Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Filesfrog Update Checker Logs (https://www.trojaner-board.de/152898-filesfrog-update-checker-logs.html)

1210mk2 22.04.2014 20:12
Filesfrog Update Checker Logs
 
Malwarebytes Anti-Malware
www.malwarebytes.org


Protection, 22.04.2014 20:17:35, SYSTEM, ABLETONLIVE-PC, Protection, Malware Protection, Starting,
Protection, 22.04.2014 20:17:35, SYSTEM, ABLETONLIVE-PC, Protection, Malware Protection, Started,
Protection, 22.04.2014 20:17:35, SYSTEM, ABLETONLIVE-PC, Protection, Malicious Website Protection, Starting,
Protection, 22.04.2014 20:17:35, SYSTEM, ABLETONLIVE-PC, Protection, Malicious Website Protection, Started,
Update, 22.04.2014 20:17:42, SYSTEM, ABLETONLIVE-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 22.04.2014 20:18:21, SYSTEM, ABLETONLIVE-PC, Manual, Malware Database, 2014.3.4.9, 2014.4.22.5,
Protection, 22.04.2014 20:18:24, SYSTEM, ABLETONLIVE-PC, Protection, Refresh, Starting,
Protection, 22.04.2014 20:18:24, SYSTEM, ABLETONLIVE-PC, Protection, Malicious Website Protection, Stopping,
Protection, 22.04.2014 20:18:24, SYSTEM, ABLETONLIVE-PC, Protection, Malicious Website Protection, Stopped,
Protection, 22.04.2014 20:18:26, SYSTEM, ABLETONLIVE-PC, Protection, Refresh, Success,
Protection, 22.04.2014 20:18:26, SYSTEM, ABLETONLIVE-PC, Protection, Malicious Website Protection, Starting,
Protection, 22.04.2014 20:18:27, SYSTEM, ABLETONLIVE-PC, Protection, Malicious Website Protection, Started,
Protection, 22.04.2014 20:32:29, SYSTEM, ABLETONLIVE-PC, Protection, Malware Protection, Starting,
Protection, 22.04.2014 20:32:29, SYSTEM, ABLETONLIVE-PC, Protection, Malware Protection, Started,
Protection, 22.04.2014 20:32:29, SYSTEM, ABLETONLIVE-PC, Protection, Malicious Website Protection, Starting,
Protection, 22.04.2014 20:32:29, SYSTEM, ABLETONLIVE-PC, Protection, Malicious Website Protection, Started,

(end)


Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 22.04.2014
Suchlauf-Zeit: 20:28:07
Logdatei:
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.22.05
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: AbletonLive

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 294545
Verstrichene Zeit: 9 Min, 43 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 1
PUP.Optional.FilesFrog.A, C:\Users\AbletonLive\AppData\Local\FilesFrog Update Checker\update_checker.exe, 3896, Löschen bei Neustart, [b5a8b27bcfaccd69cbe463fdeb1751af]

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 2
PUP.Optional.Somoto, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FilesFrog Update Checker, In Quarantäne, [86d735f8ea91a195e00cc264b14ff50b],
PUP.Optional.Somoto.A, HKU\S-1-5-21-3641286566-3211057923-4183829919-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOMOTO\SDP, In Quarantäne, [6cf12409582348eed339b4e852b1fc04],

Registrierungswerte: 1
PUP.Optional.Somoto.A, HKU\S-1-5-21-3641286566-3211057923-4183829919-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOMOTO\SDP|affid, lionskin, In Quarantäne, [6cf12409582348eed339b4e852b1fc04]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 3
PUP.Optional.FilesFrog.A, C:\Users\AbletonLive\AppData\Local\FilesFrog Update Checker, Löschen bei Neustart, [b5a8b27bcfaccd69cbe463fdeb1751af],
PUP.Optional.FilesFrog.A, C:\Users\AbletonLive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker, In Quarantäne, [8dd09a93dd9e71c529871f41bd4523dd],
PUP.Optional.Conduit.A, C:\Users\AbletonLive\AppData\Local\Temp\CT3327904, In Quarantäne, [a1bc51dc7209d56126aa29373dc5d42c],

Dateien: 11
PUP.Optional.Somoto, C:\$Recycle.Bin\S-1-5-21-3641286566-3211057923-4183829919-1000\$RG3MS8V.exe, In Quarantäne, [a6b7101d6e0dbf77f09bb5093dc6748c],
PUP.Optional.Conduit, C:\Users\AbletonLive\AppData\Local\Temp\nobinsis&LogoUrl=&SoftwareDescription=, In Quarantäne, [cd906ebfb8c365d1d9ba62f25fa5a65a],
PUP.Optional.Somoto, C:\Users\AbletonLive\AppData\Local\Temp\nsn5904.tmp, In Quarantäne, [aeaf7ab3f28910265a0d625efc076d93],
PUP.Optional.Somoto, C:\Users\AbletonLive\AppData\Local\Temp\bitool.dll, In Quarantäne, [f964240902795ed89a5e1fde2fd2d030],
PUP.Optional.Somoto, C:\Users\AbletonLive\AppData\Local\Temp\UpdateCheckerSetup.exe, In Quarantäne, [fc61f13cbcbf76c08666fb2b916f718f],
PUP.Optional.Somoto, C:\Users\AbletonLive\AppData\Local\Temp\~nsu.tmp\Au_.exe, In Quarantäne, [2d305ad37308360047a5081e2fd138c8],
PUP.Optional.Somoto, C:\Users\AbletonLive\AppData\Local\FilesFrog Update Checker\uninstall.exe, In Quarantäne, [86d735f8ea91a195e00cc264b14ff50b],
PUP.Optional.FilesFrog.A, C:\Users\AbletonLive\AppData\Local\FilesFrog Update Checker\update_checker.exe, Löschen bei Neustart, [b5a8b27bcfaccd69cbe463fdeb1751af],
PUP.Optional.FilesFrog.A, C:\Users\AbletonLive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Check for Updates.lnk, In Quarantäne, [8dd09a93dd9e71c529871f41bd4523dd],
PUP.Optional.FilesFrog.A, C:\Users\AbletonLive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Uninstall.lnk, In Quarantäne, [8dd09a93dd9e71c529871f41bd4523dd],
PUP.Optional.Conduit.A, C:\Users\AbletonLive\AppData\Local\Temp\CT3327904\ddt.csf, In Quarantäne, [a1bc51dc7209d56126aa29373dc5d42c],

Physische Sektoren: 0
(No malicious items detected)


(end)

ADW Cleaner Log File:AdwCleaner Logfile:
Code:
# AdwCleaner v3.201 - Bericht erstellt am 22/04/2014 um 20:40:13
# Aktualisiert 22/04/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : AbletonLive - ABLETONLIVE-PC
# Gestartet von : C:\Users\AbletonLive\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\AbletonLive\AppData\Local\CrashRpt
Ordner Gelöscht : C:\Users\ABLETO~1\AppData\Local\Temp\OCS
Datei Gelöscht : C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Somoto

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\AbletonLive\AppData\Roaming\Mozilla\Firefox\Profiles\z1pscs6e.default\prefs.js ]


-\\ Google Chrome v34.0.1847.116

[ Datei : C:\Users\AbletonLive\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1485 octets] - [22/04/2014 20:38:44]
AdwCleaner[S0].txt - [1207 octets] - [22/04/2014 20:40:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1267 octets] ##########
--- --- ---

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by AbletonLive on 22.04.2014 at 20:48:56,55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.04.2014 at 20:53:38,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Shortcut Cleaner 1.3.3 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
hxxp://www.bleepingcomputer.com/download/shortcut-cleaner/

Windows Version: Windows 7 Professional Service Pack 1
Program started at: 04/22/2014 08:57:33 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\AbletonLive\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\AbletonLive\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\AbletonLive\Desktop


0 bad shortcuts found.

Program finished at: 04/22/2014 08:57:33 PM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 22.04.2014
Suchlauf-Zeit: 21:10:13
Logdatei:
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.22.05
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: AbletonLive

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 295782
Verstrichene Zeit: 5 Min, 38 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

schrauber 23.04.2014 07:00
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


1210mk2 23.04.2014 11:32
#
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by AbletonLive (administrator) on ABLETONLIVE-PC on 23-04-2014 12:07:22
Running from C:\Users\AbletonLive\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(RapidSolution Software AG) C:\Program Files (x86)\Audials\Audials 11\VCDWriter\64\VCDAudioService.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(LastPass) C:\Program Files (x86)\LastPass\nplastpass.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-3641286566-3211057923-4183829919-1000\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [4373600 2013-03-10] ()
HKU\S-1-5-21-3641286566-3211057923-4183829919-1000\...\Run: [Audio 4 DJ Settings] => C:\Program Files\Native Instruments\Audio 4 DJ Driver\Audio 4 DJ Settings.exe [4470784 2013-01-23] (Native Instruments GmbH)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\AbletonLive\AppData\Roaming\Mozilla\Firefox\Profiles\z1pscs6e.default
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: LastPass - C:\Users\AbletonLive\AppData\Roaming\Mozilla\Firefox\Profiles\z1pscs6e.default\Extensions\support@lastpass.com [2014-04-14]

Chrome:
=======
CHR StartupUrls: "hxxp://google.de/"
CHR Extension: (Google Docs) - C:\Users\AbletonLive\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-28]
CHR Extension: (Google Drive) - C:\Users\AbletonLive\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-28]
CHR Extension: (YouTube) - C:\Users\AbletonLive\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-28]
CHR Extension: (Google-Suche) - C:\Users\AbletonLive\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-28]
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\AbletonLive\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2013-11-28]
CHR Extension: (AdBlock) - C:\Users\AbletonLive\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-28]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\AbletonLive\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-11-28]
CHR Extension: (Referer Control) - C:\Users\AbletonLive\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkcfpcejkafcihlgbojoidoihckciin [2013-12-15]
CHR Extension: (Ashish Mishra) - C:\Users\AbletonLive\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp [2013-12-04]
CHR Extension: (Google Wallet) - C:\Users\AbletonLive\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-28]
CHR Extension: (Google Mail) - C:\Users\AbletonLive\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-28]

==================== Services (Whitelisted) =================

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-01-11] ()
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 Virtual CDAudio Service; C:\Program Files (x86)\Audials\Audials 11\VCDWriter\64\VCDAudioService.exe [179464 2014-02-18] (RapidSolution Software AG)

==================== Drivers (Whitelisted) ====================

R3 a4djavs; C:\Windows\System32\Drivers\a4djavs.sys [359784 2012-12-18] (Native Instruments GmbH)
R3 a4djusb_svc; C:\Windows\System32\Drivers\a4djusb.sys [99688 2012-12-18] (Native Instruments GmbH)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [52440 2012-12-26] (Asmedia Technology)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2014-02-18] (Audials AG)
R3 rsvcdwdr; C:\Windows\System32\DRIVERS\rsvcdwdr.sys [45192 2014-02-18] (RapidSolution Software AG)
S3 synusb64; C:\Windows\System32\DRIVERS\synusb64.sys [30352 2009-06-26] (Steinberg Media Technologies GmbH)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-23 12:07 - 2014-04-23 12:07 - 00012287 _____ () C:\Users\AbletonLive\Desktop\FRST.txt
2014-04-23 12:07 - 2014-04-23 12:07 - 00000000 ____D () C:\FRST
2014-04-23 12:06 - 2014-04-23 12:06 - 02061312 _____ (Farbar) C:\Users\AbletonLive\Desktop\FRST64.exe
2014-04-22 21:01 - 2014-04-22 21:01 - 00000000 __SHD () C:\Users\AbletonLive\AppData\Local\EmieUserList
2014-04-22 21:01 - 2014-04-22 21:01 - 00000000 __SHD () C:\Users\AbletonLive\AppData\Local\EmieSiteList
2014-04-22 20:57 - 2014-04-22 20:57 - 00001832 _____ () C:\sc-cleaner.txt
2014-04-22 20:48 - 2014-04-22 20:48 - 00000000 ____D () C:\Windows\ERUNT
2014-04-22 20:38 - 2014-04-22 20:40 - 00000000 ____D () C:\AdwCleaner
2014-04-22 20:17 - 2014-04-22 20:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-22 20:17 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-22 20:17 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-22 20:17 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-22 20:14 - 2014-04-22 20:16 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\AbletonLive\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-21 22:43 - 2014-04-22 15:04 - 00000085 _____ () C:\Users\AbletonLive\Desktop\Leiden!!!!!!!!!!!.txt
2014-04-21 20:13 - 2014-04-21 20:13 - 64099396 ____T () C:\Users\AbletonLive\Desktop\TectronicTest.wav
2014-04-21 20:13 - 2014-04-21 20:13 - 00413489 ____T () C:\Users\AbletonLive\Desktop\TectronicTest.wav.asd
2014-04-21 16:48 - 2014-04-21 16:49 - 00000000 ____D () C:\Program Files\NutzenWasIst
2014-04-21 16:48 - 2014-04-21 16:48 - 00006688 _____ () C:\Windows\movexe.exe
2014-04-21 16:48 - 2014-04-21 16:48 - 00000000 ____D () C:\Users\AbletonLive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nutzen Was Ist
2014-04-20 20:33 - 2014-04-20 20:39 - 00000000 ____D () C:\Users\AbletonLive\Desktop\Tectronic
2014-04-19 17:30 - 2014-04-21 22:43 - 00000077 _____ () C:\Users\AbletonLive\Desktop\Neues Textdokument.txt
2014-04-18 14:07 - 2014-04-18 14:07 - 00000000 ____D () C:\Users\AbletonLive\Desktop\_Lieben was ist
2014-04-18 11:53 - 2014-04-18 12:29 - 445234244 _____ () C:\Users\AbletonLive\Desktop\_Lieben was ist.part2.rar
2014-04-16 17:19 - 2014-04-16 17:19 - 00000000 ____D () C:\Program Files\7-Zip
2014-04-16 16:47 - 2014-04-16 16:47 - 00000000 ____D () C:\Users\AbletonLive\Desktop\TWRP
2014-04-16 14:19 - 2014-04-16 23:37 - 00000078 _____ () C:\Users\AbletonLive\Desktop\PH_WERT.txt
2014-04-15 20:55 - 2014-04-15 20:55 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b13.log
2014-04-14 23:05 - 2014-04-14 23:05 - 00000000 ____D () C:\Users\AbletonLive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Instruments SoundSchool Analog
2014-04-14 23:04 - 2014-04-14 23:04 - 00000000 ____D () C:\Program Files (x86)\Native Instruments
2014-04-14 22:33 - 2014-04-14 22:33 - 00075640 _____ () C:\Users\AbletonLive\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 22:18 - 2014-04-14 22:18 - 00000000 ___HD () C:\W7P_Backups
2014-04-14 19:14 - 2014-04-14 19:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 17:10 - 2014-04-14 17:10 - 00020850 _____ () C:\Users\AbletonLive\Documents\cc_20140414_171040.reg
2014-04-14 15:39 - 2014-04-14 15:39 - 00000000 ____D () C:\Users\AbletonLive\AppData\Roaming\SUPERAntiSpyware.com
2014-04-14 15:26 - 2014-04-22 20:32 - 00014386 _____ () C:\Windows\PFRO.log
2014-04-14 15:13 - 2014-04-23 03:45 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-14 15:13 - 2014-04-14 15:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-12 14:52 - 2014-04-12 14:52 - 00000000 ____D () C:\Users\AbletonLive\AppData\Local\Brice_Lambson
2014-04-12 14:52 - 2014-04-12 14:52 - 00000000 ____D () C:\Program Files\Image Resizer for Windows
2014-04-12 14:52 - 2014-04-12 14:52 - 00000000 ____D () C:\Program Files (x86)\Image Resizer for Windows
2014-04-11 21:02 - 2014-04-11 21:02 - 00000211 _____ () C:\Users\AbletonLive\Desktop\Nicht verzagen KolleFragen.txt
2014-04-10 12:41 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-10 12:41 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-10 12:41 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-10 12:41 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-10 12:41 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-10 12:41 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-10 12:41 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-10 12:41 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-10 12:41 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-10 12:41 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-10 12:41 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-10 12:41 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-10 12:41 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-10 12:41 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-10 12:41 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-10 12:41 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-10 12:41 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-10 12:41 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-10 12:41 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-10 12:41 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-10 12:41 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-10 12:41 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-10 12:41 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-10 12:41 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-10 12:41 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-10 12:41 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-10 12:41 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-10 12:41 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-10 12:41 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-10 12:41 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-10 12:41 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-10 12:41 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-10 12:41 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-10 12:41 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-10 12:41 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-10 12:41 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-10 12:41 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-10 12:41 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-10 12:41 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-10 12:41 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-10 12:41 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-10 12:41 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-10 12:41 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-10 12:41 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-10 12:41 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-10 12:41 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-10 12:41 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-10 12:41 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-10 11:29 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 11:29 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 11:29 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 11:29 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 11:29 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 11:29 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 11:29 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 11:29 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 11:29 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 11:29 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 11:29 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 11:29 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 11:29 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 11:29 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 11:29 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 11:29 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 11:29 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 13:57 - 2014-04-09 13:57 - 00002553 _____ () C:\Users\AbletonLive\Desktop\Bitwig Studio 1.0.5.lnk
2014-04-09 13:57 - 2014-04-09 13:57 - 00000000 ____D () C:\Program Files (x86)\Bitwig Studio 1.0.5
2014-04-08 12:47 - 2014-04-08 12:47 - 00007611 _____ () C:\Users\AbletonLive\AppData\Local\Resmon.ResmonCfg
2014-04-07 16:08 - 2014-04-07 16:08 - 00001868 _____ () C:\Users\AbletonLive\Desktop\UseNeXT by Tangysoft.lnk
2014-04-04 23:38 - 2014-04-04 23:42 - 00219421 ____T () C:\Users\AbletonLive\Desktop\tectronic.wav.asd
2014-03-29 19:48 - 2014-03-29 21:56 - 460000002 _____ () C:\Users\AbletonLive\Desktop\_Lieben was ist.part1.rar
2014-03-26 21:38 - 2014-04-09 14:01 - 00000000 ____D () C:\Users\AbletonLive\AppData\Local\Bitwig Studio
2014-03-26 21:38 - 2014-03-26 21:38 - 00000000 ____D () C:\Users\AbletonLive\Documents\Bitwig Studio
2014-03-26 19:44 - 2014-03-26 19:44 - 00000000 ____D () C:\Users\AbletonLive\Desktop\Mix_April14

==================== One Month Modified Files and Folders =======

2014-04-23 12:07 - 2014-04-23 12:07 - 00012287 _____ () C:\Users\AbletonLive\Desktop\FRST.txt
2014-04-23 12:07 - 2014-04-23 12:07 - 00000000 ____D () C:\FRST
2014-04-23 12:06 - 2014-04-23 12:06 - 02061312 _____ (Farbar) C:\Users\AbletonLive\Desktop\FRST64.exe
2014-04-23 12:01 - 2013-11-28 21:07 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-23 11:56 - 2013-11-28 21:07 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-23 11:56 - 2013-11-28 20:00 - 01156230 _____ () C:\Windows\WindowsUpdate.log
2014-04-23 05:30 - 2014-02-16 19:39 - 00000000 ____D () C:\Users\AbletonLive\AppData\Roaming\vlc
2014-04-23 03:45 - 2014-04-14 15:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-22 21:01 - 2014-04-22 21:01 - 00000000 __SHD () C:\Users\AbletonLive\AppData\Local\EmieUserList
2014-04-22 21:01 - 2014-04-22 21:01 - 00000000 __SHD () C:\Users\AbletonLive\AppData\Local\EmieSiteList
2014-04-22 20:57 - 2014-04-22 20:57 - 00001832 _____ () C:\sc-cleaner.txt
2014-04-22 20:48 - 2014-04-22 20:48 - 00000000 ____D () C:\Windows\ERUNT
2014-04-22 20:48 - 2009-07-14 06:45 - 00026528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-22 20:48 - 2009-07-14 06:45 - 00026528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-22 20:46 - 2013-11-29 04:42 - 00700130 _____ () C:\Windows\system32\perfh007.dat
2014-04-22 20:46 - 2013-11-29 04:42 - 00149768 _____ () C:\Windows\system32\perfc007.dat
2014-04-22 20:46 - 2009-07-14 07:13 - 01622706 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-22 20:41 - 2014-03-06 21:19 - 00007979 _____ () C:\Windows\setupact.log
2014-04-22 20:41 - 2014-02-13 07:03 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-22 20:41 - 2013-12-11 06:24 - 00000000 ____D () C:\Users\AbletonLive\.rainlendar2
2014-04-22 20:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-22 20:40 - 2014-04-22 20:38 - 00000000 ____D () C:\AdwCleaner
2014-04-22 20:32 - 2014-04-14 15:26 - 00014386 _____ () C:\Windows\PFRO.log
2014-04-22 20:17 - 2014-04-22 20:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-22 20:16 - 2014-04-22 20:14 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\AbletonLive\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-22 20:07 - 2013-11-29 16:35 - 00000000 ____D () C:\Users\AbletonLive\AppData\Roaming\Skype
2014-04-22 20:00 - 2013-11-28 21:26 - 00000000 ____D () C:\Users\AbletonLive\AppData\Roaming\UseNeXT
2014-04-22 19:52 - 2013-11-28 21:26 - 00000000 ____D () C:\Users\AbletonLive\Documents\UseNeXT
2014-04-22 15:04 - 2014-04-21 22:43 - 00000085 _____ () C:\Users\AbletonLive\Desktop\Leiden!!!!!!!!!!!.txt
2014-04-21 22:44 - 2013-12-06 16:25 - 00000000 ___RD () C:\Users\AbletonLive\Desktop\Track Project
2014-04-21 22:43 - 2014-04-19 17:30 - 00000077 _____ () C:\Users\AbletonLive\Desktop\Neues Textdokument.txt
2014-04-21 20:28 - 2013-12-07 21:56 - 00000000 ____D () C:\Users\AbletonLive\AppData\Roaming\Audacity
2014-04-21 20:13 - 2014-04-21 20:13 - 64099396 ____T () C:\Users\AbletonLive\Desktop\TectronicTest.wav
2014-04-21 20:13 - 2014-04-21 20:13 - 00413489 ____T () C:\Users\AbletonLive\Desktop\TectronicTest.wav.asd
2014-04-21 17:31 - 2013-11-29 15:48 - 00000000 ____D () C:\Users\AbletonLive\AppData\Roaming\HexChat
2014-04-21 16:49 - 2014-04-21 16:48 - 00000000 ____D () C:\Program Files\NutzenWasIst
2014-04-21 16:48 - 2014-04-21 16:48 - 00006688 _____ () C:\Windows\movexe.exe
2014-04-21 16:48 - 2014-04-21 16:48 - 00000000 ____D () C:\Users\AbletonLive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nutzen Was Ist
2014-04-20 20:39 - 2014-04-20 20:33 - 00000000 ____D () C:\Users\AbletonLive\Desktop\Tectronic
2014-04-18 14:07 - 2014-04-18 14:07 - 00000000 ____D () C:\Users\AbletonLive\Desktop\_Lieben was ist
2014-04-18 12:29 - 2014-04-18 11:53 - 445234244 _____ () C:\Users\AbletonLive\Desktop\_Lieben was ist.part2.rar
2014-04-16 23:37 - 2014-04-16 14:19 - 00000078 _____ () C:\Users\AbletonLive\Desktop\PH_WERT.txt
2014-04-16 17:19 - 2014-04-16 17:19 - 00000000 ____D () C:\Program Files\7-Zip
2014-04-16 16:47 - 2014-04-16 16:47 - 00000000 ____D () C:\Users\AbletonLive\Desktop\TWRP
2014-04-15 20:55 - 2014-04-15 20:55 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b13.log
2014-04-15 20:55 - 2014-01-07 19:05 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-15 20:55 - 2014-01-07 19:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-14 23:05 - 2014-04-14 23:05 - 00000000 ____D () C:\Users\AbletonLive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Instruments SoundSchool Analog
2014-04-14 23:04 - 2014-04-14 23:04 - 00000000 ____D () C:\Program Files (x86)\Native Instruments
2014-04-14 22:33 - 2014-04-14 22:33 - 00075640 _____ () C:\Users\AbletonLive\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 22:32 - 2009-07-14 06:45 - 00339488 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-14 22:18 - 2014-04-14 22:18 - 00000000 ___HD () C:\W7P_Backups
2014-04-14 22:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Cursors
2014-04-14 19:14 - 2014-04-14 19:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 19:14 - 2013-12-20 06:44 - 00000000 ____D () C:\Users\AbletonLive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-04-14 19:14 - 2013-12-20 06:44 - 00000000 ____D () C:\Program Files (x86)\LastPass
2014-04-14 18:09 - 2014-03-05 16:35 - 00000873 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-14 17:10 - 2014-04-14 17:10 - 00020850 _____ () C:\Users\AbletonLive\Documents\cc_20140414_171040.reg
2014-04-14 17:08 - 2013-12-15 22:04 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-14 15:39 - 2014-04-14 15:39 - 00000000 ____D () C:\Users\AbletonLive\AppData\Roaming\SUPERAntiSpyware.com
2014-04-14 15:13 - 2014-04-14 15:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-12 14:52 - 2014-04-12 14:52 - 00000000 ____D () C:\Users\AbletonLive\AppData\Local\Brice_Lambson
2014-04-12 14:52 - 2014-04-12 14:52 - 00000000 ____D () C:\Program Files\Image Resizer for Windows
2014-04-12 14:52 - 2014-04-12 14:52 - 00000000 ____D () C:\Program Files (x86)\Image Resizer for Windows
2014-04-12 14:52 - 2013-11-29 15:47 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-11 21:02 - 2014-04-11 21:02 - 00000211 _____ () C:\Users\AbletonLive\Desktop\Nicht verzagen KolleFragen.txt
2014-04-11 13:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-10 11:31 - 2013-11-30 06:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 11:30 - 2013-11-30 06:24 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 14:01 - 2014-03-26 21:38 - 00000000 ____D () C:\Users\AbletonLive\AppData\Local\Bitwig Studio
2014-04-09 13:57 - 2014-04-09 13:57 - 00002553 _____ () C:\Users\AbletonLive\Desktop\Bitwig Studio 1.0.5.lnk
2014-04-09 13:57 - 2014-04-09 13:57 - 00000000 ____D () C:\Program Files (x86)\Bitwig Studio 1.0.5
2014-04-09 00:33 - 2014-03-23 19:03 - 00000000 ____D () C:\Users\AbletonLive\AppData\Local\Audible
2014-04-08 12:47 - 2014-04-08 12:47 - 00007611 _____ () C:\Users\AbletonLive\AppData\Local\Resmon.ResmonCfg
2014-04-08 12:34 - 2013-12-12 18:39 - 00000000 ____D () C:\Program Files (x86)\iZotope
2014-04-08 12:34 - 2013-11-29 21:05 - 00000000 ____D () C:\vst
2014-04-08 12:31 - 2014-01-03 21:34 - 00000000 ____D () C:\ProgramData\Apple
2014-04-08 12:30 - 2014-03-23 22:35 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-08 12:30 - 2014-01-03 21:34 - 00000000 ____D () C:\Users\AbletonLive\AppData\Roaming\Apple Computer
2014-04-08 12:30 - 2014-01-03 21:34 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-04-07 16:47 - 2014-02-09 19:53 - 00000000 ____D () C:\Users\AbletonLive\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rob Papen
2014-04-07 16:47 - 2014-02-09 19:53 - 00000000 ____D () C:\Program Files (x86)\Rob Papen
2014-04-07 16:08 - 2014-04-07 16:08 - 00001868 _____ () C:\Users\AbletonLive\Desktop\UseNeXT by Tangysoft.lnk
2014-04-07 16:08 - 2013-11-28 21:26 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-06 21:55 - 2013-12-02 21:29 - 00000000 ____D () C:\Users\AbletonLive\AppData\Roaming\FileZilla
2014-04-06 21:01 - 2013-12-26 23:03 - 00000000 ____D () C:\Users\AbletonLive\AppData\Roaming\Mp3tag
2014-04-04 23:42 - 2014-04-04 23:38 - 00219421 ____T () C:\Users\AbletonLive\Desktop\tectronic.wav.asd
2014-04-03 09:51 - 2014-04-22 20:17 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-22 20:17 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-22 20:17 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-29 21:56 - 2014-03-29 19:48 - 460000002 _____ () C:\Users\AbletonLive\Desktop\_Lieben was ist.part1.rar
2014-03-29 11:56 - 2013-11-28 21:07 - 00004116 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-29 11:56 - 2013-11-28 21:07 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-26 21:38 - 2014-03-26 21:38 - 00000000 ____D () C:\Users\AbletonLive\Documents\Bitwig Studio
2014-03-26 19:44 - 2014-03-26 19:44 - 00000000 ____D () C:\Users\AbletonLive\Desktop\Mix_April14
2014-03-26 18:45 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Some content of TEMP:
====================
C:\Users\AbletonLive\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\AbletonLive\AppData\Local\Temp\Quarantine.exe
C:\Users\AbletonLive\AppData\Local\Temp\SkinPack-Mavericks-win7-ver2.exe
C:\Users\AbletonLive\AppData\Local\Temp\SkypeSetup.exe
C:\Users\AbletonLive\AppData\Local\Temp\sqlite-3.8.0-x86-sqlitejdbc.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 00:45

==================== End Of Log ============================
--- --- ---

--- --- ---
#FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2014
Ran by AbletonLive at 2014-04-23 12:07:32
Running from C:\Users\AbletonLive\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ableton Live 9 Suite (HKLM\...\{48EC4E57-1D04-4831-90A7-151DA2269495}) (Version: 9.0.0.0 - Ableton)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Apowersoft kostenloser Bildschirmrekorder V1.2.4 (HKLM-x32\...\{4EFA42DB-E4EC-4537-9DF3-5158D08A9785}_is1) (Version: 1.2.4 - Apowersoft)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.4.1.000 - Asmedia Technology)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audials (HKLM-x32\...\{B3E99777-3515-4B50-B9FB-EB5E8E750F92}) (Version: 11.0.51800.0 - Audials AG)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1922691916.1637920.1637772.1922379199 - Audible, Inc.)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Beatport Downloader (HKLM-x32\...\com.beatport.BeatportDownloader) (Version: 1.4 - Beatport LLC)
Beatport Downloader (x32 Version: 1.4 - Beatport LLC) Hidden
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
Bitwig Studio 1.0.5 (HKLM-x32\...\{8D50FAAB-82EC-4193-89F9-32AF051930FA}) (Version: 1.0.0 - Bitwig GmbH)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
FabFilter TotalBundle VST RTAS v1.2 (HKLM\...\FabFilter TotalBundle x64_is1) (Version:  - )
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Ghostbuster (HKCU\...\585841693e8401e3) (Version: 1.0.0.0 - Ghostbuster)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HexChat (x64) (HKLM\...\HexChat (x64)_is1) (Version: 2.9.6 - HexChat)
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
Intel(R) Network Connections 18.2.63.0 (Version: 18.2.63.0 - Intel) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.6.0.1033 - Intel Corporation) Hidden
iZotope RX 3 (HKLM-x32\...\iZotope RX 3_is1) (Version: 3.01 - iZotope, Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version:  - LastPass)
LibreOffice 4.1.4.2 (HKLM-x32\...\{94E11973-ED58-47A0-907C-ABF6D95C5DD8}) (Version: 4.1.4.2 - The Document Foundation)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
LPD8 Editor (HKLM-x32\...\LPD8Editor) (Version:  - )
MAGIX Web Designer MX Premium (HKLM-x32\...\MAGIX_{739FE2DC-0C7E-4A1C-AC6E-46348169E27E}) (Version: 8.0.2.21761 - MAGIX AG)
MAGIX Web Designer MX Premium (Version: 8.0.2.21761 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Max 6.1.1 (x64) (HKLM\...\{78DA8249-B2B2-45A8-933E-A3A7A927161D}) (Version: 136.1.1 - Cycling '74)
Melodyne Runtime 4.1 (x64) (HKLM\...\{53EE2829-E9DB-4913-B3EA-96F10F84E98B}) (Version: 1.0.1 - Celemony Software GmbH)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.4.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Native Instruments Audio 4 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.2.1.6382 - Native Instruments)
Native Instruments Kontakt 5 (Version: 5.2.1.6382 - Native Instruments) Hidden
Native Instruments SoundSchool Analog (HKLM-x32\...\Native Instruments SoundSchool Analog) (Version:  - )
NutzenWasIst (HKLM-x32\...\NutzenWasIst) (Version:  - )
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
ocenaudio (HKCU\...\ocenaudio) (Version: 2.0 - ocenaudio Team)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.213.0 - Tracker Software Products Ltd)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
Revo Uninstaller Pro 3.0.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.1 - VS Revo Group, Ltd.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sylenth1 v2.21 (HKLM\...\Sylenth1_is1) (Version:  - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
UxStyle Core Beta (HKLM-x32\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Web Designer Premium MX Update (Version: 8.1.5.31094 - MAGIX AG) Hidden
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Restore Points  =========================

08-04-2014 10:32:13 Revo Uninstaller Pro's restore point - Apple Software Update
08-04-2014 10:32:19 Removed Apple Software Update
08-04-2014 10:32:47 Revo Uninstaller Pro's restore point - iZotope BreakTweaker
09-04-2014 11:57:40 Installed Bitwig Studio 1.0.5
10-04-2014 09:30:40 Windows Update
10-04-2014 10:41:16 Windows Update
12-04-2014 12:52:09 Image Resizer for Windows
14-04-2014 15:08:48 Removed Bonjour
14-04-2014 20:18:17 SkinPack
14-04-2014 20:22:28 SkinPack
15-04-2014 18:55:26 Installed Java 7 Update 55
16-04-2014 15:19:07 Installed 7-Zip 9.20 (x64 edition)

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {2E034D78-6C8A-44EE-BD5C-8EF6EC848DEE} - System32\Tasks\{0F14FA6B-D471-4BDD-8594-B809B8445793} => F:\LEXMARK_Treiber_mit_STUDIOcjr5400GE.exe [2012-10-05] ()
Task: {57ADD530-1464-46A5-9B08-00F39D1CAFC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-28] (Google Inc.)
Task: {7FCE0C72-72A2-4B47-B124-BE2C0AB81D82} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [2013-03-22] ()
Task: {9AF09B02-15C8-4525-A72B-63F9481B2049} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-28] (Google Inc.)
Task: {C9BBECBE-7668-4D74-8AEA-064E0371E56B} - \SomotoUpdateCheckerAutoStart No Task File <==== ATTENTION
Task: {E1CDDE4D-F84B-4842-AA88-15999A8D0CE7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-28 21:10 - 2013-03-19 13:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2013-11-28 21:10 - 2013-09-03 15:29 - 00101328 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2014-02-13 07:03 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-03-10 19:59 - 2013-03-10 19:59 - 04373600 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2012-05-16 21:12 - 2012-05-16 21:12 - 00179200 _____ () C:\Program Files\Rainlendar2\lua52.dll
2013-03-10 20:00 - 2013-03-10 20:00 - 00334432 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2012-06-17 15:21 - 2012-06-17 15:21 - 00015360 _____ () C:\Program Files\Rainlendar2\lfs.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-04-11 03:04 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-04-11 03:04 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-11 03:04 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-11 03:04 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-11 03:04 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-11 03:04 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
2014-03-18 20:20 - 2014-03-18 20:20 - 03018864 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-03-18 20:20 - 2014-03-18 20:20 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-03-18 20:20 - 2014-03-18 20:20 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:cWV5KugqovsQGMxITugc3j1
AlternateDataStreams: C:\Program Files\Common Files\System:9T1a8NKEQBOiX9jAoSK
AlternateDataStreams: C:\Users\AbletonLive\Cookies:XGDs3CRCfFJBHv1RTd3rKwObsvf
AlternateDataStreams: C:\Users\AbletonLive\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Desktop\mbam-setup-2.0.1.1004.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\Antivirus_Free_Edition21.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\audacity-win-2.0.5.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\Auris.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\Cadenzo1.5_Setup.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\ccsetup408.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\chromeinstall-7u45.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\eLicenserControlSetup (1).exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\eLicenserControlSetup.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\FileZilla_3.7.3_win32-setup.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\free-screen-recorder-chipde_1.2.4.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\genymotion-2.0.1-vbox.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\Install_Xfer_Cthulhu_101.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\Lame_v3.99.3_for_Windows.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\lastpass_x64.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\LinuxLive_USB_Creator_2.8.25.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\mp3tagv258setup.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\NP3_Installer.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\phutboyslim.dll:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\Rainlendar-Lite-2.11.1-64bit.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\SafariSetup-5.1.7.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\SetupVirtualCloneDrive5470.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\TeamSpeak3-Client-win32-3.0.13.1.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\TeamViewer_Setup_de.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\Downloads\vcredist_x64.exe:BDU
AlternateDataStreams: C:\Users\AbletonLive\AppData\Local\Temp:dBI56aqGX7RQaIVq601MDhKC
AlternateDataStreams: C:\Users\AbletonLive\AppData\Local\Temp:Di1Pna3w6pbZREBTfJ1V96Hi
AlternateDataStreams: C:\Users\AbletonLive\AppData\Local\Temp:ZkGKPZRirPzfqMsvtvk4
AlternateDataStreams: C:\ProgramData\Microsoft:70TSW1DcoVOjgGDhjbDm5KsD
AlternateDataStreams: C:\ProgramData\Microsoft:ACpYLI99UASado7t8d5uHaJ76FQ
AlternateDataStreams: C:\ProgramData\Microsoft:C6MtPTcEo3NVE4gSKj6
AlternateDataStreams: C:\ProgramData\Microsoft:Er51FeC7GN4ty3kIN4U
AlternateDataStreams: C:\ProgramData\Microsoft:KrmpoC8U2PaKu2pk6Avc
AlternateDataStreams: C:\ProgramData\Microsoft:kx2OvFVyckOF8rcW0E8uad0XzA
AlternateDataStreams: C:\ProgramData\Microsoft:PvkEfgRK3heErNW2wsCyUMyKN2n1
AlternateDataStreams: C:\ProgramData\Microsoft:yHQtO0eIQ9xxhA1jVkBcDm0
AlternateDataStreams: C:\ProgramData\TEMP:157E1AD3

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (04/22/2014 09:00:30 PM) (Source: Service Control Manager) (User: )
Description: Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 13%
Total physical RAM: 16314.36 MB
Available physical RAM: 14125.07 MB
Total Pagefile: 32626.89 MB
Available Pagefile: 29287.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Win7SSD) (Fixed) (Total:238.37 GB) (Free:51.6 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Producing) (Fixed) (Total:407.17 GB) (Free:297.14 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Steam+Spiele+Usenet) (Fixed) (Total:97.66 GB) (Free:48.11 GB) NTFS
Drive f: (Programm Setups) (Fixed) (Total:61.92 GB) (Free:58.69 GB) NTFS
Drive g: (Backup+Rettung+Handy) (Fixed) (Total:41.17 GB) (Free:19.51 GB) NTFS
Drive h: (Producing Lern Videos) (Fixed) (Total:90.32 GB) (Free:37.36 GB) NTFS
Drive i: (Musik+Mixe+Hörspiele) (Fixed) (Total:74.26 GB) (Free:7.51 GB) NTFS
Drive j: (Audio) (Fixed) (Total:100.43 GB) (Free:100.2 GB) NTFS
Drive k: (Tales from the Crypt) (Fixed) (Total:58.59 GB) (Free:8.5 GB) NTFS
Drive n: () (Removable) (Total:3.8 GB) (Free:0.57 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: B92DAEA5)
Partition 1: (Active) - (Size=407 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=59 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 466 GB) (Disk ID: D1483C25)
Partition 1: (Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=368 GB) - (Type=OF Extended)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 96E870D6)
Partition 1: (Active) - (Size=238 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 4 GB) (Disk ID: 0004C07D)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)

==================== End Of Log ============================
--- --- ---


Ich hatte vor paar Tagen so ein Skinpack für Win7 installieren wollen. Ich hab extra darauf geachtet, dass er mir keinen Crap mit draufmacht....aber leider is wohl doch was hängen geblieben...

Wenn ich jetzt den Rechner auf den Zeitpunkt vor der Installation dieses Skinpack zurück setze, dann wäre ja der ganze Crap auch nicht mehr drauf oder?

schrauber 24.04.2014 07:40
Brauchste eigentlich nicht. Logs sehen gut aus. Noch Probleme?

1210mk2 24.04.2014 14:47
Alles klar! Ich bedanke mich recht herzlich ! Zufrieden wie immer :)

schrauber 25.04.2014 09:18
Gern Geschehen :)

1210mk2 02.05.2014 19:11
Liste der Anhänge anzeigen (Anzahl: 1)
Hallo,

gerade wollte ich schauen was so alles mit Windows startet. Da sind mir diese Einträge aufgefallen. Müssen wohl damals als ich dieses Skin Pack installiert hab drauf gekommen sein.
Sie waren angehakt, also starteten mit Windows. Habe sie zur besseren Sicht mal enthakt :)

Wie soll ich vorgehen?

schrauber 04.05.2014 07:18
jup :)

1210mk2 04.05.2014 10:48
Zitat:
Zitat von schrauber (Beitrag 1295070)
jup :)
:wtf:

schrauber 04.05.2014 11:03
Zitat:
Habe sie zur besseren Sicht mal enthakt
jup bedeutet auf obiges: ok, gut, prima, kannste abhaken :)

1210mk2 04.05.2014 17:45
Ja aber wenn ich sie abhake sind sie ja doch noch im Autostart, auch wenn sie nicht mit starten.... ist das egal?
Oder sind das nur noch verwaiste Einträge die nichts mehr machen?

schrauber 05.05.2014 12:02
Du kannst natürlich in dem angegebenen Pfad noch checken ob die Datei bzw der Ordner noch da ist, wenn ja einfach von hand löschen.

1210mk2 05.05.2014 16:20
Ok,Danke dir!

schrauber 06.05.2014 11:23
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:56 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131