CE2-8BA9-E09CA4E5744E} - System32\Tasks\{A17CBABF-DCC3-4AC2-B912-F5108225B8C7} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {F294DDB7-8BC5-4E5A-BFAE-5E0189AAF08F} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-05-23] (RealNetworks, Inc.)
Task: {FF4983CF-5622-4E85-8ED6-062DF8FD97CA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-03-20 17:33 - 2014-02-08 19:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-26 22:12 - 2012-08-28 14:20 - 00313432 _____ () C:\Windows\system32\GManager.exe
2013-08-26 22:12 - 2011-05-03 18:13 - 00199296 _____ () C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
2011-08-31 16:40 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-08-30 21:23 - 2011-04-10 04:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 02118032 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 07008656 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 02089360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 01270160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00192912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00758160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll
2011-04-20 19:56 - 2011-04-20 19:56 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
2013-10-03 11:47 - 2013-10-03 11:47 - 00215552 _____ () C:\Windows\system32\UAD2DriverClient.dll
2014-05-22 19:38 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-22 19:38 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-22 19:38 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-22 19:38 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-22 19:38 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:6B2C3EB805B95CCC
AlternateDataStreams: C:\Users\All Users:6B2C3EB805B95CCC
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:6B2C3EB805B95CCC
AlternateDataStreams: C:\ProgramData\Application Data:6B2C3EB805B95CCC
AlternateDataStreams: C:\ProgramData\Microsoft:9GfbPn7I2dnm69Vg8hx83KVZs6I
AlternateDataStreams: C:\ProgramData\Microsoft:arB2SIJxwBlqmBIFgwJ111
AlternateDataStreams: C:\ProgramData\Microsoft:CQYlRZaNOTvnr3sfr4wR1qQ8nWB
AlternateDataStreams: C:\ProgramData\Microsoft:DfR7cG2QbtTrnbsCnvyY
AlternateDataStreams: C:\ProgramData\Microsoft:EMn2wgc2TG24GXM4W8r
AlternateDataStreams: C:\ProgramData\Microsoft:g91J712M2n6reqk6McL7L1In
AlternateDataStreams: C:\ProgramData\Microsoft:haxHCk9aiJr8dqclwRv
AlternateDataStreams: C:\ProgramData\Microsoft:MpWJm58TJ8xnCw4C9
AlternateDataStreams: C:\ProgramData\Microsoft:N5xzcucgqjpNx07Te37XVaWW
AlternateDataStreams: C:\ProgramData\Microsoft:Ojbe8fDrwLNUnRVzFJEk8cY
AlternateDataStreams: C:\ProgramData\Microsoft:R3FhgPZi6qZ6hx64J56zbHKDn
AlternateDataStreams: C:\ProgramData\Microsoft:UoPPj49CoEJPPQwp3QC1ud
AlternateDataStreams: C:\Users\Rafa\Cookies:tljAKpFFkuo8DlcbF
AlternateDataStreams: C:\Users\Rafa\Lokale Einstellungen:AJcbHRGW4XBmKM4CFYxSlKAB
AlternateDataStreams: C:\Users\Rafa\Lokale Einstellungen:cuhSv73dqXMTWOvVsg
AlternateDataStreams: C:\Users\Rafa\AppData\Local:AJcbHRGW4XBmKM4CFYxSlKAB
AlternateDataStreams: C:\Users\Rafa\AppData\Local:cuhSv73dqXMTWOvVsg
AlternateDataStreams: C:\Users\Rafa\AppData\Local\8fqn0PiuYWM5PwH:x4aeB20PPn2olnnjA4
AlternateDataStreams: C:\Users\Rafa\AppData\Local\Anwendungsdaten:AJcbHRGW4XBmKM4CFYxSlKAB
AlternateDataStreams: C:\Users\Rafa\AppData\Local\Anwendungsdaten:cuhSv73dqXMTWOvVsg
AlternateDataStreams: C:\Users\Rafa\AppData\Local\Temporary Internet Files:7I32hhmb4yY1GsOxB0eRjX2YLT
AlternateDataStreams: C:\Users\Rafa\AppData\Local\Temporary Internet Files:aGBT1PY25E2Uu8mEiu0Efbmxv
AlternateDataStreams: C:\Users\Rafa\AppData\Local\Temporary Internet Files:QFWKewmrb5MD0x0ukZgFbQ
AlternateDataStreams: C:\Users\Rafa\AppData\Local\Temporary Internet Files:ywfIgNmf3W1ZrIAeoqe0wacHqp9

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Windows-Ereignisprotokoll wird gestartet.
Windows-Ereignisprotokoll konnte nicht gestartet werden.

Ein Systemfehler ist aufgetreten.

Das System hat keinen Meldungstext f�r die Meldungsnummer 0x1069 in der Meldungsdatei (null) gefunden.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 4201 eingeben.


==================== Memory info =========================== 

Percentage of memory in use: 16%
Total physical RAM: 16296.58 MB
Available physical RAM: 13607.65 MB
Total Pagefile: 32591.35 MB
Available Pagefile: 29708.56 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.5 GB) (Free:199.41 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Rafau) (Fixed) (Total:465.76 GB) (Free:3.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F99A8EF3)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 1CB12ABD)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Zitat:

Running from C:\Users\Mama\Desktop

Dieses Benutzerkonto scheint i.O. zu sein. Kannst du damit normal arbeiten?