Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Diskussionsforum (https://www.trojaner-board.de/diskussionsforum/)
-   -   Nach dem installieren eines Programmes, habe ich auf einmal schwarzen Bildschirm bekommen und Desktop Dateien teilweise weg! (https://www.trojaner-board.de/154151-installieren-programmes-habe-einmal-schwarzen-bildschirm-bekommen-desktop-dateien-teilweise-weg.html)

Rafau2012 20.05.2014 22:00
Nach dem installieren eines Programmes, habe ich auf einmal schwarzen Bildschirm bekommen und Desktop Dateien teilweise weg!
 
Hallo, ich habe ein programm installiert und hab mein PC neugestartet, aufeinmal ist mein desktop total schwarz und es is fast alles weg!

TDSS Killer habe ich jetzt einmal durchlaufen lassen, leider ohne Erfolg!

Was ist passiert? ich lasse gerade noch den Kaspersky laufen!

cosinus 20.05.2014 22:37
Hi,

Zitat:
Hallo, ich habe ein programm installiert
Schön, und welches aus welcher Quelle? :glaskugel:

Zitat:
Was ist passiert? ich lasse gerade noch den Kaspersky laufen!
Du postest keine Logs und verrätst nicht was du da genau installiert hast, erwartest aber bei dieser dünnen Info, dass dir jmd genau sagen kann was passiert ist? :confused: :balla:

Rafau2012 20.05.2014 23:41
Ah Sorry,
Also ich habe ein sogenanntes Saxophone (VST Programm für Cubase =Music Editor) installiert!
Dieses Programm hat meine system ID gebraucht, die ich daraufhin eingegeben habe.
Nach dem Neustart ist nun mein Dektop Schwarz geworden und es fehlen die ganzen Ordner und Programme auf dem Desktop.

Nun habe ich meinen Kaspersky mal scannen lassen:

hxxp://www.fotos-hochladen.net/uploads/cc8fx74wtc20.jpg

Und das UNHIDE Pogramm runtergeladen und ausprobiert:

hxxp://www.fotos-hochladen.net/uploads/unhides2dgjzx7va.jpg

cosinus 20.05.2014 23:44
Zitat:
Also ich habe ein sogenanntes Saxophone (VST Programm für Cubase =Music Editor) installiert!
Quelle? Von wo hast du die Programme her?

Rafau2012 21.05.2014 00:16
Hab ich von einem Freund bekommen. Ich glaube er hat das von Magesy.com

Ich kann aber nochmal genau nachfragen wo er das Ding her hat!

Malwarebytes habe ich jetzt auch mal laufen lassen! Aber keine Ergebnisse!

Was nun :(???

cosinus 21.05.2014 00:31
Zitat:
TDSS Killer habe ich jetzt einmal durchlaufen lassen, leider ohne Erfolg!
Log nachreichen
Zitat:
Was ist passiert? ich lasse gerade noch den Kaspersky laufen
Auch das Log nachreichen

Rafau2012 21.05.2014 09:24
TDSS killer log:

Code:
01:39:15.0407 0x0c68  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
01:39:21.0023 0x0c68  ============================================================
01:39:21.0023 0x0c68  Current date / time: 2014/05/21 01:39:21.0023
01:39:21.0023 0x0c68  SystemInfo:
01:39:21.0023 0x0c68 
01:39:21.0023 0x0c68  OS Version: 6.1.7601 ServicePack: 1.0
01:39:21.0023 0x0c68  Product type: Workstation
01:39:21.0023 0x0c68  ComputerName: RAFA-PC
01:39:21.0023 0x0c68  UserName: Rafa
01:39:21.0023 0x0c68  Windows directory: C:\Windows
01:39:21.0023 0x0c68  System windows directory: C:\Windows
01:39:21.0023 0x0c68  Running under WOW64
01:39:21.0023 0x0c68  Processor architecture: Intel x64
01:39:21.0023 0x0c68  Number of processors: 4
01:39:21.0023 0x0c68  Page size: 0x1000
01:39:21.0023 0x0c68  Boot type: Normal boot
01:39:21.0023 0x0c68  ============================================================
01:39:45.0796 0x0c68  KLMD registered as C:\Windows\system32\drivers\22871400.sys
01:39:46.0310 0x0c68  System UUID: {9E3F87BF-3D50-AC4F-85FC-38A04848ABA5}
01:39:47.0730 0x0c68  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:39:47.0730 0x0c68  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:39:47.0761 0x0c68  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:39:47.0777 0x0c68  ============================================================
01:39:47.0777 0x0c68  \Device\Harddisk1\DR1:
01:39:47.0777 0x0c68  MBR partitions:
01:39:47.0777 0x0c68  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
01:39:47.0777 0x0c68  \Device\Harddisk0\DR0:
01:39:47.0777 0x0c68  MBR partitions:
01:39:47.0777 0x0c68  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
01:39:47.0777 0x0c68  \Device\Harddisk2\DR2:
01:39:47.0792 0x0c68  MBR partitions:
01:39:47.0792 0x0c68  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74701AC1
01:39:47.0792 0x0c68  ============================================================
01:39:48.0167 0x0c68  C: <-> \Device\Harddisk2\DR2\Partition1
01:39:48.0182 0x0c68  E: <-> \Device\Harddisk0\DR0\Partition1
01:39:48.0182 0x0c68  D: <-> \Device\Harddisk1\DR1\Partition1
01:39:48.0182 0x0c68  ============================================================
01:39:48.0182 0x0c68  Initialize success
01:39:48.0182 0x0c68  ============================================================
01:39:55.0670 0x15d8  ============================================================
01:39:55.0670 0x15d8  Scan started
01:39:55.0670 0x15d8  Mode: Manual;
01:39:55.0670 0x15d8  ============================================================
01:39:55.0670 0x15d8  KSN ping started
01:40:02.0456 0x15d8  KSN ping finished: true
01:40:17.0214 0x15d8  ================ Scan system memory ========================
01:40:17.0214 0x15d8  System memory - ok
01:40:17.0214 0x15d8  ================ Scan services =============================
01:40:18.0400 0x15d8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
01:40:18.0415 0x15d8  1394ohci - ok
01:40:18.0743 0x15d8  [ B33CF4DE909A5B30F526D82053A63C8E, ABF5BB962C038E545C18B96E686E072D780C907096C7BB341297AF31D3703ABD ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
01:40:18.0774 0x15d8  ABBYY.Licensing.FineReader.Sprint.9.0 - ok
01:40:18.0821 0x15d8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
01:40:18.0836 0x15d8  ACPI - ok
01:40:18.0868 0x15d8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
01:40:18.0883 0x15d8  AcpiPmi - ok
01:40:19.0133 0x15d8  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:40:19.0148 0x15d8  AdobeARMservice - ok
01:40:19.0258 0x15d8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
01:40:19.0289 0x15d8  adp94xx - ok
01:40:19.0336 0x15d8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci        C:\Windows\system32\drivers\adpahci.sys
01:40:19.0351 0x15d8  adpahci - ok
01:40:19.0382 0x15d8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
01:40:19.0414 0x15d8  adpu320 - ok
01:40:19.0445 0x15d8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
01:40:19.0460 0x15d8  AeLookupSvc - ok
01:40:19.0585 0x15d8  [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD            C:\Windows\system32\drivers\afd.sys
01:40:19.0616 0x15d8  AFD - ok
01:40:19.0632 0x15d8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
01:40:19.0648 0x15d8  agp440 - ok
01:40:19.0694 0x15d8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG            C:\Windows\System32\alg.exe
01:40:19.0710 0x15d8  ALG - ok
01:40:19.0726 0x15d8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
01:40:19.0726 0x15d8  aliide - ok
01:40:19.0741 0x15d8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
01:40:19.0741 0x15d8  amdide - ok
01:40:19.0757 0x15d8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
01:40:19.0757 0x15d8  AmdK8 - ok
01:40:19.0788 0x15d8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
01:40:19.0788 0x15d8  AmdPPM - ok
01:40:19.0804 0x15d8  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
01:40:19.0804 0x15d8  amdsata - ok
01:40:19.0850 0x15d8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
01:40:19.0850 0x15d8  amdsbs - ok
01:40:19.0882 0x15d8  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
01:40:19.0882 0x15d8  amdxata - ok
01:40:19.0928 0x15d8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID          C:\Windows\system32\drivers\appid.sys
01:40:19.0928 0x15d8  AppID - ok
01:40:19.0944 0x15d8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
01:40:19.0944 0x15d8  AppIDSvc - ok
01:40:20.0069 0x15d8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo        C:\Windows\System32\appinfo.dll
01:40:20.0116 0x15d8  Appinfo - ok
01:40:20.0428 0x15d8  [ F518545E5B7623AD49ABE7F8776EFA46, CD39B6EC0D80C6DB857F34D4AC5C31085271B51B8851A56FEFC052B20B7CC40C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:40:20.0428 0x15d8  Apple Mobile Device - ok
01:40:20.0459 0x15d8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc            C:\Windows\system32\drivers\arc.sys
01:40:20.0459 0x15d8  arc - ok
01:40:20.0474 0x15d8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
01:40:20.0490 0x15d8  arcsas - ok
01:40:20.0755 0x15d8  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:40:20.0771 0x15d8  aspnet_state - ok
01:40:20.0818 0x15d8  [ 912A215CE180A6E7C923C662D7EC777D, 2828D6403F693B1CF4AD4F47A4C096E6B31E680665F5BBCCAA69416FFA7FF2E0 ] AsrAppCharger  C:\Windows\system32\DRIVERS\AsrAppCharger.sys
01:40:20.0818 0x15d8  AsrAppCharger - ok
01:40:20.0880 0x15d8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
01:40:20.0880 0x15d8  AsyncMac - ok
01:40:20.0896 0x15d8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi          C:\Windows\system32\drivers\atapi.sys
01:40:20.0896 0x15d8  atapi - ok
01:40:21.0036 0x15d8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:40:21.0052 0x15d8  AudioEndpointBuilder - ok
01:40:21.0083 0x15d8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
01:40:21.0098 0x15d8  AudioSrv - ok
01:40:21.0192 0x15d8  [ 9FD4BC46784309176AEFA26AA8241DA1, 939F7503A6231E5FD5A3F46BDB97671D62D0CEC8B6EF82BD6B1090C45D9D6E1F ] avgtp          C:\Windows\system32\drivers\avgtpx64.sys
01:40:21.0192 0x15d8  avgtp - ok
01:40:21.0457 0x15d8  [ 6C9D5BADC8F83D410A278717C2EEA6F6, B047E3F21D153A2E32FA907EE9830A4A9A152C3AA95FD978E61189EEF6564D40 ] AVP            C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
01:40:21.0457 0x15d8  AVP - ok
01:40:21.0566 0x15d8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
01:40:21.0629 0x15d8  AxInstSV - ok
01:40:21.0785 0x15d8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
01:40:21.0816 0x15d8  b06bdrv - ok
01:40:21.0894 0x15d8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
01:40:21.0972 0x15d8  b57nd60a - ok
01:40:22.0019 0x15d8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
01:40:22.0050 0x15d8  BDESVC - ok
01:40:22.0081 0x15d8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
01:40:22.0081 0x15d8  Beep - ok
01:40:22.0393 0x15d8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE            C:\Windows\System32\bfe.dll
01:40:22.0393 0x15d8  BFE - ok
01:40:22.0596 0x15d8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
01:40:22.0612 0x15d8  BITS - ok
01:40:22.0690 0x15d8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
01:40:22.0690 0x15d8  blbdrive - ok
01:40:23.0173 0x15d8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
01:40:23.0189 0x15d8  Bonjour Service - ok
01:40:23.0282 0x15d8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
01:40:23.0314 0x15d8  bowser - ok
01:40:23.0360 0x15d8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
01:40:23.0360 0x15d8  BrFiltLo - ok
01:40:23.0392 0x15d8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
01:40:23.0392 0x15d8  BrFiltUp - ok
01:40:23.0454 0x15d8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser        C:\Windows\System32\browser.dll
01:40:23.0470 0x15d8  Browser - ok
01:40:23.0501 0x15d8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
01:40:23.0516 0x15d8  Brserid - ok
01:40:23.0548 0x15d8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
01:40:23.0548 0x15d8  BrSerWdm - ok
01:40:23.0563 0x15d8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
01:40:23.0563 0x15d8  BrUsbMdm - ok
01:40:23.0610 0x15d8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
01:40:23.0610 0x15d8  BrUsbSer - ok
01:40:23.0626 0x15d8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
01:40:23.0626 0x15d8  BTHMODEM - ok
01:40:23.0657 0x15d8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv        C:\Windows\system32\bthserv.dll
01:40:23.0672 0x15d8  bthserv - ok
01:40:24.0140 0x15d8  [ 2BD001601496AE87F7CB86F1FCD6F1EC, 7DDB69B025BE80CB50C1B8D4B20CD5D40FF09492B00E44157E74CBF7ED987478 ] Cardex          C:\Windows\SysWOW64\drivers\TBPANELX64.SYS
01:40:24.0140 0x15d8  Cardex - ok
01:40:24.0172 0x15d8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
01:40:24.0187 0x15d8  cdfs - ok
01:40:24.0218 0x15d8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
01:40:24.0234 0x15d8  cdrom - ok
01:40:24.0265 0x15d8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc    C:\Windows\System32\certprop.dll
01:40:24.0265 0x15d8  CertPropSvc - ok
01:40:24.0296 0x15d8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
01:40:24.0296 0x15d8  circlass - ok
01:40:24.0359 0x15d8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
01:40:24.0359 0x15d8  CLFS - ok
01:40:24.0593 0x15d8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:40:24.0608 0x15d8  clr_optimization_v2.0.50727_32 - ok
01:40:24.0686 0x15d8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:40:24.0702 0x15d8  clr_optimization_v2.0.50727_64 - ok
01:40:25.0186 0x15d8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:40:25.0217 0x15d8  clr_optimization_v4.0.30319_32 - ok
01:40:25.0435 0x15d8  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:40:25.0451 0x15d8  clr_optimization_v4.0.30319_64 - ok
01:40:25.0513 0x15d8  CltMngSvc - ok
01:40:25.0560 0x15d8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
01:40:25.0560 0x15d8  CmBatt - ok
01:40:25.0576 0x15d8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
01:40:25.0576 0x15d8  cmdide - ok
01:40:25.0732 0x15d8  [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG            C:\Windows\system32\Drivers\cng.sys
01:40:25.0732 0x15d8  CNG - ok
01:40:25.0747 0x15d8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
01:40:25.0747 0x15d8  Compbatt - ok
01:40:25.0778 0x15d8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
01:40:25.0778 0x15d8  CompositeBus - ok
01:40:25.0810 0x15d8  COMSysApp - ok
01:40:25.0981 0x15d8  [ 815F3180B5117E42E422188E9CCC89C6, 69E539D33F3B9F3562FE4B21D853EEBB15DBD2106509FEBD476D04562F34AC08 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
01:40:26.0044 0x15d8  cphs - ok
01:40:26.0137 0x15d8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
01:40:26.0137 0x15d8  crcdisk - ok
01:40:26.0231 0x15d8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
01:40:26.0246 0x15d8  CryptSvc - ok
01:40:26.0434 0x15d8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
01:40:26.0434 0x15d8  DcomLaunch - ok
01:40:26.0621 0x15d8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc      C:\Windows\System32\defragsvc.dll
01:40:26.0636 0x15d8  defragsvc - ok
01:40:26.0792 0x15d8  [ 71D9CCEE8A3A70BBCE3E76B7B06A4784, 41D23E57756A6FFFC693DB023F67A189D0A87E0A818EC17D1C855FAF9041F9A8 ] DELTAII        C:\Windows\system32\DRIVERS\MAudioDelta.sys
01:40:26.0839 0x15d8  DELTAII - ok
01:40:26.0870 0x15d8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
01:40:26.0886 0x15d8  DfsC - ok
01:40:27.0026 0x15d8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
01:40:27.0042 0x15d8  Dhcp - ok
01:40:27.0182 0x15d8  [ FDD7ABCC822D0CC4E59D0B75B0239A36, 1DEA4B48914D8012E2690118E79577F408EF91E3833A2BEF26DCFF3A9B752C7E ] DigiNet        C:\Windows\system32\DRIVERS\diginet.sys
01:40:27.0182 0x15d8  DigiNet - ok
01:40:27.0245 0x15d8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
01:40:27.0245 0x15d8  discache - ok
01:40:27.0354 0x15d8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
01:40:27.0370 0x15d8  Disk - ok
01:40:27.0494 0x15d8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
01:40:27.0510 0x15d8  Dnscache - ok
01:40:27.0604 0x15d8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc        C:\Windows\System32\dot3svc.dll
01:40:27.0650 0x15d8  dot3svc - ok
01:40:27.0728 0x15d8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS            C:\Windows\system32\dps.dll
01:40:27.0744 0x15d8  DPS - ok
01:40:27.0822 0x15d8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
01:40:27.0822 0x15d8  drmkaud - ok
01:40:28.0212 0x15d8  [ AF2E16242AA723F68F461B6EAE2EAD3D, 3973633C6D231DB8D92DE310D3A0836C64639B9A20C6C56385FB218A707C1BC3 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
01:40:28.0228 0x15d8  DXGKrnl - ok
01:40:28.0415 0x15d8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost        C:\Windows\System32\eapsvc.dll
01:40:28.0446 0x15d8  EapHost - ok
01:40:29.0320 0x15d8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv          C:\Windows\system32\drivers\evbda.sys
01:40:29.0429 0x15d8  ebdrv - ok
01:40:29.0585 0x15d8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS            C:\Windows\System32\lsass.exe
01:40:29.0585 0x15d8  EFS - ok
01:40:30.0209 0x15d8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
01:40:30.0490 0x15d8  ehRecvr - ok
01:40:30.0552 0x15d8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched        C:\Windows\ehome\ehsched.exe
01:40:30.0770 0x15d8  ehSched - ok
01:40:31.0192 0x15d8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
01:40:31.0363 0x15d8  elxstor - ok
01:40:31.0426 0x15d8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
01:40:31.0426 0x15d8  ErrDev - ok
01:40:31.0535 0x15d8  [ DF2F6C1E55F6E81CFC7F688380D85816, D9085466AA9D98AA01CD8ADEBD798CB326D4FD53A07BD199C3E6E500B4619355 ] EtronHub3      C:\Windows\system32\Drivers\EtronHub3.sys
01:40:31.0535 0x15d8  EtronHub3 - ok
01:40:33.0095 0x15d8  [ E093ABFB67A4B9D94F80611A7D0A8BB9, A23D58767F58CBDFAA4AD25779BBBC4FAD51CBD8FEB9C89284635631E4F084A6 ] EtronXHCI      C:\Windows\system32\Drivers\EtronXHCI.sys
01:40:33.0110 0x15d8  EtronXHCI - ok
01:40:34.0873 0x15d8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem    C:\Windows\system32\es.dll
01:40:35.0887 0x15d8  EventSystem - ok
01:40:37.0400 0x15d8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat          C:\Windows\system32\drivers\exfat.sys
01:40:37.0603 0x15d8  exfat - ok
01:40:39.0179 0x15d8  Fabs - ok
01:40:40.0084 0x15d8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
01:40:40.0208 0x15d8  fastfat - ok
01:40:40.0942 0x15d8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax            C:\Windows\system32\fxssvc.exe
01:40:41.0020 0x15d8  Fax - ok
01:40:41.0066 0x15d8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
01:40:41.0066 0x15d8  fdc - ok
01:40:41.0238 0x15d8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost        C:\Windows\system32\fdPHost.dll
01:40:41.0285 0x15d8  fdPHost - ok
01:40:41.0285 0x15d8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
01:40:41.0300 0x15d8  FDResPub - ok
01:40:41.0332 0x15d8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
01:40:41.0347 0x15d8  FileInfo - ok
01:40:41.0347 0x15d8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
01:40:41.0347 0x15d8  Filetrace - ok
01:40:42.0814 0x15d8  [ 5BD96D8C5411ACE71A7EAACAF0EF2903, 2AF58E6060C7DEC44B4CA30E14E164473CD4089AE475DAFFC61DFE56990C1147 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
01:40:43.0172 0x15d8  FirebirdServerMAGIXInstance - ok
01:40:43.0890 0x15d8  [ F61A8B79254E52B4641D98F08A3E6136, 4314A5DD4E2A6389CD3E239423ADF275E3BCF1956967180EC863B590F3225C37 ] firefaceu64    C:\Windows\system32\drivers\fireface_usb_64.sys
01:40:43.0906 0x15d8  firefaceu64 - ok
01:40:44.0857 0x15d8  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
01:40:45.0185 0x15d8  FLEXnet Licensing Service - ok
01:40:45.0263 0x15d8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
01:40:45.0263 0x15d8  flpydisk - ok
01:40:45.0419 0x15d8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
01:40:45.0466 0x15d8  FltMgr - ok
01:40:45.0544 0x15d8  [ FE95AE537B41A7E2F4CFE353064DC4AF, 1C354CAF4A8FB599BD252133C4C3845624C6F9B692E3F4C68573486FE8236EB3 ] FNETTBOH_305    C:\Windows\system32\drivers\FNETTBOH_305.SYS
01:40:45.0544 0x15d8  FNETTBOH_305 - ok
01:40:45.0606 0x15d8  [ 7C3C4B4C951EC1BDFD4F769D05E2CC68, 7B9DA195D3CF0E7BE6BB532CC5D058BC6658B7538B5C5CF09B1A4ABEF1ECACB4 ] FNETURPX        C:\Windows\system32\drivers\FNETURPX.SYS
01:40:45.0606 0x15d8  FNETURPX - ok
01:40:47.0182 0x15d8  [ B4447F606BB19FD8AD0BAFB59B90F5D9, 043E686029DE2710305852E3A416176E400F9FD5FB98E4F2A6F14C060FAABED5 ] FontCache      C:\Windows\system32\FntCache.dll
01:40:47.0244 0x15d8  FontCache - ok
01:40:47.0525 0x15d8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:40:47.0572 0x15d8  FontCache3.0.0.0 - ok
01:40:47.0743 0x15d8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
01:40:47.0743 0x15d8  FsDepends - ok
01:40:47.0946 0x15d8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
01:40:48.0024 0x15d8  Fs_Rec - ok
01:40:48.0352 0x15d8  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
01:40:48.0383 0x15d8  fvevol - ok
01:40:48.0539 0x15d8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
01:40:48.0539 0x15d8  gagp30kx - ok
01:40:48.0742 0x15d8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM    C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:40:48.0742 0x15d8  GEARAspiWDM - ok
01:40:49.0069 0x15d8  [ 57888A823873B256786D88C8E5999093, 560C1088E2BB1E99B9C4E2FBFAB2B7824B4727E1EFD6889E4C5B6E7BCB77ED6D ] GManager        C:\Windows\system32\GManager.exe
01:40:49.0085 0x15d8  GManager - ok
01:40:49.0927 0x15d8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc          C:\Windows\System32\gpsvc.dll
01:40:49.0974 0x15d8  gpsvc - ok
01:40:50.0848 0x15d8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:40:50.0848 0x15d8  gupdate - ok
01:40:51.0004 0x15d8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:40:51.0004 0x15d8  gupdatem - ok
01:40:51.0097 0x15d8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
01:40:51.0097 0x15d8  hcw85cir - ok
01:40:51.0300 0x15d8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:40:51.0597 0x15d8  HdAudAddService - ok
01:40:51.0768 0x15d8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
01:40:51.0877 0x15d8  HDAudBus - ok
01:40:52.0018 0x15d8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
01:40:52.0033 0x15d8  HidBatt - ok
01:40:52.0065 0x15d8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
01:40:52.0111 0x15d8  HidBth - ok
01:40:52.0299 0x15d8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr          C:\Windows\system32\drivers\hidir.sys
01:40:52.0299 0x15d8  HidIr - ok
01:40:52.0439 0x15d8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv        C:\Windows\system32\hidserv.dll
01:40:52.0533 0x15d8  hidserv - ok
01:40:52.0891 0x15d8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
01:40:52.0891 0x15d8  HidUsb - ok
01:40:53.0094 0x15d8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
01:40:53.0141 0x15d8  hkmsvc - ok
01:40:53.0219 0x15d8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:40:53.0250 0x15d8  HomeGroupListener - ok
01:40:53.0437 0x15d8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:40:53.0437 0x15d8  HomeGroupProvider - ok
01:40:53.0531 0x15d8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
01:40:53.0562 0x15d8  HpSAMD - ok
01:40:53.0781 0x15d8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
01:40:53.0827 0x15d8  HTTP - ok
01:40:54.0077 0x15d8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
01:40:54.0077 0x15d8  hwpolicy - ok
01:40:54.0171 0x15d8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
01:40:54.0249 0x15d8  i8042prt - ok
01:40:54.0779 0x15d8  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
01:40:54.0810 0x15d8  iaStorV - ok
01:40:55.0403 0x15d8  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:40:55.0481 0x15d8  idsvc - ok
01:40:58.0166 0x15d8  [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
01:40:58.0416 0x15d8  igfx - ok
01:40:58.0447 0x15d8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
01:40:58.0447 0x15d8  iirsp - ok
01:40:58.0853 0x15d8  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
01:40:58.0884 0x15d8  IKEEXT - ok
01:40:58.0946 0x15d8  [ BEF622DCE5FC16655100B9C6ABAA4C9C, E81440B179F4D5BCF965BA73F050EB7766D8C7AF8B924D231FEAAA2DD6E1ECDA ] iLokDrvr        C:\Windows\system32\DRIVERS\iLokDrvr.sys
01:40:58.0946 0x15d8  iLokDrvr - ok
01:40:59.0009 0x15d8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
01:40:59.0009 0x15d8  intelide - ok
01:40:59.0055 0x15d8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
01:40:59.0055 0x15d8  intelppm - ok
01:40:59.0180 0x15d8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
01:40:59.0227 0x15d8  IPBusEnum - ok
01:40:59.0289 0x15d8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:40:59.0336 0x15d8  IpFilterDriver - ok
01:40:59.0383 0x15d8  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
01:40:59.0414 0x15d8  iphlpsvc - ok
01:40:59.0445 0x15d8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
01:40:59.0461 0x15d8  IPMIDRV - ok
01:40:59.0492 0x15d8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
01:40:59.0508 0x15d8  IPNAT - ok
01:40:59.0960 0x15d8  [ F7ED08D4BC89D7AC6135C1556A89157F, 8F15F1E528F6513FCEF5D966880CBA8A2C7A4816393393F4B201CDD6227F36A3 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
01:41:00.0023 0x15d8  iPod Service - ok
01:41:00.0101 0x15d8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
01:41:00.0116 0x15d8  IRENUM - ok
01:41:00.0179 0x15d8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
01:41:00.0179 0x15d8  isapnp - ok
01:41:00.0257 0x15d8  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
01:41:00.0303 0x15d8  iScsiPrt - ok
01:41:00.0537 0x15d8  [ 1D7AAB58F4E21697AF8F46EAA81823DD, 551EA1B53224F99EDCFD8A9E754C5313CFF4BCBFFFB8DC54D3F3419527F8152C ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
01:41:00.0553 0x15d8  k57nd60a - ok
01:41:00.0647 0x15d8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
01:41:00.0647 0x15d8  kbdclass - ok
01:41:00.0709 0x15d8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
01:41:00.0709 0x15d8  kbdhid - ok
01:41:00.0834 0x15d8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\Windows\system32\lsass.exe
01:41:00.0834 0x15d8  KeyIso - ok
01:41:01.0442 0x15d8  [ E656FE10D6D27794AFA08136685A69E8, 2D38603B546235B555978340A63E052D06CA7E7EF117CF148F9A002D423B2949 ] KL1            C:\Windows\system32\DRIVERS\kl1.sys
01:41:01.0739 0x15d8  KL1 - ok
01:41:01.0770 0x15d8  [ D865DD8B0448E3F963D68C04C532858F, AD51013E65289CA8FD1313780A93610132B1570F7A85C7A2E7DD8FD1FBE8701D ] kl2            C:\Windows\system32\DRIVERS\kl2.sys
01:41:01.0770 0x15d8  kl2 - ok
01:41:01.0973 0x15d8  [ 8490798365236B6C8E54DEDD27A42D07, 603C1AC0447DE3C7C1824920FF28475E507C269F91CD8B6557296AE3BE9AE2C4 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
01:41:01.0988 0x15d8  KLIF - ok
01:41:02.0144 0x15d8  [ 89FB5A33D7171B6D84F5EB721D5055E1, 1F36C1C043E9BA57496A50F4F28135CE78C4EF3F0277B566787CD1DDD173AEF6 ] KLIM6          C:\Windows\system32\DRIVERS\klim6.sys
01:41:02.0144 0x15d8  KLIM6 - ok
01:41:02.0191 0x15d8  [ 9468D07E91BA136D82415F5DFC1FE168, EF9AA5CD94093E06023A42501557B2C4684806DBBC07D2F77F9AE2F3C6EA2430 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
01:41:02.0191 0x15d8  klmouflt - ok
01:41:02.0269 0x15d8  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
01:41:02.0269 0x15d8  KSecDD - ok
01:41:02.0363 0x15d8  [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
01:41:02.0394 0x15d8  KSecPkg - ok
01:41:02.0472 0x15d8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
01:41:02.0472 0x15d8  ksthunk - ok
01:41:03.0564 0x15d8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm          C:\Windows\system32\msdtckrm.dll
01:41:04.0110 0x15d8  KtmRm - ok
01:41:04.0515 0x15d8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
01:41:04.0625 0x15d8  LanmanServer - ok
01:41:04.0859 0x15d8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:41:04.0921 0x15d8  LanmanWorkstation - ok
01:41:05.0046 0x15d8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
01:41:05.0061 0x15d8  lltdio - ok
01:41:05.0561 0x15d8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
01:41:05.0873 0x15d8  lltdsvc - ok
01:41:06.0621 0x15d8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts        C:\Windows\System32\lmhsvc.dll
01:41:07.0199 0x15d8  lmhosts - ok
01:41:08.0712 0x15d8  [ 9AD4BEE2FE76D4CA39AC969B617E94FB, 1DE5FC59CDA5C7D63C9C60B9FC70A09F755196DFA25E8FAC0FBF262C44731CF0 ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
01:41:08.0790 0x15d8  LMS - ok
01:41:08.0961 0x15d8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
01:41:08.0977 0x15d8  LSI_FC - ok
01:41:09.0024 0x15d8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
01:41:09.0055 0x15d8  LSI_SAS - ok
01:41:09.0117 0x15d8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
01:41:09.0149 0x15d8  LSI_SAS2 - ok
01:41:09.0258 0x15d8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
01:41:09.0289 0x15d8  LSI_SCSI - ok
01:41:09.0507 0x15d8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv          C:\Windows\system32\drivers\luafv.sys
01:41:09.0523 0x15d8  luafv - ok
01:41:09.0757 0x15d8  [ FD5465B876D55534117963FAAA4B9DFC, 63A822A1EEEC42C30CCC9477431E310E3D360489A68BBCD805124681F21C0B6B ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
01:41:09.0757 0x15d8  MBAMProtector - ok
01:41:10.0303 0x15d8  [ 0E08BDD7326E657D59DB40BAD23D8169, 428C6CCCC0BB540DFD35847776140D60C186B9D2D14F0ACCD1A4D42A8877BD98 ] MBAMScheduler  C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
01:41:10.0319 0x15d8  MBAMScheduler - ok
01:41:10.0880 0x15d8  [ A8E7F3DB083EB0839DFC1C763CDD2594, BDF416E360A52130B23B029C89E6406A97FB0516C52C7E63B94CAECEEB431A2E ] MBAMService    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
01:41:10.0880 0x15d8  MBAMService - ok
01:41:11.0379 0x15d8  [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy  C:\Windows\system32\drivers\MBAMSwissArmy.sys
01:41:11.0379 0x15d8  MBAMSwissArmy - ok
01:41:11.0489 0x15d8  [ C49915271600CFC2305FAA4271D0002F, 8412989C50579C79F27E4F9B178B2FF944C8F221AD70D213279D888F5449F868 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
01:41:11.0489 0x15d8  MBAMWebAccessControl - ok
01:41:12.0003 0x15d8  [ 3E23A0792D5EE0A072961E9E9F347368, 3887351DF52AF974B6C48097A032521C7122D8C23054C8F9024AA876CED14E81 ] MCTDesktopSvr  C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
01:41:12.0003 0x15d8  MCTDesktopSvr - ok
01:41:12.0206 0x15d8  [ BC7D107BA5E2B4E2D407AB554B92091E, 43B15B4CBDFAC4D68027B71B3C7A895D38ABF721DEB25AE664618F910A5CDFEB ] mctkmd          C:\Windows\system32\drivers\mctkmd64.sys
01:41:12.0222 0x15d8  mctkmd - ok
01:41:12.0378 0x15d8  [ 7E622C16CA2798B352C0B31DBB208CBD, 226D877CC86526BDA361557ED2506743CA05E9532C6DD9F60870F50C9505E8CC ] mctkmdldr      C:\Windows\system32\drivers\mctkmdldr64.sys
01:41:12.0378 0x15d8  mctkmdldr - ok
01:41:12.0456 0x15d8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
01:41:12.0503 0x15d8  Mcx2Svc - ok
01:41:12.0549 0x15d8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas        C:\Windows\system32\drivers\megasas.sys
01:41:12.0549 0x15d8  megasas - ok
01:41:12.0768 0x15d8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
01:41:12.0846 0x15d8  MegaSR - ok
01:41:12.0924 0x15d8  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
01:41:12.0924 0x15d8  MEIx64 - ok
01:41:13.0111 0x15d8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS          C:\Windows\system32\mmcss.dll
01:41:13.0111 0x15d8  MMCSS - ok
01:41:13.0220 0x15d8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem          C:\Windows\system32\drivers\modem.sys
01:41:13.0220 0x15d8  Modem - ok
01:41:13.0407 0x15d8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
01:41:13.0407 0x15d8  monitor - ok
01:41:13.0470 0x15d8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
01:41:13.0470 0x15d8  mouclass - ok
01:41:13.0517 0x15d8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
01:41:13.0517 0x15d8  mouhid - ok
01:41:13.0595 0x15d8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
01:41:13.0610 0x15d8  mountmgr - ok
01:41:13.0844 0x15d8  [ A35576A433F4AEB0D48976A004657CB6, F820A759119785C3FB10B0EDCF8EF9985886A9B0767ABD45B2ACAC03498B321E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:41:14.0078 0x15d8  MozillaMaintenance - ok
01:41:14.0343 0x15d8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
01:41:14.0437 0x15d8  mpio - ok
01:41:14.0874 0x15d8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
01:41:14.0874 0x15d8  mpsdrv - ok
01:41:14.0983 0x15d8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
01:41:15.0014 0x15d8  MpsSvc - ok
01:41:15.0014 0x15d8  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
01:41:15.0030 0x15d8  MRxDAV - ok
01:41:15.0077 0x15d8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
01:41:15.0092 0x15d8  mrxsmb - ok
01:41:15.0623 0x15d8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:41:15.0669 0x15d8  mrxsmb10 - ok
01:41:16.0013 0x15d8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:41:16.0137 0x15d8  mrxsmb20 - ok
01:41:16.0356 0x15d8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
01:41:16.0356 0x15d8  msahci - ok
01:41:16.0605 0x15d8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
01:41:16.0637 0x15d8  msdsm - ok
01:41:16.0762 0x15d8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC          C:\Windows\System32\msdtc.exe
01:41:16.0903 0x15d8  MSDTC - ok
01:41:16.0996 0x15d8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
01:41:16.0996 0x15d8  Msfs - ok
01:41:17.0168 0x15d8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
01:41:17.0168 0x15d8  mshidkmdf - ok
01:41:17.0199 0x15d8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
01:41:17.0199 0x15d8  msisadrv - ok
01:41:17.0324 0x15d8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
01:41:17.0355 0x15d8  MSiSCSI - ok
01:41:17.0355 0x15d8  msiserver - ok
01:41:17.0418 0x15d8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
01:41:17.0418 0x15d8  MSKSSRV - ok
01:41:17.0511 0x15d8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
01:41:17.0511 0x15d8  MSPCLOCK - ok
01:41:17.0574 0x15d8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
01:41:17.0574 0x15d8  MSPQM - ok
01:41:17.0761 0x15d8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
01:41:17.0792 0x15d8  MsRPC - ok
01:41:17.0823 0x15d8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
01:41:17.0823 0x15d8  mssmbios - ok
01:41:17.0901 0x15d8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
01:41:17.0901 0x15d8  MSTEE - ok
01:41:17.0917 0x15d8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
01:41:17.0917 0x15d8  MTConfig - ok
01:41:17.0995 0x15d8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup            C:\Windows\system32\Drivers\mup.sys
01:41:17.0995 0x15d8  Mup - ok
01:41:18.0073 0x15d8  [ 2E6A752E8BB8FF39B5DFCCADD31F6C00, 15E3AEA935AB3A335621DB10C7337BC0865FEF24729063EBCDEC3BFB4F3C25B8 ] mvs91xx        C:\Windows\system32\DRIVERS\mvs91xx.sys
01:41:18.0088 0x15d8  mvs91xx - ok
01:41:18.0135 0x15d8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
01:41:18.0151 0x15d8  napagent - ok
01:41:18.0244 0x15d8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
01:41:18.0260 0x15d8  NativeWifiP - ok
01:41:18.0993 0x15d8  [ 1BBBF640BC0E0B750537BAECE8D66C18, 621C1130B0C48AA900D78097E1685507A614AA9953644972C572DE267B2A6348 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
01:41:19.0056 0x15d8  NAUpdate - ok
01:41:19.0711 0x15d8  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
01:41:19.0789 0x15d8  NDIS - ok
01:41:20.0163 0x15d8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
01:41:20.0163 0x15d8  NdisCap - ok
01:41:20.0319 0x15d8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
01:41:20.0319 0x15d8  NdisTapi - ok
01:41:20.0382 0x15d8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
01:41:20.0382 0x15d8  Ndisuio - ok
01:41:20.0428 0x15d8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
01:41:20.0444 0x15d8  NdisWan - ok
01:41:20.0506 0x15d8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
01:41:20.0506 0x15d8  NDProxy - ok
01:41:20.0569 0x15d8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
01:41:20.0569 0x15d8  NetBIOS - ok
01:41:20.0616 0x15d8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
01:41:20.0631 0x15d8  NetBT - ok
01:41:20.0709 0x15d8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\Windows\system32\lsass.exe
01:41:20.0709 0x15d8  Netlogon - ok
01:41:20.0990 0x15d8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
01:41:21.0021 0x15d8  Netman - ok
01:41:22.0082 0x15d8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:41:22.0098 0x15d8  NetMsmqActivator - ok
01:41:22.0160 0x15d8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:41:22.0160 0x15d8  NetPipeActivator - ok
01:41:22.0285 0x15d8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
01:41:22.0316 0x15d8  netprofm - ok
01:41:22.0316 0x15d8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:41:22.0316 0x15d8  NetTcpActivator - ok
01:41:22.0332 0x15d8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:41:22.0332 0x15d8  NetTcpPortSharing - ok
01:41:22.0378 0x15d8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
01:41:22.0378 0x15d8  nfrd960 - ok
01:41:22.0784 0x15d8  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
01:41:22.0924 0x15d8  NlaSvc - ok
01:41:22.0987 0x15d8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
01:41:22.0987 0x15d8  Npfs - ok
01:41:23.0065 0x15d8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi            C:\Windows\system32\nsisvc.dll
01:41:23.0080 0x15d8  nsi - ok
01:41:23.0143 0x15d8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
01:41:23.0143 0x15d8  nsiproxy - ok
01:41:23.0876 0x15d8  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
01:41:24.0562 0x15d8  Ntfs - ok
01:41:24.0578 0x15d8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
01:41:24.0594 0x15d8  Null - ok
01:41:24.0703 0x15d8  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
01:41:24.0703 0x15d8  NVHDA - ok
01:41:27.0636 0x15d8  [ 52B33E12FF8C9E219CAEC1BB4A5F5E4C, 5272178B39FEDB3F001249FE7C852787EFD715FC49BBAAE58158A189AFB8A337 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:41:27.0807 0x15d8  nvlddmkm - ok
01:41:29.0617 0x15d8  [ D2FE0376285A783693469422678E878B, 9F0B1A6694CA7BDAAA3B26BE1D344A3FC7B98162518A259C273360EFF075CD75 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
01:41:29.0835 0x15d8  NvNetworkService - ok
01:41:30.0132 0x15d8  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
01:41:30.0225 0x15d8  nvraid - ok
01:41:30.0319 0x15d8  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
01:41:30.0334 0x15d8  nvstor - ok
01:41:36.0871 0x15d8  [ 4F0E2990DB12849D428DE7B0AC5D92B9, 77A058EFFE07E46F0DFF419DC1C204C245598E6A6F6EDFF545802D9C1573EAA0 ] NvStreamSvc    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
01:41:37.0105 0x15d8  NvStreamSvc - ok
01:41:37.0760 0x15d8  [ 2B47EDD27365F9F5D8E87648BECF52C4, CADA4B19791441373580919FFF89623489C7A1737857760B96CC3F0A08DB8D59 ] NVSvc          C:\Windows\system32\nvvsvc.exe
01:41:37.0822 0x15d8  NVSvc - ok
01:41:37.0978 0x15d8  [ 939C0FAE9CC0CDD69E6508BDE4C11FE5, 1E82FF4A8797A0EC5DF0E54DE7F358542C73FFFBECADDF86ED66839182E3B55D ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
01:41:37.0978 0x15d8  nvvad_WaveExtensible - ok
01:41:37.0994 0x15d8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
01:41:38.0010 0x15d8  nv_agp - ok
01:41:38.0072 0x15d8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
01:41:38.0103 0x15d8  ohci1394 - ok
01:41:38.0197 0x15d8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
01:41:38.0259 0x15d8  p2pimsvc - ok
01:41:38.0400 0x15d8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
01:41:38.0462 0x15d8  p2psvc - ok
01:41:38.0774 0x15d8  [ 3A6DCEB1848470320E4A3C12D7A35B1C, B1BF8305CEC4F5AC250B8EC8C36B93F90E6DDD267AFAAF654A0D6AD555A7FA92 ] PAC207          C:\Windows\system32\DRIVERS\PFC027.SYS
01:41:38.0899 0x15d8  PAC207 - ok
01:41:44.0359 0x15d8  [ 04827DB3ED5A662386FFB77F2B0E60D1, A9769934BC7B7CFAEC0AA0F76334F939B675E4D34A238BC7F202FA8610992893 ] PaceLicenseDServices C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
01:41:45.0451 0x15d8  PaceLicenseDServices - ok
01:41:45.0544 0x15d8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport        C:\Windows\system32\drivers\parport.sys
01:41:45.0622 0x15d8  Parport - ok
01:41:45.0685 0x15d8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
01:41:45.0763 0x15d8  partmgr - ok
01:41:45.0950 0x15d8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
01:41:45.0966 0x15d8  PcaSvc - ok
01:41:46.0012 0x15d8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci            C:\Windows\system32\drivers\pci.sys
01:41:46.0028 0x15d8  pci - ok
01:41:46.0122 0x15d8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
01:41:46.0122 0x15d8  pciide - ok
01:41:46.0293 0x15d8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
01:41:46.0324 0x15d8  pcmcia - ok
01:41:46.0402 0x15d8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw            C:\Windows\system32\drivers\pcw.sys
01:41:46.0402 0x15d8  pcw - ok
01:41:46.0558 0x15d8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
01:41:46.0590 0x15d8  PEAUTH - ok
01:41:48.0524 0x15d8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
01:41:48.0571 0x15d8  PerfHost - ok
01:41:49.0070 0x15d8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla            C:\Windows\system32\pla.dll
01:41:49.0117 0x15d8  pla - ok
01:41:49.0351 0x15d8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
01:41:49.0600 0x15d8  PlugPlay - ok
01:41:49.0647 0x15d8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
01:41:49.0663 0x15d8  PNRPAutoReg - ok
01:41:49.0756 0x15d8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
01:41:49.0803 0x15d8  PNRPsvc - ok
01:41:50.0037 0x15d8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
01:41:50.0100 0x15d8  PolicyAgent - ok
01:41:50.0179 0x15d8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power          C:\Windows\system32\umpo.dll
01:41:50.0241 0x15d8  Power - ok
01:41:50.0475 0x15d8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
01:41:50.0506 0x15d8  PptpMiniport - ok
01:41:50.0553 0x15d8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor      C:\Windows\system32\drivers\processr.sys
01:41:50.0553 0x15d8  Processor - ok
01:41:50.0662 0x15d8  [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc        C:\Windows\system32\profsvc.dll
01:41:50.0693 0x15d8  ProfSvc - ok
01:41:50.0725 0x15d8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
01:41:50.0725 0x15d8  ProtectedStorage - ok
01:41:50.0834 0x15d8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
01:41:50.0849 0x15d8  Psched - ok
01:41:50.0943 0x15d8  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
01:41:50.0959 0x15d8  PxHlpa64 - ok
01:41:51.0302 0x15d8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
01:41:51.0349 0x15d8  ql2300 - ok
01:41:51.0395 0x15d8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
01:41:51.0395 0x15d8  ql40xx - ok
01:41:51.0442 0x15d8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE          C:\Windows\system32\qwave.dll
01:41:51.0520 0x15d8  QWAVE - ok
01:41:51.0536 0x15d8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
01:41:51.0536 0x15d8  QWAVEdrv - ok
01:41:51.0598 0x15d8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
01:41:51.0598 0x15d8  RasAcd - ok
01:41:51.0895 0x15d8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
01:41:51.0895 0x15d8  RasAgileVpn - ok
01:41:52.0113 0x15d8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto        C:\Windows\System32\rasauto.dll
01:41:52.0175 0x15d8  RasAuto - ok
01:41:52.0347 0x15d8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
01:41:52.0441 0x15d8  Rasl2tp - ok
01:41:52.0643 0x15d8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
01:41:52.0675 0x15d8  RasMan - ok
01:41:52.0737 0x15d8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
01:41:52.0753 0x15d8  RasPppoe - ok
01:41:52.0799 0x15d8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
01:41:52.0815 0x15d8  RasSstp - ok
01:41:52.0940 0x15d8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
01:41:52.0955 0x15d8  rdbss - ok
01:41:53.0049 0x15d8  [ 7B345FA8191172FB719C82417154058D, 0016B5C90FAF69CFEECE7C65E42C80FBA61A81CE235062B060A48883560C732D ] RDID1027        C:\Windows\system32\Drivers\rdwm1027.sys
01:41:53.0065 0x15d8  RDID1027 - ok
01:41:53.0221 0x15d8  [ 8CAE559304DCD091F60B276A88D2CEF6, 11D74B5B9DC215819C800C7A1AAC944AB304677D37557523CD04E9A684100974 ] RDID1136        C:\Windows\system32\Drivers\rdwm1136.sys
01:41:53.0236 0x15d8  RDID1136 - ok
01:41:53.0330 0x15d8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
01:41:53.0330 0x15d8  rdpbus - ok
01:41:53.0439 0x15d8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
01:41:53.0439 0x15d8  RDPCDD - ok
01:41:53.0626 0x15d8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
01:41:53.0642 0x15d8  RDPENCDD - ok
01:41:53.0813 0x15d8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
01:41:53.0813 0x15d8  RDPREFMP - ok
01:41:53.0954 0x15d8  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
01:41:53.0985 0x15d8  RDPWD - ok
01:41:54.0235 0x15d8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
01:41:54.0281 0x15d8  rdyboost - ok
01:41:54.0515 0x15d8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
01:41:54.0562 0x15d8  RemoteAccess - ok
01:41:54.0734 0x15d8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
01:41:54.0749 0x15d8  RemoteRegistry - ok
01:41:54.0781 0x15d8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
01:41:54.0796 0x15d8  RpcEptMapper - ok
01:41:54.0827 0x15d8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
01:41:54.0827 0x15d8  RpcLocator - ok
01:41:54.0921 0x15d8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs          C:\Windows\system32\rpcss.dll
01:41:54.0937 0x15d8  RpcSs - ok
01:41:55.0295 0x15d8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
01:41:55.0342 0x15d8  rspndr - ok
01:41:55.0373 0x15d8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs          C:\Windows\system32\lsass.exe
01:41:55.0373 0x15d8  SamSs - ok
01:41:55.0436 0x15d8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
01:41:55.0483 0x15d8  sbp2port - ok
01:41:55.0701 0x15d8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
01:41:55.0841 0x15d8  SCardSvr - ok
01:41:55.0951 0x15d8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
01:41:55.0951 0x15d8  scfilter - ok
01:41:56.0122 0x15d8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
01:41:56.0169 0x15d8  Schedule - ok
01:41:56.0231 0x15d8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc    C:\Windows\System32\certprop.dll
01:41:56.0231 0x15d8  SCPolicySvc - ok
01:41:56.0263 0x15d8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
01:41:56.0263 0x15d8  SDRSVC - ok
01:41:56.0325 0x15d8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
01:41:56.0325 0x15d8  secdrv - ok
01:41:56.0356 0x15d8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
01:41:56.0356 0x15d8  seclogon - ok
01:41:56.0793 0x15d8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
01:41:56.0902 0x15d8  SENS - ok
01:41:57.0027 0x15d8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
01:41:57.0074 0x15d8  SensrSvc - ok
01:41:57.0214 0x15d8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
01:41:57.0214 0x15d8  Serenum - ok
01:41:57.0448 0x15d8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
01:41:57.0526 0x15d8  Serial - ok
01:41:57.0589 0x15d8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
01:41:57.0589 0x15d8  sermouse - ok
01:41:57.0838 0x15d8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
01:41:57.0869 0x15d8  SessionEnv - ok
01:41:57.0979 0x15d8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
01:41:57.0979 0x15d8  sffdisk - ok
01:41:58.0025 0x15d8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
01:41:58.0025 0x15d8  sffp_mmc - ok
01:41:58.0103 0x15d8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
01:41:58.0103 0x15d8  sffp_sd - ok
01:41:58.0150 0x15d8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
01:41:58.0150 0x15d8  sfloppy - ok
01:41:58.0384 0x15d8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
01:41:58.0493 0x15d8  SharedAccess - ok
01:41:58.0727 0x15d8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:41:58.0774 0x15d8  ShellHWDetection - ok
01:41:58.0883 0x15d8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
01:41:58.0883 0x15d8  SiSRaid2 - ok
01:41:58.0930 0x15d8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
01:41:58.0961 0x15d8  SiSRaid4 - ok
01:41:59.0071 0x15d8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
01:41:59.0102 0x15d8  Smb - ok
01:41:59.0273 0x15d8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
01:41:59.0320 0x15d8  SNMPTRAP - ok
01:41:59.0351 0x15d8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr          C:\Windows\system32\drivers\spldr.sys
01:41:59.0351 0x15d8  spldr - ok
01:41:59.0632 0x15d8  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler        C:\Windows\System32\spoolsv.exe
01:41:59.0695 0x15d8  Spooler - ok
01:42:01.0738 0x15d8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
01:42:01.0879 0x15d8  sppsvc - ok
01:42:01.0910 0x15d8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
01:42:01.0957 0x15d8  sppuinotify - ok
01:42:02.0705 0x15d8  [ A6CFF1AF7664627A296B6A0A96CF876E, DAD7B09341ABAA7F26AB7F93BD2B910BD2BA6ECFD317C1BCB66FFEC332A655A0 ] sptd            C:\Windows\System32\Drivers\sptd.sys
01:42:02.0705 0x15d8  Suspicious file ( NoAccess ): C:\Windows\System32\Drivers\sptd.sys. md5: A6CFF1AF7664627A296B6A0A96CF876E, sha256: DAD7B09341ABAA7F26AB7F93BD2B910BD2BA6ECFD317C1BCB66FFEC332A655A0
01:42:02.0705 0x15d8  sptd - detected LockedFile.Multi.Generic ( 1 )
01:42:05.0638 0x15d8  Detect skipped due to KSN trusted
01:42:05.0638 0x15d8  sptd - ok
01:42:05.0825 0x15d8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv            C:\Windows\system32\DRIVERS\srv.sys
01:42:05.0872 0x15d8  srv - ok
01:42:06.0075 0x15d8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
01:42:06.0122 0x15d8  srv2 - ok
01:42:06.0200 0x15d8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
01:42:06.0387 0x15d8  srvnet - ok
01:42:06.0761 0x15d8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
01:42:06.0777 0x15d8  SSDPSRV - ok
01:42:06.0824 0x15d8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc        C:\Windows\system32\sstpsvc.dll
01:42:06.0855 0x15d8  SstpSvc - ok
01:42:07.0370 0x15d8  [ B5D2F4BF587FD60AF75B09EFC1AD0E0A, 2033D6DFCA7A48E338D94427AEC82DA761618D5D3AEB22E5A64427D2C2DB0350 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
01:42:07.0510 0x15d8  Stereo Service - ok
01:42:08.0103 0x15d8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
01:42:08.0431 0x15d8  stexstor - ok
01:42:09.0101 0x15d8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
01:42:09.0148 0x15d8  stisvc - ok
01:42:09.0601 0x15d8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
01:42:09.0601 0x15d8  swenum - ok
01:42:11.0145 0x15d8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv          C:\Windows\System32\swprv.dll
01:42:11.0270 0x15d8  swprv - ok
01:42:11.0691 0x15d8  [ BCB6AA197267D3506BE2535342FC40E0, 562154EEFEB433680C19CE07A1D0E1058977A25367775061544F2A66439F4400 ] SynUSB64        C:\Windows\system32\DRIVERS\SynUSB64.sys
01:42:11.0691 0x15d8  SynUSB64 - ok
01:42:13.0142 0x15d8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain        C:\Windows\system32\sysmain.dll
01:42:13.0251 0x15d8  SysMain - ok
01:42:13.0657 0x15d8  [ E17AF645AC601A82AE079CA854BB140F, D6BA9759BF834838F8F229CD92243268C87EC171BECE37C791D1508739F01CC4 ] t2usb64        C:\Windows\system32\drivers\t2usb64.sys
01:42:13.0719 0x15d8  t2usb64 - ok
01:42:14.0031 0x15d8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:42:14.0218 0x15d8  TabletInputService - ok
01:42:14.0795 0x15d8  [ 83C57F165F0216E5CE40D7E4E00DC76D, F3740283A5DB8EF69A6A2AC52D6506FBA5423C6548AAF3A272A13F9F582A2792 ] taphss6        C:\Windows\system32\DRIVERS\taphss6.sys
01:42:14.0795 0x15d8  taphss6 - ok
01:42:15.0622 0x15d8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv        C:\Windows\System32\tapisrv.dll
01:42:15.0638 0x15d8  TapiSrv - ok
01:42:15.0794 0x15d8  TBPanel - ok
01:42:16.0059 0x15d8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS            C:\Windows\System32\tbssvc.dll
01:42:16.0106 0x15d8  TBS - ok
01:42:16.0777 0x15d8  [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
01:42:17.0338 0x15d8  Tcpip - ok
01:42:18.0399 0x15d8  [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
01:42:18.0415 0x15d8  TCPIP6 - ok
01:42:18.0477 0x15d8  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
01:42:18.0477 0x15d8  tcpipreg - ok
01:42:18.0508 0x15d8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
01:42:18.0508 0x15d8  TDPIPE - ok
01:42:18.0602 0x15d8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
01:42:18.0602 0x15d8  TDTCP - ok
01:42:18.0649 0x15d8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
01:42:18.0914 0x15d8  tdx - ok
01:42:19.0039 0x15d8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
01:42:19.0039 0x15d8  TermDD - ok
01:42:19.0319 0x15d8  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService    C:\Windows\System32\termsrv.dll
01:42:19.0351 0x15d8  TermService - ok
01:42:19.0382 0x15d8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
01:42:19.0397 0x15d8  Themes - ok
01:42:19.0444 0x15d8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER    C:\Windows\system32\mmcss.dll
01:42:19.0444 0x15d8  THREADORDER - ok
01:42:19.0709 0x15d8  [ D154DD00C8F12D94C9CC94027356B6E4, 501026564147DC43D0764521816B8D20576DA8F5D9DB0D2D8D3A16AA48A534A3 ] Tpkd            C:\Windows\system32\drivers\Tpkd.sys
01:42:19.0709 0x15d8  Tpkd - ok
01:42:19.0803 0x15d8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
01:42:19.0834 0x15d8  TrkWks - ok
01:42:19.0975 0x15d8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:42:20.0021 0x15d8  TrustedInstaller - ok
01:42:20.0084 0x15d8  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
01:42:20.0084 0x15d8  tssecsrv - ok
01:42:20.0162 0x15d8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
01:42:20.0177 0x15d8  TsUsbFlt - ok
01:42:20.0193 0x15d8  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
01:42:20.0193 0x15d8  TsUsbGD - ok
01:42:20.0287 0x15d8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
01:42:20.0302 0x15d8  tunnel - ok
01:42:20.0552 0x15d8  [ B7EE72B9A431F6497377D255A3552B65, 5BA8FD28ABB1D4C01C0EA98C817C26F0FBC172E5CC8EE57E0C7E50CCD1AAFC2E ] UAD2Pcie        C:\Windows\system32\DRIVERS\UAD2Pcie.sys
01:42:20.0552 0x15d8  UAD2Pcie - ok
01:42:20.0692 0x15d8  [ 6C707ACAD9F35EA16FA069E1EC33A9B9, EB8CD98E0F9EEC1651886FFDBE817B1950B38B032DAE8247AF25D8036D9FED2C ] UAD2System      C:\Windows\system32\DRIVERS\UAD2System.sys
01:42:20.0739 0x15d8  UAD2System - ok
01:42:20.0786 0x15d8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
01:42:20.0786 0x15d8  uagp35 - ok
01:42:21.0129 0x15d8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
01:42:21.0145 0x15d8  udfs - ok
01:42:21.0238 0x15d8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect      C:\Windows\system32\UI0Detect.exe
01:42:21.0269 0x15d8  UI0Detect - ok
01:42:21.0301 0x15d8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
01:42:21.0301 0x15d8  uliagpkx - ok
01:42:21.0394 0x15d8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
01:42:21.0394 0x15d8  umbus - ok
01:42:21.0566 0x15d8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
01:42:21.0566 0x15d8  UmPass - ok
01:42:22.0829 0x15d8  [ CD114CE02A10FA79C229770788106842, A02E0FE0865CE7E14D27F23CE748F5EFBE3F14CA350B0F26623E174227F30643 ] UNS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
01:42:23.0391 0x15d8  UNS - ok
01:42:23.0609 0x15d8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
01:42:23.0703 0x15d8  upnphost - ok
01:42:23.0843 0x15d8  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64      C:\Windows\system32\Drivers\usbaapl64.sys
01:42:23.0843 0x15d8  USBAAPL64 - ok
01:42:23.0968 0x15d8  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
01:42:24.0140 0x15d8  usbccgp - ok
01:42:24.0187 0x15d8  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
01:42:24.0218 0x15d8  usbcir - ok
01:42:24.0311 0x15d8  [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
01:42:24.0311 0x15d8  usbehci - ok
01:42:24.0436 0x15d8  [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
01:42:24.0467 0x15d8  usbhub - ok
01:42:24.0499 0x15d8  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci        C:\Windows\system32\drivers\usbohci.sys
01:42:24.0499 0x15d8  usbohci - ok
01:42:24.0717 0x15d8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
01:42:24.0717 0x15d8  usbprint - ok
01:42:24.0857 0x15d8  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan        C:\Windows\system32\DRIVERS\usbscan.sys
01:42:24.0857 0x15d8  usbscan - ok
01:42:24.0889 0x15d8  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:42:24.0920 0x15d8  USBSTOR - ok
01:42:24.0982 0x15d8  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
01:42:24.0982 0x15d8  usbuhci - ok
01:42:25.0060 0x15d8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms          C:\Windows\System32\uxsms.dll
01:42:25.0216 0x15d8  UxSms - ok
01:42:25.0310 0x15d8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\Windows\system32\lsass.exe
01:42:25.0310 0x15d8  VaultSvc - ok
01:42:25.0747 0x15d8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
01:42:25.0747 0x15d8  vdrvroot - ok
01:42:26.0979 0x15d8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds            C:\Windows\System32\vds.exe
01:42:27.0151 0x15d8  vds - ok
01:42:27.0275 0x15d8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
01:42:27.0275 0x15d8  vga - ok
01:42:27.0307 0x15d8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave        C:\Windows\System32\drivers\vga.sys
01:42:27.0307 0x15d8  VgaSave - ok
01:42:27.0369 0x15d8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
01:42:27.0385 0x15d8  vhdmp - ok
01:42:27.0416 0x15d8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
01:42:27.0431 0x15d8  viaide - ok
01:42:27.0619 0x15d8  [ D0D020B81BD4D646FE14890F3E597DD2, DC398830989BCE3A6B7A265EF9D01D64A1B10DF2AB0173A08D357648EA1B6F0C ] VirtuWDDM      C:\Windows\system32\DRIVERS\VirtuWDDM.sys
01:42:27.0619 0x15d8  VirtuWDDM - ok
01:42:27.0681 0x15d8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
01:42:27.0697 0x15d8  volmgr - ok
01:42:27.0899 0x15d8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
01:42:27.0915 0x15d8  volmgrx - ok
01:42:28.0055 0x15d8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap        C:\Windows\system32\drivers\volsnap.sys
01:42:28.0071 0x15d8  volsnap - ok
01:42:28.0211 0x15d8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
01:42:28.0243 0x15d8  vsmraid - ok
01:42:29.0163 0x15d8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS            C:\Windows\system32\vssvc.exe
01:42:29.0210 0x15d8  VSS - ok
01:42:30.0754 0x15d8  [ 7451065A6047CBF7332EB76F5ED5F362, 5ED16BE16EE8AAA99E7E22FF52174FC1D818535E5FD984FAA1A5A25B91936335 ] vToolbarUpdater18.1.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
01:42:31.0144 0x15d8  vToolbarUpdater18.1.0 - ok
01:42:31.0285 0x15d8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
01:42:31.0285 0x15d8  vwifibus - ok
01:42:31.0534 0x15d8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time        C:\Windows\system32\w32time.dll
01:42:31.0550 0x15d8  W32Time - ok
01:42:31.0581 0x15d8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
01:42:31.0581 0x15d8  WacomPen - ok
01:42:32.0002 0x15d8  [ A658A05B955F02961F33784FFE6EB001, FB7D0E82D22858AF111B0C81788307310A15EA9A35BCDB14D6450B950D763F0A ] WajamUpdaterV2  C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV2.exe
01:42:32.0065 0x15d8  WajamUpdaterV2 - ok
01:42:32.0174 0x15d8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
01:42:32.0189 0x15d8  WANARP - ok
01:42:32.0221 0x15d8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
01:42:32.0221 0x15d8  Wanarpv6 - ok
01:42:33.0094 0x15d8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
01:42:33.0172 0x15d8  wbengine - ok
01:42:33.0281 0x15d8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
01:42:33.0359 0x15d8  WbioSrvc - ok
01:42:33.0469 0x15d8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
01:42:33.0500 0x15d8  wcncsvc - ok
01:42:33.0562 0x15d8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:42:33.0578 0x15d8  WcsPlugInService - ok
01:42:33.0718 0x15d8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
01:42:33.0718 0x15d8  Wd - ok
01:42:33.0905 0x15d8  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
01:42:33.0921 0x15d8  Wdf01000 - ok
01:42:34.0030 0x15d8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
01:42:34.0061 0x15d8  WdiServiceHost - ok
01:42:34.0171 0x15d8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost  C:\Windows\system32\wdi.dll
01:42:34.0171 0x15d8  WdiSystemHost - ok
01:42:34.0280 0x15d8  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient      C:\Windows\System32\webclnt.dll
01:42:34.0342 0x15d8  WebClient - ok
01:42:34.0420 0x15d8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
01:42:34.0997 0x15d8  Wecsvc - ok
01:42:35.0044 0x15d8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
01:42:35.0044 0x15d8  wercplsupport - ok
01:42:35.0122 0x15d8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
01:42:35.0138 0x15d8  WerSvc - ok
01:42:35.0216 0x15d8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
01:42:35.0216 0x15d8  WfpLwf - ok
01:42:35.0231 0x15d8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
01:42:35.0231 0x15d8  WIMMount - ok
01:42:35.0325 0x15d8  WinDefend - ok
01:42:35.0481 0x15d8  WinHttpAutoProxySvc - ok
01:42:35.0637 0x15d8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
01:42:35.0653 0x15d8  Winmgmt - ok
01:42:36.0199 0x15d8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM          C:\Windows\system32\WsmSvc.dll
01:42:36.0386 0x15d8  WinRM - ok
01:42:37.0072 0x15d8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
01:42:37.0072 0x15d8  WinUsb - ok
01:42:38.0117 0x15d8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc        C:\Windows\System32\wlansvc.dll
01:42:38.0305 0x15d8  Wlansvc - ok
01:42:40.0317 0x15d8  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:42:40.0348 0x15d8  wlidsvc - ok
01:42:40.0489 0x15d8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi        C:\Windows\system32\DRIVERS\wmiacpi.sys
01:42:40.0489 0x15d8  WmiAcpi - ok
01:42:40.0629 0x15d8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
01:42:40.0645 0x15d8  wmiApSrv - ok
01:42:40.0676 0x15d8  WMPNetworkSvc - ok
01:42:40.0691 0x15d8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
01:42:40.0691 0x15d8  WPCSvc - ok
01:42:40.0707 0x15d8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
01:42:40.0988 0x15d8  WPDBusEnum - ok
01:42:41.0347 0x15d8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
01:42:41.0347 0x15d8  ws2ifsl - ok
01:42:41.0456 0x15d8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
01:42:41.0456 0x15d8  wscsvc - ok
01:42:41.0456 0x15d8  WSearch - ok
01:42:41.0549 0x15d8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
01:42:41.0612 0x15d8  wuauserv - ok
01:42:41.0627 0x15d8  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
01:42:41.0627 0x15d8  WudfPf - ok
01:42:41.0643 0x15d8  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
01:42:41.0659 0x15d8  WUDFRd - ok
01:42:41.0690 0x15d8  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
01:42:41.0690 0x15d8  wudfsvc - ok
01:42:41.0737 0x15d8  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc        C:\Windows\System32\wwansvc.dll
01:42:41.0752 0x15d8  WwanSvc - ok
01:42:41.0799 0x15d8  [ 4163E0947EDF6FD289B2F4D8EA88C8CC, 02930D759BE2083BA107D27AF93A6DE4CE8207EAA80E0545E9CEE2CC86523062 ] YFWBUS          C:\Windows\system32\Drivers\yfwbus.sys
01:42:41.0799 0x15d8  YFWBUS - ok
01:42:41.0815 0x15d8  ================ Scan global ===============================
01:42:41.0846 0x15d8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
01:42:41.0877 0x15d8  [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
01:42:41.0908 0x15d8  [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
01:42:41.0939 0x15d8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
01:42:41.0955 0x15d8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
01:42:41.0971 0x15d8  [ Global ] - ok
01:42:41.0971 0x15d8  ================ Scan MBR ==================================
01:42:41.0971 0x15d8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
01:42:41.0971 0x15d8  \Device\Harddisk1\DR1 - ok
01:42:41.0971 0x15d8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:42:42.0111 0x15d8  \Device\Harddisk0\DR0 - ok
01:42:42.0173 0x15d8  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk2\DR2
01:42:50.0722 0x15d8  \Device\Harddisk2\DR2 - ok
01:42:50.0722 0x15d8  ================ Scan VBR ==================================
01:42:50.0722 0x15d8  [ E35AE99CF72DFDFD7F0EA84B3B5AD25D ] \Device\Harddisk1\DR1\Partition1
01:42:50.0722 0x15d8  \Device\Harddisk1\DR1\Partition1 - ok
01:42:50.0722 0x15d8  [ 5AF4C6BDD59410DD3C7D5AC462C1B7DD ] \Device\Harddisk0\DR0\Partition1
01:42:50.0738 0x15d8  \Device\Harddisk0\DR0\Partition1 - ok
01:42:50.0738 0x15d8  [ 97A9296F9320F19D76F238BAFDB9E07F ] \Device\Harddisk2\DR2\Partition1
01:42:50.0925 0x15d8  \Device\Harddisk2\DR2\Partition1 - ok
01:42:51.0206 0x15d8  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\wmiav.exe ( 12.0.0.374 ), 0x41000 ( enabled : updated )
01:42:51.0222 0x15d8  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\wmifw.exe ( 12.0.0.374 ), 0x41010 ( enabled )
01:42:53.0998 0x15d8  ============================================================
01:42:53.0998 0x15d8  Scan finished
01:42:53.0998 0x15d8  ============================================================
01:42:53.0998 0x1428  Detected object count: 0
01:42:53.0998 0x1428  Actual detected object count: 0

KASPERSKY LOG:

Code:
Typ: Adware (1)       
not-a-virus:AdWare.Win32.Agent.aiyc        Inaktiv        19.05.2014 19:38:43       
Typ: Schwachstelle (8)       
hxxp://redirect.kaspersky.com/?hl=de-DE&target=securelist&rpe=1&function=advisories&VN=41126        Nicht gefunden        21.05.2014 00:22:44       
hxxp://redirect.kaspersky.com/?hl=de-DE&target=securelist&rpe=1&function=advisories&VN=41126        Nicht gefunden        21.05.2014 00:22:44       
hxxp://redirect.kaspersky.com/?hl=de-DE&target=securelist&rpe=1&function=advisories&VN=47118        Nicht gefunden        21.05.2014 00:22:44       
hxxp://redirect.kaspersky.com/?hl=de-DE&target=securelist&rpe=1&function=advisories&VN=47118        Nicht gefunden        21.05.2014 00:22:44       
hxxp://redirect.kaspersky.com/?hl=de-DE&target=securelist&rpe=1&function=advisories&VN=47118        Nicht gefunden        21.05.2014 00:22:44       
hxxp://redirect.kaspersky.com/?hl=de-DE&target=securelist&rpe=1&function=advisories&VN=48457        Nicht gefunden        21.05.2014 00:22:44       
hxxp://redirect.kaspersky.com/?hl=de-DE&target=securelist&rpe=1&function=advisories&VN=48457        Nicht gefunden        21.05.2014 00:22:44       
hxxp://redirect.kaspersky.com/?hl=de-DE&target=securelist&rpe=1&function=advisories&VN=57932        Inaktiv        21.05.2014 01:51:59       
Typ: Phishing-Link (1)       
Schädlicher Link        Inaktiv        21.05.2014 02:06:08
Jetzt habe ich herausgefunden, dass die ganzen Dateien die nicht mehr auf meinem Desktop angezeigt werden, doch unter

C:// - Benutzer - Rafa (schreibgeschützt) - Desktop vorhanden sind!

(habe sie jetzt erstmal auf meine andere Festplatte gesichert)



So habe jetzt nochmal über die Nacht meinen Kaspersky (vollständig Scannen) lassen.Und er hat tatsächlich Schädliche Stellen gefunden...habe diese gelöscht

Trotzdem ist alles beim alten:(

LOG:

Code:
Datum: Heute (14)       
hxxp://redirect.kaspersky.com/?hl=de-DE&target=securelist&rpe=1&function=advisories&VN=57932        Inaktiv        21.05.2014 10:34:36       
not-a-virus:AdWare.Win32.Agent.aiyc        Gelöscht        21.05.2014 10:31:45       
not-a-virus:AdWare.Win32.Agent.aiyc        Gelöscht        21.05.2014 10:31:45       
not-a-virus:AdWare.MSIL.DomaIQ.blky        Nicht gefunden        21.05.2014 10:30:50       
not-a-virus:AdWare.MSIL.DomaIQ.blky        Nicht gefunden        21.05.2014 10:29:59       
not-a-virus:AdWare.MSIL.DomaIQ.blky        Gelöscht        21.05.2014 10:29:41       
not-a-virus:AdWare.MSIL.DomaIQ.blky        Gelöscht        21.05.2014 10:29:41       
not-a-virus:AdWare.MSIL.DomaIQ.blky        Gelöscht        21.05.2014 10:29:41       
not-a-virus:HEUR:Downloader.NSIS.Mazel.a        Nicht gefunden        21.05.2014 10:29:13       
not-a-virus:HEUR:Downloader.NSIS.Mazel.a        Nicht gefunden        21.05.2014 10:29:10       
not-a-virus:HEUR:Downloader.NSIS.Mazel.a        Gelöscht        21.05.2014 10:29:08       
not-a-virus:HEUR:Downloader.NSIS.Mazel.a        Gelöscht        21.05.2014 10:29:07       
not-a-virus:AdWare.MSIL.DomaIQ.blky        Nicht definiert        21.05.2014 10:25:16       
Schädlicher Link        Inaktiv        21.05.2014 02:06:08       
Datum: Montag (1)       
not-a-virus:AdWare.Win32.Agent.aiyc        Inaktiv        19.05.2014 19:38:43

cosinus 21.05.2014 11:40
Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Rafau2012 21.05.2014 14:12
Danke :)

hier FRST LOG:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by Rafa (administrator) on RAFA-PC on 21-05-2014 15:12:27
Running from C:\Windows\System32\config\systemprofile\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\System32\GManager.exe
() C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Users\Rafa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtblfs.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mischel Internet Security) C:\Program Files (x86)\TrojanHunter 5.5\TrojanHunter.exe
(Mischel Internet Security) C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [VIRTU] => C:\Program Files\Lucidlogix Technologies\VIRTU\VirtuControlPanel.Exe [2619488 2011-04-21] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [MCTDUtil] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [FDispPos] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [FirefaceUsbTray1] => C:\Windows\system32\firefaceusb.exe [98304 2014-04-17] (RME)
HKLM\...\Run: [FirefaceMixTray2] => C:\Windows\system32\TotalMixFX.exe [22900440 2014-04-17] (RME)
HKLM-x32\...\Run: [XFastUsb] => C:\Program Files (x86)\XFastUsb\XFastUsb.exe [4942336 2011-08-30] (FNet Co., Ltd.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SiteRanker] => C:\Program Files (x86)\SiteRanker\SiteRankTray.exe [320000 2011-09-12] (Crawler, LLC)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2012-05-23] (RealNetworks, Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SearchSettings] => C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [1111432 2012-10-16] (Spigot, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UATrayIcon] => C:\Program Files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe [1404928 2013-10-03] (Universal Audio, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2557976 2014-04-27] ()
HKLM-x32\...\Run: [yfwtray] => C:\Program Files (x86)\Yamaha\FWDriver\yfwtray.exe [110592 2008-03-06] (Yamaha Corporation)
HKLM-x32\...\Run: [yfwcm] => C:\Program Files (x86)\Yamaha\FWDriver\yfwcm.exe [557056 2009-05-27] (Yamaha Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [THGuard] => C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe [1086880 2012-10-23] (Mischel Internet Security)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [183376 2014-05-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-09] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs:  C:\PROGRA~1\LUCIDL~1\VIRTU\APPINI~1.DLL => C:\Program Files\Lucidlogix Technologies\VIRTU\appinit_dll.dll [183904 2011-04-21] (Lucidlogix Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
AppInit_DLLs-x32:  c:\progra~1\lucidl~1\virtu\x86\appini~1.dll => C:\Program Files\Lucidlogix Technologies\VIRTU\x86\appinit_dll.dll [154208 2011-04-21] (Lucidlogix Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDFF5A8A96A74CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282722&CUI=UN39931830821762422
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: No Name - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files (x86)\SiteRanker\SiteRank.dll (Crawler, LLC)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll No File
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll No File
BHO-x32: No Name - {B922D405-6D13-4A2B-AE89-08A030DA4402} -  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Astroburn Toolbar - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKLM-x32 - No Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -  No File
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll (AVG Secure Search)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 83.169.186.161 83.169.186.225

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.666 - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-09-19]
FF HKLM-x32\...\Firefox\Extensions: [siteranker@siteranker.com] - C:\Program Files (x86)\SiteRanker\firefox\
FF Extension: SiteRanker - C:\Program Files (x86)\SiteRanker\firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-09-19]
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012-06-09]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012-06-09]
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012-06-09]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.0.443
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.0.443 [2014-04-27]

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [123984 2014-05-14] (Avira Operations GmbH & Co. KG)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
R2 GManager; C:\Windows\system32\GManager.exe [313432 2012-08-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MCTDesktopSvr; C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe [199296 2011-05-03] ()
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [1801240 2014-04-27] (AVG Secure Search)
R2 WajamUpdaterV2; C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV2.exe [113152 2013-10-10] (Wajam)
S2 CltMngSvc; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-04-27] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
S3 Cardex; C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [15648 2007-03-16] (Windows (R) Server 2003 DDK provider)
S3 firefaceu64; C:\Windows\System32\drivers\fireface_usb_64.sys [101504 2014-04-17] (RME)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2011-08-31] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2011-08-30] (FNet Co., Ltd.)
R3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25808 2013-04-11] ()
R3 iLokDrvr; C:\Windows\SysWOW64\DRIVERS\iLokDrvr.sys [54256 2008-09-08] (PACE Anti-Piracy, Inc.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-30] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 mctkmd; C:\Windows\system32\drivers\mctkmd64.sys [146712 2013-03-11] (Magic Control Technology Corporation)
R0 mctkmdldr; C:\Windows\System32\drivers\mctkmdldr64.sys [19584 2011-04-08] (Magic Control Technology Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R3 RDID1027; C:\Windows\System32\Drivers\rdwm1027.sys [81920 2009-09-18] (Roland Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2011-12-23] ()
R3 SynUSB64; C:\Windows\System32\DRIVERS\SynUSB64.sys [30352 2009-06-26] (Steinberg Media Technologies GmbH)
S3 t2usb64; C:\Windows\System32\drivers\t2usb64.sys [428664 2013-03-29] (Magic Control Technology Corp.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 TBPanel; No ImagePath
R3 UAD2Pcie; C:\Windows\System32\DRIVERS\UAD2Pcie.sys [47616 2013-10-03] (Universal Audio Inc.)
R3 UAD2System; C:\Windows\System32\DRIVERS\UAD2System.sys [89088 2013-10-03] (Universal Audio Inc.)
R3 YFWBUS; C:\Windows\System32\Drivers\yfwbus.sys [228096 2013-09-12] (Yamaha Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-21 15:12 - 2014-05-21 15:12 - 00023921 _____ () C:\Windows\system32\config\systemprofile\Desktop\FRST.txt
2014-05-21 15:12 - 2014-05-21 15:12 - 00000000 ____D () C:\FRST
2014-05-21 15:11 - 2014-05-21 15:11 - 02067456 _____ (Farbar) C:\Windows\system32\config\systemprofile\Desktop\FRST64.exe
2014-05-21 11:06 - 2014-05-09 11:16 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-21 11:06 - 2014-05-09 11:16 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-21 11:06 - 2014-05-09 11:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-05-21 11:05 - 2014-05-21 11:06 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-21 10:57 - 2014-05-21 10:58 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.5
2014-05-21 10:57 - 2014-05-21 10:57 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll
2014-05-21 10:52 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-21 10:52 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-21 10:52 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-21 10:43 - 2014-05-21 10:43 - 00001131 _____ () C:\Windows\system32\config\systemprofile\Desktop\Gefundene Stellen.txt
2014-05-21 10:39 - 2014-05-21 10:39 - 00331215 _____ () C:\Windows\system32\config\systemprofile\Desktop\Vollständige Dursuchung.txt
2014-05-21 02:36 - 2014-05-21 02:13 - 00001214 _____ () C:\Windows\system32\config\systemprofile\Desktop\Kaspersky.txt
2014-05-21 02:23 - 2014-05-21 02:23 - 00000127 _____ () C:\Windows\system32\config\systemprofile\Desktop\Neues Textdokument (2).txt
2014-05-21 02:21 - 2014-05-21 02:21 - 00602112 _____ (OldTimer Tools) C:\Windows\system32\config\systemprofile\Desktop\OTL.exe
2014-05-21 01:48 - 2014-05-21 01:48 - 00001061 _____ () C:\OpenOffice.org 3.4.1.lnk
2014-05-21 01:26 - 2014-05-21 12:02 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-21 01:20 - 2014-05-21 10:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-21 01:03 - 2014-05-21 01:03 - 00000000 ____D () C:\Windows\system32\config\systemprofile\Desktop\mbam-chameleon-1.62.1.1000
2014-05-21 00:25 - 2014-05-21 00:24 - 00398752 _____ (Bleeping Computer, LLC) C:\Windows\system32\config\systemprofile\Desktop\unhide.exe
2014-05-20 23:28 - 2014-05-20 23:28 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-05-20 22:56 - 2014-05-21 14:47 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-20 22:55 - 2014-05-20 22:54 - 12589848 _____ (Malwarebytes Corp.) C:\Windows\system32\config\systemprofile\Desktop\mbar-1.07.0.1009.exe
2014-05-20 22:41 - 2014-05-20 23:13 - 00000000 ____D () C:\Windows\system32\config\systemprofile\Desktop\TDSSKiller
2014-05-20 22:39 - 2014-05-20 22:39 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\WinRAR
2014-05-20 22:23 - 2014-05-20 22:23 - 00158416 _____ () C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-20 22:22 - 2014-05-21 00:00 - 00000000 ____D () C:\Windows\SysWOW64\cache
2014-05-20 22:22 - 2014-05-20 22:23 - 00000000 ____D () C:\Windows\system32\config\systemprofile\lucidlogix
2014-05-20 22:22 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\SysWOW64\%LOCALAPPDATA%
2014-05-20 22:18 - 2014-05-20 23:46 - 00001451 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-20 22:18 - 2014-05-20 23:46 - 00001417 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-20 22:18 - 2014-05-20 22:18 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 22:17 - 2014-05-20 23:46 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-20 22:17 - 2014-05-20 23:46 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 17:03 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Vintage Amp Room
2014-05-14 17:00 - 2009-11-05 09:50 - 09535488 _____ (Softube) C:\Program Files (x86)\Tube Delay.dll
2014-05-14 16:53 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Softube
2014-05-11 20:01 - 2014-05-11 20:01 - 00003209 _____ () C:\Windows\SysWOW64\adorage-protocol.txt
2014-05-11 20:01 - 2014-05-11 20:01 - 00003058 _____ () C:\Windows\SysWOW64\heroglyph-protocol.txt
2014-05-11 20:01 - 2011-11-29 12:00 - 00955336 _____ (proDAD GmbH) C:\uninstall.exe
2014-05-11 19:05 - 2014-05-21 02:53 - 00000000 ____D () C:\Program Files (x86)\GenArts
2014-05-11 19:05 - 2014-05-11 19:05 - 00000098 _____ () C:\Windows\MSUTIL.INI
2014-05-08 19:33 - 2014-05-08 18:58 - 00000426 _____ () C:\AVScanner.ini
2014-05-08 19:08 - 2014-05-08 19:08 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\McAfee
2014-05-07 18:49 - 2014-05-07 18:49 - 00000000 ____D () C:\Program Files (x86)\Yamaha

==================== One Month Modified Files and Folders =======

2014-05-21 15:12 - 2014-05-21 15:12 - 00023921 _____ () C:\Windows\system32\config\systemprofile\Desktop\FRST.txt
2014-05-21 15:12 - 2014-05-21 15:12 - 00000000 ____D () C:\FRST
2014-05-21 15:11 - 2014-05-21 15:11 - 02067456 _____ (Farbar) C:\Windows\system32\config\systemprofile\Desktop\FRST64.exe
2014-05-21 15:11 - 2013-01-26 14:44 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-21 14:47 - 2014-05-20 22:56 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-21 12:02 - 2014-05-21 01:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-21 11:06 - 2014-05-21 11:05 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-21 11:06 - 2011-08-30 19:00 - 01462644 _____ () C:\Windows\WindowsUpdate.log
2014-05-21 11:04 - 2011-09-05 18:32 - 00000000 ____D () C:\Program Files (x86)\DealPly
2014-05-21 10:59 - 2014-05-21 01:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-21 10:58 - 2014-05-21 10:57 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.5
2014-05-21 10:57 - 2014-05-21 10:57 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll
2014-05-21 10:53 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-21 10:53 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-21 10:50 - 2011-04-12 09:43 - 06502838 _____ () C:\Windows\system32\perfh007.dat
2014-05-21 10:50 - 2011-04-12 09:43 - 01958646 _____ () C:\Windows\system32\perfc007.dat
2014-05-21 10:50 - 2009-07-14 07:13 - 00006216 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-21 10:45 - 2013-01-26 14:44 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-21 10:45 - 2009-07-14 06:51 - 00330828 _____ () C:\Windows\setupact.log
2014-05-21 10:44 - 2013-08-26 22:04 - 00002812 _____ () C:\Windows\system32\GManager.ini
2014-05-21 10:44 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-21 10:43 - 2014-05-21 10:43 - 00001131 _____ () C:\Windows\system32\config\systemprofile\Desktop\Gefundene Stellen.txt
2014-05-21 10:39 - 2014-05-21 10:39 - 00331215 _____ () C:\Windows\system32\config\systemprofile\Desktop\Vollständige Dursuchung.txt
2014-05-21 02:56 - 2011-11-03 19:04 - 00000286 _____ () C:\Windows\TWAIN.LOG
2014-05-21 02:56 - 2011-11-03 19:04 - 00000156 _____ () C:\Windows\Twunk001.MTX
2014-05-21 02:56 - 2011-11-03 19:04 - 00000005 _____ () C:\Windows\Twain001.Mtx
2014-05-21 02:55 - 2011-11-03 23:54 - 00000000 ____D () C:\Program Files\RdDrv001
2014-05-21 02:55 - 2010-11-21 05:47 - 00277366 _____ () C:\Windows\PFRO.log
2014-05-21 02:53 - 2014-05-11 19:05 - 00000000 ____D () C:\Program Files (x86)\GenArts
2014-05-21 02:23 - 2014-05-21 02:23 - 00000127 _____ () C:\Windows\system32\config\systemprofile\Desktop\Neues Textdokument (2).txt
2014-05-21 02:21 - 2014-05-21 02:21 - 00602112 _____ (OldTimer Tools) C:\Windows\system32\config\systemprofile\Desktop\OTL.exe
2014-05-21 02:13 - 2014-05-21 02:36 - 00001214 _____ () C:\Windows\system32\config\systemprofile\Desktop\Kaspersky.txt
2014-05-21 01:48 - 2014-05-21 01:48 - 00001061 _____ () C:\OpenOffice.org 3.4.1.lnk
2014-05-21 01:03 - 2014-05-21 01:03 - 00000000 ____D () C:\Windows\system32\config\systemprofile\Desktop\mbam-chameleon-1.62.1.1000
2014-05-21 00:24 - 2014-05-21 00:25 - 00398752 _____ (Bleeping Computer, LLC) C:\Windows\system32\config\systemprofile\Desktop\unhide.exe
2014-05-21 00:00 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\SysWOW64\cache
2014-05-20 23:46 - 2014-05-20 22:18 - 00001451 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-20 23:46 - 2014-05-20 22:18 - 00001417 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-20 23:46 - 2014-05-20 22:17 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-20 23:46 - 2014-05-20 22:17 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 23:42 - 2011-10-04 02:10 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-20 23:42 - 2011-10-04 02:10 - 00000000 ____D () C:\Program Files\Adobe
2014-05-20 23:41 - 2011-08-30 21:28 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-20 23:28 - 2014-05-20 23:28 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-05-20 23:13 - 2014-05-20 22:41 - 00000000 ____D () C:\Windows\system32\config\systemprofile\Desktop\TDSSKiller
2014-05-20 22:54 - 2014-05-20 22:55 - 12589848 _____ (Malwarebytes Corp.) C:\Windows\system32\config\systemprofile\Desktop\mbar-1.07.0.1009.exe
2014-05-20 22:39 - 2014-05-20 22:39 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\WinRAR
2014-05-20 22:23 - 2014-05-20 22:23 - 00158416 _____ () C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-20 22:23 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\system32\config\systemprofile\lucidlogix
2014-05-20 22:22 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\SysWOW64\%LOCALAPPDATA%
2014-05-20 22:22 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-20 22:18 - 2014-05-20 22:18 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-19 15:42 - 2013-06-13 10:28 - 00000000 ____D () C:\Program Files (x86)\iZotope
2014-05-19 15:41 - 2011-09-05 23:53 - 00000000 ____D () C:\Program Files (x86)\Vstplugins
2014-05-19 15:08 - 2012-02-05 22:23 - 00000000 ____D () C:\Program Files\Common Files\Digidesign
2014-05-14 17:03 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Vintage Amp Room
2014-05-14 17:03 - 2014-05-14 16:53 - 00000000 ____D () C:\Program Files (x86)\Softube
2014-05-13 08:23 - 2009-07-14 06:45 - 05338400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-11 20:01 - 2014-05-11 20:01 - 00003209 _____ () C:\Windows\SysWOW64\adorage-protocol.txt
2014-05-11 20:01 - 2014-05-11 20:01 - 00003058 _____ () C:\Windows\SysWOW64\heroglyph-protocol.txt
2014-05-11 19:05 - 2014-05-11 19:05 - 00000098 _____ () C:\Windows\MSUTIL.INI
2014-05-11 13:56 - 2011-09-03 22:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-05-09 11:16 - 2014-05-21 11:06 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-09 11:16 - 2014-05-21 11:06 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-09 11:16 - 2014-05-21 11:06 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-05-08 19:08 - 2014-05-08 19:08 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\McAfee
2014-05-08 18:58 - 2014-05-08 19:33 - 00000426 _____ () C:\AVScanner.ini
2014-05-08 00:06 - 2013-01-26 14:44 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 00:06 - 2013-01-26 14:44 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 18:49 - 2014-05-07 18:49 - 00000000 ____D () C:\Program Files (x86)\Yamaha
2014-05-07 18:49 - 2011-08-30 21:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-27 13:16 - 2014-03-26 02:34 - 00000000 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-04-27 13:15 - 2014-03-26 02:34 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-04-27 13:15 - 2014-03-26 02:32 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search
2014-04-25 10:20 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-02-19 19:04

==================== End Of Log ============================
--- --- ---

--- --- ---
[/CODE]


Addition LOG:

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2014
Ran by Rafa at 2014-05-21 15:13:02
Running from C:\Windows\System32\config\systemprofile\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Kaspersky Internet Security (Enabled - Up to date) {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
AS: Kaspersky Internet Security (Enabled - Up to date) {95CBD341-38DB-14AC-AF6A-08054B41A339}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {1691B380-548E-1A7A-BE85-9A42CE15AEFF}

==================== Installed Programs ======================

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.135 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.4.402.265 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_719d6f144d0c086a0dfa7ff76bb9ac1) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
AKAI professional Plugins Pack v1.01-OxYGeN (HKLM-x32\...\AKAI professional Plugins Pack v1.01-OxYGeN) (Version:  - )
Amazon MP3 Downloader 1.0.9 (HKLM-x32\...\Amazon MP3 Downloader) (Version:  - )
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AnalogX SayIt (HKLM-x32\...\AnalogX SayIt) (Version:  - AnalogX)
Antares Autotune VST v5.09 (HKLM-x32\...\Antares Autotune VST_is1) (Version:  - )
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arturia minimoog V v1.6 (HKLM-x32\...\Arturia minimoog V_is1) (Version:  - )
Ashampoo ClipFinder HD v.2.21 (HKLM-x32\...\Ashampoo ClipFinder HD_is1) (Version: 2.2.1 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ASRock eXtreme Tuner v0.1.71 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.6.1.0171 - DT Soft Ltd)
Audacity 1.3.14 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
AudioEase Altiverb VST RTAS v6.12 (HKLM-x32\...\AudioEase Altiverb VST RTAS_is1) (Version:  - )
Auto-Tune EFX VST (HKLM-x32\...\{95292902-411B-4390-BCBD-8EA445F9456C}) (Version: 1.0.0 - Antares Audio Technologies)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.0.443 - AVG Technologies)
Avid Effects (HKLM-x32\...\{A86F1158-A7F7-4E8C-98E3-88F4996E85EB}) (Version: 10.3.2 - Avid Technology, Inc.)
Avid HD Driver (x64) (HKLM\...\{658E112A-8776-4430-A275-D9248732DFB9}) (Version: 10.3.2 - Avid Technology, Inc.)
Avid Pro Tools (HKLM-x32\...\{8E60BB71-7EF3-42ED-9F10-AA041F25841A}) (Version: 10.3.2 - Avid Technology, Inc.)
Avira (HKLM-x32\...\{68e29fba-92b1-4f6f-a604-1d8679da3a9f}) (Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Best Service Ethno World 4 Pro (HKLM-x32\...\Best Service Ethno World 4 Pro) (Version:  - )
Best Service Orient World (HKLM-x32\...\Best Service Orient World) (Version:  - )
Bitsonic Waspy 2.1 Mini (HKLM-x32\...\{84770ED7-BAF6-4E12-B1D5-AF15645389C8}_is1) (Version: 2.1 - Bitsonic LP)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BREVERB 2 2.0 (HKLM-x32\...\{B2D9F699-B4A4-4D37-941E-1B55DF33A96D}_is1) (Version: 2.0 - Overloud)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.3 - Broadcom Corporation)
Browser Manager (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version:  - Bit89 Inc)
butt (HKLM-x32\...\butt) (Version:  - )
Cakewalk RgcAudio z3ta Plus v1.5.2 VSTi DXi (HKLM-x32\...\Cakewalk RgcAudio z3ta Plus v1.5.2 VSTi DXi) (Version:  - )
Camel Audio Camel Phat VST v3.15 (HKLM-x32\...\Camel Audio Camel Phat VST v3.15) (Version:  - )
Camel Audio Camel Space VST v1.15 (HKLM-x32\...\Camel Audio Camel Space VST v1.15) (Version:  - )
Chromium PlugIns 3.0 (HKLM-x32\...\Chromium PlugIns 3.0) (Version:  - )
Claro LTD toolbar  (HKLM-x32\...\claro) (Version:  - Claro LTD) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
db audioware Sidechain Gate VST v1.1.0 (HKLM-x32\...\db audioware Sidechain Gate VST v1.1.0) (Version:  - )
DealPly (HKLM-x32\...\DealPly) (Version:  - DealPly) <==== ATTENTION
Digieffects Phenomena Particle Effects (HKLM-x32\...\MAGIX_{AC64C316-5914-4741-84C4-CC4A2729544D}) (Version: 1.0.0.1 - MAGIX AG)
Digieffects Phenomena Particle Effects (x32 Version: 1.0.0.1 - MAGIX AG) Hidden
DirectWave (HKLM-x32\...\DirectWave) (Version:  - Image-Line bvba)
discoDSP HighLife v1.4 (HKLM-x32\...\discoDSP HighLife v1.4_is1) (Version: 1.4 - discoDSP)
Druckerdeinstallation für EPSON SX125 Series (HKLM\...\EPSON SX125 Series) (Version:  - SEIKO EPSON Corporation)
E²Deesser (HKLM-x32\...\E²Deesser_is1) (Version: 1.2.0 - Eiosis, Inc.)
East West Colossus (HKLM-x32\...\East West Colossus) (Version:  - )
East West EWQLSO Gold Edition (HKLM-x32\...\East West EWQLSO Gold Edition) (Version:  - )
East West Ra (HKLM-x32\...\East West Ra) (Version:  - )
ElastikVst (x32 Version: 1.00.0000 - ueberschall sample service GmbH) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.6.6.2134 - Steinberg Media Technologies GmbH)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EXPERTool 7.20 (HKLM-x32\...\MySSID_is1) (Version:  - Gainward Co., Ltd)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
FormatFactory 2.70 (HKLM-x32\...\FormatFactory) (Version: 2.70 - Free Time)
Free Dailymotion Download version 1.0.4.1028 (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.4.1028 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Gladiator  full (HKLM-x32\...\Tone2 Gladiator full_is1) (Version:  - Tone2)
Gladiator v1.2.2.0 (HKLM-x32\...\Tone2 Gladiator Retail_is1) (Version:  - )
GmdeiaMusic Oddity bank5 Addon (HKLM-x32\...\GmdeiaMusic Oddity bank5 Addon) (Version:  - )
GMedia Music impOSCar VSTi v1.0.0.1 (HKLM-x32\...\GMedia Music impOSCar VSTi v1.0.0.1) (Version:  - )
GMediaMusic - Oddity VST2 (HKLM-x32\...\Oddity VST2) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{36A52BCF-AC3D-32F1-AD5F-A09769EB8887}) (Version: 4.1.3.13728 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GRM Tools Spectral Transform VST v1.6.52 (HKLM-x32\...\GRM Tools Spectral Transform VST v1.6.52) (Version:  - )
Halls Of Fame Free -  Origami Edition 2.5.2 (HKLM-x32\...\Halls Of Fame Free -  Origami Edition 2.5.2) (Version:  - )
HOFA-Plugins Uninstall (HKLM-x32\...\HOFA-Plugins) (Version:  - HOFA-Plugins)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line bvba)
INTEGRA (HKLM-x32\...\INTEGRA_is1) (Version:  - )
INTEGRA-7 (HKLM-x32\...\INTEGRA-7_is1) (Version: 1.0 - Cakewalk Music Software)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
ISO Workshop 5.2 (HKLM-x32\...\ISO Workshop_is1) (Version:  - Glorylogic)
IsoBuster 3.1 (HKLM-x32\...\IsoBuster_is1) (Version: 3.1 - Smart Projects)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.290 - Oracle)
Juicer 3.90 (HKLM-x32\...\{640EAE56-81A2-49D4-9B8C-00DA3C0031AF}_is1) (Version:  - Digital Juice, Inc.)
Kaspersky Internet Security 2012 (HKLM-x32\...\InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}) (Version: 12.0.0.374 - Kaspersky Lab)
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374 - Kaspersky Lab) Hidden
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
License Support (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
LiquidInstrumentVst 1.1 (HKLM-x32\...\{A2453C21-B185-437A-933D-EAFC19D0E2D2}) (Version: 1.01.0007 - ueberschall sample service GmbH)
LiquidInstrumentVst 1.1 (x32 Version: 1.01.0007 - ueberschall sample service GmbH) Hidden
loadtbs-3.0 (HKLM-x32\...\loadtbs-3.0) (Version:  - )
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Macromedia Flash 8 (HKLM-x32\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Magic Bullet Quick Looks (for MAGIX) (HKLM-x32\...\{B2CF1869-8727-4F9C-BA7D-807CA9F7C528}) (Version: 1.0.0 - Red Giant)
MAGIX PanoramaStudio 2.2.5 Pro (HKLM-x32\...\MAGIX_{C4A9E247-9949-4D95-AB8C-45FE1469847F}) (Version: 2.2.5.129 - MAGIX AG)
MAGIX PanoramaStudio 2.2.5 Pro (x32 Version: 2.2.5.129 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\MAGIX_{EE79A8D3-6676-41FF-967C-242017CEC0F2}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{838A0DDB-239D-4668-94E7-7E8AC329D1C4}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Designelemente) (HKLM-x32\...\MAGIX_{A86B6747-7E5B-4E7A-9614-D466E31482CE}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Designelemente) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Digieffects Phenomena Particle Effects) (HKLM-x32\...\MAGIX_{AC0D8298-8D48-44A2-AE6D-444167493C60}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Digieffects Phenomena Particle Effects) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Filmvorlagen) (HKLM-x32\...\MAGIX_{31837320-F3EB-43B9-85FD-72916279C5DA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Filmvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Fotoshow Maker-Stile) (HKLM-x32\...\MAGIX_{83AB7E66-A59E-43BD-94B2-274ABEF2524B}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Fotoshow Maker-Stile) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (HKLM-x32\...\MAGIX_{E9CF5DD7-A414-4C00-8651-A60933B36410}) (Version: 11.0.5.26 - MAGIX AG)
MAGIX Video Pro X4 (Individuelle Menüvorlagen) (HKLM-x32\...\MAGIX_{3BE17CC6-BE68-4528-A80B-1CA3FE4A7DB7}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Individuelle Menüvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Menüvorlagen) (HKLM-x32\...\MAGIX_{440FA05F-BB9E-4735-B2FF-0B67C10183DA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Menüvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (NewBlueFX Light Blends) (HKLM-x32\...\MAGIX_{CE970FCE-0971-4EFF-996D-546D1AC3ECE2}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (NewBlueFX Light Blends) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Red Giant Magic Bullet Quick Looks) (HKLM-x32\...\MAGIX_{C0502363-A610-4D5B-B5A0-7F8447491B21}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Red Giant Magic Bullet Quick Looks) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Titeleffekte) (HKLM-x32\...\MAGIX_{9F2049D9-A3BF-4711-94E5-53E85855C5BF}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Titeleffekte) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Überblendeffekte) (HKLM-x32\...\MAGIX_{9F17B0CC-9ED8-4B53-97CB-E0CB022DC16A}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Überblendeffekte) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Video Plugins) (HKLM-x32\...\MAGIX_{B1DA7E9C-4822-41DD-8797-43C5B42F275F}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Video Plugins) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (x32 Version: 11.0.5.26 - MAGIX AG) Hidden
MAGIX Video Pro X4 Update (Version: 11.0.7.8 - MAGIX AG) Hidden
MAGIX Video Pro X4 Update (Version: 11.0.9.0 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1003 - Marvell)
Melodyne 3.1 (HKLM-x32\...\{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}) (Version: 3.1.0200 - Celemony Software GmbH)
Melodyne 3.1 (x32 Version: 3.1.0200 - Celemony Software GmbH) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Miroslav Philharmonik (HKLM-x32\...\{BA0D0121-A3BA-487D-9C78-7AB0E676C722}) (Version: 1.0.0 - IK Multimedia)
Miroslav Philharmonik Instruments (HKLM-x32\...\{9FCCC8D1-3152-4699-8793-6CB0B9E26EBB}) (Version: 1.0 - IK Multimedia)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
mocha Pro V3.2.1-7276 (HKLM-x32\...\{110ABF3B-74FA-45A4-B893-8482DA52AA9D}) (Version: 3.21.7276 - Imagineer Systems)
Mopis VSTi v1.1 (HKLM-x32\...\Mopis VSTi v1.1) (Version:  - )
Mozilla Firefox 23.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 23.0.1 (x86 de)) (Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
Mp3tag v2.49a (HKLM-x32\...\Mp3tag) (Version: v2.49a - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Native Instruments B4 II (HKLM-x32\...\Native Instruments B4 II) (Version:  - )
Native Instruments Battery 3 (HKLM-x32\...\Native Instruments Battery 3) (Version:  - )
Native Instruments Guitar Combo III (HKLM-x32\...\Native Instruments Guitar Combo III) (Version:  - )
Native Instruments Kinetic Metal (HKLM-x32\...\Native Instruments Kinetic Metal) (Version: 1.0.0.12 - Native Instruments)
Native Instruments Kinetic Metal (Version: 1.0.0.12 - Native Instruments) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (Version: 5.1.0.6066 - Native Instruments) Hidden
Native Instruments Kontakt 5 Demo Content (HKLM-x32\...\Native Instruments Kontakt 5 Demo Content) (Version:  - Native Instruments)
Native Instruments Kontakt 5 Demo Content (Version: 1.0.0.000 - Native Instruments) Hidden
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Massive (Version: 1.3.0.2050 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments)
Native Instruments Service Center (Version: 2.5.2.1549 - Native Instruments) Hidden
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.1.0.418 - Native Instruments)
Native Instruments Supercharger (Version: 1.1.0.418 - Native Instruments) Hidden
Native Power Pack vol 1 v2.5 (HKLM-x32\...\NPP vol 1) (Version:  - )
Native Power Pack vol 2 v2.5 (HKLM-x32\...\NPP vol 2) (Version:  - )
Nero Burning ROM 11 (HKLM-x32\...\{E656D89A-8CBB-497F-918F-8361A4071C26}) (Version: 11.0.10400 - Nero AG)
Nero Burning ROM 11 (x32 Version: 11.0.12200.23.100 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero ControlCenter 11 (x32 Version: 11.0.12300.0.23 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Core Components 11 (x32 Version: 11.0.14700.1.9 - Nero AG) Hidden
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.10623.22.0 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20007 - Nero AG) Hidden
NewBlueFX Light Blends (HKLM-x32\...\NewBlueFX Light Blends) (Version: 1.4 - NewBlue)
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Octopus (HKLM-x32\...\Octopus) (Version:  - )
Ohm Force - Ohmicide VST (HKLM-x32\...\Ohmicide VST) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.) Hidden
PCM Native Reverb Bundle (HKLM-x32\...\PCM Native Reverb Bundle) (Version:  - Lexicon)
PCM Native Reverb Bundle (x32 Version: 1.1.3 - Lexicon) Hidden
PCR-Treiber (HKLM\...\RolandRDID0027) (Version:  - Roland Corporation)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.1 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v6.5 (HKLM-x32\...\{169917C4-4A77-45F4-B20E-860703FD5E6F}) (Version: 6.5 - Spigot, Inc.) <==== ATTENTION
Photo to Cartoon (HKLM-x32\...\{3A6A34D3-37EE-40F3-BF81-EC7A4BF7F24D}) (Version: 1.0.0 - Caricature Software)
Pinguin Audio Meter v2.2 (HKLM-x32\...\Pinguin Audio Meter v2.2) (Version:  - )
proDAD DeFishr 1.0 (HKLM-x32\...\proDAD-DeFishr-1.0) (Version: 1.0.59.1 - proDAD GmbH)
proDAD Mercalli 1.0 (HKLM-x32\...\proDAD-Mercalli-1.0) (Version:  - )
proDAD Mercalli 2.0 (HKLM-x32\...\proDAD-Mercalli-2.0) (Version: 2.0.112.2 - proDAD GmbH)
proDAD Mercalli 3.0 (HKLM-x32\...\proDAD-Mercalli-3.0) (Version: 3.0.215.1 - proDAD GmbH)
proDAD ProDRENALIN 1.0 (HKLM-x32\...\proDAD-ProDRENALIN-1.0) (Version: 1.0.22.1 - proDAD GmbH)
proDAD Vitascene 1.0 (HKLM-x32\...\proDAD-Vitascene-1.0) (Version:  - )
proDAD Vitascene 2.0 (64bit) (HKLM\...\proDAD-Vitascene-2.0) (Version: 2.0.108 - proDAD GmbH)
proDAD Vitascene 2.0 (HKLM-x32\...\proDAD-Vitascene-2.0) (Version: 2.0.108 - proDAD GmbH)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
Revoice Pro (32 bit) (HKLM-x32\...\{7481C12D-51CF-4747-B1D5-3D7FE7612F0F}) (Version: 2.3.0.5 - Synchro Arts Ltd)
RgcAudio Pentagon I v1.4 (HKLM-x32\...\RgcAudio Pentagon I v1.4) (Version:  - )
RME Fireface USB (HKLM\...\FIREFACE_USB) (Version: 1.0.46.0 - RME Intelligent Audio Solutions)
Rob Papen Albino 3 (HKLM-x32\...\Rob Papen Albino 3) (Version:  - )
Rob Papen Blue VSTi v1.01  (HKLM-x32\...\Rob Papen Blue VSTi v1.01 ) (Version:  - )
Rob Papen Predator V1.1 b (HKLM-x32\...\Predator_is1) (Version:  - RPCX)
Saints Row The Third (HKLM-x32\...\Saints Row The Third_is1) (Version:  - )
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.7.23.2 - Conduit) <==== ATTENTION
SheepDog 1.0 (HKLM-x32\...\{8DDD8A6E-C353-4489-9935-63B8F0E4C6C4}) (Version: 1.0.0.0 - Josh Sklare)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
SiteRanker (HKLM-x32\...\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1) (Version: 1.0.0.21 - Crawler, LLC)
Sndbad Shaders 1.04 (HKLM-x32\...\Sndbad Shaders 1.04) (Version: 1.04 - Sndbad)
Softube Acoustic Feedback VST RTAS v1.0.7 (HKLM-x32\...\Softube Acoustic Feedback VST RTAS_is1) (Version:  - )
Softube Bass Amp Room VST RTAS v1.0.2 (HKLM-x32\...\Softube Bass Amp Room VST RTAS_is1) (Version:  - )
Softube FET Compressor VST RTAS v1.0.3 (HKLM-x32\...\Softube FET Compressor VST RTAS_is1) (Version:  - )
Softube Metal Amp Room VST RTAS v1.1.5 (HKLM-x32\...\Softube Metal Amp Room VST RTAS_is1) (Version:  - )
Softube Passive-Active Pack VST RTAS v1.0.2 (HKLM-x32\...\Softube Passive-Active Pack VST RTAS_is1) (Version:  - )
Softube Spring Reverb VST RTAS v1.0.4 (HKLM-x32\...\Softube Spring Reverb VST RTAS_is1) (Version:  - )
Softube Tonelux Tilt VST RTAS v1.0 (HKLM-x32\...\Softube Tonelux Tilt_is1) (Version:  - )
Softube Trident A-Range VST RTAS v1.0.2 (HKLM-x32\...\Softube Trident A-Range VST RTAS_is1) (Version:  - )
Softube Tube Delay VST RTAS v1.0.5 (HKLM-x32\...\Softube Tube Delay VST RTAS_is1) (Version:  - )
Softube Tube-Tech CL 1B VST RTAS v1.0.3 (HKLM-x32\...\Softube Tube-Tech CL 1B VST RTAS_is1) (Version:  - )
Softube Tube-Tech PE 1C VST RTAS v1.0.1 (HKLM-x32\...\Softube Tube-Tech PE 1C_is1) (Version:  - )
Softube Valley People Dyna-mite VST RTAS v1.0.1 (HKLM-x32\...\Softube Valley People Dyna-mite VST RTAS_is1) (Version:  - )
Softube Vintage Amp Room VST RTAS v1.05 (HKLM-x32\...\Softube Vintage Amp Room VST RTAS_is1) (Version:  - )
Sonalksis Plug-Ins for Windows 3.00 (HKLM-x32\...\Sonalksis Plug-Ins for Windows_is1) (Version:  - Sonalksis)
Sonnox Oxford Inflator Native VST v1.5.1 (HKLM-x32\...\Sonnox Oxford Inflator Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Inflator PowerCore VST v1.5.1 (HKLM-x32\...\Sonnox Oxford Inflator PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Limiter Native VST v1.1.1 (HKLM-x32\...\Sonnox Oxford Limiter Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Limiter PowerCore VST v1.1.1 (HKLM-x32\...\Sonnox Oxford Limiter PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 Dynamics Native VST v1.3.1 (HKLM-x32\...\Sonnox Oxford R3 Dynamics Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 Dynamics PowerCore VST v1.3.1 (HKLM-x32\...\Sonnox Oxford R3 Dynamics PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 EQ Native VST v1.6.1 (HKLM-x32\...\Sonnox Oxford R3 EQ Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 EQ PowerCore VST v1.6.1 (HKLM-x32\...\Sonnox Oxford R3 EQ PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Reverb Native VST v1.0 (HKLM-x32\...\Sonnox Oxford Reverb Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford TransMod Native VST v1.3.1 (HKLM-x32\...\Sonnox Oxford TransMod Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford TransMod PowerCore VST v1.3.1 (HKLM-x32\...\Sonnox Oxford TransMod PowerCore VST_is1) (Version:  - Team AiR 2007)
Sony ACID 4.0f (HKLM-x32\...\{36235A3F-92C7-4F90-84E7-3697C59AD369}) (Version: 4.0.446 - Sony)
SoundToys Devil-Loc Deluxe - Academic V1 (HKLM-x32\...\Devil-Loc Deluxe - Academic V1_is1) (Version:  - SoundToys Inc)
SoundToys MicroShift V1 (HKLM-x32\...\MicroShift V1_is1) (Version:  - SoundToys Inc)
SoundToys NTV FX V4 - Academic V4 (HKLM\...\SoundToys NTV FX V4 - Academic V4_is1) (Version:  - SoundToys Inc)
SoundToys NTV FX V4 - Academic V4 (HKLM-x32\...\SoundToys NTV FX V4 - Academic V4_is1) (Version:  - SoundToys Inc)
SP ver 4.71 (HKLM-x32\...\SP Inc. Panoramic Tools, SP_STITCHER_is1) (Version:  - )
SPL Analog Code Vitalizer MK2-T VST RTAS v1.2 (HKLM-x32\...\SPL Analog Code Vitalizer MK2-T VST RTAS_is1) (Version:  - )
Steinberg Cubase 7 (HKLM-x32\...\{36035C23-2361-495A-9AE9-D1FF9A9F70B7}) (Version: 7.0.5 - Steinberg Media Technologies GmbH)
Steinberg Cubase 7.5 (HKLM-x32\...\{C75F4809-1E91-49F4-8093-45D9B053E89D}) (Version: 7.5.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg EDM Toolbox MIDI Loops (HKLM-x32\...\{8C9B2EA8-9A30-4347-95E9-10E919C4F32E}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Eucon Adapter 6.5 (HKLM-x32\...\{000F81EC-1EF7-4926-BE38-1B5E3A41E109}) (Version: 6.5.2 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Allen Morgan Signature Drums (HKLM-x32\...\{611A7035-0172-4B9B-8BB6-5046F6867D8A}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE (HKLM-x32\...\{A6790D47-D653-4B88-BED4-96878DBE5191}) (Version: 4.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE (HKLM-x32\...\{EF7800A8-575E-4776-95A5-A9D904A85D5F}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 1.6.1 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop (HKLM-x32\...\{DC0A50F1-AD2A-4B8C-BD9E-C047B3D8F9E5}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue (HKLM-x32\...\{0EB4D2B3-9410-4FB7-AD46-C48CE45B9498}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Stereoizer3 v3.1 (HKLM\...\Stereoizer3_is1) (Version:  - NUGEN Audio)
Sugar Bytes Cyclop 1.0.1 (HKLM\...\Cyclop_is1) (Version: 1.0.1 - Sugar Bytes)
Sugar Bytes Guitarist 1.0.2 (HKLM\...\Guitarist_is1) (Version: 1.0.2 - Sugar Bytes)
Sugar Bytes Guitarist Library 1.0 (HKLM-x32\...\Guitarist Library_is1) (Version: 1.0 - Sugar Bytes)
Sugar Bytes Turnado 1.5 (HKLM\...\Turnado_is1) (Version: 1.5 - Sugar Bytes)
Sylenth1 v2.20 (HKLM\...\Sylenth1_is1) (Version:  - )
SynthMaker 1.0 (HKLM-x32\...\SynthMaker) (Version:  - Outsim)
TC Native Bundle v3.1 (HKLM-x32\...\TC Native Bundle v3.1) (Version:  - )
TerraTec Komplexer VSTi v1.0.2.0 (HKLM-x32\...\TerraTec Komplexer_is1) (Version:  - )
Timeworks ReverbX (HKLM-x32\...\Timeworks ReverbX) (Version:  - )
Tone2 Firebird VSTi v1.2.1 (HKLM-x32\...\Tone2 Firebird VSTi v1.2.1) (Version:  - )
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version:  - Image-Line bvba)
Tpkd x64 (HKLM\...\{6347E7B5-806F-4302-906A-05C62CCEA502}) (Version: 5.9.6 - PACE Anti-Piracy, Inc.)
Trilogy (HKLM-x32\...\Trilogy_is1) (Version:  - Spectrasonics, Inc.)
TrojanHunter 5.5 (HKLM-x32\...\TrojanHunter_is1) (Version: 5.5 - Mischel Internet Security)
TruePianos 1.4.1 (HKLM\...\TruePianos_is1) (Version:  - 4Front Technologies)
TruePianos: Amber Module 1.4.0 (HKLM-x32\...\TruePianos: Amber Module_is1) (Version:  - 4Front Technologies)
TruePianos: Diamond Module 1.4.0 (HKLM-x32\...\TruePianos: Diamond Module_is1) (Version:  - 4Front Technologies)
TruePianos: Emerald Module 1.4.0 (HKLM-x32\...\TruePianos: Emerald Module_is1) (Version:  - 4Front Technologies)
Tunatic (HKLM-x32\...\Tunatic) (Version:  - )
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
UAD drivers. This may take a while... (x32 Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{b5c448f3-fa31-47bf-85ed-13451fbdfe90}) (Version: 7.3.0.4295 - Universal Audio, Inc.)
UAD Powered Plug-Ins (Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (x32 Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
URS Classic Console EQ Bundle VST Native (HKLM-x32\...\URS Classic Console EQ Bundle VST Native1.0) (Version: 1.0 - URS Unique Recording Software)
URS Everything EQ Bundle v4.0 (HKLM-x32\...\URS Everything EQ Bundle v4.0) (Version:  - )
USB Display Device (Trigger Family) 13.02.0329.3679 (HKLM-x32\...\{81C5AD1D-C7C6-48AC-AC85-8F04293B1780}) (Version: 13.02.0329.3679 - StarTech)
Vengeance Producer Suite - Glitch Bitch 1.0.3 (HKLM-x32\...\{67715E04-59FB-442A-9A23-76F9C0F0D78D}_is1) (Version:  - keilwerth Audio / Vengeance Sound)
Vengeance Producer Suite - TapeStop 1.0.1 (HKLM-x32\...\{24293F25-0C00-4DD9-8DCD-257E415FF5E4}_is1) (Version:  - keilwerth Audio / Vengeance Sound)
Viral Outbreak v1.00 VSTi (HKLM-x32\...\Viral Outbreak v1.00 VSTi_is1) (Version:  - )
VIRTU 1.0.0 (HKLM\...\VIRTU_is1) (Version: 1.0.0 - Lucidlogix Technologies LTD)
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ 64-bit Redistributables (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (x32 Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
VocALign Pro 4 VST (HKLM-x32\...\{EB77C666-B349-4046-8BD3-E4941119E1EF}) (Version: 4.2 - Synchro Arts Ltd)
V-Station 1.5.1 (HKLM-x32\...\{842C6AFC-7856-4fd9-99AF-8900554ACAA2}_is1) (Version: 1.5.1 - Novation Digital Music Systems Ltd.)
Wajam (HKLM-x32\...\Wajam) (Version: 2.02 - Wajam) <==== ATTENTION
Waves Mercury Bundle (HKLM-x32\...\Waves Mercury Bundle) (Version: 5.0 - Team AiR)
Waves SSL Collection v1.2 (HKLM-x32\...\Waves SSL Collection v1.2) (Version:  - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - RME Fireface USB (04/02/2014 1.0.46.0) (HKLM\...\EA40120374767D22CA5438C62B3763D87EB7BEB0) (Version: 04/02/2014 1.0.46.0 - RME)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WordBuilder (HKLM-x32\...\{B7DAD844-34CD-456B-83CC-88065323DD69}) (Version: 1.1.21 - East West)
XFastUsb (HKLM-x32\...\XFastUsb) (Version:  - )
Yamaha Steinberg FW Driver (HKLM-x32\...\InstallShield_{755036CF-6EC8-48E3-A193-B3434E8A4F59}) (Version: 1.6.5 - Yamaha Corporation)
Yamaha Steinberg FW Driver (Version: 1.6.5 - Yamaha Corporation) Hidden
YTD Video Downloader 4.7.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.1 - GreenTree Applications SRL)
Zero-G Nostalgia (HKLM-x32\...\Zero-G Nostalgia) (Version:  - )

==================== Restore Points  =========================

06-06-2012 19:37:15 Installed Active@ ISO Burner
06-06-2012 19:37:45 SPTD setup V1.62

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-03-30 19:38 - 00004601 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      www.easycracks.net
127.0.0.1      www.mscracks.net
127.0.0.1      www.bestserials.com
127.0.0.1      www.serials.ws
127.0.0.1      www.astalavista.com
127.0.0.1      www.astalavista.box.sk
127.0.0.1      www.zoozle.net
127.0.0.1      www.security.nnov.ru
127.0.0.1      www.crack.ms
127.0.0.1      www.multihunter.com
127.0.0.1      www.demonoid.com
127.0.0.1      www.sumotorrent.com
127.0.0.1      www.megamixers.eu
127.0.0.1      www.binsearch.info
127.0.0.1      www.serialcrackz.com
127.0.0.1      www.megaupload.com
127.0.0.1      www.crackteam.ws
127.0.0.1      www.zakirostom.wordpress.com
127.0.0.1      www.dnb.az
127.0.0.1      www.keygen.ms
127.0.0.1      www.cracknews.com
127.0.0.1      www.999bpm.ru
127.0.0.1      www.cracks4u.us
127.0.0.1      www.jubox.us
127.0.0.1      www.cracks.hk
127.0.0.1      www.cracknews.com
127.0.0.1      www.vstinfo.blogspot.com
127.0.0.1      www.mp3proclub.com
127.0.0.1      www.magesy.ws

There are 95 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {19BE80B5-54F2-4DBB-A5FE-5E5453896226} - System32\Tasks\Google Updater and Installer => C:\Users\Rafa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {1AB66A4A-F6E6-43CA-A080-197C00D1C61F} - System32\Tasks\AdobeAAMUpdater-1.0-Rafa-PC-Rafa => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {1B37D9E5-3425-46E7-8C57-2D94552EC7BB} - System32\Tasks\{F68D4C34-DD44-4E41-9633-193DC626206B} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {221B9D0C-B2DF-4B57-AC9D-33BE824FE9D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {4727FFD6-A804-4ECD-B1E9-BCD53AFF1D24} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-680937111-310360728-3594482816-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {4CE47BE3-3942-40B5-AE81-EC304CFC9577} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {5B98D882-72B5-422D-B9CA-E9D85DF1B5B6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {6AC39706-D091-468D-83C4-7A8DF6E979FA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-680937111-310360728-3594482816-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {7A07574B-B584-407D-81E2-3323EA442BD2} - System32\Tasks\Browser Manager => Sc.exe start Browser Manager
Task: {84326A1B-429A-4188-AB35-B2C558D03636} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {84AB0070-4A65-462A-BEDD-1CEC7CB02CB5} - System32\Tasks\{C7DD9DD2-B840-48A2-A54F-E67DADD4518E} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {88B6246D-3C3C-43D3-BF7F-BE11C23B88DC} - System32\Tasks\{B8B5160B-43C2-44F5-ABB5-A6C7375B9D91} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {8946CD17-40AD-41EA-BFC9-A92971E73976} - System32\Tasks\DealPly => C:\Users\Rafa\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {8F18BF3C-4BCB-4A2D-B28E-F067F95B17D9} - System32\Tasks\Amazon Music Helper => C:\Users\Rafa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2013-12-12] ()
Task: {C0D44A6D-9C3C-46A6-8135-1075D0504BD1} - System32\Tasks\{7EE3FCBD-EA2D-43A4-97C5-8D3A75FF8DF4} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {DA3623FC-BFCA-4CE2-8BA9-E09CA4E5744E} - System32\Tasks\{A17CBABF-DCC3-4AC2-B912-F5108225B8C7} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {F294DDB7-8BC5-4E5A-BFAE-5E0189AAF08F} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-05-23] (RealNetworks, Inc.)
Task: {FF4983CF-5622-4E85-8ED6-062DF8FD97CA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-03-20 17:33 - 2014-02-08 19:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-26 22:12 - 2012-08-28 14:20 - 00313432 _____ () C:\Windows\system32\GManager.exe
2013-08-26 22:12 - 2011-05-03 18:13 - 00199296 _____ () C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
2014-04-27 13:15 - 2014-04-27 13:15 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
2014-01-02 15:00 - 2013-12-12 21:56 - 03145536 _____ () C:\Users\Rafa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2011-08-31 16:40 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:6B2C3EB805B95CCC

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Windows-Ereignisprotokoll wird gestartet.
Windows-Ereignisprotokoll konnte nicht gestartet werden.

Ein Systemfehler ist aufgetreten.

Das System hat keinen Meldungstext f�r die Meldungsnummer 0x1069 in der Meldungsdatei (null) gefunden.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 4201 eingeben.


==================== Memory info ===========================

Percentage of memory in use: 29%
Total physical RAM: 16296.58 MB
Available physical RAM: 11532.63 MB
Total Pagefile: 32591.35 MB
Available Pagefile: 27953.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.5 GB) (Free:189.64 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Musik) (Fixed) (Total:1863.01 GB) (Free:988.77 GB) NTFS
Drive e: (Rafau) (Fixed) (Total:465.76 GB) (Free:3.41 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F99A8EF3)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: D753B374)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 932 GB) (Disk ID: 1CB12ABD)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================

cosinus 21.05.2014 22:39
Zitat:
Running from C:\Windows\System32\config\systemprofile\Desktop
Was hast du denn da gemacht? :wtf:
Du sollst die Tools auf deinem Desktop ablegen nicht auf dem Desktop von nem Systemuser.

Rafau2012 21.05.2014 22:56
hmm...sorry aber
welche Tools meins du genau???

cosinus 21.05.2014 23:00
Mit welchem Tool hast du wohl grad dein Log gemacht?!

Rafau2012 21.05.2014 23:16
Habe ich gemacht ! Es sind mehrere Desktop Ordner enthalten!
Einmal der Desktop der angeziegt wird..(wo die ganzen Sachen fehlen)
Und dann ist da der Desktop der verschwunden ist.
C:/--Benutzer---Rafa---Desktop!

Ich habe das FRST64 vom hauptdesktop ausgeführt!

So, nun nochmal vom Hauptdesktop aus gestartet!

FRST LOG:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by Rafa (administrator) on RAFA-PC on 22-05-2014 00:17:51
Running from C:\Windows\System32\config\systemprofile\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\System32\GManager.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Users\Rafa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtblfs.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [VIRTU] => C:\Program Files\Lucidlogix Technologies\VIRTU\VirtuControlPanel.Exe [2619488 2011-04-21] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [MCTDUtil] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [FDispPos] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [FirefaceUsbTray1] => C:\Windows\system32\firefaceusb.exe [98304 2014-04-17] (RME)
HKLM\...\Run: [FirefaceMixTray2] => C:\Windows\system32\TotalMixFX.exe [22900440 2014-04-17] (RME)
HKLM-x32\...\Run: [XFastUsb] => C:\Program Files (x86)\XFastUsb\XFastUsb.exe [4942336 2011-08-30] (FNet Co., Ltd.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SiteRanker] => C:\Program Files (x86)\SiteRanker\SiteRankTray.exe [320000 2011-09-12] (Crawler, LLC)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2012-05-23] (RealNetworks, Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SearchSettings] => C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [1111432 2012-10-16] (Spigot, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UATrayIcon] => C:\Program Files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe [1404928 2013-10-03] (Universal Audio, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2557976 2014-04-27] ()
HKLM-x32\...\Run: [yfwtray] => C:\Program Files (x86)\Yamaha\FWDriver\yfwtray.exe [110592 2008-03-06] (Yamaha Corporation)
HKLM-x32\...\Run: [yfwcm] => C:\Program Files (x86)\Yamaha\FWDriver\yfwcm.exe [557056 2009-05-27] (Yamaha Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [THGuard] => C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe [1086880 2012-10-23] (Mischel Internet Security)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [183376 2014-05-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-09] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs:  C:\PROGRA~1\LUCIDL~1\VIRTU\APPINI~1.DLL => C:\Program Files\Lucidlogix Technologies\VIRTU\appinit_dll.dll [183904 2011-04-21] (Lucidlogix Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
AppInit_DLLs-x32:  c:\progra~1\lucidl~1\virtu\x86\appini~1.dll => C:\Program Files\Lucidlogix Technologies\VIRTU\x86\appinit_dll.dll [154208 2011-04-21] (Lucidlogix Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDFF5A8A96A74CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282722&CUI=UN39931830821762422
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: No Name - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files (x86)\SiteRanker\SiteRank.dll (Crawler, LLC)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll No File
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll No File
BHO-x32: No Name - {B922D405-6D13-4A2B-AE89-08A030DA4402} -  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Astroburn Toolbar - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKLM-x32 - No Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -  No File
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll (AVG Secure Search)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 83.169.186.161 83.169.186.225

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.666 - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-09-19]
FF HKLM-x32\...\Firefox\Extensions: [siteranker@siteranker.com] - C:\Program Files (x86)\SiteRanker\firefox\
FF Extension: SiteRanker - C:\Program Files (x86)\SiteRanker\firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-09-19]
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012-06-09]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012-06-09]
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012-06-09]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.0.443
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.0.443 [2014-04-27]

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [123984 2014-05-14] (Avira Operations GmbH & Co. KG)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
R2 GManager; C:\Windows\system32\GManager.exe [313432 2012-08-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MCTDesktopSvr; C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe [199296 2011-05-03] ()
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [1801240 2014-04-27] (AVG Secure Search)
R2 WajamUpdaterV2; C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV2.exe [113152 2013-10-10] (Wajam)
S2 CltMngSvc; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-04-27] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
S3 Cardex; C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [15648 2007-03-16] (Windows (R) Server 2003 DDK provider)
S3 firefaceu64; C:\Windows\System32\drivers\fireface_usb_64.sys [101504 2014-04-17] (RME)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2011-08-31] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2011-08-30] (FNet Co., Ltd.)
R3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25808 2013-04-11] ()
R3 iLokDrvr; C:\Windows\SysWOW64\DRIVERS\iLokDrvr.sys [54256 2008-09-08] (PACE Anti-Piracy, Inc.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-30] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 mctkmd; C:\Windows\system32\drivers\mctkmd64.sys [146712 2013-03-11] (Magic Control Technology Corporation)
R0 mctkmdldr; C:\Windows\System32\drivers\mctkmdldr64.sys [19584 2011-04-08] (Magic Control Technology Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R3 RDID1027; C:\Windows\System32\Drivers\rdwm1027.sys [81920 2009-09-18] (Roland Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2011-12-23] ()
R3 SynUSB64; C:\Windows\System32\DRIVERS\SynUSB64.sys [30352 2009-06-26] (Steinberg Media Technologies GmbH)
S3 t2usb64; C:\Windows\System32\drivers\t2usb64.sys [428664 2013-03-29] (Magic Control Technology Corp.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 TBPanel; No ImagePath
R3 UAD2Pcie; C:\Windows\System32\DRIVERS\UAD2Pcie.sys [47616 2013-10-03] (Universal Audio Inc.)
R3 UAD2System; C:\Windows\System32\DRIVERS\UAD2System.sys [89088 2013-10-03] (Universal Audio Inc.)
R3 YFWBUS; C:\Windows\System32\Drivers\yfwbus.sys [228096 2013-09-12] (Yamaha Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-22 00:02 - 2014-05-22 00:17 - 00023482 _____ () C:\Windows\system32\config\systemprofile\Desktop\FRST.txt
2014-05-21 21:17 - 2014-05-21 21:18 - 00016604 _____ () C:\Windows\system32\config\systemprofile\Desktop\Avira.txt
2014-05-21 15:12 - 2014-05-22 00:17 - 00000000 ____D () C:\FRST
2014-05-21 15:11 - 2014-05-21 15:11 - 02067456 _____ (Farbar) C:\Windows\system32\config\systemprofile\Desktop\FRST64.exe
2014-05-21 11:08 - 2014-05-21 11:08 - 46392680 _____ (Safer-Networking Ltd. ) C:\Windows\system32\config\systemprofile\Desktop\spybot-2.3.exe
2014-05-21 11:06 - 2014-05-09 11:16 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-21 11:06 - 2014-05-09 11:16 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-21 11:06 - 2014-05-09 11:16 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-05-21 11:05 - 2014-05-21 11:06 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-21 11:05 - 2014-05-21 11:05 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\config\systemprofile\Desktop\avira_de_av___ws.exe
2014-05-21 10:57 - 2014-05-21 10:58 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.5
2014-05-21 10:57 - 2014-05-21 10:57 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll
2014-05-21 10:56 - 2014-05-21 10:56 - 05843488 _____ (Mischel Internet Security ) C:\Windows\system32\config\systemprofile\Desktop\TrojanHunterSetup_5.5_Build_1003.exe
2014-05-21 10:52 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-21 10:52 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-21 10:52 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-21 02:23 - 2014-05-21 02:23 - 00000127 _____ () C:\Windows\system32\config\systemprofile\Desktop\Neues Textdokument (2).txt
2014-05-21 02:21 - 2014-05-21 02:21 - 00602112 _____ (OldTimer Tools) C:\Windows\system32\config\systemprofile\Desktop\OTL.exe
2014-05-21 01:48 - 2014-05-21 01:48 - 00001061 _____ () C:\OpenOffice.org 3.4.1.lnk
2014-05-21 01:26 - 2014-05-21 12:02 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-21 01:20 - 2014-05-21 10:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-21 01:03 - 2014-05-21 01:03 - 00000000 ____D () C:\Windows\system32\config\systemprofile\Desktop\mbam-chameleon-1.62.1.1000
2014-05-21 00:25 - 2014-05-21 00:24 - 00398752 _____ (Bleeping Computer, LLC) C:\Windows\system32\config\systemprofile\Desktop\unhide.exe
2014-05-20 23:28 - 2014-05-20 23:28 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-05-20 22:56 - 2014-05-21 23:34 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-20 22:55 - 2014-05-20 22:54 - 12589848 _____ (Malwarebytes Corp.) C:\Windows\system32\config\systemprofile\Desktop\mbar-1.07.0.1009.exe
2014-05-20 22:41 - 2014-05-20 23:13 - 00000000 ____D () C:\Windows\system32\config\systemprofile\Desktop\TDSSKiller
2014-05-20 22:39 - 2014-05-20 22:39 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\WinRAR
2014-05-20 22:23 - 2014-05-20 22:23 - 00158416 _____ () C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-20 22:22 - 2014-05-21 00:00 - 00000000 ____D () C:\Windows\SysWOW64\cache
2014-05-20 22:22 - 2014-05-20 22:23 - 00000000 ____D () C:\Windows\system32\config\systemprofile\lucidlogix
2014-05-20 22:22 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\SysWOW64\%LOCALAPPDATA%
2014-05-20 22:18 - 2014-05-20 23:46 - 00001451 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-20 22:18 - 2014-05-20 23:46 - 00001417 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-20 22:18 - 2014-05-20 22:18 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 22:17 - 2014-05-20 23:46 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-20 22:17 - 2014-05-20 23:46 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 17:03 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Vintage Amp Room
2014-05-14 17:00 - 2009-11-05 09:50 - 09535488 _____ (Softube) C:\Program Files (x86)\Tube Delay.dll
2014-05-14 16:53 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Softube
2014-05-11 20:01 - 2014-05-11 20:01 - 00003209 _____ () C:\Windows\SysWOW64\adorage-protocol.txt
2014-05-11 20:01 - 2014-05-11 20:01 - 00003058 _____ () C:\Windows\SysWOW64\heroglyph-protocol.txt
2014-05-11 20:01 - 2011-11-29 12:00 - 00955336 _____ (proDAD GmbH) C:\uninstall.exe
2014-05-11 19:05 - 2014-05-21 02:53 - 00000000 ____D () C:\Program Files (x86)\GenArts
2014-05-11 19:05 - 2014-05-11 19:05 - 00000098 _____ () C:\Windows\MSUTIL.INI
2014-05-08 19:33 - 2014-05-08 18:58 - 00000426 _____ () C:\AVScanner.ini
2014-05-08 19:08 - 2014-05-08 19:08 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\McAfee
2014-05-07 18:49 - 2014-05-07 18:49 - 00000000 ____D () C:\Program Files (x86)\Yamaha

==================== One Month Modified Files and Folders =======

2014-05-22 00:17 - 2014-05-22 00:02 - 00023482 _____ () C:\Windows\system32\config\systemprofile\Desktop\FRST.txt
2014-05-22 00:17 - 2014-05-21 15:12 - 00000000 ____D () C:\FRST
2014-05-22 00:11 - 2013-01-26 14:44 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-22 00:11 - 2013-01-26 14:44 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-21 23:34 - 2014-05-20 22:56 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-21 21:29 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-21 21:29 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-21 21:26 - 2011-04-12 09:43 - 06517380 _____ () C:\Windows\system32\perfh007.dat
2014-05-21 21:26 - 2011-04-12 09:43 - 01963164 _____ () C:\Windows\system32\perfc007.dat
2014-05-21 21:26 - 2009-07-14 07:13 - 00006216 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-21 21:25 - 2011-08-30 19:00 - 01466246 _____ () C:\Windows\WindowsUpdate.log
2014-05-21 21:19 - 2013-08-26 22:04 - 00002812 _____ () C:\Windows\system32\GManager.ini
2014-05-21 21:19 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-21 21:19 - 2009-07-14 06:51 - 00330996 _____ () C:\Windows\setupact.log
2014-05-21 21:18 - 2014-05-21 21:17 - 00016604 _____ () C:\Windows\system32\config\systemprofile\Desktop\Avira.txt
2014-05-21 21:18 - 2010-11-21 05:47 - 00362390 _____ () C:\Windows\PFRO.log
2014-05-21 15:32 - 2012-09-30 13:50 - 00000000 ____D () C:\Program Files (x86)\butt
2014-05-21 15:11 - 2014-05-21 15:11 - 02067456 _____ (Farbar) C:\Windows\system32\config\systemprofile\Desktop\FRST64.exe
2014-05-21 12:02 - 2014-05-21 01:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-21 11:08 - 2014-05-21 11:08 - 46392680 _____ (Safer-Networking Ltd. ) C:\Windows\system32\config\systemprofile\Desktop\spybot-2.3.exe
2014-05-21 11:06 - 2014-05-21 11:05 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-21 11:05 - 2014-05-21 11:05 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\config\systemprofile\Desktop\avira_de_av___ws.exe
2014-05-21 11:04 - 2011-09-05 18:32 - 00000000 ____D () C:\Program Files (x86)\DealPly
2014-05-21 10:59 - 2014-05-21 01:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-21 10:58 - 2014-05-21 10:57 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.5
2014-05-21 10:57 - 2014-05-21 10:57 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll
2014-05-21 10:56 - 2014-05-21 10:56 - 05843488 _____ (Mischel Internet Security ) C:\Windows\system32\config\systemprofile\Desktop\TrojanHunterSetup_5.5_Build_1003.exe
2014-05-21 02:56 - 2011-11-03 19:04 - 00000286 _____ () C:\Windows\TWAIN.LOG
2014-05-21 02:56 - 2011-11-03 19:04 - 00000156 _____ () C:\Windows\Twunk001.MTX
2014-05-21 02:56 - 2011-11-03 19:04 - 00000005 _____ () C:\Windows\Twain001.Mtx
2014-05-21 02:55 - 2011-11-03 23:54 - 00000000 ____D () C:\Program Files\RdDrv001
2014-05-21 02:53 - 2014-05-11 19:05 - 00000000 ____D () C:\Program Files (x86)\GenArts
2014-05-21 02:23 - 2014-05-21 02:23 - 00000127 _____ () C:\Windows\system32\config\systemprofile\Desktop\Neues Textdokument (2).txt
2014-05-21 02:21 - 2014-05-21 02:21 - 00602112 _____ (OldTimer Tools) C:\Windows\system32\config\systemprofile\Desktop\OTL.exe
2014-05-21 01:48 - 2014-05-21 01:48 - 00001061 _____ () C:\OpenOffice.org 3.4.1.lnk
2014-05-21 01:03 - 2014-05-21 01:03 - 00000000 ____D () C:\Windows\system32\config\systemprofile\Desktop\mbam-chameleon-1.62.1.1000
2014-05-21 00:24 - 2014-05-21 00:25 - 00398752 _____ (Bleeping Computer, LLC) C:\Windows\system32\config\systemprofile\Desktop\unhide.exe
2014-05-21 00:00 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\SysWOW64\cache
2014-05-20 23:46 - 2014-05-20 22:18 - 00001451 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-20 23:46 - 2014-05-20 22:18 - 00001417 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-20 23:46 - 2014-05-20 22:17 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-20 23:46 - 2014-05-20 22:17 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 23:42 - 2011-10-04 02:10 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-20 23:42 - 2011-10-04 02:10 - 00000000 ____D () C:\Program Files\Adobe
2014-05-20 23:41 - 2011-08-30 21:28 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-20 23:28 - 2014-05-20 23:28 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-05-20 23:13 - 2014-05-20 22:41 - 00000000 ____D () C:\Windows\system32\config\systemprofile\Desktop\TDSSKiller
2014-05-20 22:54 - 2014-05-20 22:55 - 12589848 _____ (Malwarebytes Corp.) C:\Windows\system32\config\systemprofile\Desktop\mbar-1.07.0.1009.exe
2014-05-20 22:39 - 2014-05-20 22:39 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\WinRAR
2014-05-20 22:23 - 2014-05-20 22:23 - 00158416 _____ () C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-20 22:23 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\system32\config\systemprofile\lucidlogix
2014-05-20 22:22 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\SysWOW64\%LOCALAPPDATA%
2014-05-20 22:22 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-20 22:18 - 2014-05-20 22:18 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-19 15:42 - 2013-06-13 10:28 - 00000000 ____D () C:\Program Files (x86)\iZotope
2014-05-19 15:41 - 2011-09-05 23:53 - 00000000 ____D () C:\Program Files (x86)\Vstplugins
2014-05-19 15:08 - 2012-02-05 22:23 - 00000000 ____D () C:\Program Files\Common Files\Digidesign
2014-05-14 17:03 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Vintage Amp Room
2014-05-14 17:03 - 2014-05-14 16:53 - 00000000 ____D () C:\Program Files (x86)\Softube
2014-05-13 08:23 - 2009-07-14 06:45 - 05338400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-11 20:01 - 2014-05-11 20:01 - 00003209 _____ () C:\Windows\SysWOW64\adorage-protocol.txt
2014-05-11 20:01 - 2014-05-11 20:01 - 00003058 _____ () C:\Windows\SysWOW64\heroglyph-protocol.txt
2014-05-11 19:05 - 2014-05-11 19:05 - 00000098 _____ () C:\Windows\MSUTIL.INI
2014-05-11 13:56 - 2011-09-03 22:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-05-09 11:16 - 2014-05-21 11:06 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-09 11:16 - 2014-05-21 11:06 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-09 11:16 - 2014-05-21 11:06 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-05-08 19:08 - 2014-05-08 19:08 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\McAfee
2014-05-08 18:58 - 2014-05-08 19:33 - 00000426 _____ () C:\AVScanner.ini
2014-05-08 00:06 - 2013-01-26 14:44 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 00:06 - 2013-01-26 14:44 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 18:49 - 2014-05-07 18:49 - 00000000 ____D () C:\Program Files (x86)\Yamaha
2014-05-07 18:49 - 2011-08-30 21:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-27 13:16 - 2014-03-26 02:34 - 00000000 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-04-27 13:15 - 2014-03-26 02:34 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-04-27 13:15 - 2014-03-26 02:32 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search
2014-04-25 10:20 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-02-19 19:04

==================== End Of Log ============================
--- --- ---

--- --- ---



Addition LOG:

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2014
Ran by Rafa at 2014-05-22 00:18:03
Running from C:\Windows\System32\config\systemprofile\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Kaspersky Internet Security (Enabled - Up to date) {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
AS: Kaspersky Internet Security (Enabled - Up to date) {95CBD341-38DB-14AC-AF6A-08054B41A339}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {1691B380-548E-1A7A-BE85-9A42CE15AEFF}

==================== Installed Programs ======================

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.135 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.4.402.265 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_719d6f144d0c086a0dfa7ff76bb9ac1) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
AKAI professional Plugins Pack v1.01-OxYGeN (HKLM-x32\...\AKAI professional Plugins Pack v1.01-OxYGeN) (Version:  - )
Amazon MP3 Downloader 1.0.9 (HKLM-x32\...\Amazon MP3 Downloader) (Version:  - )
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AnalogX SayIt (HKLM-x32\...\AnalogX SayIt) (Version:  - AnalogX)
Antares Autotune VST v5.09 (HKLM-x32\...\Antares Autotune VST_is1) (Version:  - )
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arturia minimoog V v1.6 (HKLM-x32\...\Arturia minimoog V_is1) (Version:  - )
Ashampoo ClipFinder HD v.2.21 (HKLM-x32\...\Ashampoo ClipFinder HD_is1) (Version: 2.2.1 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ASRock eXtreme Tuner v0.1.71 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.6.1.0171 - DT Soft Ltd)
Audacity 1.3.14 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
AudioEase Altiverb VST RTAS v6.12 (HKLM-x32\...\AudioEase Altiverb VST RTAS_is1) (Version:  - )
Auto-Tune EFX VST (HKLM-x32\...\{95292902-411B-4390-BCBD-8EA445F9456C}) (Version: 1.0.0 - Antares Audio Technologies)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.0.443 - AVG Technologies)
Avid Effects (HKLM-x32\...\{A86F1158-A7F7-4E8C-98E3-88F4996E85EB}) (Version: 10.3.2 - Avid Technology, Inc.)
Avid HD Driver (x64) (HKLM\...\{658E112A-8776-4430-A275-D9248732DFB9}) (Version: 10.3.2 - Avid Technology, Inc.)
Avid Pro Tools (HKLM-x32\...\{8E60BB71-7EF3-42ED-9F10-AA041F25841A}) (Version: 10.3.2 - Avid Technology, Inc.)
Avira (HKLM-x32\...\{68e29fba-92b1-4f6f-a604-1d8679da3a9f}) (Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.13.24161 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Best Service Ethno World 4 Pro (HKLM-x32\...\Best Service Ethno World 4 Pro) (Version:  - )
Best Service Orient World (HKLM-x32\...\Best Service Orient World) (Version:  - )
Bitsonic Waspy 2.1 Mini (HKLM-x32\...\{84770ED7-BAF6-4E12-B1D5-AF15645389C8}_is1) (Version: 2.1 - Bitsonic LP)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BREVERB 2 2.0 (HKLM-x32\...\{B2D9F699-B4A4-4D37-941E-1B55DF33A96D}_is1) (Version: 2.0 - Overloud)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.3 - Broadcom Corporation)
Browser Manager (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version:  - Bit89 Inc)
butt (HKLM-x32\...\butt) (Version:  - )
Cakewalk RgcAudio z3ta Plus v1.5.2 VSTi DXi (HKLM-x32\...\Cakewalk RgcAudio z3ta Plus v1.5.2 VSTi DXi) (Version:  - )
Camel Audio Camel Phat VST v3.15 (HKLM-x32\...\Camel Audio Camel Phat VST v3.15) (Version:  - )
Camel Audio Camel Space VST v1.15 (HKLM-x32\...\Camel Audio Camel Space VST v1.15) (Version:  - )
Chromium PlugIns 3.0 (HKLM-x32\...\Chromium PlugIns 3.0) (Version:  - )
Claro LTD toolbar  (HKLM-x32\...\claro) (Version:  - Claro LTD) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
db audioware Sidechain Gate VST v1.1.0 (HKLM-x32\...\db audioware Sidechain Gate VST v1.1.0) (Version:  - )
DealPly (HKLM-x32\...\DealPly) (Version:  - DealPly) <==== ATTENTION
Digieffects Phenomena Particle Effects (HKLM-x32\...\MAGIX_{AC64C316-5914-4741-84C4-CC4A2729544D}) (Version: 1.0.0.1 - MAGIX AG)
Digieffects Phenomena Particle Effects (x32 Version: 1.0.0.1 - MAGIX AG) Hidden
DirectWave (HKLM-x32\...\DirectWave) (Version:  - Image-Line bvba)
discoDSP HighLife v1.4 (HKLM-x32\...\discoDSP HighLife v1.4_is1) (Version: 1.4 - discoDSP)
Druckerdeinstallation für EPSON SX125 Series (HKLM\...\EPSON SX125 Series) (Version:  - SEIKO EPSON Corporation)
E²Deesser (HKLM-x32\...\E²Deesser_is1) (Version: 1.2.0 - Eiosis, Inc.)
East West Colossus (HKLM-x32\...\East West Colossus) (Version:  - )
East West EWQLSO Gold Edition (HKLM-x32\...\East West EWQLSO Gold Edition) (Version:  - )
East West Ra (HKLM-x32\...\East West Ra) (Version:  - )
ElastikVst (x32 Version: 1.00.0000 - ueberschall sample service GmbH) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.6.6.2134 - Steinberg Media Technologies GmbH)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EXPERTool 7.20 (HKLM-x32\...\MySSID_is1) (Version:  - Gainward Co., Ltd)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
FormatFactory 2.70 (HKLM-x32\...\FormatFactory) (Version: 2.70 - Free Time)
Free Dailymotion Download version 1.0.4.1028 (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.4.1028 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Gladiator  full (HKLM-x32\...\Tone2 Gladiator full_is1) (Version:  - Tone2)
Gladiator v1.2.2.0 (HKLM-x32\...\Tone2 Gladiator Retail_is1) (Version:  - )
GmdeiaMusic Oddity bank5 Addon (HKLM-x32\...\GmdeiaMusic Oddity bank5 Addon) (Version:  - )
GMedia Music impOSCar VSTi v1.0.0.1 (HKLM-x32\...\GMedia Music impOSCar VSTi v1.0.0.1) (Version:  - )
GMediaMusic - Oddity VST2 (HKLM-x32\...\Oddity VST2) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{36A52BCF-AC3D-32F1-AD5F-A09769EB8887}) (Version: 4.1.3.13728 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GRM Tools Spectral Transform VST v1.6.52 (HKLM-x32\...\GRM Tools Spectral Transform VST v1.6.52) (Version:  - )
Halls Of Fame Free -  Origami Edition 2.5.2 (HKLM-x32\...\Halls Of Fame Free -  Origami Edition 2.5.2) (Version:  - )
HOFA-Plugins Uninstall (HKLM-x32\...\HOFA-Plugins) (Version:  - HOFA-Plugins)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line bvba)
INTEGRA (HKLM-x32\...\INTEGRA_is1) (Version:  - )
INTEGRA-7 (HKLM-x32\...\INTEGRA-7_is1) (Version: 1.0 - Cakewalk Music Software)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
ISO Workshop 5.2 (HKLM-x32\...\ISO Workshop_is1) (Version:  - Glorylogic)
IsoBuster 3.1 (HKLM-x32\...\IsoBuster_is1) (Version: 3.1 - Smart Projects)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.290 - Oracle)
Juicer 3.90 (HKLM-x32\...\{640EAE56-81A2-49D4-9B8C-00DA3C0031AF}_is1) (Version:  - Digital Juice, Inc.)
Kaspersky Internet Security 2012 (HKLM-x32\...\InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}) (Version: 12.0.0.374 - Kaspersky Lab)
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374 - Kaspersky Lab) Hidden
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
License Support (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
LiquidInstrumentVst 1.1 (HKLM-x32\...\{A2453C21-B185-437A-933D-EAFC19D0E2D2}) (Version: 1.01.0007 - ueberschall sample service GmbH)
LiquidInstrumentVst 1.1 (x32 Version: 1.01.0007 - ueberschall sample service GmbH) Hidden
loadtbs-3.0 (HKLM-x32\...\loadtbs-3.0) (Version:  - )
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Macromedia Flash 8 (HKLM-x32\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Magic Bullet Quick Looks (for MAGIX) (HKLM-x32\...\{B2CF1869-8727-4F9C-BA7D-807CA9F7C528}) (Version: 1.0.0 - Red Giant)
MAGIX PanoramaStudio 2.2.5 Pro (HKLM-x32\...\MAGIX_{C4A9E247-9949-4D95-AB8C-45FE1469847F}) (Version: 2.2.5.129 - MAGIX AG)
MAGIX PanoramaStudio 2.2.5 Pro (x32 Version: 2.2.5.129 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\MAGIX_{EE79A8D3-6676-41FF-967C-242017CEC0F2}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{838A0DDB-239D-4668-94E7-7E8AC329D1C4}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Designelemente) (HKLM-x32\...\MAGIX_{A86B6747-7E5B-4E7A-9614-D466E31482CE}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Designelemente) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Digieffects Phenomena Particle Effects) (HKLM-x32\...\MAGIX_{AC0D8298-8D48-44A2-AE6D-444167493C60}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Digieffects Phenomena Particle Effects) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Filmvorlagen) (HKLM-x32\...\MAGIX_{31837320-F3EB-43B9-85FD-72916279C5DA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Filmvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Fotoshow Maker-Stile) (HKLM-x32\...\MAGIX_{83AB7E66-A59E-43BD-94B2-274ABEF2524B}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Fotoshow Maker-Stile) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (HKLM-x32\...\MAGIX_{E9CF5DD7-A414-4C00-8651-A60933B36410}) (Version: 11.0.5.26 - MAGIX AG)
MAGIX Video Pro X4 (Individuelle Menüvorlagen) (HKLM-x32\...\MAGIX_{3BE17CC6-BE68-4528-A80B-1CA3FE4A7DB7}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Individuelle Menüvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Menüvorlagen) (HKLM-x32\...\MAGIX_{440FA05F-BB9E-4735-B2FF-0B67C10183DA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Menüvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (NewBlueFX Light Blends) (HKLM-x32\...\MAGIX_{CE970FCE-0971-4EFF-996D-546D1AC3ECE2}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (NewBlueFX Light Blends) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Red Giant Magic Bullet Quick Looks) (HKLM-x32\...\MAGIX_{C0502363-A610-4D5B-B5A0-7F8447491B21}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Red Giant Magic Bullet Quick Looks) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Titeleffekte) (HKLM-x32\...\MAGIX_{9F2049D9-A3BF-4711-94E5-53E85855C5BF}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Titeleffekte) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Überblendeffekte) (HKLM-x32\...\MAGIX_{9F17B0CC-9ED8-4B53-97CB-E0CB022DC16A}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Überblendeffekte) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Video Plugins) (HKLM-x32\...\MAGIX_{B1DA7E9C-4822-41DD-8797-43C5B42F275F}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Video Plugins) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (x32 Version: 11.0.5.26 - MAGIX AG) Hidden
MAGIX Video Pro X4 Update (Version: 11.0.7.8 - MAGIX AG) Hidden
MAGIX Video Pro X4 Update (Version: 11.0.9.0 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1003 - Marvell)
Melodyne 3.1 (HKLM-x32\...\{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}) (Version: 3.1.0200 - Celemony Software GmbH)
Melodyne 3.1 (x32 Version: 3.1.0200 - Celemony Software GmbH) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Miroslav Philharmonik (HKLM-x32\...\{BA0D0121-A3BA-487D-9C78-7AB0E676C722}) (Version: 1.0.0 - IK Multimedia)
Miroslav Philharmonik Instruments (HKLM-x32\...\{9FCCC8D1-3152-4699-8793-6CB0B9E26EBB}) (Version: 1.0 - IK Multimedia)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
mocha Pro V3.2.1-7276 (HKLM-x32\...\{110ABF3B-74FA-45A4-B893-8482DA52AA9D}) (Version: 3.21.7276 - Imagineer Systems)
Mopis VSTi v1.1 (HKLM-x32\...\Mopis VSTi v1.1) (Version:  - )
Mozilla Firefox 23.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 23.0.1 (x86 de)) (Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
Mp3tag v2.49a (HKLM-x32\...\Mp3tag) (Version: v2.49a - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Native Instruments B4 II (HKLM-x32\...\Native Instruments B4 II) (Version:  - )
Native Instruments Battery 3 (HKLM-x32\...\Native Instruments Battery 3) (Version:  - )
Native Instruments Guitar Combo III (HKLM-x32\...\Native Instruments Guitar Combo III) (Version:  - )
Native Instruments Kinetic Metal (HKLM-x32\...\Native Instruments Kinetic Metal) (Version: 1.0.0.12 - Native Instruments)
Native Instruments Kinetic Metal (Version: 1.0.0.12 - Native Instruments) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (Version: 5.1.0.6066 - Native Instruments) Hidden
Native Instruments Kontakt 5 Demo Content (HKLM-x32\...\Native Instruments Kontakt 5 Demo Content) (Version:  - Native Instruments)
Native Instruments Kontakt 5 Demo Content (Version: 1.0.0.000 - Native Instruments) Hidden
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Massive (Version: 1.3.0.2050 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments)
Native Instruments Service Center (Version: 2.5.2.1549 - Native Instruments) Hidden
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.1.0.418 - Native Instruments)
Native Instruments Supercharger (Version: 1.1.0.418 - Native Instruments) Hidden
Native Power Pack vol 1 v2.5 (HKLM-x32\...\NPP vol 1) (Version:  - )
Native Power Pack vol 2 v2.5 (HKLM-x32\...\NPP vol 2) (Version:  - )
Nero Burning ROM 11 (HKLM-x32\...\{E656D89A-8CBB-497F-918F-8361A4071C26}) (Version: 11.0.10400 - Nero AG)
Nero Burning ROM 11 (x32 Version: 11.0.12200.23.100 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero ControlCenter 11 (x32 Version: 11.0.12300.0.23 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Core Components 11 (x32 Version: 11.0.14700.1.9 - Nero AG) Hidden
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.10623.22.0 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20007 - Nero AG) Hidden
NewBlueFX Light Blends (HKLM-x32\...\NewBlueFX Light Blends) (Version: 1.4 - NewBlue)
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Octopus (HKLM-x32\...\Octopus) (Version:  - )
Ohm Force - Ohmicide VST (HKLM-x32\...\Ohmicide VST) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.) Hidden
PCM Native Reverb Bundle (HKLM-x32\...\PCM Native Reverb Bundle) (Version:  - Lexicon)
PCM Native Reverb Bundle (x32 Version: 1.1.3 - Lexicon) Hidden
PCR-Treiber (HKLM\...\RolandRDID0027) (Version:  - Roland Corporation)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.1 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v6.5 (HKLM-x32\...\{169917C4-4A77-45F4-B20E-860703FD5E6F}) (Version: 6.5 - Spigot, Inc.) <==== ATTENTION
Photo to Cartoon (HKLM-x32\...\{3A6A34D3-37EE-40F3-BF81-EC7A4BF7F24D}) (Version: 1.0.0 - Caricature Software)
Pinguin Audio Meter v2.2 (HKLM-x32\...\Pinguin Audio Meter v2.2) (Version:  - )
proDAD DeFishr 1.0 (HKLM-x32\...\proDAD-DeFishr-1.0) (Version: 1.0.59.1 - proDAD GmbH)
proDAD Mercalli 1.0 (HKLM-x32\...\proDAD-Mercalli-1.0) (Version:  - )
proDAD Mercalli 2.0 (HKLM-x32\...\proDAD-Mercalli-2.0) (Version: 2.0.112.2 - proDAD GmbH)
proDAD Mercalli 3.0 (HKLM-x32\...\proDAD-Mercalli-3.0) (Version: 3.0.215.1 - proDAD GmbH)
proDAD ProDRENALIN 1.0 (HKLM-x32\...\proDAD-ProDRENALIN-1.0) (Version: 1.0.22.1 - proDAD GmbH)
proDAD Vitascene 1.0 (HKLM-x32\...\proDAD-Vitascene-1.0) (Version:  - )
proDAD Vitascene 2.0 (64bit) (HKLM\...\proDAD-Vitascene-2.0) (Version: 2.0.108 - proDAD GmbH)
proDAD Vitascene 2.0 (HKLM-x32\...\proDAD-Vitascene-2.0) (Version: 2.0.108 - proDAD GmbH)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
Revoice Pro (32 bit) (HKLM-x32\...\{7481C12D-51CF-4747-B1D5-3D7FE7612F0F}) (Version: 2.3.0.5 - Synchro Arts Ltd)
RgcAudio Pentagon I v1.4 (HKLM-x32\...\RgcAudio Pentagon I v1.4) (Version:  - )
RME Fireface USB (HKLM\...\FIREFACE_USB) (Version: 1.0.46.0 - RME Intelligent Audio Solutions)
Rob Papen Albino 3 (HKLM-x32\...\Rob Papen Albino 3) (Version:  - )
Rob Papen Blue VSTi v1.01  (HKLM-x32\...\Rob Papen Blue VSTi v1.01 ) (Version:  - )
Rob Papen Predator V1.1 b (HKLM-x32\...\Predator_is1) (Version:  - RPCX)
Saints Row The Third (HKLM-x32\...\Saints Row The Third_is1) (Version:  - )
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.7.23.2 - Conduit) <==== ATTENTION
SheepDog 1.0 (HKLM-x32\...\{8DDD8A6E-C353-4489-9935-63B8F0E4C6C4}) (Version: 1.0.0.0 - Josh Sklare)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
SiteRanker (HKLM-x32\...\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1) (Version: 1.0.0.21 - Crawler, LLC)
Sndbad Shaders 1.04 (HKLM-x32\...\Sndbad Shaders 1.04) (Version: 1.04 - Sndbad)
Softube Acoustic Feedback VST RTAS v1.0.7 (HKLM-x32\...\Softube Acoustic Feedback VST RTAS_is1) (Version:  - )
Softube Bass Amp Room VST RTAS v1.0.2 (HKLM-x32\...\Softube Bass Amp Room VST RTAS_is1) (Version:  - )
Softube FET Compressor VST RTAS v1.0.3 (HKLM-x32\...\Softube FET Compressor VST RTAS_is1) (Version:  - )
Softube Metal Amp Room VST RTAS v1.1.5 (HKLM-x32\...\Softube Metal Amp Room VST RTAS_is1) (Version:  - )
Softube Passive-Active Pack VST RTAS v1.0.2 (HKLM-x32\...\Softube Passive-Active Pack VST RTAS_is1) (Version:  - )
Softube Spring Reverb VST RTAS v1.0.4 (HKLM-x32\...\Softube Spring Reverb VST RTAS_is1) (Version:  - )
Softube Tonelux Tilt VST RTAS v1.0 (HKLM-x32\...\Softube Tonelux Tilt_is1) (Version:  - )
Softube Trident A-Range VST RTAS v1.0.2 (HKLM-x32\...\Softube Trident A-Range VST RTAS_is1) (Version:  - )
Softube Tube Delay VST RTAS v1.0.5 (HKLM-x32\...\Softube Tube Delay VST RTAS_is1) (Version:  - )
Softube Tube-Tech CL 1B VST RTAS v1.0.3 (HKLM-x32\...\Softube Tube-Tech CL 1B VST RTAS_is1) (Version:  - )
Softube Tube-Tech PE 1C VST RTAS v1.0.1 (HKLM-x32\...\Softube Tube-Tech PE 1C_is1) (Version:  - )
Softube Valley People Dyna-mite VST RTAS v1.0.1 (HKLM-x32\...\Softube Valley People Dyna-mite VST RTAS_is1) (Version:  - )
Softube Vintage Amp Room VST RTAS v1.05 (HKLM-x32\...\Softube Vintage Amp Room VST RTAS_is1) (Version:  - )
Sonalksis Plug-Ins for Windows 3.00 (HKLM-x32\...\Sonalksis Plug-Ins for Windows_is1) (Version:  - Sonalksis)
Sonnox Oxford Inflator Native VST v1.5.1 (HKLM-x32\...\Sonnox Oxford Inflator Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Inflator PowerCore VST v1.5.1 (HKLM-x32\...\Sonnox Oxford Inflator PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Limiter Native VST v1.1.1 (HKLM-x32\...\Sonnox Oxford Limiter Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Limiter PowerCore VST v1.1.1 (HKLM-x32\...\Sonnox Oxford Limiter PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 Dynamics Native VST v1.3.1 (HKLM-x32\...\Sonnox Oxford R3 Dynamics Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 Dynamics PowerCore VST v1.3.1 (HKLM-x32\...\Sonnox Oxford R3 Dynamics PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 EQ Native VST v1.6.1 (HKLM-x32\...\Sonnox Oxford R3 EQ Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 EQ PowerCore VST v1.6.1 (HKLM-x32\...\Sonnox Oxford R3 EQ PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Reverb Native VST v1.0 (HKLM-x32\...\Sonnox Oxford Reverb Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford TransMod Native VST v1.3.1 (HKLM-x32\...\Sonnox Oxford TransMod Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford TransMod PowerCore VST v1.3.1 (HKLM-x32\...\Sonnox Oxford TransMod PowerCore VST_is1) (Version:  - Team AiR 2007)
Sony ACID 4.0f (HKLM-x32\...\{36235A3F-92C7-4F90-84E7-3697C59AD369}) (Version: 4.0.446 - Sony)
SoundToys Devil-Loc Deluxe - Academic V1 (HKLM-x32\...\Devil-Loc Deluxe - Academic V1_is1) (Version:  - SoundToys Inc)
SoundToys MicroShift V1 (HKLM-x32\...\MicroShift V1_is1) (Version:  - SoundToys Inc)
SoundToys NTV FX V4 - Academic V4 (HKLM\...\SoundToys NTV FX V4 - Academic V4_is1) (Version:  - SoundToys Inc)
SoundToys NTV FX V4 - Academic V4 (HKLM-x32\...\SoundToys NTV FX V4 - Academic V4_is1) (Version:  - SoundToys Inc)
SP ver 4.71 (HKLM-x32\...\SP Inc. Panoramic Tools, SP_STITCHER_is1) (Version:  - )
SPL Analog Code Vitalizer MK2-T VST RTAS v1.2 (HKLM-x32\...\SPL Analog Code Vitalizer MK2-T VST RTAS_is1) (Version:  - )
Steinberg Cubase 7 (HKLM-x32\...\{36035C23-2361-495A-9AE9-D1FF9A9F70B7}) (Version: 7.0.5 - Steinberg Media Technologies GmbH)
Steinberg Cubase 7.5 (HKLM-x32\...\{C75F4809-1E91-49F4-8093-45D9B053E89D}) (Version: 7.5.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg EDM Toolbox MIDI Loops (HKLM-x32\...\{8C9B2EA8-9A30-4347-95E9-10E919C4F32E}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Eucon Adapter 6.5 (HKLM-x32\...\{000F81EC-1EF7-4926-BE38-1B5E3A41E109}) (Version: 6.5.2 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Allen Morgan Signature Drums (HKLM-x32\...\{611A7035-0172-4B9B-8BB6-5046F6867D8A}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE (HKLM-x32\...\{A6790D47-D653-4B88-BED4-96878DBE5191}) (Version: 4.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE (HKLM-x32\...\{EF7800A8-575E-4776-95A5-A9D904A85D5F}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 1.6.1 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop (HKLM-x32\...\{DC0A50F1-AD2A-4B8C-BD9E-C047B3D8F9E5}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue (HKLM-x32\...\{0EB4D2B3-9410-4FB7-AD46-C48CE45B9498}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Stereoizer3 v3.1 (HKLM\...\Stereoizer3_is1) (Version:  - NUGEN Audio)
Sugar Bytes Cyclop 1.0.1 (HKLM\...\Cyclop_is1) (Version: 1.0.1 - Sugar Bytes)
Sugar Bytes Guitarist 1.0.2 (HKLM\...\Guitarist_is1) (Version: 1.0.2 - Sugar Bytes)
Sugar Bytes Guitarist Library 1.0 (HKLM-x32\...\Guitarist Library_is1) (Version: 1.0 - Sugar Bytes)
Sugar Bytes Turnado 1.5 (HKLM\...\Turnado_is1) (Version: 1.5 - Sugar Bytes)
Sylenth1 v2.20 (HKLM\...\Sylenth1_is1) (Version:  - )
SynthMaker 1.0 (HKLM-x32\...\SynthMaker) (Version:  - Outsim)
TC Native Bundle v3.1 (HKLM-x32\...\TC Native Bundle v3.1) (Version:  - )
TerraTec Komplexer VSTi v1.0.2.0 (HKLM-x32\...\TerraTec Komplexer_is1) (Version:  - )
Timeworks ReverbX (HKLM-x32\...\Timeworks ReverbX) (Version:  - )
Tone2 Firebird VSTi v1.2.1 (HKLM-x32\...\Tone2 Firebird VSTi v1.2.1) (Version:  - )
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version:  - Image-Line bvba)
Tpkd x64 (HKLM\...\{6347E7B5-806F-4302-906A-05C62CCEA502}) (Version: 5.9.6 - PACE Anti-Piracy, Inc.)
Trilogy (HKLM-x32\...\Trilogy_is1) (Version:  - Spectrasonics, Inc.)
TrojanHunter 5.5 (HKLM-x32\...\TrojanHunter_is1) (Version: 5.5 - Mischel Internet Security)
TruePianos 1.4.1 (HKLM\...\TruePianos_is1) (Version:  - 4Front Technologies)
TruePianos: Amber Module 1.4.0 (HKLM-x32\...\TruePianos: Amber Module_is1) (Version:  - 4Front Technologies)
TruePianos: Diamond Module 1.4.0 (HKLM-x32\...\TruePianos: Diamond Module_is1) (Version:  - 4Front Technologies)
TruePianos: Emerald Module 1.4.0 (HKLM-x32\...\TruePianos: Emerald Module_is1) (Version:  - 4Front Technologies)
Tunatic (HKLM-x32\...\Tunatic) (Version:  - )
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
UAD drivers. This may take a while... (x32 Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{b5c448f3-fa31-47bf-85ed-13451fbdfe90}) (Version: 7.3.0.4295 - Universal Audio, Inc.)
UAD Powered Plug-Ins (Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (x32 Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
URS Classic Console EQ Bundle VST Native (HKLM-x32\...\URS Classic Console EQ Bundle VST Native1.0) (Version: 1.0 - URS Unique Recording Software)
URS Everything EQ Bundle v4.0 (HKLM-x32\...\URS Everything EQ Bundle v4.0) (Version:  - )
USB Display Device (Trigger Family) 13.02.0329.3679 (HKLM-x32\...\{81C5AD1D-C7C6-48AC-AC85-8F04293B1780}) (Version: 13.02.0329.3679 - StarTech)
Vengeance Producer Suite - Glitch Bitch 1.0.3 (HKLM-x32\...\{67715E04-59FB-442A-9A23-76F9C0F0D78D}_is1) (Version:  - keilwerth Audio / Vengeance Sound)
Vengeance Producer Suite - TapeStop 1.0.1 (HKLM-x32\...\{24293F25-0C00-4DD9-8DCD-257E415FF5E4}_is1) (Version:  - keilwerth Audio / Vengeance Sound)
Viral Outbreak v1.00 VSTi (HKLM-x32\...\Viral Outbreak v1.00 VSTi_is1) (Version:  - )
VIRTU 1.0.0 (HKLM\...\VIRTU_is1) (Version: 1.0.0 - Lucidlogix Technologies LTD)
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ 64-bit Redistributables (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (x32 Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
VocALign Pro 4 VST (HKLM-x32\...\{EB77C666-B349-4046-8BD3-E4941119E1EF}) (Version: 4.2 - Synchro Arts Ltd)
V-Station 1.5.1 (HKLM-x32\...\{842C6AFC-7856-4fd9-99AF-8900554ACAA2}_is1) (Version: 1.5.1 - Novation Digital Music Systems Ltd.)
Wajam (HKLM-x32\...\Wajam) (Version: 2.02 - Wajam) <==== ATTENTION
Waves Mercury Bundle (HKLM-x32\...\Waves Mercury Bundle) (Version: 5.0 - Team AiR)
Waves SSL Collection v1.2 (HKLM-x32\...\Waves SSL Collection v1.2) (Version:  - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - RME Fireface USB (04/02/2014 1.0.46.0) (HKLM\...\EA40120374767D22CA5438C62B3763D87EB7BEB0) (Version: 04/02/2014 1.0.46.0 - RME)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WordBuilder (HKLM-x32\...\{B7DAD844-34CD-456B-83CC-88065323DD69}) (Version: 1.1.21 - East West)
XFastUsb (HKLM-x32\...\XFastUsb) (Version:  - )
Yamaha Steinberg FW Driver (HKLM-x32\...\InstallShield_{755036CF-6EC8-48E3-A193-B3434E8A4F59}) (Version: 1.6.5 - Yamaha Corporation)
Yamaha Steinberg FW Driver (Version: 1.6.5 - Yamaha Corporation) Hidden
YTD Video Downloader 4.7.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.1 - GreenTree Applications SRL)
Zero-G Nostalgia (HKLM-x32\...\Zero-G Nostalgia) (Version:  - )

==================== Restore Points  =========================

06-06-2012 19:37:15 Installed Active@ ISO Burner
06-06-2012 19:37:45 SPTD setup V1.62

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-03-30 19:38 - 00004601 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      www.easycracks.net
127.0.0.1      www.mscracks.net
127.0.0.1      www.bestserials.com
127.0.0.1      www.serials.ws
127.0.0.1      www.astalavista.com
127.0.0.1      www.astalavista.box.sk
127.0.0.1      www.zoozle.net
127.0.0.1      www.security.nnov.ru
127.0.0.1      www.crack.ms
127.0.0.1      www.multihunter.com
127.0.0.1      www.demonoid.com
127.0.0.1      www.sumotorrent.com
127.0.0.1      www.megamixers.eu
127.0.0.1      www.binsearch.info
127.0.0.1      www.serialcrackz.com
127.0.0.1      www.megaupload.com
127.0.0.1      www.crackteam.ws
127.0.0.1      www.zakirostom.wordpress.com
127.0.0.1      www.dnb.az
127.0.0.1      www.keygen.ms
127.0.0.1      www.cracknews.com
127.0.0.1      www.999bpm.ru
127.0.0.1      www.cracks4u.us
127.0.0.1      www.jubox.us
127.0.0.1      www.cracks.hk
127.0.0.1      www.cracknews.com
127.0.0.1      www.vstinfo.blogspot.com
127.0.0.1      www.mp3proclub.com
127.0.0.1      www.magesy.ws

There are 95 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {19BE80B5-54F2-4DBB-A5FE-5E5453896226} - System32\Tasks\Google Updater and Installer => C:\Users\Rafa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {1AB66A4A-F6E6-43CA-A080-197C00D1C61F} - System32\Tasks\AdobeAAMUpdater-1.0-Rafa-PC-Rafa => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {1B37D9E5-3425-46E7-8C57-2D94552EC7BB} - System32\Tasks\{F68D4C34-DD44-4E41-9633-193DC626206B} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {221B9D0C-B2DF-4B57-AC9D-33BE824FE9D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {4727FFD6-A804-4ECD-B1E9-BCD53AFF1D24} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-680937111-310360728-3594482816-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {4CE47BE3-3942-40B5-AE81-EC304CFC9577} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {5B98D882-72B5-422D-B9CA-E9D85DF1B5B6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {6AC39706-D091-468D-83C4-7A8DF6E979FA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-680937111-310360728-3594482816-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {7A07574B-B584-407D-81E2-3323EA442BD2} - System32\Tasks\Browser Manager => Sc.exe start Browser Manager
Task: {84326A1B-429A-4188-AB35-B2C558D03636} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {84AB0070-4A65-462A-BEDD-1CEC7CB02CB5} - System32\Tasks\{C7DD9DD2-B840-48A2-A54F-E67DADD4518E} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {88B6246D-3C3C-43D3-BF7F-BE11C23B88DC} - System32\Tasks\{B8B5160B-43C2-44F5-ABB5-A6C7375B9D91} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {8946CD17-40AD-41EA-BFC9-A92971E73976} - System32\Tasks\DealPly => C:\Users\Rafa\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {8F18BF3C-4BCB-4A2D-B28E-F067F95B17D9} - System32\Tasks\Amazon Music Helper => C:\Users\Rafa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2013-12-12] ()
Task: {C0D44A6D-9C3C-46A6-8135-1075D0504BD1} - System32\Tasks\{7EE3FCBD-EA2D-43A4-97C5-8D3A75FF8DF4} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {DA3623FC-BFCA-4CE2-8BA9-E09CA4E5744E} - System32\Tasks\{A17CBABF-DCC3-4AC2-B912-F5108225B8C7} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {F294DDB7-8BC5-4E5A-BFAE-5E0189AAF08F} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-05-23] (RealNetworks, Inc.)
Task: {FF4983CF-5622-4E85-8ED6-062DF8FD97CA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-03-20 17:33 - 2014-02-08 19:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-26 22:12 - 2012-08-28 14:20 - 00313432 _____ () C:\Windows\system32\GManager.exe
2011-08-31 16:40 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2014-01-02 15:00 - 2013-12-12 21:56 - 03145536 _____ () C:\Users\Rafa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2013-08-26 22:12 - 2011-05-03 18:13 - 00199296 _____ () C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
2014-04-27 13:15 - 2014-04-27 13:15 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:6B2C3EB805B95CCC

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Windows-Ereignisprotokoll wird gestartet.
Windows-Ereignisprotokoll konnte nicht gestartet werden.

Ein Systemfehler ist aufgetreten.

Das System hat keinen Meldungstext f�r die Meldungsnummer 0x1069 in der Meldungsdatei (null) gefunden.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 4201 eingeben.


==================== Memory info ===========================

Percentage of memory in use: 19%
Total physical RAM: 16296.58 MB
Available physical RAM: 13187.05 MB
Total Pagefile: 32591.35 MB
Available Pagefile: 29528.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.5 GB) (Free:190.07 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Musik) (Fixed) (Total:1863.01 GB) (Free:988.78 GB) NTFS
Drive e: (Rafau) (Fixed) (Total:465.76 GB) (Free:3.6 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F99A8EF3)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: D753B374)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 932 GB) (Disk ID: 1CB12ABD)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================

cosinus 22.05.2014 08:23
Ich glaub, der Dreck den du da von deinem Kumpel bekommen hast, hat dein System verbogen, sodass du da einen anderen Ordner für den Desktop hast....

Zitat:
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Kaspersky Internet Security (Enabled - Up to date) {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
Also sowas geht garnicht....man verwendet wenn überhaupt nur einen derartiger Scanner! Einer muss runter, am besten Avira. Bevor du den runterschmeißt aber bitte nach Logs schauen siehe http://www.trojaner-board.de/125889-...tml#post941534

Warlord711 22.05.2014 09:49
Sieht nach defektem Benutzerprofil aus.

Das ausweichen auf C:\Windows\System32\config\systemprofile\Desktop ist ein Indiz.

cosinus 22.05.2014 10:08
Zitat:
Zitat von Warlord711 (Beitrag 1303949)
Sieht nach defektem Benutzerprofil aus.

Das ausweichen auf C:\Windows\System32\config\systemprofile\Desktop ist ein Indiz.
Wird dieser Pfad denn als temp. Pfad benutzt bei defektem Userprofil? Kann eigentlich nicht sein.
Für mich sieht dieser Desktop wie der eines Systemusers aus sonst würde das Ding ja auch nicht systemprofile heißen...:rolleyes:....normale Nutzer haben definitiv keine Schreibrechte in C:\Windows\System32\config\systemprofile sondern nur Administratoren und der User SYSTEM

Rafau2012 22.05.2014 13:08
Zitat:
Zitat von cosinus (Beitrag 1303882)
Ich glaub, der Dreck den du da von deinem Kumpel bekommen hast, hat dein System verbogen, sodass du da einen anderen Ordner für den Desktop hast....



Also sowas geht garnicht....man verwendet wenn überhaupt nur einen derartiger Scanner! Einer muss runter, am besten Avira. Bevor du den runterschmeißt aber bitte nach Logs schauen siehe http://www.trojaner-board.de/125889-...tml#post941534


ja genau das denke ich auch! weil wie schon erwähnt,,,,ich hab zum glück meine ganzen Ordner und Dateien, die auf dem üblichen desktop waren, gefunden und gesichert!

LOG AVIRA (ERGEBNISSE)

Code:
Exportierte Ereignisse:

22.05.2014 13:57 [Updater] Update erfolgreich durchgeführt
      Update von Avira Free Antivirus auf Computer RAFA-PC (77.23.24.100) erfolgreich
      durchgeführt.
      Folgende Dateien wurden von "hxxp://92.122.212.49/update" aktualisiert:
      avnetflt.sys 14.0.2.180
      vbase031.vdf 7.11.150.246
      aevdf.dat 7.11.150.246
      webcat2.dat
      webcat3.dat
      webcat4.dat
      repair.rdf 1.0.0.60

22.05.2014 13:57 [Planer] Auftrag gestartet
      Auftrag "Automatisches Update"
      wurde erfolgreich gestartet.

22.05.2014 13:53 [Echtzeit-Scanner] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:        14.0.4.620
      Engine Version:       
      VDF Version:       

22.05.2014 13:53 [Hilfsdienst] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:        14.0.4.620
      Engine Version:        8.3.18.22
      VDF Version:        7.11.150.216

22.05.2014 13:52 [Planer] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version 14.0.4.620

22.05.2014 00:47 [Echtzeit-Scanner] Dienst gestoppt
      Der Dienst wurde gestoppt.

22.05.2014 00:47 [Planer] Dienst gestoppt
      Der Dienst wurde gestoppt.

21.05.2014 23:08 [Updater] Update erfolgreich durchgeführt
      Update von Avira Free Antivirus auf Computer RAFA-PC (77.22.149.234)
      erfolgreich durchgeführt.
      Folgende Dateien wurden von "hxxp://23.62.61.33/update" aktualisiert:
      vbase031.vdf 7.11.150.216
      aevdf.dat 7.11.150.216
      webcat3.dat
      webcat4.dat

21.05.2014 23:07 [Planer] Auftrag gestartet
      Auftrag "Automatisches Update"
      wurde erfolgreich gestartet.

21.05.2014 21:20 [Echtzeit-Scanner] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:        14.0.4.620
      Engine Version:       
      VDF Version:       

21.05.2014 21:20 [Hilfsdienst] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:        14.0.4.620
      Engine Version:        8.3.18.22
      VDF Version:        7.11.150.194

21.05.2014 21:19 [Planer] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version 14.0.4.620

21.05.2014 21:17 [System-Scanner] Malware gefunden
      Die Datei 'C:\Program Files (x86)\Synchro Arts Ltd\Revoice Pro
      (32bit)\RevoicePro.exe'
      enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan].
      Durchgeführte Aktion(en):
      Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler
      aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.
      Die Quelldatei konnte nicht gefunden werden.
      Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
      Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
      Die Datei existiert nicht!

21.05.2014 21:17 [System-Scanner] Suche
      Suchlauf beendet [Der Suchlauf wurde vollständig durchgeführt.].
      Anzahl Dateien:        2453387
      Anzahl Verzeichnisse:        112984
      Anzahl Malware:        6
      Anzahl Warnungen:        4

21.05.2014 21:17 [System-Scanner] Malware gefunden
      Die Datei 'D:\4.0 - PRODUKTION\Samples\FreeDrumKits.net - TRAP PACK 2!!!\HUSTLE
      SQUAD PRESENTS TRAP PACK 2\VST\Tone2.Firebird.VSTi.v1.2.1.incl.Keygen-AiR.rar'
      enthielt einen Virus oder unerwünschtes Programm 'TR/Offend.2.7079' [trojan].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4f0a7d5c.qua'
      verschoben!

21.05.2014 21:17 [System-Scanner] Malware gefunden
      Die Datei 'C:\ProgramData\Browser
      Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx'
      enthielt einen Virus oder unerwünschtes Programm 'TR/BProtector.Gen2' [trojan].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1d5427b7.qua'
      verschoben!

21.05.2014 21:17 [System-Scanner] Malware gefunden
      Die Datei 'E:\4.0 - PRODUKTION\Samples\FreeDrumKits.net - TRAP PACK 2!!!\HUSTLE
      SQUAD PRESENTS TRAP PACK 2\VST\Tone2.Firebird.VSTi.v1.2.1.incl.Keygen-AiR.rar'
      enthielt einen Virus oder unerwünschtes Programm 'TR/Offend.2.7079' [trojan].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '579d52f0.qua'
      verschoben!

21.05.2014 17:08 [Updater] Update erfolgreich durchgeführt
      Update von Avira Free Antivirus auf Computer RAFA-PC (77.22.149.234)
      erfolgreich durchgeführt.
      Folgende Dateien wurden von "hxxp://92.122.48.88/update" aktualisiert:
      vbase031.vdf 7.11.150.194
      aevdf.dat 7.11.150.194
      webcat2.dat
      webcat3.dat
      webcat4.dat

21.05.2014 17:07 [Planer] Auftrag gestartet
      Auftrag "Automatisches Update"
      wurde erfolgreich gestartet.

21.05.2014 15:10 [System-Scanner] Malware gefunden
      Die Datei 'C:\program files (x86)\Synchro Arts Ltd\Revoice Pro
      (32bit)\RevoicePro.exe'
      enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5bd03052.qua'
      verschoben!

21.05.2014 15:10 [System-Scanner] Suche
      Suchlauf beendet [Der Suchlauf wurde vollständig durchgeführt.].
      Anzahl Dateien:        1046
      Anzahl Verzeichnisse:        0
      Anzahl Malware:        1
      Anzahl Warnungen:        0

21.05.2014 14:46 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\synchro arts ltd\revoice pro
      (32bit)\revoicepro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 14:46 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\synchro arts ltd\revoice pro
      (32bit)\revoicepro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

21.05.2014 14:46 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\synchro arts ltd\revoice pro
      (32bit)\revoicepro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 14:46 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\synchro arts ltd\revoice pro
      (32bit)\revoicepro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 12:46 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\Synchro Arts Ltd\Revoice Pro
      (32bit)\RevoicePro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 12:46 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\Synchro Arts Ltd\Revoice Pro
      (32bit)\RevoicePro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

21.05.2014 12:46 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\Synchro Arts Ltd\Revoice Pro
      (32bit)\RevoicePro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 12:46 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\Synchro Arts Ltd\Revoice Pro
      (32bit)\RevoicePro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 12:44 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\program files (x86)\Synchro Arts Ltd\Revoice Pro
      (32bit)\RevoicePro.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan]
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

21.05.2014 11:52 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Rafa\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe'
      enthielt einen Virus oder unerwünschtes Programm 'Adware/DealPly.F' [adware].
      Durchgeführte Aktion(en):
      Die Datei wurde gelöscht.

21.05.2014 11:52 [System-Scanner] Suche
      Suchlauf beendet [Der Suchlauf wurde vollständig durchgeführt.].
      Anzahl Dateien:        1049
      Anzahl Verzeichnisse:        0
      Anzahl Malware:        1
      Anzahl Warnungen:        0

21.05.2014 11:16 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Rafa\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.F' [adware]
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 11:16 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Rafa\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.F' [adware]
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 11:16 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Rafa\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.F' [adware]
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

21.05.2014 11:16 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Rafa\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.F' [adware]
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 11:16 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Rafa\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.F' [adware]
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 11:16 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Rafa\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/DealPly.F' [adware]
      gefunden.
      Ausgeführte Aktion: Zugriff erlauben

21.05.2014 11:12 [System-Scanner] Suche
      Suchlauf beendet [Der Suchlauf wurde vollständig durchgeführt.].
      Anzahl Dateien:        9210
      Anzahl Verzeichnisse:        0
      Anzahl Malware:        0
      Anzahl Warnungen:        0

21.05.2014 11:08 [Planer] Auftrag gestartet
      Auftrag "Vollständige Systemprüfung"
      wurde erfolgreich gestartet.

21.05.2014 11:08 [Planer] Auftrag gestartet
      Auftrag "scan_after_installation"
      wurde erfolgreich gestartet.

21.05.2014 11:08 [Updater] Update erfolgreich durchgeführt
      Update von Avira Free Antivirus auf Computer RAFA-PC (77.22.149.234)
      erfolgreich durchgeführt.
      Folgende Dateien wurden von "hxxp://92.122.48.89/update" aktualisiert:
      aeheur.dll 8.1.4.1066
      aepack.dll 8.4.0.24
      aescript.dll 8.1.4.204
      aeset.dat 8.3.18.22
      aecrypto.dll 8.1.0.0
      aedroid.dll 8.1.0.0
      aelibinf.dll 8.1.0.0
      aemobile.dll 8.1.0.0
      avlode.rdf 14.0.4.22
      vbase019.vdf 7.11.148.149
      vbase020.vdf 7.11.148.241
      vbase021.vdf 7.11.149.61
      vbase022.vdf 7.11.149.169
      vbase023.vdf 7.11.150.31
      vbase024.vdf 7.11.150.119
      vbase025.vdf 7.11.150.120
      vbase026.vdf 7.11.150.121
      vbase027.vdf 7.11.150.122
      vbase028.vdf 7.11.150.123
      vbase029.vdf 7.11.150.124
      vbase030.vdf 7.11.150.125
      vbase031.vdf 7.11.150.190
      aevdf.dat 7.11.150.190
      webcat0.dat
      webcat1.dat
      webcat2.dat
      webcat3.dat
      webcat4.dat
      repair.rdf 1.0.0.56

21.05.2014 11:07 [Planer] Auftrag gestartet
      Auftrag "update_after_installation"
      wurde erfolgreich gestartet.

21.05.2014 11:07 [Planer] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version 14.0.4.620

21.05.2014 11:07 [Echtzeit-Scanner] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:        14.0.4.620
      Engine Version:       
      VDF Version:       

21.05.2014 11:07 [Hilfsdienst] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:        14.0.4.620
      Engine Version:        8.3.18.18
      VDF Version:        7.11.148.126
Wenn ich jetzt z.b. TROJAN HUNTER installieren möchte...sagt er mir:

DAS SYSTEM KANN DIE ANGEGEBENE DATEI NICHT FINDEN


oder

ich will Malwarebytes installieren, dann kommt:

COULDN#T NOT OPEN ARCHIVE FILE C://WINDOWS/SYSTEM32/CONFIG/SYSTEMPROFILE/DESKTOP/mbar-1.07.0.1009.exe.
DAS SYSTEM KANN DIE ANGEGEBENE DATEI NICHT FINDEN

cosinus 22.05.2014 13:31
Zitat:
21.05.2014 21:17 [System-Scanner] Malware gefunden
Die Datei 'D:\4.0 - PRODUKTION\Samples\FreeDrumKits.net - TRAP PACK 2!!!\HUSTLE
SQUAD PRESENTS TRAP PACK 2\VST\Tone2.Firebird.VSTi.v1.2.1.incl.Keygen-AiR.rar'
:pfui:

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

Rafau2012 22.05.2014 13:44
hab ich erledigt! tut mir leid!

danke nochmal

cosinus 22.05.2014 13:50
Du hast auch alles andere runtergschmissen? Sämtliche Keygens und Cracks? Und die installierten gecrackten Spiele und Programme auch?

Rafau2012 22.05.2014 14:32
spiele habe ich eigentlich garkeine drauf! und programme hab ich gelöscht ja!

cosinus 22.05.2014 14:40
Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Rafau2012 22.05.2014 15:34
so habs geschafft:)

COMBI LOG

Combofix Logfile:
Code:
ComboFix 14-05-19.01 - SYSTEM 22.05.2014  16:15:54.2.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.16297.14125 [GMT 2:00]
ausgeführt von:: c:\windows\SysWOW64\config\systemprofile\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{0904D6ED-EE39-48D7-8F28-39CA9D8A7906}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{2B8CC93A-9D39-4E45-92B2-75BEAFEB8BD8}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{653AC8B9-BEC7-4C71-8E6A-34F8F263A7F8}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{7F49A7AF-D89C-4AF1-9B70-C6CCC5EB0F23}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{8C0182F0-D8BB-4DA8-928E-9001C8CDEB88}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{92D7D1A2-0ED9-4954-8D88-2E39F25BC15C}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{AF2EEF1C-6930-45AB-AFC0-66F72930AF05}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{B2E065D9-7C08-406F-A94F-7EDA50A703F1}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{D7FBBA52-2D68-4825-B19F-C528848ED495}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{E811012E-0053-47A4-BC8D-7DA0336F123E}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{10BD5412-1AC2-419B-BB91-6F16F6946689}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{3D657213-4FBF-4625-9C10-029A603BA0CC}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{3EFE3162-713D-4C6F-BD2B-256AA63BED8D}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{5E91861D-C3F2-4693-9BD2-C74F403E872A}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{7AC79284-BC91-46E4-9FFD-D01F6D410F04}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{A3A96759-4F81-419B-BA94-EF459EBE3A54}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{A56DBE6C-09C2-4C12-868E-3E3318DD2495}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{B4C78930-42C3-49A5-B878-A19283A51565}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{C1894907-0B21-456A-8BF3-615187C2B1D3}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{E6FB537A-0BDC-4827-9735-E9C9338F8A65}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\OCS\ICSharpCode.SharpZipLib.dll
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\OCS\ocs_v71b.exe
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{0904D6ED-EE39-48D7-8F28-39CA9D8A7906}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{2B8CC93A-9D39-4E45-92B2-75BEAFEB8BD8}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{653AC8B9-BEC7-4C71-8E6A-34F8F263A7F8}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{7F49A7AF-D89C-4AF1-9B70-C6CCC5EB0F23}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{8C0182F0-D8BB-4DA8-928E-9001C8CDEB88}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{92D7D1A2-0ED9-4954-8D88-2E39F25BC15C}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{AF2EEF1C-6930-45AB-AFC0-66F72930AF05}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{B2E065D9-7C08-406F-A94F-7EDA50A703F1}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{D7FBBA52-2D68-4825-B19F-C528848ED495}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{E811012E-0053-47A4-BC8D-7DA0336F123E}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{10BD5412-1AC2-419B-BB91-6F16F6946689}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{3D657213-4FBF-4625-9C10-029A603BA0CC}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{3EFE3162-713D-4C6F-BD2B-256AA63BED8D}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{5E91861D-C3F2-4693-9BD2-C74F403E872A}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{7AC79284-BC91-46E4-9FFD-D01F6D410F04}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{A3A96759-4F81-419B-BA94-EF459EBE3A54}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{A56DBE6C-09C2-4C12-868E-3E3318DD2495}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{B4C78930-42C3-49A5-B878-A19283A51565}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{C1894907-0B21-456A-8BF3-615187C2B1D3}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{E6FB537A-0BDC-4827-9735-E9C9338F8A65}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\System32\config\systemprofile\AppData\Local\Temp\OCS\ICSharpCode.SharpZipLib.dll
c:\windows\System32\config\systemprofile\AppData\Local\Temp\OCS\ocs_v71b.exe
.
---- Vorheriger Suchlauf -------
.
C:\Install.exe
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\DealPly.crx
c:\program files (x86)\DealPly\icon.ico
c:\program files (x86)\DealPly\uninst.exe
C:\uninstall.exe
c:\users\Rafa\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences
c:\users\Rafa\AppData\Roaming\convert\convert.exe
c:\users\Rafa\Taskmgr.exe
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\_iu14D2N.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{0904D6ED-EE39-48D7-8F28-39CA9D8A7906}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{2B8CC93A-9D39-4E45-92B2-75BEAFEB8BD8}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{653AC8B9-BEC7-4C71-8E6A-34F8F263A7F8}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{7F49A7AF-D89C-4AF1-9B70-C6CCC5EB0F23}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{8C0182F0-D8BB-4DA8-928E-9001C8CDEB88}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{92D7D1A2-0ED9-4954-8D88-2E39F25BC15C}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{AF2EEF1C-6930-45AB-AFC0-66F72930AF05}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{B2E065D9-7C08-406F-A94F-7EDA50A703F1}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{D7FBBA52-2D68-4825-B19F-C528848ED495}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{E811012E-0053-47A4-BC8D-7DA0336F123E}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{10BD5412-1AC2-419B-BB91-6F16F6946689}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{3D657213-4FBF-4625-9C10-029A603BA0CC}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{3EFE3162-713D-4C6F-BD2B-256AA63BED8D}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{5E91861D-C3F2-4693-9BD2-C74F403E872A}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{7AC79284-BC91-46E4-9FFD-D01F6D410F04}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{A3A96759-4F81-419B-BA94-EF459EBE3A54}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{A56DBE6C-09C2-4C12-868E-3E3318DD2495}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{B4C78930-42C3-49A5-B878-A19283A51565}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{C1894907-0B21-456A-8BF3-615187C2B1D3}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{E6FB537A-0BDC-4827-9735-E9C9338F8A65}.tmp
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\OCS\ICSharpCode.SharpZipLib.dll
c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\OCS\ocs_v71b.exe
c:\windows\system32\config\systemprofile\AppData\Local\Temp\_iu14D2N.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{0904D6ED-EE39-48D7-8F28-39CA9D8A7906}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{2B8CC93A-9D39-4E45-92B2-75BEAFEB8BD8}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{653AC8B9-BEC7-4C71-8E6A-34F8F263A7F8}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{7F49A7AF-D89C-4AF1-9B70-C6CCC5EB0F23}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{8C0182F0-D8BB-4DA8-928E-9001C8CDEB88}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{92D7D1A2-0ED9-4954-8D88-2E39F25BC15C}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{AF2EEF1C-6930-45AB-AFC0-66F72930AF05}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{B2E065D9-7C08-406F-A94F-7EDA50A703F1}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{D7FBBA52-2D68-4825-B19F-C528848ED495}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{BF85EE71-154A-44D7-93FB-93AD37EBB8E7}\{E811012E-0053-47A4-BC8D-7DA0336F123E}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{10BD5412-1AC2-419B-BB91-6F16F6946689}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{3D657213-4FBF-4625-9C10-029A603BA0CC}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{3EFE3162-713D-4C6F-BD2B-256AA63BED8D}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{5E91861D-C3F2-4693-9BD2-C74F403E872A}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{7AC79284-BC91-46E4-9FFD-D01F6D410F04}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{A3A96759-4F81-419B-BA94-EF459EBE3A54}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{A56DBE6C-09C2-4C12-868E-3E3318DD2495}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{B4C78930-42C3-49A5-B878-A19283A51565}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{C1894907-0B21-456A-8BF3-615187C2B1D3}.tmp
c:\windows\system32\config\systemprofile\AppData\Local\Temp\{C700C51D-1C88-4073-A7E7-9F3B1862E7B8}\{E6FB537A-0BDC-4827-9735-E9C9338F8A65}.tmp
c:\windows\System32\config\systemprofile\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\system32\config\systemprofile\AppData\Local\Temp\OCS\ICSharpCode.SharpZipLib.dll
c:\windows\System32\config\systemprofile\AppData\Local\Temp\OCS\ocs_v71b.exe
c:\windows\SysWow64\Cache
c:\windows\SysWow64\Cache\12c07d8834c79ba4.fb
c:\windows\SysWow64\Cache\12c07d8834c79ba4__exp__1400846112
c:\windows\SysWow64\Cache\26c630d098e22dd5.fb
c:\windows\SysWow64\Cache\26c630d098e22dd5__exp__1400709644
c:\windows\SysWow64\Cache\272512937d9e61a4.fb
c:\windows\SysWow64\Cache\272512937d9e61a4__exp__1400846143
c:\windows\SysWow64\Cache\287204568329e189.fb
c:\windows\SysWow64\Cache\287204568329e189__exp__1400709657
c:\windows\SysWow64\Cache\28bc8f716fd76a47.fb
c:\windows\SysWow64\Cache\28bc8f716fd76a47__exp__1400846126
c:\windows\SysWow64\Cache\31a0997e9a5b5eb3.fb
c:\windows\SysWow64\Cache\31a0997e9a5b5eb3__exp__1400709653
c:\windows\SysWow64\Cache\32c84fe32bb74d60.fb
c:\windows\SysWow64\Cache\32c84fe32bb74d60__exp__1400846146
c:\windows\SysWow64\Cache\3917078cb68ec657.fb
c:\windows\SysWow64\Cache\3917078cb68ec657__exp__1400709615
c:\windows\SysWow64\Cache\590ba23ce359fd0c.fb
c:\windows\SysWow64\Cache\590ba23ce359fd0c__exp__1400846145
c:\windows\SysWow64\Cache\610289e025a3ee9a.fb
c:\windows\SysWow64\Cache\610289e025a3ee9a__exp__1400709640
c:\windows\SysWow64\Cache\651c5d3cdbfb8bd1.fb
c:\windows\SysWow64\Cache\651c5d3cdbfb8bd1__exp__1400846141
c:\windows\SysWow64\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\SysWow64\Cache\6c59ac5e7e7a3ad0__exp__1400846142
c:\windows\SysWow64\Cache\6d03dad1035885d3.fb
c:\windows\SysWow64\Cache\6d03dad1035885d3__exp__1400846150
c:\windows\SysWow64\Cache\935ee77178548e84.fb
c:\windows\SysWow64\Cache\935ee77178548e84__exp__1400846137
c:\windows\SysWow64\Cache\95f567698be8a182.fb
c:\windows\SysWow64\Cache\95f567698be8a182__exp__1400709648
c:\windows\SysWow64\Cache\ad10a52aff5e038d.fb
c:\windows\SysWow64\Cache\ad10a52aff5e038d__exp__1400846132
c:\windows\SysWow64\Cache\c1fa887b03019701.fb
c:\windows\SysWow64\Cache\c1fa887b03019701__exp__1400846149
c:\windows\SysWow64\Cache\c4d28dca2e7648be.fb
c:\windows\SysWow64\Cache\c4d28dca2e7648be__exp__1400846138
c:\windows\SysWow64\Cache\d201ef9910cd39de.fb
c:\windows\SysWow64\Cache\d201ef9910cd39de__exp__1400846139
c:\windows\SysWow64\Cache\d2e94710a5708128.fb
c:\windows\SysWow64\Cache\d2e94710a5708128__exp__1400709624
c:\windows\SysWow64\Cache\d79b9dfe81484ec4.fb
c:\windows\SysWow64\Cache\d79b9dfe81484ec4__exp__1400709632
c:\windows\SysWow64\Cache\f998975c9cc711ee.fb
c:\windows\SysWow64\Cache\f998975c9cc711ee__exp__1400846148
c:\windows\SysWow64\msvcsv60.dll
c:\windows\SysWow64\winsh320
c:\windows\SysWow64\winsh321
c:\windows\SysWow64\winsh322
c:\windows\SysWow64\winsh323
c:\windows\SysWow64\winsh324
c:\windows\SysWow64\winsh325
c:\windows\wininit.ini
E:\install.exe
.
-- Vorheriger Suchlauf --
.
Infizierte Kopie von c:\windows\SysWow64\user32.dll wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll wurde wiederhergestellt
.
--------
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-04-22 bis 2014-05-22  ))))))))))))))))))))))))))))))
.
.
2014-05-22 14:28 . 2014-05-22 14:28        --------        d-----w-        c:\users\Rafa\AppData\Local\temp
2014-05-22 14:28 . 2014-05-22 14:28        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-05-21 13:12 . 2014-05-21 22:18        --------        d-----w-        C:\FRST
2014-05-21 08:57 . 2014-05-21 08:58        --------        d-----w-        c:\program files (x86)\TrojanHunter 5.5
2014-05-21 08:57 . 2014-05-21 08:57        --------        d-----w-        c:\programdata\TrojanHunter
2014-05-20 23:26 . 2014-05-21 10:02        119512        ----a-w-        c:\windows\system32\drivers\48230029.sys
2014-05-20 21:28 . 2014-05-20 21:28        --------        d-----w-        c:\windows\system32\%LOCALAPPDATA%
2014-05-20 20:56 . 2014-05-20 20:56        --------        d-----w-        c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-05-20 20:56 . 2014-05-22 13:26        119512        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-20 20:22 . 2014-05-20 20:22        --------        d-----w-        c:\windows\SysWow64\%LOCALAPPDATA%
2014-05-20 20:22 . 2014-05-20 20:23        --------        d-----w-        c:\windows\system32\config\systemprofile\lucidlogix
2014-05-20 20:21 . 2014-05-22 14:28        --------        d-----w-        c:\windows\system32\config\systemprofile\AppData\Local\Temp
2014-05-20 20:16 . 2014-05-20 20:16        --------        d-----w-        c:\users\Default\AppData\Local\Amazon Cloud Player
2014-05-20 20:16 . 2014-05-20 20:16        --------        d-----w-        c:\users\Default\AppData\Local\NVIDIA
2014-05-20 20:16 . 2014-05-20 20:17        --------        d-----w-        c:\users\TEMP
2014-05-20 19:10 . 2014-05-20 19:10        --------        d-----w-        c:\users\Rafa\AppData\Roaming\SWAM
2014-05-19 14:03 . 2014-05-19 14:03        --------        d-----w-        c:\programdata\DirectX
2014-05-14 15:03 . 2014-05-14 15:03        --------        d-----w-        c:\program files (x86)\Vintage Amp Room
2014-05-14 15:00 . 2009-11-05 07:50        9535488        ----a-w-        c:\program files (x86)\Tube Delay.dll
2014-05-14 14:53 . 2014-05-14 15:03        --------        d-----w-        c:\program files (x86)\Softube
2014-05-11 17:47 . 2014-05-11 17:49        --------        d-----w-        c:\programdata\VideoCopilot
2014-05-11 17:05 . 2014-05-21 00:53        --------        d-----w-        c:\program files (x86)\GenArts
2014-05-11 17:05 . 2014-05-11 17:05        --------        d-----w-        c:\programdata\GenArts
2014-05-11 13:04 . 2014-05-11 13:04        --------        d-----w-        c:\programdata\Juicer3
2014-05-11 11:56 . 2014-05-11 11:56        159744        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
2014-05-11 11:56 . 2014-05-11 11:56        159744        ----a-w-        c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2014-05-11 11:56 . 2014-05-11 11:56        159744        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2014-05-11 11:56 . 2014-05-11 11:56        159744        ----a-w-        c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2014-05-11 11:56 . 2014-05-11 11:56        159744        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2014-05-11 11:56 . 2014-05-11 11:56        159744        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2014-05-11 11:56 . 2014-05-11 11:56        159744        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2014-05-11 11:56 . 2014-05-11 11:56        159744        ----a-w-        c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2014-05-11 11:56 . 2014-05-11 11:56        159744        ----a-w-        c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2014-05-11 11:56 . 2014-05-11 11:56        159744        ----a-w-        c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2014-05-11 11:56 . 2014-05-11 11:56        159744        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2014-05-11 11:56 . 2014-05-11 11:56        159744        ----a-w-        c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2014-05-09 18:37 . 2014-05-09 18:37        --------        d-----w-        c:\programdata\Note
2014-05-08 17:08 . 2014-05-08 17:08        --------        d-----w-        c:\windows\system32\config\systemprofile\AppData\Roaming\McAfee
2014-05-08 13:48 . 2014-05-08 13:48        227704        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2014-05-08 13:48 . 2014-05-08 13:48        227704        ----a-w-        c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-05-07 16:49 . 2014-05-07 16:49        --------        d-----w-        c:\program files (x86)\Yamaha
2014-05-07 16:49 . 2014-05-07 16:49        --------        d-----w-        c:\program files (x86)\Common Files\Yamaha
2014-05-07 16:46 . 2014-05-07 16:46        --------        d-----w-        c:\users\Rafa\AppData\Local\Downloaded Installations
2014-05-03 09:25 . 2014-05-03 09:25        --------        d-----w-        c:\users\Rafa\AppData\Roaming\DropboxMaster
2014-04-27 11:15 . 2014-04-27 11:16        --------        d-----w-        c:\programdata\AVG Secure Search
2014-04-25 09:22 . 2014-04-25 09:22        --------        d-----w-        c:\users\Rafa\AppData\Roaming\Blue Cat Audio
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-27 11:15 . 2014-03-26 00:34        50464        ----a-w-        c:\windows\system32\drivers\avgtpx64.sys
2014-04-17 17:22 . 2014-04-17 17:22        98304        ----a-w-        c:\windows\SysWow64\firefaceusb.exe
2014-04-17 17:22 . 2014-04-17 17:22        98304        ----a-w-        c:\windows\system32\firefaceusb.exe
2014-04-17 17:22 . 2014-04-17 17:22        84096        ----a-w-        c:\windows\system32\drivers\fireface_usb.sys
2014-04-17 17:22 . 2014-04-17 17:22        35840        ----a-w-        c:\windows\system32\fireface_usb_asio_64.dll
2014-04-17 17:22 . 2014-04-17 17:22        33792        ----a-w-        c:\windows\SysWow64\fireface_usb_asio.dll
2014-04-17 17:22 . 2014-04-17 17:22        33792        ----a-w-        c:\windows\system32\fireface_usb_asio.dll
2014-04-17 17:22 . 2014-04-17 17:22        22900440        ----a-w-        c:\windows\system32\TotalMixFX.exe
2014-04-17 17:22 . 2014-04-17 17:22        101504        ----a-w-        c:\windows\system32\drivers\fireface_usb_64.sys
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}]
2011-09-12 06:06        413400        ----a-w-        c:\progra~2\SITERA~1\SiteRank.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2014-04-27 11:15        3559448        ----a-w-        c:\program files (x86)\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll" [2014-04-27 3559448]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"XFastUsb"="c:\program files (x86)\XFastUsb\XFastUsb.exe" [2011-08-30 4942336]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"SiteRanker"="c:\program files (x86)\SiteRanker\SiteRankTray.exe" [2011-09-12 320000]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-05-23 296056]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2012-06-28 74752]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2012-10-30 206448]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-10-16 1111432]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"UATrayIcon"="c:\program files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe" [2013-10-03 1404928]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-01-20 152392]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2014-04-27 2557976]
"yfwtray"="c:\program files (x86)\Yamaha\FWDriver\yfwtray.exe" [2008-03-06 110592]
"yfwcm"="c:\program files (x86)\Yamaha\FWDriver\yfwcm.exe" [2009-05-27 557056]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"THGuard"="c:\program files (x86)\TrojanHunter 5.5\THGuard.exe" [2012-10-22 1086880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~1\LUCIDL~1\VIRTU\x86\appinit_dll.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
"UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
2;2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 CltMngSvc;Search Protect by Conduit Service;c:\progra~2\SearchProtect\Main\bin\CltMngSvc.exe;c:\progra~2\SearchProtect\Main\bin\CltMngSvc.exe [x]
R2 WajamUpdaterV2;WajamUpdaterV2;c:\program files (x86)\Wajam\Updater\WajamUpdaterV2.exe;c:\program files (x86)\Wajam\Updater\WajamUpdaterV2.exe [x]
R3 DELTAII;Service for M-Audio Delta Driver (WDM);c:\windows\system32\DRIVERS\MAudioDelta.sys;c:\windows\SYSNATIVE\DRIVERS\MAudioDelta.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 firefaceu64;RME Fireface USB Audio Device;c:\windows\system32\drivers\fireface_usb_64.sys;c:\windows\SYSNATIVE\drivers\fireface_usb_64.sys [x]
R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS;c:\windows\SYSNATIVE\drivers\FNETTBOH_305.SYS [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
R3 t2usb64;Trigger II External Graphics;c:\windows\system32\drivers\t2usb64.sys;c:\windows\SYSNATIVE\drivers\t2usb64.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S0 mctkmdldr;mctkmdldr;c:\windows\system32\drivers\mctkmdldr64.sys;c:\windows\SYSNATIVE\drivers\mctkmdldr64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys;c:\windows\SYSNATIVE\DRIVERS\kl2.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\DRIVERS\diginet.sys;c:\windows\SYSNATIVE\DRIVERS\diginet.sys [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 GManager;GManager;c:\windows\system32\GManager.exe;c:\windows\SYSNATIVE\GManager.exe [x]
S2 MCTDesktopSvr;MCTDesktopSvr;c:\program files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe;c:\program files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PaceLicenseDServices;PACE License Services;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vToolbarUpdater18.1.0;vToolbarUpdater18.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 iLokDrvr;Usb Driver;c:\windows\system32\DRIVERS\iLokDrvr.sys;c:\windows\SYSNATIVE\DRIVERS\iLokDrvr.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 mctkmd;mctkmd;c:\windows\system32\drivers\mctkmd64.sys;c:\windows\SYSNATIVE\drivers\mctkmd64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SynUSB64;eLicenser;c:\windows\system32\DRIVERS\SynUSB64.sys;c:\windows\SYSNATIVE\DRIVERS\SynUSB64.sys [x]
S3 UAD2Pcie;Universal Audio UAD-2 DSP Accelerator;c:\windows\system32\DRIVERS\UAD2Pcie.sys;c:\windows\SYSNATIVE\DRIVERS\UAD2Pcie.sys [x]
S3 UAD2System;UAD-2 Global System Service;c:\windows\system32\DRIVERS\UAD2System.sys;c:\windows\SYSNATIVE\DRIVERS\UAD2System.sys [x]
S3 VirtuWDDM;VirtuWDDM;c:\windows\system32\DRIVERS\VirtuWDDM.sys;c:\windows\SYSNATIVE\DRIVERS\VirtuWDDM.sys [x]
S3 YFWBUS;Yamaha Steinberg FW Bus;c:\windows\system32\Drivers\yfwbus.sys;c:\windows\SYSNATIVE\Drivers\yfwbus.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-16 16:11        1077576        ----a-w-        c:\program files (x86)\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26 12:44]
.
2014-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26 12:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VIRTU"="c:\program files\Lucidlogix Technologies\VIRTU\VirtuControlPanel.Exe" [2011-04-21 2619488]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
"MCTDUtil"="c:\program files (x86)\Common Files\DesktopUtil\Util-Desktop.exe" [2011-05-03 195200]
"FDispPos"="c:\program files (x86)\Common Files\DesktopUtil\Util-Desktop.exe" [2011-05-03 195200]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
"FirefaceUsbTray1"="firefaceusb.exe" [2014-04-17 98304]
"FirefaceMixTray2"="TotalMixFX.exe" [2014-04-17 22900440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~1\LUCIDL~1\VIRTU\appinit_dll.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 83.169.186.161 83.169.186.225
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll
FF - ProfilePath -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - c:\program files (x86)\DealPly\DealPlyIE.dll
BHO-{B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
Toolbar-{EFEED92A-A33D-4873-BA8F-32BAA631E54D} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-Camel Audio Camel Phat VST v3.15 - c:\progra~2\COMMON~1\DIGIDE~1\WAVESH~1\CAMELP~1\UNWISE.EXE
AddRemove-Camel Audio Camel Space VST v1.15 - c:\progra~2\COMMON~1\DIGIDE~1\WAVESH~1\CAMELS~1\UNWISE.EXE
AddRemove-claro - c:\program files (x86)\Claro LTD\claro\1.8.3.10\uninstall.exe
AddRemove-db audioware Sidechain Gate VST v1.1.0 - c:\progra~2\STEINB~1\VSTPLU~1\SIDECH~2\UNWISE.EXE
AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe
AddRemove-GmdeiaMusic Oddity bank5 Addon - c:\progra~2\STEINB~1\VSTPLU~1\GMEDIA~1\UNWISE.EXE
AddRemove-Native Instruments Battery 3 - c:\progra~2\STEINB~1\CUBASE~1\VSTPLU~1\STEINB~1\UNWISE.EXE
AddRemove-Pinguin Audio Meter v2.2 - c:\audio\PINGUI~1\UNWISE.EXE
AddRemove-Predator_is1 - c:\program files (x86)\Steinberg\Cubase 5\VSTPlugins\unins000.exe
AddRemove-Rob Papen Blue VSTi v1.01 - c:\progra~2\STEINB~1\CUBASE~1\VSTPLU~1\WAVESH~1\Blue\UNWISE.EXE
AddRemove-SearchProtect - c:\progra~2\SearchProtect\Main\bin\uninstall.exe
AddRemove-Sndbad Shaders 1.04 - c:\users\Rafa\Documents\Uninstall.exe
AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - c:\programdata\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe
AddRemove-{B2D9F699-B4A4-4D37-941E-1B55DF33A96D}_is1 - c:\program files (x86)\Steinberg\Cubase 5\VSTPlugins\BREVERB 2\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PaceLicenseDServices]
"ImagePath"="\"c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe\" -u https://activation.paceap.com/InitiateActivation"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:43,5c,05,7c,dc,a6,b6,31,2d,cf,25,00,89,1c,88,2e,db,dc,07,d7,49,
  ec,1f,bd,03,6d,3b,e5,a9,cf,a0,41,f3,05,cf,d7,c9,f1,ae,61,e8,3d,d4,9a,15,ee,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:43,5c,05,7c,dc,a6,b6,31,2d,cf,25,00,89,1c,88,2e,db,dc,07,d7,49,
  ec,1f,bd,03,6d,3b,e5,a9,cf,a0,41,f3,05,cf,d7,c9,f1,ae,61,e8,3d,d4,9a,15,ee,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-05-22  16:35:12
ComboFix-quarantined-files.txt  2014-05-22 14:35
.
Vor Suchlauf: 23 Verzeichnis(se), 216.157.560.832 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 215.517.421.568 Bytes frei
.
- - End Of File - - DE643549854A0AAA3965A2C599D375E3
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31
[/CODE]

cosinus 22.05.2014 15:41
Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Rafau2012 22.05.2014 16:08
Dankeschön, mach ich°!

LOG

AdwCleaner (SO)
Code:
# AdwCleaner v3.210 - Bericht erstellt am 22/05/2014 um 16:58:49
# Aktualisiert 19/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Rafa - RAFA-PC
# Gestartet von : C:\Windows\SysWOW64\config\systemprofile\Desktop\adwcleaner_3.210.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : CltMngSvc
[#] Dienst Gelöscht : WajamUpdaterV2

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : \DeviceVM
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\DeviceVM
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiteRanker
Ordner Gelöscht : C:\Program Files (x86)\Application Updater
Ordner Gelöscht : C:\Program Files (x86)\Astroburn Toolbar
Ordner Gelöscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Claro LTD
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\GreenTree Applications
Ordner Gelöscht : C:\Program Files (x86)\SiteRanker
Ordner Gelöscht : C:\Program Files (x86)\Wajam
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Spigot
Ordner Gelöscht : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Datei Gelöscht : C:\Windows\System32\Tasks\Browser Manager
Datei Gelöscht : C:\Windows\System32\Tasks\Dealply

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [siteranker@siteranker.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hahpjplbmicfkmoccokbjejahjjpnena
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.claroappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.claroappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.clarodskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.clarodskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.claroHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.claroHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.claroESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.claroESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\e6dbdeb43de848
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3282722
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_ashampoo-clipfinder-hd_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_ashampoo-clipfinder-hd_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_windows-live-messenger-2012_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_windows-live-messenger-2012_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F398D871-ED00-42A8-BEAA-0209E9E59FCC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A903AC15-686E-4D67-A355-86FCBE9F60DA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60295942-9E5F-4EE8-B785-3A655904D24F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Wajam
Schlüssel Gelöscht : HKLM\Software\AVG Secure Search
Schlüssel Gelöscht : HKLM\Software\AVG Security Toolbar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Claro LTD
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\DealPly
Schlüssel Gelöscht : HKLM\Software\pdfforge
Schlüssel Gelöscht : HKLM\Software\Search Settings
Schlüssel Gelöscht : HKLM\Software\SearchProtect
Schlüssel Gelöscht : HKLM\Software\Wajam
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\claro
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\loadtbs-3.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16502


*************************

AdwCleaner[R0].txt - [20338 octets] - [22/05/2014 16:58:21]
AdwCleaner[S0].txt - [19950 octets] - [22/05/2014 16:58:49]

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [20011 octets] ##########

JRT.TxT

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by SYSTEM on 22.05.2014 at 17:08:02,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\siteranker



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Softonic_chr_1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Softonic_chr_1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Softonic_chr_1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Softonic_chr_1_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Windows\system32\config\systemprofile\appdata\locallow\application updater"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.05.2014 at 17:13:10,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Frisches LOG

FRST


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by Rafa (administrator) on RAFA-PC on 22-05-2014 17:15:15
Running from C:\Windows\SysWOW64\config\systemprofile\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\System32\GManager.exe
() C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Users\Rafa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtblfs.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [VIRTU] => C:\Program Files\Lucidlogix Technologies\VIRTU\VirtuControlPanel.Exe [2619488 2011-04-21] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [MCTDUtil] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [FDispPos] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [FirefaceUsbTray1] => C:\Windows\system32\firefaceusb.exe [98304 2014-04-17] (RME)
HKLM\...\Run: [FirefaceMixTray2] => C:\Windows\system32\TotalMixFX.exe [22900440 2014-04-17] (RME)
HKLM-x32\...\Run: [XFastUsb] => C:\Program Files (x86)\XFastUsb\XFastUsb.exe [4942336 2011-08-30] (FNet Co., Ltd.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2012-05-23] (RealNetworks, Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UATrayIcon] => C:\Program Files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe [1404928 2013-10-03] (Universal Audio, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [yfwtray] => C:\Program Files (x86)\Yamaha\FWDriver\yfwtray.exe [110592 2008-03-06] (Yamaha Corporation)
HKLM-x32\...\Run: [yfwcm] => C:\Program Files (x86)\Yamaha\FWDriver\yfwcm.exe [557056 2009-05-27] (Yamaha Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [THGuard] => C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe [1086880 2012-10-23] (Mischel Internet Security)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
AppInit_DLLs: C:\PROGRA~1\LUCIDL~1\VIRTU\appinit_dll.dll => C:\Program Files\Lucidlogix Technologies\VIRTU\appinit_dll.dll [183904 2011-04-21] (Lucidlogix Inc.)
AppInit_DLLs-x32: c:\PROGRA~1\LUCIDL~1\VIRTU\x86\appinit_dll.dll => C:\Program Files\Lucidlogix Technologies\VIRTU\x86\appinit_dll.dll [154208 2011-04-21] (Lucidlogix Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x56B17733CB75CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Astroburn Toolbar - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Tcpip\Parameters: [DhcpNameServer] 83.169.186.161 83.169.186.225

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.666 - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-09-19]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-09-19]
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012-06-09]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012-06-09]
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012-06-09]

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
R2 GManager; C:\Windows\system32\GManager.exe [313432 2012-08-28] ()
R2 MCTDesktopSvr; C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe [199296 2011-05-03] ()
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-04-27] (AVG Technologies)
S3 Cardex; C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [15648 2007-03-16] (Windows (R) Server 2003 DDK provider)
S3 firefaceu64; C:\Windows\System32\drivers\fireface_usb_64.sys [101504 2014-04-17] (RME)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2011-08-31] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2011-08-30] (FNet Co., Ltd.)
R3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25808 2013-04-11] ()
R3 iLokDrvr; C:\Windows\SysWOW64\DRIVERS\iLokDrvr.sys [54256 2008-09-08] (PACE Anti-Piracy, Inc.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-30] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-22] (Malwarebytes Corporation)
R3 mctkmd; C:\Windows\system32\drivers\mctkmd64.sys [146712 2013-03-11] (Magic Control Technology Corporation)
R0 mctkmdldr; C:\Windows\System32\drivers\mctkmdldr64.sys [19584 2011-04-08] (Magic Control Technology Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R3 RDID1027; C:\Windows\System32\Drivers\rdwm1027.sys [81920 2009-09-18] (Roland Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2011-12-23] ()
R3 SynUSB64; C:\Windows\System32\DRIVERS\SynUSB64.sys [30352 2009-06-26] (Steinberg Media Technologies GmbH)
S3 t2usb64; C:\Windows\System32\drivers\t2usb64.sys [428664 2013-03-29] (Magic Control Technology Corp.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 TBPanel; No ImagePath
R3 UAD2Pcie; C:\Windows\System32\DRIVERS\UAD2Pcie.sys [47616 2013-10-03] (Universal Audio Inc.)
R3 UAD2System; C:\Windows\System32\DRIVERS\UAD2System.sys [89088 2013-10-03] (Universal Audio Inc.)
R3 YFWBUS; C:\Windows\System32\Drivers\yfwbus.sys [228096 2013-09-12] (Yamaha Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-22 17:07 - 2014-05-22 17:07 - 00000000 ____D () C:\Windows\ERUNT
2014-05-22 16:58 - 2014-05-22 16:58 - 00000000 ____D () C:\AdwCleaner
2014-05-22 16:35 - 2014-05-22 16:35 - 00043346 _____ () C:\Windows\system32\config\systemprofile\Desktop\ComboFix.txt
2014-05-22 15:50 - 2014-05-22 16:35 - 00000000 ____D () C:\Qoobox
2014-05-22 15:50 - 2014-05-22 16:33 - 00000000 ____D () C:\Windows\erdnt
2014-05-22 15:50 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-22 15:50 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-22 15:50 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-22 15:48 - 2014-05-22 15:48 - 05200426 ____R (Swearware) C:\Windows\system32\config\systemprofile\Desktop\ComboFix.exe
2014-05-22 15:48 - 2014-05-22 15:48 - 04760795 _____ (Swearware) C:\Windows\system32\config\systemprofile\Desktop\ComboFix.exe.715n8x2.partial
2014-05-21 15:12 - 2014-05-22 17:15 - 00000000 ____D () C:\FRST
2014-05-21 10:57 - 2014-05-21 10:58 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.5
2014-05-21 10:57 - 2014-05-21 10:57 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll
2014-05-21 01:48 - 2014-05-21 01:48 - 00001061 _____ () C:\OpenOffice.org 3.4.1.lnk
2014-05-21 01:26 - 2014-05-21 12:02 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-20 23:28 - 2014-05-20 23:28 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-05-20 22:56 - 2014-05-22 15:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-20 22:39 - 2014-05-20 22:39 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\WinRAR
2014-05-20 22:23 - 2014-05-20 22:23 - 00158416 _____ () C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-20 22:22 - 2014-05-20 22:23 - 00000000 ____D () C:\Windows\system32\config\systemprofile\lucidlogix
2014-05-20 22:22 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\SysWOW64\%LOCALAPPDATA%
2014-05-20 22:18 - 2014-05-20 23:46 - 00001451 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-20 22:18 - 2014-05-20 23:46 - 00001417 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-20 22:18 - 2014-05-20 22:18 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 22:17 - 2014-05-20 23:46 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-20 22:17 - 2014-05-20 23:46 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 17:03 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Vintage Amp Room
2014-05-14 17:00 - 2009-11-05 09:50 - 09535488 _____ (Softube) C:\Program Files (x86)\Tube Delay.dll
2014-05-14 16:53 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Softube
2014-05-11 20:01 - 2014-05-11 20:01 - 00003209 _____ () C:\Windows\SysWOW64\adorage-protocol.txt
2014-05-11 20:01 - 2014-05-11 20:01 - 00003058 _____ () C:\Windows\SysWOW64\heroglyph-protocol.txt
2014-05-11 19:05 - 2014-05-21 02:53 - 00000000 ____D () C:\Program Files (x86)\GenArts
2014-05-11 19:05 - 2014-05-11 19:05 - 00000098 _____ () C:\Windows\MSUTIL.INI
2014-05-08 19:33 - 2014-05-08 18:58 - 00000426 _____ () C:\AVScanner.ini
2014-05-08 19:08 - 2014-05-08 19:08 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\McAfee
2014-05-07 18:49 - 2014-05-07 18:49 - 00000000 ____D () C:\Program Files (x86)\Yamaha

==================== One Month Modified Files and Folders =======

2014-05-22 17:15 - 2014-05-21 15:12 - 00000000 ____D () C:\FRST
2014-05-22 17:11 - 2013-01-26 14:44 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-22 17:09 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-22 17:09 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-22 17:07 - 2014-05-22 17:07 - 00000000 ____D () C:\Windows\ERUNT
2014-05-22 17:05 - 2011-08-30 19:00 - 01486931 _____ () C:\Windows\WindowsUpdate.log
2014-05-22 17:01 - 2013-08-26 22:04 - 00002812 _____ () C:\Windows\system32\GManager.ini
2014-05-22 17:01 - 2013-01-26 14:44 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-22 17:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-22 17:01 - 2009-07-14 06:51 - 00332172 _____ () C:\Windows\setupact.log
2014-05-22 17:00 - 2010-11-21 05:47 - 00364192 _____ () C:\Windows\PFRO.log
2014-05-22 16:58 - 2014-05-22 16:58 - 00000000 ____D () C:\AdwCleaner
2014-05-22 16:35 - 2014-05-22 16:35 - 00043346 _____ () C:\Windows\system32\config\systemprofile\Desktop\ComboFix.txt
2014-05-22 16:35 - 2014-05-22 15:50 - 00000000 ____D () C:\Qoobox
2014-05-22 16:33 - 2014-05-22 15:50 - 00000000 ____D () C:\Windows\erdnt
2014-05-22 16:29 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-22 15:48 - 2014-05-22 15:48 - 05200426 ____R (Swearware) C:\Windows\system32\config\systemprofile\Desktop\ComboFix.exe
2014-05-22 15:48 - 2014-05-22 15:48 - 04760795 _____ (Swearware) C:\Windows\system32\config\systemprofile\Desktop\ComboFix.exe.715n8x2.partial
2014-05-22 15:26 - 2014-05-20 22:56 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-22 15:25 - 2011-11-03 19:04 - 00000286 _____ () C:\Windows\TWAIN.LOG
2014-05-22 15:25 - 2011-11-03 19:04 - 00000156 _____ () C:\Windows\Twunk001.MTX
2014-05-22 15:25 - 2011-11-03 19:04 - 00000005 _____ () C:\Windows\Twain001.Mtx
2014-05-21 21:26 - 2011-04-12 09:43 - 06517380 _____ () C:\Windows\system32\perfh007.dat
2014-05-21 21:26 - 2011-04-12 09:43 - 01963164 _____ () C:\Windows\system32\perfc007.dat
2014-05-21 21:26 - 2009-07-14 07:13 - 00006216 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-21 15:32 - 2012-09-30 13:50 - 00000000 ____D () C:\Program Files (x86)\butt
2014-05-21 12:02 - 2014-05-21 01:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-21 10:58 - 2014-05-21 10:57 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.5
2014-05-21 10:57 - 2014-05-21 10:57 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll
2014-05-21 02:55 - 2011-11-03 23:54 - 00000000 ____D () C:\Program Files\RdDrv001
2014-05-21 02:53 - 2014-05-11 19:05 - 00000000 ____D () C:\Program Files (x86)\GenArts
2014-05-21 01:48 - 2014-05-21 01:48 - 00001061 _____ () C:\OpenOffice.org 3.4.1.lnk
2014-05-20 23:46 - 2014-05-20 22:18 - 00001451 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-20 23:46 - 2014-05-20 22:18 - 00001417 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-20 23:46 - 2014-05-20 22:17 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-20 23:46 - 2014-05-20 22:17 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 23:42 - 2011-10-04 02:10 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-20 23:42 - 2011-10-04 02:10 - 00000000 ____D () C:\Program Files\Adobe
2014-05-20 23:41 - 2011-08-30 21:28 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-20 23:28 - 2014-05-20 23:28 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-05-20 22:39 - 2014-05-20 22:39 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\WinRAR
2014-05-20 22:23 - 2014-05-20 22:23 - 00158416 _____ () C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-20 22:23 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\system32\config\systemprofile\lucidlogix
2014-05-20 22:22 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\SysWOW64\%LOCALAPPDATA%
2014-05-20 22:22 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-20 22:18 - 2014-05-20 22:18 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-19 15:42 - 2013-06-13 10:28 - 00000000 ____D () C:\Program Files (x86)\iZotope
2014-05-19 15:41 - 2011-09-05 23:53 - 00000000 ____D () C:\Program Files (x86)\Vstplugins
2014-05-19 15:08 - 2012-02-05 22:23 - 00000000 ____D () C:\Program Files\Common Files\Digidesign
2014-05-14 17:03 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Vintage Amp Room
2014-05-14 17:03 - 2014-05-14 16:53 - 00000000 ____D () C:\Program Files (x86)\Softube
2014-05-13 08:23 - 2009-07-14 06:45 - 05338400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-11 20:01 - 2014-05-11 20:01 - 00003209 _____ () C:\Windows\SysWOW64\adorage-protocol.txt
2014-05-11 20:01 - 2014-05-11 20:01 - 00003058 _____ () C:\Windows\SysWOW64\heroglyph-protocol.txt
2014-05-11 19:05 - 2014-05-11 19:05 - 00000098 _____ () C:\Windows\MSUTIL.INI
2014-05-11 13:56 - 2011-09-03 22:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-05-08 19:08 - 2014-05-08 19:08 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\McAfee
2014-05-08 18:58 - 2014-05-08 19:33 - 00000426 _____ () C:\AVScanner.ini
2014-05-08 00:06 - 2013-01-26 14:44 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 00:06 - 2013-01-26 14:44 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 18:49 - 2014-05-07 18:49 - 00000000 ____D () C:\Program Files (x86)\Yamaha
2014-05-07 18:49 - 2011-08-30 21:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-27 13:16 - 2014-03-26 02:34 - 00000000 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-04-27 13:15 - 2014-03-26 02:34 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-04-25 10:20 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-02-19 19:04

==================== End Of Log ============================
--- --- ---


Frisches LOG

Addition

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2014
Ran by Rafa at 2014-05-22 17:15:41
Running from C:\Windows\SysWOW64\config\systemprofile\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Disabled - Up to date) {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
AS: Kaspersky Internet Security (Disabled - Up to date) {95CBD341-38DB-14AC-AF6A-08054B41A339}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {1691B380-548E-1A7A-BE85-9A42CE15AEFF}

==================== Installed Programs ======================

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.135 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.4.402.265 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_719d6f144d0c086a0dfa7ff76bb9ac1) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
AKAI professional Plugins Pack v1.01-OxYGeN (HKLM-x32\...\AKAI professional Plugins Pack v1.01-OxYGeN) (Version:  - )
Amazon MP3 Downloader 1.0.9 (HKLM-x32\...\Amazon MP3 Downloader) (Version:  - )
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AnalogX SayIt (HKLM-x32\...\AnalogX SayIt) (Version:  - AnalogX)
Antares Autotune VST v5.09 (HKLM-x32\...\Antares Autotune VST_is1) (Version:  - )
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arturia minimoog V v1.6 (HKLM-x32\...\Arturia minimoog V_is1) (Version:  - )
Ashampoo ClipFinder HD v.2.21 (HKLM-x32\...\Ashampoo ClipFinder HD_is1) (Version: 2.2.1 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ASRock eXtreme Tuner v0.1.71 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.6.1.0171 - DT Soft Ltd)
Audacity 1.3.14 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
AudioEase Altiverb VST RTAS v6.12 (HKLM-x32\...\AudioEase Altiverb VST RTAS_is1) (Version:  - )
Auto-Tune EFX VST (HKLM-x32\...\{95292902-411B-4390-BCBD-8EA445F9456C}) (Version: 1.0.0 - Antares Audio Technologies)
Avid Effects (HKLM-x32\...\{A86F1158-A7F7-4E8C-98E3-88F4996E85EB}) (Version: 10.3.2 - Avid Technology, Inc.)
Avid HD Driver (x64) (HKLM\...\{658E112A-8776-4430-A275-D9248732DFB9}) (Version: 10.3.2 - Avid Technology, Inc.)
Avid Pro Tools (HKLM-x32\...\{8E60BB71-7EF3-42ED-9F10-AA041F25841A}) (Version: 10.3.2 - Avid Technology, Inc.)
Best Service Ethno World 4 Pro (HKLM-x32\...\Best Service Ethno World 4 Pro) (Version:  - )
Best Service Orient World (HKLM-x32\...\Best Service Orient World) (Version:  - )
Bitsonic Waspy 2.1 Mini (HKLM-x32\...\{84770ED7-BAF6-4E12-B1D5-AF15645389C8}_is1) (Version: 2.1 - Bitsonic LP)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BREVERB 2 2.0 (HKLM-x32\...\{B2D9F699-B4A4-4D37-941E-1B55DF33A96D}_is1) (Version: 2.0 - Overloud)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.3 - Broadcom Corporation)
butt (HKLM-x32\...\butt) (Version:  - )
Cakewalk RgcAudio z3ta Plus v1.5.2 VSTi DXi (HKLM-x32\...\Cakewalk RgcAudio z3ta Plus v1.5.2 VSTi DXi) (Version:  - )
Camel Audio Camel Phat VST v3.15 (HKLM-x32\...\Camel Audio Camel Phat VST v3.15) (Version:  - )
Camel Audio Camel Space VST v1.15 (HKLM-x32\...\Camel Audio Camel Space VST v1.15) (Version:  - )
Chromium PlugIns 3.0 (HKLM-x32\...\Chromium PlugIns 3.0) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
db audioware Sidechain Gate VST v1.1.0 (HKLM-x32\...\db audioware Sidechain Gate VST v1.1.0) (Version:  - )
Digieffects Phenomena Particle Effects (HKLM-x32\...\MAGIX_{AC64C316-5914-4741-84C4-CC4A2729544D}) (Version: 1.0.0.1 - MAGIX AG)
Digieffects Phenomena Particle Effects (x32 Version: 1.0.0.1 - MAGIX AG) Hidden
DirectWave (HKLM-x32\...\DirectWave) (Version:  - Image-Line bvba)
discoDSP HighLife v1.4 (HKLM-x32\...\discoDSP HighLife v1.4_is1) (Version: 1.4 - discoDSP)
Druckerdeinstallation für EPSON SX125 Series (HKLM\...\EPSON SX125 Series) (Version:  - SEIKO EPSON Corporation)
E²Deesser (HKLM-x32\...\E²Deesser_is1) (Version: 1.2.0 - Eiosis, Inc.)
East West Colossus (HKLM-x32\...\East West Colossus) (Version:  - )
East West EWQLSO Gold Edition (HKLM-x32\...\East West EWQLSO Gold Edition) (Version:  - )
East West Ra (HKLM-x32\...\East West Ra) (Version:  - )
ElastikVst (x32 Version: 1.00.0000 - ueberschall sample service GmbH) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.6.6.2134 - Steinberg Media Technologies GmbH)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EXPERTool 7.20 (HKLM-x32\...\MySSID_is1) (Version:  - Gainward Co., Ltd)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
FormatFactory 2.70 (HKLM-x32\...\FormatFactory) (Version: 2.70 - Free Time)
Free Dailymotion Download version 1.0.4.1028 (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.4.1028 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Gladiator  full (HKLM-x32\...\Tone2 Gladiator full_is1) (Version:  - Tone2)
Gladiator v1.2.2.0 (HKLM-x32\...\Tone2 Gladiator Retail_is1) (Version:  - )
GmdeiaMusic Oddity bank5 Addon (HKLM-x32\...\GmdeiaMusic Oddity bank5 Addon) (Version:  - )
GMedia Music impOSCar VSTi v1.0.0.1 (HKLM-x32\...\GMedia Music impOSCar VSTi v1.0.0.1) (Version:  - )
GMediaMusic - Oddity VST2 (HKLM-x32\...\Oddity VST2) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{36A52BCF-AC3D-32F1-AD5F-A09769EB8887}) (Version: 4.1.3.13728 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GRM Tools Spectral Transform VST v1.6.52 (HKLM-x32\...\GRM Tools Spectral Transform VST v1.6.52) (Version:  - )
Halls Of Fame Free -  Origami Edition 2.5.2 (HKLM-x32\...\Halls Of Fame Free -  Origami Edition 2.5.2) (Version:  - )
HOFA-Plugins Uninstall (HKLM-x32\...\HOFA-Plugins) (Version:  - HOFA-Plugins)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line bvba)
INTEGRA (HKLM-x32\...\INTEGRA_is1) (Version:  - )
INTEGRA-7 (HKLM-x32\...\INTEGRA-7_is1) (Version: 1.0 - Cakewalk Music Software)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
ISO Workshop 5.2 (HKLM-x32\...\ISO Workshop_is1) (Version:  - Glorylogic)
IsoBuster 3.1 (HKLM-x32\...\IsoBuster_is1) (Version: 3.1 - Smart Projects)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.290 - Oracle)
Juicer 3.90 (HKLM-x32\...\{640EAE56-81A2-49D4-9B8C-00DA3C0031AF}_is1) (Version:  - Digital Juice, Inc.)
Kaspersky Internet Security 2012 (HKLM-x32\...\InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}) (Version: 12.0.0.374 - Kaspersky Lab)
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374 - Kaspersky Lab) Hidden
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
License Support (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
LiquidInstrumentVst 1.1 (HKLM-x32\...\{A2453C21-B185-437A-933D-EAFC19D0E2D2}) (Version: 1.01.0007 - ueberschall sample service GmbH)
LiquidInstrumentVst 1.1 (x32 Version: 1.01.0007 - ueberschall sample service GmbH) Hidden
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Macromedia Flash 8 (HKLM-x32\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Magic Bullet Quick Looks (for MAGIX) (HKLM-x32\...\{B2CF1869-8727-4F9C-BA7D-807CA9F7C528}) (Version: 1.0.0 - Red Giant)
MAGIX PanoramaStudio 2.2.5 Pro (HKLM-x32\...\MAGIX_{C4A9E247-9949-4D95-AB8C-45FE1469847F}) (Version: 2.2.5.129 - MAGIX AG)
MAGIX PanoramaStudio 2.2.5 Pro (x32 Version: 2.2.5.129 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\MAGIX_{EE79A8D3-6676-41FF-967C-242017CEC0F2}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{838A0DDB-239D-4668-94E7-7E8AC329D1C4}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Designelemente) (HKLM-x32\...\MAGIX_{A86B6747-7E5B-4E7A-9614-D466E31482CE}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Designelemente) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Digieffects Phenomena Particle Effects) (HKLM-x32\...\MAGIX_{AC0D8298-8D48-44A2-AE6D-444167493C60}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Digieffects Phenomena Particle Effects) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Filmvorlagen) (HKLM-x32\...\MAGIX_{31837320-F3EB-43B9-85FD-72916279C5DA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Filmvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Fotoshow Maker-Stile) (HKLM-x32\...\MAGIX_{83AB7E66-A59E-43BD-94B2-274ABEF2524B}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Fotoshow Maker-Stile) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (HKLM-x32\...\MAGIX_{E9CF5DD7-A414-4C00-8651-A60933B36410}) (Version: 11.0.5.26 - MAGIX AG)
MAGIX Video Pro X4 (Individuelle Menüvorlagen) (HKLM-x32\...\MAGIX_{3BE17CC6-BE68-4528-A80B-1CA3FE4A7DB7}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Individuelle Menüvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Menüvorlagen) (HKLM-x32\...\MAGIX_{440FA05F-BB9E-4735-B2FF-0B67C10183DA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Menüvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (NewBlueFX Light Blends) (HKLM-x32\...\MAGIX_{CE970FCE-0971-4EFF-996D-546D1AC3ECE2}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (NewBlueFX Light Blends) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Red Giant Magic Bullet Quick Looks) (HKLM-x32\...\MAGIX_{C0502363-A610-4D5B-B5A0-7F8447491B21}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Red Giant Magic Bullet Quick Looks) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Titeleffekte) (HKLM-x32\...\MAGIX_{9F2049D9-A3BF-4711-94E5-53E85855C5BF}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Titeleffekte) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Überblendeffekte) (HKLM-x32\...\MAGIX_{9F17B0CC-9ED8-4B53-97CB-E0CB022DC16A}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Überblendeffekte) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Video Plugins) (HKLM-x32\...\MAGIX_{B1DA7E9C-4822-41DD-8797-43C5B42F275F}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Video Plugins) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (x32 Version: 11.0.5.26 - MAGIX AG) Hidden
MAGIX Video Pro X4 Update (Version: 11.0.7.8 - MAGIX AG) Hidden
MAGIX Video Pro X4 Update (Version: 11.0.9.0 - MAGIX AG) Hidden
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1003 - Marvell)
Melodyne 3.1 (HKLM-x32\...\{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}) (Version: 3.1.0200 - Celemony Software GmbH)
Melodyne 3.1 (x32 Version: 3.1.0200 - Celemony Software GmbH) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Miroslav Philharmonik (HKLM-x32\...\{BA0D0121-A3BA-487D-9C78-7AB0E676C722}) (Version: 1.0.0 - IK Multimedia)
Miroslav Philharmonik Instruments (HKLM-x32\...\{9FCCC8D1-3152-4699-8793-6CB0B9E26EBB}) (Version: 1.0 - IK Multimedia)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
mocha Pro V3.2.1-7276 (HKLM-x32\...\{110ABF3B-74FA-45A4-B893-8482DA52AA9D}) (Version: 3.21.7276 - Imagineer Systems)
Mopis VSTi v1.1 (HKLM-x32\...\Mopis VSTi v1.1) (Version:  - )
Mozilla Firefox 23.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 23.0.1 (x86 de)) (Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
Mp3tag v2.49a (HKLM-x32\...\Mp3tag) (Version: v2.49a - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Native Instruments B4 II (HKLM-x32\...\Native Instruments B4 II) (Version:  - )
Native Instruments Battery 3 (HKLM-x32\...\Native Instruments Battery 3) (Version:  - )
Native Instruments Guitar Combo III (HKLM-x32\...\Native Instruments Guitar Combo III) (Version:  - )
Native Instruments Kinetic Metal (HKLM-x32\...\Native Instruments Kinetic Metal) (Version: 1.0.0.12 - Native Instruments)
Native Instruments Kinetic Metal (Version: 1.0.0.12 - Native Instruments) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (Version: 5.1.0.6066 - Native Instruments) Hidden
Native Instruments Kontakt 5 Demo Content (HKLM-x32\...\Native Instruments Kontakt 5 Demo Content) (Version:  - Native Instruments)
Native Instruments Kontakt 5 Demo Content (Version: 1.0.0.000 - Native Instruments) Hidden
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Massive (Version: 1.3.0.2050 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments)
Native Instruments Service Center (Version: 2.5.2.1549 - Native Instruments) Hidden
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.1.0.418 - Native Instruments)
Native Instruments Supercharger (Version: 1.1.0.418 - Native Instruments) Hidden
Native Power Pack vol 1 v2.5 (HKLM-x32\...\NPP vol 1) (Version:  - )
Native Power Pack vol 2 v2.5 (HKLM-x32\...\NPP vol 2) (Version:  - )
Nero Burning ROM 11 (HKLM-x32\...\{E656D89A-8CBB-497F-918F-8361A4071C26}) (Version: 11.0.10400 - Nero AG)
Nero Burning ROM 11 (x32 Version: 11.0.12200.23.100 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero ControlCenter 11 (x32 Version: 11.0.12300.0.23 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Core Components 11 (x32 Version: 11.0.14700.1.9 - Nero AG) Hidden
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.10623.22.0 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20007 - Nero AG) Hidden
NewBlueFX Light Blends (HKLM-x32\...\NewBlueFX Light Blends) (Version: 1.4 - NewBlue)
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Octopus (HKLM-x32\...\Octopus) (Version:  - )
Ohm Force - Ohmicide VST (HKLM-x32\...\Ohmicide VST) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.) Hidden
PCM Native Reverb Bundle (HKLM-x32\...\PCM Native Reverb Bundle) (Version:  - Lexicon)
PCM Native Reverb Bundle (x32 Version: 1.1.3 - Lexicon) Hidden
PCR-Treiber (HKLM\...\RolandRDID0027) (Version:  - Roland Corporation)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.1 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v6.5 (HKLM-x32\...\{169917C4-4A77-45F4-B20E-860703FD5E6F}) (Version: 6.5 - Spigot, Inc.) <==== ATTENTION
Photo to Cartoon (HKLM-x32\...\{3A6A34D3-37EE-40F3-BF81-EC7A4BF7F24D}) (Version: 1.0.0 - Caricature Software)
Pinguin Audio Meter v2.2 (HKLM-x32\...\Pinguin Audio Meter v2.2) (Version:  - )
proDAD DeFishr 1.0 (HKLM-x32\...\proDAD-DeFishr-1.0) (Version: 1.0.59.1 - proDAD GmbH)
proDAD Mercalli 1.0 (HKLM-x32\...\proDAD-Mercalli-1.0) (Version:  - )
proDAD Mercalli 2.0 (HKLM-x32\...\proDAD-Mercalli-2.0) (Version: 2.0.112.2 - proDAD GmbH)
proDAD Mercalli 3.0 (HKLM-x32\...\proDAD-Mercalli-3.0) (Version: 3.0.215.1 - proDAD GmbH)
proDAD ProDRENALIN 1.0 (HKLM-x32\...\proDAD-ProDRENALIN-1.0) (Version: 1.0.22.1 - proDAD GmbH)
proDAD Vitascene 1.0 (HKLM-x32\...\proDAD-Vitascene-1.0) (Version:  - )
proDAD Vitascene 2.0 (64bit) (HKLM\...\proDAD-Vitascene-2.0) (Version: 2.0.108 - proDAD GmbH)
proDAD Vitascene 2.0 (HKLM-x32\...\proDAD-Vitascene-2.0) (Version: 2.0.108 - proDAD GmbH)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
Revoice Pro (32 bit) (HKLM-x32\...\{7481C12D-51CF-4747-B1D5-3D7FE7612F0F}) (Version: 2.3.0.5 - Synchro Arts Ltd)
RgcAudio Pentagon I v1.4 (HKLM-x32\...\RgcAudio Pentagon I v1.4) (Version:  - )
RME Fireface USB (HKLM\...\FIREFACE_USB) (Version: 1.0.46.0 - RME Intelligent Audio Solutions)
Rob Papen Albino 3 (HKLM-x32\...\Rob Papen Albino 3) (Version:  - )
Rob Papen Blue VSTi v1.01  (HKLM-x32\...\Rob Papen Blue VSTi v1.01 ) (Version:  - )
Rob Papen Predator V1.1 b (HKLM-x32\...\Predator_is1) (Version:  - RPCX)
Saints Row The Third (HKLM-x32\...\Saints Row The Third_is1) (Version:  - )
SheepDog 1.0 (HKLM-x32\...\{8DDD8A6E-C353-4489-9935-63B8F0E4C6C4}) (Version: 1.0.0.0 - Josh Sklare)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Sndbad Shaders 1.04 (HKLM-x32\...\Sndbad Shaders 1.04) (Version: 1.04 - Sndbad)
Softube Acoustic Feedback VST RTAS v1.0.7 (HKLM-x32\...\Softube Acoustic Feedback VST RTAS_is1) (Version:  - )
Softube Bass Amp Room VST RTAS v1.0.2 (HKLM-x32\...\Softube Bass Amp Room VST RTAS_is1) (Version:  - )
Softube FET Compressor VST RTAS v1.0.3 (HKLM-x32\...\Softube FET Compressor VST RTAS_is1) (Version:  - )
Softube Metal Amp Room VST RTAS v1.1.5 (HKLM-x32\...\Softube Metal Amp Room VST RTAS_is1) (Version:  - )
Softube Passive-Active Pack VST RTAS v1.0.2 (HKLM-x32\...\Softube Passive-Active Pack VST RTAS_is1) (Version:  - )
Softube Spring Reverb VST RTAS v1.0.4 (HKLM-x32\...\Softube Spring Reverb VST RTAS_is1) (Version:  - )
Softube Tonelux Tilt VST RTAS v1.0 (HKLM-x32\...\Softube Tonelux Tilt_is1) (Version:  - )
Softube Trident A-Range VST RTAS v1.0.2 (HKLM-x32\...\Softube Trident A-Range VST RTAS_is1) (Version:  - )
Softube Tube Delay VST RTAS v1.0.5 (HKLM-x32\...\Softube Tube Delay VST RTAS_is1) (Version:  - )
Softube Tube-Tech CL 1B VST RTAS v1.0.3 (HKLM-x32\...\Softube Tube-Tech CL 1B VST RTAS_is1) (Version:  - )
Softube Tube-Tech PE 1C VST RTAS v1.0.1 (HKLM-x32\...\Softube Tube-Tech PE 1C_is1) (Version:  - )
Softube Valley People Dyna-mite VST RTAS v1.0.1 (HKLM-x32\...\Softube Valley People Dyna-mite VST RTAS_is1) (Version:  - )
Softube Vintage Amp Room VST RTAS v1.05 (HKLM-x32\...\Softube Vintage Amp Room VST RTAS_is1) (Version:  - )
Sonalksis Plug-Ins for Windows 3.00 (HKLM-x32\...\Sonalksis Plug-Ins for Windows_is1) (Version:  - Sonalksis)
Sonnox Oxford Inflator Native VST v1.5.1 (HKLM-x32\...\Sonnox Oxford Inflator Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Inflator PowerCore VST v1.5.1 (HKLM-x32\...\Sonnox Oxford Inflator PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Limiter Native VST v1.1.1 (HKLM-x32\...\Sonnox Oxford Limiter Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Limiter PowerCore VST v1.1.1 (HKLM-x32\...\Sonnox Oxford Limiter PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 Dynamics Native VST v1.3.1 (HKLM-x32\...\Sonnox Oxford R3 Dynamics Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 Dynamics PowerCore VST v1.3.1 (HKLM-x32\...\Sonnox Oxford R3 Dynamics PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 EQ Native VST v1.6.1 (HKLM-x32\...\Sonnox Oxford R3 EQ Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 EQ PowerCore VST v1.6.1 (HKLM-x32\...\Sonnox Oxford R3 EQ PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Reverb Native VST v1.0 (HKLM-x32\...\Sonnox Oxford Reverb Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford TransMod Native VST v1.3.1 (HKLM-x32\...\Sonnox Oxford TransMod Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford TransMod PowerCore VST v1.3.1 (HKLM-x32\...\Sonnox Oxford TransMod PowerCore VST_is1) (Version:  - Team AiR 2007)
Sony ACID 4.0f (HKLM-x32\...\{36235A3F-92C7-4F90-84E7-3697C59AD369}) (Version: 4.0.446 - Sony)
SoundToys Devil-Loc Deluxe - Academic V1 (HKLM-x32\...\Devil-Loc Deluxe - Academic V1_is1) (Version:  - SoundToys Inc)
SoundToys MicroShift V1 (HKLM-x32\...\MicroShift V1_is1) (Version:  - SoundToys Inc)
SoundToys NTV FX V4 - Academic V4 (HKLM\...\SoundToys NTV FX V4 - Academic V4_is1) (Version:  - SoundToys Inc)
SoundToys NTV FX V4 - Academic V4 (HKLM-x32\...\SoundToys NTV FX V4 - Academic V4_is1) (Version:  - SoundToys Inc)
SP ver 4.71 (HKLM-x32\...\SP Inc. Panoramic Tools, SP_STITCHER_is1) (Version:  - )
SPL Analog Code Vitalizer MK2-T VST RTAS v1.2 (HKLM-x32\...\SPL Analog Code Vitalizer MK2-T VST RTAS_is1) (Version:  - )
Steinberg Cubase 7 (HKLM-x32\...\{36035C23-2361-495A-9AE9-D1FF9A9F70B7}) (Version: 7.0.5 - Steinberg Media Technologies GmbH)
Steinberg Cubase 7.5 (HKLM-x32\...\{C75F4809-1E91-49F4-8093-45D9B053E89D}) (Version: 7.5.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg EDM Toolbox MIDI Loops (HKLM-x32\...\{8C9B2EA8-9A30-4347-95E9-10E919C4F32E}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Eucon Adapter 6.5 (HKLM-x32\...\{000F81EC-1EF7-4926-BE38-1B5E3A41E109}) (Version: 6.5.2 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Allen Morgan Signature Drums (HKLM-x32\...\{611A7035-0172-4B9B-8BB6-5046F6867D8A}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE (HKLM-x32\...\{A6790D47-D653-4B88-BED4-96878DBE5191}) (Version: 4.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE (HKLM-x32\...\{EF7800A8-575E-4776-95A5-A9D904A85D5F}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 1.6.1 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop (HKLM-x32\...\{DC0A50F1-AD2A-4B8C-BD9E-C047B3D8F9E5}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue (HKLM-x32\...\{0EB4D2B3-9410-4FB7-AD46-C48CE45B9498}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Stereoizer3 v3.1 (HKLM\...\Stereoizer3_is1) (Version:  - NUGEN Audio)
Sugar Bytes Cyclop 1.0.1 (HKLM\...\Cyclop_is1) (Version: 1.0.1 - Sugar Bytes)
Sugar Bytes Guitarist 1.0.2 (HKLM\...\Guitarist_is1) (Version: 1.0.2 - Sugar Bytes)
Sugar Bytes Guitarist Library 1.0 (HKLM-x32\...\Guitarist Library_is1) (Version: 1.0 - Sugar Bytes)
Sugar Bytes Turnado 1.5 (HKLM\...\Turnado_is1) (Version: 1.5 - Sugar Bytes)
Sylenth1 v2.20 (HKLM\...\Sylenth1_is1) (Version:  - )
SynthMaker 1.0 (HKLM-x32\...\SynthMaker) (Version:  - Outsim)
TC Native Bundle v3.1 (HKLM-x32\...\TC Native Bundle v3.1) (Version:  - )
TerraTec Komplexer VSTi v1.0.2.0 (HKLM-x32\...\TerraTec Komplexer_is1) (Version:  - )
Timeworks ReverbX (HKLM-x32\...\Timeworks ReverbX) (Version:  - )
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version:  - Image-Line bvba)
Tpkd x64 (HKLM\...\{6347E7B5-806F-4302-906A-05C62CCEA502}) (Version: 5.9.6 - PACE Anti-Piracy, Inc.)
Trilogy (HKLM-x32\...\Trilogy_is1) (Version:  - Spectrasonics, Inc.)
TrojanHunter 5.5 (HKLM-x32\...\TrojanHunter_is1) (Version: 5.5 - Mischel Internet Security)
TruePianos 1.4.1 (HKLM\...\TruePianos_is1) (Version:  - 4Front Technologies)
TruePianos: Amber Module 1.4.0 (HKLM-x32\...\TruePianos: Amber Module_is1) (Version:  - 4Front Technologies)
TruePianos: Diamond Module 1.4.0 (HKLM-x32\...\TruePianos: Diamond Module_is1) (Version:  - 4Front Technologies)
TruePianos: Emerald Module 1.4.0 (HKLM-x32\...\TruePianos: Emerald Module_is1) (Version:  - 4Front Technologies)
Tunatic (HKLM-x32\...\Tunatic) (Version:  - )
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
UAD drivers. This may take a while... (x32 Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{b5c448f3-fa31-47bf-85ed-13451fbdfe90}) (Version: 7.3.0.4295 - Universal Audio, Inc.)
UAD Powered Plug-Ins (Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (x32 Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
URS Classic Console EQ Bundle VST Native (HKLM-x32\...\URS Classic Console EQ Bundle VST Native1.0) (Version: 1.0 - URS Unique Recording Software)
URS Everything EQ Bundle v4.0 (HKLM-x32\...\URS Everything EQ Bundle v4.0) (Version:  - )
USB Display Device (Trigger Family) 13.02.0329.3679 (HKLM-x32\...\{81C5AD1D-C7C6-48AC-AC85-8F04293B1780}) (Version: 13.02.0329.3679 - StarTech)
Vengeance Producer Suite - Glitch Bitch 1.0.3 (HKLM-x32\...\{67715E04-59FB-442A-9A23-76F9C0F0D78D}_is1) (Version:  - keilwerth Audio / Vengeance Sound)
Vengeance Producer Suite - TapeStop 1.0.1 (HKLM-x32\...\{24293F25-0C00-4DD9-8DCD-257E415FF5E4}_is1) (Version:  - keilwerth Audio / Vengeance Sound)
Viral Outbreak v1.00 VSTi (HKLM-x32\...\Viral Outbreak v1.00 VSTi_is1) (Version:  - )
VIRTU 1.0.0 (HKLM\...\VIRTU_is1) (Version: 1.0.0 - Lucidlogix Technologies LTD)
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ 64-bit Redistributables (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (x32 Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
VocALign Pro 4 VST (HKLM-x32\...\{EB77C666-B349-4046-8BD3-E4941119E1EF}) (Version: 4.2 - Synchro Arts Ltd)
V-Station 1.5.1 (HKLM-x32\...\{842C6AFC-7856-4fd9-99AF-8900554ACAA2}_is1) (Version: 1.5.1 - Novation Digital Music Systems Ltd.)
Waves Mercury Bundle (HKLM-x32\...\Waves Mercury Bundle) (Version: 5.0 - Team AiR)
Waves SSL Collection v1.2 (HKLM-x32\...\Waves SSL Collection v1.2) (Version:  - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - RME Fireface USB (04/02/2014 1.0.46.0) (HKLM\...\EA40120374767D22CA5438C62B3763D87EB7BEB0) (Version: 04/02/2014 1.0.46.0 - RME)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WordBuilder (HKLM-x32\...\{B7DAD844-34CD-456B-83CC-88065323DD69}) (Version: 1.1.21 - East West)
XFastUsb (HKLM-x32\...\XFastUsb) (Version:  - )
Yamaha Steinberg FW Driver (HKLM-x32\...\InstallShield_{755036CF-6EC8-48E3-A193-B3434E8A4F59}) (Version: 1.6.5 - Yamaha Corporation)
Yamaha Steinberg FW Driver (Version: 1.6.5 - Yamaha Corporation) Hidden
YTD Video Downloader 4.7.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.1 - GreenTree Applications SRL)
Zero-G Nostalgia (HKLM-x32\...\Zero-G Nostalgia) (Version:  - )

==================== Restore Points  =========================

06-06-2012 19:37:15 Installed Active@ ISO Burner
06-06-2012 19:37:45 SPTD setup V1.62
22-05-2014 13:50:35 ComboFix created restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-22 16:28 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {19BE80B5-54F2-4DBB-A5FE-5E5453896226} - System32\Tasks\Google Updater and Installer => C:\Users\Rafa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {1AB66A4A-F6E6-43CA-A080-197C00D1C61F} - System32\Tasks\AdobeAAMUpdater-1.0-Rafa-PC-Rafa => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {1B37D9E5-3425-46E7-8C57-2D94552EC7BB} - System32\Tasks\{F68D4C34-DD44-4E41-9633-193DC626206B} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {221B9D0C-B2DF-4B57-AC9D-33BE824FE9D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {4727FFD6-A804-4ECD-B1E9-BCD53AFF1D24} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-680937111-310360728-3594482816-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {4CE47BE3-3942-40B5-AE81-EC304CFC9577} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {5B98D882-72B5-422D-B9CA-E9D85DF1B5B6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {6AC39706-D091-468D-83C4-7A8DF6E979FA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-680937111-310360728-3594482816-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {7A07574B-B584-407D-81E2-3323EA442BD2} - \Browser Manager No Task File <==== ATTENTION
Task: {84326A1B-429A-4188-AB35-B2C558D03636} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {84AB0070-4A65-462A-BEDD-1CEC7CB02CB5} - System32\Tasks\{C7DD9DD2-B840-48A2-A54F-E67DADD4518E} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {88B6246D-3C3C-43D3-BF7F-BE11C23B88DC} - System32\Tasks\{B8B5160B-43C2-44F5-ABB5-A6C7375B9D91} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {8946CD17-40AD-41EA-BFC9-A92971E73976} - \DealPly No Task File <==== ATTENTION
Task: {8F18BF3C-4BCB-4A2D-B28E-F067F95B17D9} - System32\Tasks\Amazon Music Helper => C:\Users\Rafa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2013-12-12] ()
Task: {C0D44A6D-9C3C-46A6-8135-1075D0504BD1} - System32\Tasks\{7EE3FCBD-EA2D-43A4-97C5-8D3A75FF8DF4} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {DA3623FC-BFCA-4CE2-8BA9-E09CA4E5744E} - System32\Tasks\{A17CBABF-DCC3-4AC2-B912-F5108225B8C7} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {F294DDB7-8BC5-4E5A-BFAE-5E0189AAF08F} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-05-23] (RealNetworks, Inc.)
Task: {FF4983CF-5622-4E85-8ED6-062DF8FD97CA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-03-20 17:33 - 2014-02-08 19:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-26 22:12 - 2012-08-28 14:20 - 00313432 _____ () C:\Windows\system32\GManager.exe
2013-08-26 22:12 - 2011-05-03 18:13 - 00199296 _____ () C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
2014-01-02 15:00 - 2013-12-12 21:56 - 03145536 _____ () C:\Users\Rafa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:6B2C3EB805B95CCC

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.


==================== Memory info ===========================

Percentage of memory in use: 14%
Total physical RAM: 16296.58 MB
Available physical RAM: 13898.95 MB
Total Pagefile: 32591.35 MB
Available Pagefile: 30102.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.5 GB) (Free:201.02 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Rafau) (Fixed) (Total:465.76 GB) (Free:3.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F99A8EF3)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 1CB12ABD)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================

cosinus 22.05.2014 22:36
Dein Benutzerprofil macht mir noch etwas Sorgen. Erstell mal einen neuen Adminbenutzer über die Systemsteuerung, log dich in diesem ein und erstell neuer FRST-Logs.

Rafau2012 22.05.2014 22:37
hmm ich bin total am ende...ich kann auch nichts mehr installieren und sonstiges!
Vieleicht doch formatieren ????ß

cosinus 22.05.2014 23:28
Du gehst auf meinen letzten Beitrag genau garnicht ein :wtf:

Rafau2012 22.05.2014 23:35
so habs gemacht...ne sorry ... aber ich kann seit Tagen nicht mehr am pc arbeiten:( das macht mich hibbelig...

schau mal ob es sich da was geändetr hat? ich konnte aufjedenfall mit dem neuen Administrator Malware installieren und durchscannen lassen, ohne probleme!
Ich hab das gefühl der alte Admin ist irgendwie gesperrt oder so...

FRST LOG NEU


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by Mama (administrator) on RAFA-PC on 23-05-2014 00:28:13
Running from C:\Users\Mama\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\System32\GManager.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Magic Control Technology Corporation) C:\Program Files (x86)\Common Files\DesktopUtil\MCTDUtil.exe
(Magic Control Technology Corporation) C:\Program Files (x86)\Common Files\DesktopUtil\FDispPos.exe
(RME) C:\Windows\System32\firefaceusb.exe
(RME) C:\Windows\System32\TotalMixFX.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUsb\XFastUsb.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Universal Audio, Inc.) C:\Program Files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Yamaha Corporation) C:\Program Files (x86)\Yamaha\FWDriver\yfwtray.exe
(Yamaha Corporation) C:\Program Files (x86)\Yamaha\FWDriver\yfwcm.exe
(Mischel Internet Security) C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [VIRTU] => C:\Program Files\Lucidlogix Technologies\VIRTU\VirtuControlPanel.Exe [2619488 2011-04-21] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [MCTDUtil] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [FDispPos] => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe [195200 2011-05-03] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [FirefaceUsbTray1] => C:\Windows\system32\firefaceusb.exe [98304 2014-04-17] (RME)
HKLM\...\Run: [FirefaceMixTray2] => C:\Windows\system32\TotalMixFX.exe [22900440 2014-04-17] (RME)
HKLM-x32\...\Run: [XFastUsb] => C:\Program Files (x86)\XFastUsb\XFastUsb.exe [4942336 2011-08-30] (FNet Co., Ltd.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2012-05-23] (RealNetworks, Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UATrayIcon] => C:\Program Files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe [1404928 2013-10-03] (Universal Audio, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [yfwtray] => C:\Program Files (x86)\Yamaha\FWDriver\yfwtray.exe [110592 2008-03-06] (Yamaha Corporation)
HKLM-x32\...\Run: [yfwcm] => C:\Program Files (x86)\Yamaha\FWDriver\yfwcm.exe [557056 2009-05-27] (Yamaha Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [THGuard] => C:\Program Files (x86)\TrojanHunter 5.5\THGuard.exe [1086880 2012-10-23] (Mischel Internet Security)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
AppInit_DLLs: C:\PROGRA~1\LUCIDL~1\VIRTU\appinit_dll.dll => C:\Program Files\Lucidlogix Technologies\VIRTU\appinit_dll.dll [183904 2011-04-21] (Lucidlogix Inc.)
AppInit_DLLs-x32: c:\PROGRA~1\LUCIDL~1\VIRTU\x86\appinit_dll.dll => C:\Program Files\Lucidlogix Technologies\VIRTU\x86\appinit_dll.dll [154208 2011-04-21] (Lucidlogix Inc.)
Startup: C:\Users\Rafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Mama\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Rafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Rafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SheepDog.lnk
ShortcutTarget: SheepDog.lnk -> C:\Users\Rafa\AppData\Roaming\Microsoft\Installer\{8DDD8A6E-C353-4489-9935-63B8F0E4C6C4}\SheepDog.exe (Josh Sklare)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA96AC7490876CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Astroburn Toolbar - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Tcpip\Parameters: [DhcpNameServer] 83.169.186.161 83.169.186.225

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.666 - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-09-19]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-09-19]
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012-06-09]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012-06-09]
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012-06-09]

Chrome:
=======
CHR Extension: (FreeOnlineRadioPlayerRecorder V1) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\aicancafipiklohohmoognddncljhkio [2014-05-22]
CHR Extension: (Google Docs) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-22]
CHR Extension: (Google Drive) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-22]
CHR Extension: (Google-Suche) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-22]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-05-22]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-05-22]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-05-22]
CHR Extension: (Google Wallet) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-22]
CHR Extension: (Google Mail) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-22]
CHR Extension: (Anti-Banner) - C:\Users\Mama\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-05-22]
CHR HKLM-x32\...\Chrome\Extension: [aicancafipiklohohmoognddncljhkio] - C:\Users\Rafa\AppData\Local\CRE\aicancafipiklohohmoognddncljhkio.crx [2013-02-11]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx [2011-10-13]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx [2011-10-13]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-09-19]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx [2011-10-13]

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-30] (Kaspersky Lab ZAO)
R2 GManager; C:\Windows\system32\GManager.exe [313432 2012-08-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MCTDesktopSvr; C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe [199296 2011-05-03] ()
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-04-27] (AVG Technologies)
S3 Cardex; C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [15648 2007-03-16] (Windows (R) Server 2003 DDK provider)
S3 firefaceu64; C:\Windows\System32\drivers\fireface_usb_64.sys [101504 2014-04-17] (RME)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2011-08-31] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2011-08-30] (FNet Co., Ltd.)
R3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25808 2013-04-11] ()
R3 iLokDrvr; C:\Windows\SysWOW64\DRIVERS\iLokDrvr.sys [54256 2008-09-08] (PACE Anti-Piracy, Inc.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-30] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 mctkmd; C:\Windows\system32\drivers\mctkmd64.sys [146712 2013-03-11] (Magic Control Technology Corporation)
R0 mctkmdldr; C:\Windows\System32\drivers\mctkmdldr64.sys [19584 2011-04-08] (Magic Control Technology Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R3 RDID1027; C:\Windows\System32\Drivers\rdwm1027.sys [81920 2009-09-18] (Roland Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2011-12-23] ()
R3 SynUSB64; C:\Windows\System32\DRIVERS\SynUSB64.sys [30352 2009-06-26] (Steinberg Media Technologies GmbH)
S3 t2usb64; C:\Windows\System32\drivers\t2usb64.sys [428664 2013-03-29] (Magic Control Technology Corp.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 TBPanel; No ImagePath
R3 UAD2Pcie; C:\Windows\System32\DRIVERS\UAD2Pcie.sys [47616 2013-10-03] (Universal Audio Inc.)
R3 UAD2System; C:\Windows\System32\DRIVERS\UAD2System.sys [89088 2013-10-03] (Universal Audio Inc.)
R3 YFWBUS; C:\Windows\System32\Drivers\yfwbus.sys [228096 2013-09-12] (Yamaha Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-23 00:28 - 2014-05-23 00:28 - 00023753 _____ () C:\Users\Mama\Desktop\FRST.txt
2014-05-23 00:27 - 2014-05-23 00:27 - 02067456 _____ (Farbar) C:\Users\Mama\Desktop\FRST64.exe
2014-05-23 00:24 - 2014-05-23 00:19 - 00032361 _____ () C:\Users\Mama\Desktop\äö.txt
2014-05-23 00:22 - 2014-05-23 00:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mama\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-22 23:54 - 2014-05-22 23:54 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-22 23:53 - 2014-05-22 23:53 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\RealNetworks
2014-05-22 23:53 - 2014-05-22 23:53 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Adobe
2014-05-22 23:50 - 2014-05-23 00:20 - 00000000 ____D () C:\Users\Mama\AppData\Local\TotalMixFX
2014-05-22 23:50 - 2014-05-22 23:53 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Real
2014-05-22 23:50 - 2014-05-22 23:50 - 00001439 _____ () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-22 23:50 - 2014-05-22 23:50 - 00001405 _____ () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-22 23:50 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\lucidlogix
2014-05-22 23:50 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Epson
2014-05-22 23:50 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Apple Computer
2014-05-22 23:50 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\AppData\Local\Adobe
2014-05-22 23:49 - 2014-05-22 23:51 - 00002247 _____ () C:\Users\Mama\Desktop\Google Chrome.lnk
2014-05-22 23:49 - 2014-05-22 23:50 - 00000000 ___RD () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-22 23:49 - 2014-05-22 23:50 - 00000000 ___RD () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-22 23:49 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama
2014-05-22 23:49 - 2014-05-22 23:49 - 00000020 ___SH () C:\Users\Mama\ntuser.ini
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Vorlagen
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Startmenü
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Netzwerkumgebung
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Lokale Einstellungen
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Eigene Dateien
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Druckumgebung
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Documents\Eigene Musik
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Documents\Eigene Bilder
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\AppData\Local\Verlauf
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\AppData\Local\Anwendungsdaten
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Anwendungsdaten
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 ____D () C:\Users\Mama\AppData\Local\Google
2014-05-22 23:49 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Mama\AppData\Local\NVIDIA
2014-05-22 23:49 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Mama\AppData\Local\Amazon Cloud Player
2014-05-22 23:49 - 2011-09-12 15:58 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Macromedia
2014-05-22 23:49 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-22 23:49 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-22 23:16 - 2014-05-22 23:16 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-22 23:13 - 2014-05-22 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-22 23:13 - 2014-05-22 23:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-22 23:13 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-22 23:13 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-22 23:13 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-22 17:07 - 2014-05-22 17:07 - 00000000 ____D () C:\Windows\ERUNT
2014-05-22 16:58 - 2014-05-22 16:58 - 00000000 ____D () C:\AdwCleaner
2014-05-22 15:50 - 2014-05-22 16:35 - 00000000 ____D () C:\Qoobox
2014-05-22 15:50 - 2014-05-22 16:33 - 00000000 ____D () C:\Windows\erdnt
2014-05-22 15:50 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-22 15:50 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-22 15:50 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-22 15:50 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-21 15:12 - 2014-05-23 00:28 - 00000000 ____D () C:\FRST
2014-05-21 10:57 - 2014-05-21 10:58 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.5
2014-05-21 10:57 - 2014-05-21 10:57 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll
2014-05-21 10:57 - 2014-05-21 10:57 - 00000000 ____D () C:\ProgramData\TrojanHunter
2014-05-21 10:57 - 2014-05-21 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrojanHunter
2014-05-21 02:02 - 2014-05-22 23:39 - 00000000 ____D () C:\Users\TEMP\AppData\Local\CrashDumps
2014-05-21 02:00 - 2014-05-21 02:00 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Adobe
2014-05-21 01:48 - 2014-05-21 01:48 - 00001061 _____ () C:\OpenOffice.org 3.4.1.lnk
2014-05-21 01:26 - 2014-05-21 12:02 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-21 01:18 - 2014-05-21 02:44 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Rafa\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-21 00:52 - 2014-05-21 00:52 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Amazon Cloud Player
2014-05-20 23:28 - 2014-05-20 23:28 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-05-20 22:56 - 2014-05-23 00:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-20 22:56 - 2014-05-20 22:56 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-20 22:26 - 2014-05-21 03:00 - 00000000 ____D () C:\Users\TEMP\AppData\Local\NVIDIA
2014-05-20 22:22 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\SysWOW64\%LOCALAPPDATA%
2014-05-20 22:17 - 2014-05-20 22:17 - 00000000 ____D () C:\Users\TEMP\AppData\Local\NVIDIA Corporation
2014-05-20 22:16 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Default\AppData\Local\NVIDIA
2014-05-20 22:16 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Default\AppData\Local\Amazon Cloud Player
2014-05-20 22:16 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\NVIDIA
2014-05-20 22:16 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\Amazon Cloud Player
2014-05-20 22:16 - 2011-09-12 15:58 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Macromedia
2014-05-20 22:16 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-05-20 22:16 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-05-20 21:10 - 2014-05-20 21:10 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\SWAM
2014-05-20 19:48 - 2014-05-20 19:48 - 00000000 ____D () C:\Users\Rafa\Desktop\[www.RnB4U.in] 19.05.2014 Pack
2014-05-19 16:03 - 2014-05-19 16:03 - 00000000 ____D () C:\ProgramData\DirectX
2014-05-19 15:51 - 2014-05-19 16:00 - 00000000 ____D () C:\Users\Public\Documents\Vengeance
2014-05-18 20:03 - 2014-05-19 19:47 - 00000000 ____D () C:\Users\Rafa\Desktop\POlska Beach Party (17.05.2014)
2014-05-17 14:04 - 2014-05-17 14:09 - 62886859 _____ (Synchro Arts Ltd ) C:\Users\Rafa\Desktop\RevoicePro2.6(1)(64bit).exe
2014-05-14 17:03 - 2014-05-14 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vintage Amp Room
2014-05-14 17:03 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Vintage Amp Room
2014-05-14 17:00 - 2009-11-05 09:50 - 09535488 _____ (Softube) C:\Program Files (x86)\Tube Delay.dll
2014-05-14 16:53 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Softube
2014-05-14 16:44 - 2014-05-14 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Softube
2014-05-14 13:30 - 2014-05-18 22:01 - 00000000 ____D () C:\Users\Rafa\Desktop\Deutsche POP Bilder Henning Scherf
2014-05-14 12:02 - 2014-05-14 14:08 - 00000000 ____D () C:\Users\Rafa\Desktop\Henning Scherf (Deutsche POP)
2014-05-13 14:31 - 2014-05-13 14:31 - 40388241 _____ () C:\Users\Rafa\Desktop\Iggy Azalea - Drop That Ft. Problem Lyrics.mp4
2014-05-13 14:30 - 2014-05-13 14:30 - 06531512 _____ () C:\Users\Rafa\Desktop\Iggy Azalea - Drop That Shit (Feat. Problem) (Acapella) (Ignorant Acapellas).mp4
2014-05-11 20:02 - 2014-05-11 20:04 - 00000000 ____D () C:\Users\Rafa\Desktop\AfterEffects_11_0_1_12_LS7
2014-05-11 20:01 - 2014-05-11 20:01 - 00003209 _____ () C:\Windows\SysWOW64\adorage-protocol.txt
2014-05-11 20:01 - 2014-05-11 20:01 - 00003058 _____ () C:\Windows\SysWOW64\heroglyph-protocol.txt
2014-05-11 19:47 - 2014-05-11 19:49 - 00000000 ____D () C:\ProgramData\VideoCopilot
2014-05-11 19:22 - 2014-05-11 19:22 - 00000000 ____D () C:\Users\Rafa\Documents\VideoCopilot
2014-05-11 19:05 - 2014-05-21 02:53 - 00000000 ____D () C:\Program Files (x86)\GenArts
2014-05-11 19:05 - 2014-05-11 19:05 - 00000098 _____ () C:\Windows\MSUTIL.INI
2014-05-11 19:05 - 2014-05-11 19:05 - 00000000 ____D () C:\ProgramData\GenArts
2014-05-11 19:05 - 2012-12-16 23:15 - 00000000 ____D () C:\Users\Rafa\Desktop\GenArts Sapphire Plug-ins 6.1.3 for After Effects
2014-05-11 17:30 - 2014-05-11 17:30 - 00000000 ____D () C:\Users\Rafa\Documents\Industrial Influence
2014-05-11 15:42 - 2014-05-11 15:42 - 00000000 ____D () C:\Users\Rafa\Documents\Different Angles
2014-05-11 15:04 - 2014-05-11 15:04 - 00000000 ____D () C:\ProgramData\Juicer3
2014-05-11 13:56 - 2014-05-11 13:56 - 00001845 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-05-11 13:56 - 2014-05-11 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-05-11 12:34 - 2014-05-11 14:26 - 79458141 _____ () C:\Users\Rafa\Desktop\Adrian Marcel.wmv
2014-05-10 22:09 - 2014-05-10 22:09 - 05490124 _____ () C:\Users\Rafa\Desktop\Furious - Wet (Feat. Jonn Hart & Rayven Justice).mp4
2014-05-10 22:09 - 2014-05-10 22:09 - 04666410 _____ () C:\Users\Rafa\Desktop\Furious Ft Jonn Hart & Rayven Justice - Wet (Instrumental).mp4
2014-05-09 20:37 - 2014-05-09 20:37 - 00000000 ____D () C:\ProgramData\Note
2014-05-09 10:34 - 2014-05-09 10:59 - 00000000 ____D () C:\Users\Rafa\Desktop\New acapella
2014-05-08 21:21 - 2014-05-08 21:21 - 00000000 ____D () C:\Users\Rafa\Desktop\Motif
2014-05-08 19:33 - 2014-05-08 18:58 - 00000426 _____ () C:\AVScanner.ini
2014-05-08 16:23 - 2014-05-08 16:23 - 00000000 ____D () C:\Users\Rafa\Desktop\P-Lo MBMGC2
2014-05-07 23:40 - 2014-05-10 15:04 - 00000000 ____D () C:\Users\Rafa\Desktop\E-40 IAMSU Too Short Yo Gotti D-LO Beeda Wee (DatPiff.com)
2014-05-07 23:35 - 2014-05-11 14:26 - 56225862 _____ () C:\Users\Rafa\Desktop\2014-05-0gg7.mp4
2014-05-07 20:18 - 2014-05-07 20:18 - 52681586 _____ () C:\Users\Rafa\Desktop\P-Lo - Goin' To Work (Remix).mp4
2014-05-07 20:15 - 2014-05-07 20:15 - 10181734 _____ () C:\Users\Rafa\Desktop\E-40 Revenue Retrievin- More Bass, More Treble.mp4
2014-05-07 18:49 - 2014-05-07 18:49 - 00000000 ____D () C:\Program Files (x86)\Yamaha
2014-05-07 18:46 - 2014-05-07 18:46 - 00000000 ____D () C:\Users\Rafa\AppData\Local\Downloaded Installations
2014-05-06 00:54 - 2014-05-06 00:54 - 00000000 ____D () C:\Users\Rafa\Desktop\wetransfer-9e1006
2014-05-04 21:50 - 2014-05-04 21:50 - 00000000 ____D () C:\Users\Rafa\Desktop\Feleke neuer Song
2014-05-04 15:32 - 2014-05-04 15:32 - 00000000 ____D () C:\Users\Rafa\Desktop\Extendet
2014-05-04 13:01 - 2014-05-07 20:12 - 00000000 ____D () C:\Users\Rafa\Desktop\Instrumentals machen
2014-05-03 13:57 - 2014-05-03 14:05 - 00000000 ____D () C:\Users\Rafa\Desktop\NEW shitt
2014-05-03 11:25 - 2014-05-03 11:25 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\DropboxMaster
2014-04-27 19:13 - 2014-05-11 11:40 - 00000000 ____D () C:\Users\Rafa\Desktop\DADDY YANKEE
2014-04-27 12:39 - 2014-04-27 12:39 - 00000013 _____ () C:\Users\Rafa\Desktop\Video Einstellung.txt
2014-04-25 11:22 - 2014-04-25 11:22 - 00000000 ____D () C:\Users\Rafa\Documents\Blue Cat Audio
2014-04-25 11:22 - 2014-04-25 11:22 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Blue Cat Audio

==================== One Month Modified Files and Folders =======

2014-05-23 00:28 - 2014-05-23 00:28 - 00023753 _____ () C:\Users\Mama\Desktop\FRST.txt
2014-05-23 00:28 - 2014-05-21 15:12 - 00000000 ____D () C:\FRST
2014-05-23 00:27 - 2014-05-23 00:27 - 02067456 _____ (Farbar) C:\Users\Mama\Desktop\FRST64.exe
2014-05-23 00:25 - 2011-08-30 19:00 - 01504413 _____ () C:\Windows\WindowsUpdate.log
2014-05-23 00:23 - 2014-05-20 22:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-23 00:22 - 2014-05-23 00:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mama\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-23 00:21 - 2013-08-26 22:04 - 00002812 _____ () C:\Windows\system32\GManager.ini
2014-05-23 00:21 - 2013-01-26 14:44 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-23 00:21 - 2012-08-23 20:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-23 00:21 - 2012-06-09 16:59 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-23 00:21 - 2011-11-03 19:04 - 00000286 _____ () C:\Windows\TWAIN.LOG
2014-05-23 00:21 - 2011-11-03 19:04 - 00000156 _____ () C:\Windows\Twunk001.MTX
2014-05-23 00:21 - 2011-11-03 19:04 - 00000005 _____ () C:\Windows\Twain001.Mtx
2014-05-23 00:21 - 2011-08-30 21:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-23 00:21 - 2010-11-21 05:47 - 00406608 _____ () C:\Windows\PFRO.log
2014-05-23 00:21 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-23 00:21 - 2009-07-14 06:51 - 00333012 _____ () C:\Windows\setupact.log
2014-05-23 00:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-05-23 00:20 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\AppData\Local\TotalMixFX
2014-05-23 00:19 - 2014-05-23 00:24 - 00032361 _____ () C:\Users\Mama\Desktop\äö.txt
2014-05-23 00:11 - 2013-01-26 14:44 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-22 23:54 - 2014-05-22 23:54 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-22 23:54 - 2014-05-22 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-22 23:54 - 2014-05-22 23:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-22 23:53 - 2014-05-22 23:53 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\RealNetworks
2014-05-22 23:53 - 2014-05-22 23:53 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Adobe
2014-05-22 23:53 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Real
2014-05-22 23:51 - 2014-05-22 23:49 - 00002247 _____ () C:\Users\Mama\Desktop\Google Chrome.lnk
2014-05-22 23:50 - 2014-05-22 23:50 - 00001439 _____ () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-22 23:50 - 2014-05-22 23:50 - 00001405 _____ () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-05-22 23:50 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\lucidlogix
2014-05-22 23:50 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Epson
2014-05-22 23:50 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\Apple Computer
2014-05-22 23:50 - 2014-05-22 23:50 - 00000000 ____D () C:\Users\Mama\AppData\Local\Adobe
2014-05-22 23:50 - 2014-05-22 23:49 - 00000000 ___RD () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-22 23:50 - 2014-05-22 23:49 - 00000000 ___RD () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-22 23:50 - 2014-05-22 23:49 - 00000000 ____D () C:\Users\Mama
2014-05-22 23:50 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-05-22 23:49 - 2014-05-22 23:49 - 00000020 ___SH () C:\Users\Mama\ntuser.ini
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Vorlagen
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Startmenü
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Netzwerkumgebung
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Lokale Einstellungen
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Eigene Dateien
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Druckumgebung
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Documents\Eigene Musik
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Documents\Eigene Bilder
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\AppData\Local\Verlauf
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\AppData\Local\Anwendungsdaten
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 _SHDL () C:\Users\Mama\Anwendungsdaten
2014-05-22 23:49 - 2014-05-22 23:49 - 00000000 ____D () C:\Users\Mama\AppData\Local\Google
2014-05-22 23:39 - 2014-05-21 02:02 - 00000000 ____D () C:\Users\TEMP\AppData\Local\CrashDumps
2014-05-22 23:16 - 2014-05-22 23:16 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-22 23:16 - 2013-12-19 12:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-22 23:16 - 2012-08-23 20:44 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-22 23:11 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-22 23:11 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-22 17:07 - 2014-05-22 17:07 - 00000000 ____D () C:\Windows\ERUNT
2014-05-22 16:58 - 2014-05-22 16:58 - 00000000 ____D () C:\AdwCleaner
2014-05-22 16:35 - 2014-05-22 15:50 - 00000000 ____D () C:\Qoobox
2014-05-22 16:35 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-22 16:33 - 2014-05-22 15:50 - 00000000 ____D () C:\Windows\erdnt
2014-05-22 16:29 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-22 16:01 - 2012-07-04 16:32 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\convert
2014-05-22 16:01 - 2011-08-30 19:00 - 00000000 ____D () C:\Users\Rafa
2014-05-22 14:45 - 2012-02-05 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tone2 Firebird
2014-05-22 14:09 - 2013-09-04 14:14 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-21 21:26 - 2011-04-12 09:43 - 06517380 _____ () C:\Windows\system32\perfh007.dat
2014-05-21 21:26 - 2011-04-12 09:43 - 01963164 _____ () C:\Windows\system32\perfc007.dat
2014-05-21 21:26 - 2009-07-14 07:13 - 00006216 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-21 15:32 - 2012-09-30 13:50 - 00000000 ____D () C:\Program Files (x86)\butt
2014-05-21 12:02 - 2014-05-21 01:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-21 10:58 - 2014-05-21 10:57 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.5
2014-05-21 10:57 - 2014-05-21 10:57 - 00059392 ____R () C:\Windows\SysWOW64\streamhlp.dll
2014-05-21 10:57 - 2014-05-21 10:57 - 00000000 ____D () C:\ProgramData\TrojanHunter
2014-05-21 10:57 - 2014-05-21 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrojanHunter
2014-05-21 03:00 - 2014-05-20 22:26 - 00000000 ____D () C:\Users\TEMP\AppData\Local\NVIDIA
2014-05-21 02:55 - 2011-11-03 23:54 - 00000000 ____D () C:\Program Files\RdDrv001
2014-05-21 02:53 - 2014-05-11 19:05 - 00000000 ____D () C:\Program Files (x86)\GenArts
2014-05-21 02:44 - 2014-05-21 01:18 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Rafa\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-21 02:00 - 2014-05-21 02:00 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Adobe
2014-05-21 01:48 - 2014-05-21 01:48 - 00001061 _____ () C:\OpenOffice.org 3.4.1.lnk
2014-05-21 01:20 - 2012-06-09 16:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-21 00:52 - 2014-05-21 00:52 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Amazon Cloud Player
2014-05-20 23:42 - 2011-10-04 02:10 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-20 23:42 - 2011-10-04 02:10 - 00000000 ____D () C:\Program Files\Adobe
2014-05-20 23:41 - 2011-08-30 21:28 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-20 23:33 - 2011-08-30 21:29 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Adobe
2014-05-20 23:33 - 2011-08-30 21:28 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-20 23:28 - 2014-05-20 23:28 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-05-20 22:56 - 2014-05-20 22:56 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-20 22:22 - 2014-05-20 22:22 - 00000000 ____D () C:\Windows\SysWOW64\%LOCALAPPDATA%
2014-05-20 22:22 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-05-20 22:17 - 2014-05-20 22:17 - 00000000 ____D () C:\Users\TEMP\AppData\Local\NVIDIA Corporation
2014-05-20 22:17 - 2011-08-30 21:10 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-05-20 22:16 - 2014-05-22 23:49 - 00000000 ____D () C:\Users\Mama\AppData\Local\NVIDIA
2014-05-20 22:16 - 2014-05-22 23:49 - 00000000 ____D () C:\Users\Mama\AppData\Local\Amazon Cloud Player
2014-05-20 22:16 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Default\AppData\Local\NVIDIA
2014-05-20 22:16 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Default\AppData\Local\Amazon Cloud Player
2014-05-20 22:16 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\NVIDIA
2014-05-20 22:16 - 2014-05-20 22:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\Amazon Cloud Player
2014-05-20 22:15 - 2012-07-21 20:56 - 00000000 ___RD () C:\Users\Rafa\Dropbox
2014-05-20 22:12 - 2012-02-05 15:58 - 00000000 ____D () C:\Users\Rafa\Documents\Cubase Projects
2014-05-20 21:44 - 2014-02-16 17:20 - 00000000 ____D () C:\ProgramData\DigitalJuice
2014-05-20 21:10 - 2014-05-20 21:10 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\SWAM
2014-05-20 21:07 - 2011-08-31 14:13 - 00000000 ____D () C:\Users\Rafa\AppData\Local\CrashDumps
2014-05-20 21:03 - 2012-07-21 20:53 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Dropbox
2014-05-20 19:54 - 2013-06-05 10:44 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Winamp
2014-05-20 19:48 - 2014-05-20 19:48 - 00000000 ____D () C:\Users\Rafa\Desktop\[www.RnB4U.in] 19.05.2014 Pack
2014-05-19 19:47 - 2014-05-18 20:03 - 00000000 ____D () C:\Users\Rafa\Desktop\POlska Beach Party (17.05.2014)
2014-05-19 19:03 - 2012-09-30 13:50 - 00000945 _____ () C:\Users\Rafa\AppData\Roaming\buttrc
2014-05-19 16:03 - 2014-05-19 16:03 - 00000000 ____D () C:\ProgramData\DirectX
2014-05-19 16:00 - 2014-05-19 15:51 - 00000000 ____D () C:\Users\Public\Documents\Vengeance
2014-05-19 15:42 - 2013-06-13 10:48 - 00000000 ____D () C:\Users\Rafa\Documents\iZotope
2014-05-19 15:42 - 2013-06-13 10:28 - 00000000 ____D () C:\Program Files (x86)\iZotope
2014-05-19 15:41 - 2011-09-05 23:53 - 00000000 ____D () C:\Program Files (x86)\Vstplugins
2014-05-19 15:30 - 2012-01-29 20:36 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\iZotope
2014-05-19 15:29 - 2013-06-13 10:28 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iZotope
2014-05-19 15:08 - 2012-02-05 22:23 - 00000000 ____D () C:\Program Files\Common Files\Digidesign
2014-05-18 22:01 - 2014-05-14 13:30 - 00000000 ____D () C:\Users\Rafa\Desktop\Deutsche POP Bilder Henning Scherf
2014-05-17 15:39 - 2014-01-19 20:14 - 00000000 ____D () C:\Users\Rafa\Desktop\MAC
2014-05-17 14:09 - 2014-05-17 14:04 - 62886859 _____ (Synchro Arts Ltd ) C:\Users\Rafa\Desktop\RevoicePro2.6(1)(64bit).exe
2014-05-16 17:57 - 2013-02-11 23:09 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-15 20:28 - 2012-02-05 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2014-05-15 18:32 - 2014-04-07 16:24 - 00000000 ____D () C:\Users\Rafa\Desktop\DJ Mustard VS DJRisow Project
2014-05-14 17:03 - 2014-05-14 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vintage Amp Room
2014-05-14 17:03 - 2014-05-14 17:03 - 00000000 ____D () C:\Program Files (x86)\Vintage Amp Room
2014-05-14 17:03 - 2014-05-14 16:53 - 00000000 ____D () C:\Program Files (x86)\Softube
2014-05-14 17:03 - 2014-05-14 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Softube
2014-05-14 14:08 - 2014-05-14 12:02 - 00000000 ____D () C:\Users\Rafa\Desktop\Henning Scherf (Deutsche POP)
2014-05-14 08:13 - 2012-07-21 20:56 - 00000976 _____ () C:\Users\Rafa\Desktop\Dropbox.lnk
2014-05-14 08:13 - 2012-07-21 20:55 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-14 08:13 - 2011-08-30 19:01 - 00000000 ___RD () C:\Users\Rafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-13 14:31 - 2014-05-13 14:31 - 40388241 _____ () C:\Users\Rafa\Desktop\Iggy Azalea - Drop That Ft. Problem Lyrics.mp4
2014-05-13 14:30 - 2014-05-13 14:30 - 06531512 _____ () C:\Users\Rafa\Desktop\Iggy Azalea - Drop That Shit (Feat. Problem) (Acapella) (Ignorant Acapellas).mp4
2014-05-13 14:16 - 2011-08-30 23:54 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\vlc
2014-05-13 08:23 - 2009-07-14 06:45 - 05338400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-13 00:13 - 2013-10-02 01:26 - 00000000 ____D () C:\Users\Rafa\AppData\Local\boost_interprocess
2014-05-12 22:58 - 2014-03-26 02:34 - 00000026 _____ () C:\Users\Rafa\AppData\Local\isoworkshop.ini
2014-05-12 21:06 - 2011-08-31 17:14 - 00000000 ____D () C:\Users\Rafa\Desktop\VJ Risow
2014-05-12 19:42 - 2012-01-29 02:07 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Audacity
2014-05-12 19:13 - 2011-08-30 21:18 - 00158416 _____ () C:\Users\Rafa\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-12 19:12 - 2014-03-06 21:03 - 00000000 ____D () C:\Users\Rafa\Desktop\After effects Effecte
2014-05-12 07:26 - 2014-05-22 23:13 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-22 23:13 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-22 23:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 20:04 - 2014-05-11 20:02 - 00000000 ____D () C:\Users\Rafa\Desktop\AfterEffects_11_0_1_12_LS7
2014-05-11 20:01 - 2014-05-11 20:01 - 00003209 _____ () C:\Windows\SysWOW64\adorage-protocol.txt
2014-05-11 20:01 - 2014-05-11 20:01 - 00003058 _____ () C:\Windows\SysWOW64\heroglyph-protocol.txt
2014-05-11 20:01 - 2011-09-01 00:05 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\proDAD
2014-05-11 20:01 - 2011-09-01 00:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD
2014-05-11 19:49 - 2014-05-11 19:47 - 00000000 ____D () C:\ProgramData\VideoCopilot
2014-05-11 19:37 - 2011-08-31 00:07 - 23391261 _____ () C:\Users\Rafa\Desktop\Dance Up - Jeden dzien i jedna noc NOWOŚĆ.mp4
2014-05-11 19:22 - 2014-05-11 19:22 - 00000000 ____D () C:\Users\Rafa\Documents\VideoCopilot
2014-05-11 19:05 - 2014-05-11 19:05 - 00000098 _____ () C:\Windows\MSUTIL.INI
2014-05-11 19:05 - 2014-05-11 19:05 - 00000000 ____D () C:\ProgramData\GenArts
2014-05-11 17:30 - 2014-05-11 17:30 - 00000000 ____D () C:\Users\Rafa\Documents\Industrial Influence
2014-05-11 15:42 - 2014-05-11 15:42 - 00000000 ____D () C:\Users\Rafa\Documents\Different Angles
2014-05-11 15:04 - 2014-05-11 15:04 - 00000000 ____D () C:\ProgramData\Juicer3
2014-05-11 14:26 - 2014-05-11 12:34 - 79458141 _____ () C:\Users\Rafa\Desktop\Adrian Marcel.wmv
2014-05-11 14:26 - 2014-05-07 23:35 - 56225862 _____ () C:\Users\Rafa\Desktop\2014-05-0gg7.mp4
2014-05-11 13:58 - 2014-02-16 17:21 - 00001276 _____ () C:\Users\Public\Desktop\Juicer 3.lnk
2014-05-11 13:58 - 2014-02-16 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digital Juice
2014-05-11 13:56 - 2014-05-11 13:56 - 00001845 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-05-11 13:56 - 2014-05-11 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-05-11 13:56 - 2011-09-03 22:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-05-11 11:40 - 2014-04-27 19:13 - 00000000 ____D () C:\Users\Rafa\Desktop\DADDY YANKEE
2014-05-10 22:09 - 2014-05-10 22:09 - 05490124 _____ () C:\Users\Rafa\Desktop\Furious - Wet (Feat. Jonn Hart & Rayven Justice).mp4
2014-05-10 22:09 - 2014-05-10 22:09 - 04666410 _____ () C:\Users\Rafa\Desktop\Furious Ft Jonn Hart & Rayven Justice - Wet (Instrumental).mp4
2014-05-10 15:04 - 2014-05-07 23:40 - 00000000 ____D () C:\Users\Rafa\Desktop\E-40 IAMSU Too Short Yo Gotti D-LO Beeda Wee (DatPiff.com)
2014-05-09 21:07 - 2014-04-04 18:15 - 00000000 ____D () C:\Users\Rafa\Desktop\DPP
2014-05-09 20:37 - 2014-05-09 20:37 - 00000000 ____D () C:\ProgramData\Note
2014-05-09 20:37 - 2014-03-27 19:09 - 00000000 ____D () C:\Users\Rafa\AppData\Local\Spectrasonics
2014-05-09 10:59 - 2014-05-09 10:34 - 00000000 ____D () C:\Users\Rafa\Desktop\New acapella
2014-05-08 21:21 - 2014-05-08 21:21 - 00000000 ____D () C:\Users\Rafa\Desktop\Motif
2014-05-08 19:33 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-08 18:58 - 2014-05-08 19:33 - 00000426 _____ () C:\AVScanner.ini
2014-05-08 16:23 - 2014-05-08 16:23 - 00000000 ____D () C:\Users\Rafa\Desktop\P-Lo MBMGC2
2014-05-08 00:06 - 2013-01-26 14:44 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 00:06 - 2013-01-26 14:44 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 20:18 - 2014-05-07 20:18 - 52681586 _____ () C:\Users\Rafa\Desktop\P-Lo - Goin' To Work (Remix).mp4
2014-05-07 20:15 - 2014-05-07 20:15 - 10181734 _____ () C:\Users\Rafa\Desktop\E-40 Revenue Retrievin- More Bass, More Treble.mp4
2014-05-07 20:12 - 2014-05-04 13:01 - 00000000 ____D () C:\Users\Rafa\Desktop\Instrumentals machen
2014-05-07 18:57 - 2011-08-30 22:11 - 00000000 ____D () C:\Users\Rafa\AppData\Local\Adobe
2014-05-07 18:49 - 2014-05-07 18:49 - 00000000 ____D () C:\Program Files (x86)\Yamaha
2014-05-07 18:49 - 2011-08-30 21:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-07 18:46 - 2014-05-07 18:46 - 00000000 ____D () C:\Users\Rafa\AppData\Local\Downloaded Installations
2014-05-06 00:54 - 2014-05-06 00:54 - 00000000 ____D () C:\Users\Rafa\Desktop\wetransfer-9e1006
2014-05-04 21:50 - 2014-05-04 21:50 - 00000000 ____D () C:\Users\Rafa\Desktop\Feleke neuer Song
2014-05-04 17:21 - 2013-09-26 11:13 - 00000278 _____ () C:\Users\Rafa\Desktop\Sounds Cubase funden.txt
2014-05-04 15:32 - 2014-05-04 15:32 - 00000000 ____D () C:\Users\Rafa\Desktop\Extendet
2014-05-03 14:05 - 2014-05-03 13:57 - 00000000 ____D () C:\Users\Rafa\Desktop\NEW shitt
2014-05-03 11:25 - 2014-05-03 11:25 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\DropboxMaster
2014-04-30 18:49 - 2012-01-16 20:24 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Mp3tag
2014-04-27 18:16 - 2012-02-03 17:31 - 00000000 ____D () C:\Users\Rafa\Desktop\VJRISOW KIT
2014-04-27 13:16 - 2014-03-26 02:34 - 00000000 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-04-27 13:15 - 2014-03-26 02:34 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-04-27 12:39 - 2014-04-27 12:39 - 00000013 _____ () C:\Users\Rafa\Desktop\Video Einstellung.txt
2014-04-25 11:22 - 2014-04-25 11:22 - 00000000 ____D () C:\Users\Rafa\Documents\Blue Cat Audio
2014-04-25 11:22 - 2014-04-25 11:22 - 00000000 ____D () C:\Users\Rafa\AppData\Roaming\Blue Cat Audio
2014-04-25 10:20 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Files to move or delete:
====================
C:\ProgramData\sysid100.dat


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-02-19 19:04

==================== End Of Log ============================
--- --- ---



Adittion LOG

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2014
Ran by Mama at 2014-05-23 00:28:51
Running from C:\Users\Mama\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Disabled - Up to date) {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
AS: Kaspersky Internet Security (Disabled - Up to date) {95CBD341-38DB-14AC-AF6A-08054B41A339}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {1691B380-548E-1A7A-BE85-9A42CE15AEFF}

==================== Installed Programs ======================

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.135 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.4.402.265 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_719d6f144d0c086a0dfa7ff76bb9ac1) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
AKAI professional Plugins Pack v1.01-OxYGeN (HKLM-x32\...\AKAI professional Plugins Pack v1.01-OxYGeN) (Version:  - )
Amazon MP3 Downloader 1.0.9 (HKLM-x32\...\Amazon MP3 Downloader) (Version:  - )
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AnalogX SayIt (HKLM-x32\...\AnalogX SayIt) (Version:  - AnalogX)
Antares Autotune VST v5.09 (HKLM-x32\...\Antares Autotune VST_is1) (Version:  - )
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arturia minimoog V v1.6 (HKLM-x32\...\Arturia minimoog V_is1) (Version:  - )
Ashampoo ClipFinder HD v.2.21 (HKLM-x32\...\Ashampoo ClipFinder HD_is1) (Version: 2.2.1 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ASRock eXtreme Tuner v0.1.71 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.6.1.0171 - DT Soft Ltd)
Audacity 1.3.14 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
AudioEase Altiverb VST RTAS v6.12 (HKLM-x32\...\AudioEase Altiverb VST RTAS_is1) (Version:  - )
Auto-Tune EFX VST (HKLM-x32\...\{95292902-411B-4390-BCBD-8EA445F9456C}) (Version: 1.0.0 - Antares Audio Technologies)
Avid Effects (HKLM-x32\...\{A86F1158-A7F7-4E8C-98E3-88F4996E85EB}) (Version: 10.3.2 - Avid Technology, Inc.)
Avid HD Driver (x64) (HKLM\...\{658E112A-8776-4430-A275-D9248732DFB9}) (Version: 10.3.2 - Avid Technology, Inc.)
Avid Pro Tools (HKLM-x32\...\{8E60BB71-7EF3-42ED-9F10-AA041F25841A}) (Version: 10.3.2 - Avid Technology, Inc.)
Best Service Ethno World 4 Pro (HKLM-x32\...\Best Service Ethno World 4 Pro) (Version:  - )
Best Service Orient World (HKLM-x32\...\Best Service Orient World) (Version:  - )
Bitsonic Waspy 2.1 Mini (HKLM-x32\...\{84770ED7-BAF6-4E12-B1D5-AF15645389C8}_is1) (Version: 2.1 - Bitsonic LP)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BREVERB 2 2.0 (HKLM-x32\...\{B2D9F699-B4A4-4D37-941E-1B55DF33A96D}_is1) (Version: 2.0 - Overloud)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.3 - Broadcom Corporation)
butt (HKLM-x32\...\butt) (Version:  - )
Cakewalk RgcAudio z3ta Plus v1.5.2 VSTi DXi (HKLM-x32\...\Cakewalk RgcAudio z3ta Plus v1.5.2 VSTi DXi) (Version:  - )
Camel Audio Camel Phat VST v3.15 (HKLM-x32\...\Camel Audio Camel Phat VST v3.15) (Version:  - )
Camel Audio Camel Space VST v1.15 (HKLM-x32\...\Camel Audio Camel Space VST v1.15) (Version:  - )
Chromium PlugIns 3.0 (HKLM-x32\...\Chromium PlugIns 3.0) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
db audioware Sidechain Gate VST v1.1.0 (HKLM-x32\...\db audioware Sidechain Gate VST v1.1.0) (Version:  - )
Digieffects Phenomena Particle Effects (HKLM-x32\...\MAGIX_{AC64C316-5914-4741-84C4-CC4A2729544D}) (Version: 1.0.0.1 - MAGIX AG)
Digieffects Phenomena Particle Effects (x32 Version: 1.0.0.1 - MAGIX AG) Hidden
DirectWave (HKLM-x32\...\DirectWave) (Version:  - Image-Line bvba)
discoDSP HighLife v1.4 (HKLM-x32\...\discoDSP HighLife v1.4_is1) (Version: 1.4 - discoDSP)
Druckerdeinstallation für EPSON SX125 Series (HKLM\...\EPSON SX125 Series) (Version:  - SEIKO EPSON Corporation)
E²Deesser (HKLM-x32\...\E²Deesser_is1) (Version: 1.2.0 - Eiosis, Inc.)
East West Colossus (HKLM-x32\...\East West Colossus) (Version:  - )
East West EWQLSO Gold Edition (HKLM-x32\...\East West EWQLSO Gold Edition) (Version:  - )
East West Ra (HKLM-x32\...\East West Ra) (Version:  - )
ElastikVst (x32 Version: 1.00.0000 - ueberschall sample service GmbH) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.6.6.2134 - Steinberg Media Technologies GmbH)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EXPERTool 7.20 (HKLM-x32\...\MySSID_is1) (Version:  - Gainward Co., Ltd)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
FormatFactory 2.70 (HKLM-x32\...\FormatFactory) (Version: 2.70 - Free Time)
Free Dailymotion Download version 1.0.4.1028 (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.4.1028 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Gladiator  full (HKLM-x32\...\Tone2 Gladiator full_is1) (Version:  - Tone2)
Gladiator v1.2.2.0 (HKLM-x32\...\Tone2 Gladiator Retail_is1) (Version:  - )
GmdeiaMusic Oddity bank5 Addon (HKLM-x32\...\GmdeiaMusic Oddity bank5 Addon) (Version:  - )
GMedia Music impOSCar VSTi v1.0.0.1 (HKLM-x32\...\GMedia Music impOSCar VSTi v1.0.0.1) (Version:  - )
GMediaMusic - Oddity VST2 (HKLM-x32\...\Oddity VST2) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{36A52BCF-AC3D-32F1-AD5F-A09769EB8887}) (Version: 4.1.3.13728 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GRM Tools Spectral Transform VST v1.6.52 (HKLM-x32\...\GRM Tools Spectral Transform VST v1.6.52) (Version:  - )
Halls Of Fame Free -  Origami Edition 2.5.2 (HKLM-x32\...\Halls Of Fame Free -  Origami Edition 2.5.2) (Version:  - )
HOFA-Plugins Uninstall (HKLM-x32\...\HOFA-Plugins) (Version:  - HOFA-Plugins)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line bvba)
INTEGRA (HKLM-x32\...\INTEGRA_is1) (Version:  - )
INTEGRA-7 (HKLM-x32\...\INTEGRA-7_is1) (Version: 1.0 - Cakewalk Music Software)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
ISO Workshop 5.2 (HKLM-x32\...\ISO Workshop_is1) (Version:  - Glorylogic)
IsoBuster 3.1 (HKLM-x32\...\IsoBuster_is1) (Version: 3.1 - Smart Projects)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.290 - Oracle)
Juicer 3.90 (HKLM-x32\...\{640EAE56-81A2-49D4-9B8C-00DA3C0031AF}_is1) (Version:  - Digital Juice, Inc.)
Kaspersky Internet Security 2012 (HKLM-x32\...\InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}) (Version: 12.0.0.374 - Kaspersky Lab)
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374 - Kaspersky Lab) Hidden
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
License Support (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
LiquidInstrumentVst 1.1 (HKLM-x32\...\{A2453C21-B185-437A-933D-EAFC19D0E2D2}) (Version: 1.01.0007 - ueberschall sample service GmbH)
LiquidInstrumentVst 1.1 (x32 Version: 1.01.0007 - ueberschall sample service GmbH) Hidden
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Macromedia Flash 8 (HKLM-x32\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Magic Bullet Quick Looks (for MAGIX) (HKLM-x32\...\{B2CF1869-8727-4F9C-BA7D-807CA9F7C528}) (Version: 1.0.0 - Red Giant)
MAGIX PanoramaStudio 2.2.5 Pro (HKLM-x32\...\MAGIX_{C4A9E247-9949-4D95-AB8C-45FE1469847F}) (Version: 2.2.5.129 - MAGIX AG)
MAGIX PanoramaStudio 2.2.5 Pro (x32 Version: 2.2.5.129 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\MAGIX_{EE79A8D3-6676-41FF-967C-242017CEC0F2}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{838A0DDB-239D-4668-94E7-7E8AC329D1C4}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Designelemente) (HKLM-x32\...\MAGIX_{A86B6747-7E5B-4E7A-9614-D466E31482CE}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Designelemente) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Digieffects Phenomena Particle Effects) (HKLM-x32\...\MAGIX_{AC0D8298-8D48-44A2-AE6D-444167493C60}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Digieffects Phenomena Particle Effects) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Filmvorlagen) (HKLM-x32\...\MAGIX_{31837320-F3EB-43B9-85FD-72916279C5DA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Filmvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Fotoshow Maker-Stile) (HKLM-x32\...\MAGIX_{83AB7E66-A59E-43BD-94B2-274ABEF2524B}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Fotoshow Maker-Stile) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (HKLM-x32\...\MAGIX_{E9CF5DD7-A414-4C00-8651-A60933B36410}) (Version: 11.0.5.26 - MAGIX AG)
MAGIX Video Pro X4 (Individuelle Menüvorlagen) (HKLM-x32\...\MAGIX_{3BE17CC6-BE68-4528-A80B-1CA3FE4A7DB7}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Individuelle Menüvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Menüvorlagen) (HKLM-x32\...\MAGIX_{440FA05F-BB9E-4735-B2FF-0B67C10183DA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Menüvorlagen) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (NewBlueFX Light Blends) (HKLM-x32\...\MAGIX_{CE970FCE-0971-4EFF-996D-546D1AC3ECE2}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (NewBlueFX Light Blends) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Red Giant Magic Bullet Quick Looks) (HKLM-x32\...\MAGIX_{C0502363-A610-4D5B-B5A0-7F8447491B21}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Red Giant Magic Bullet Quick Looks) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Titeleffekte) (HKLM-x32\...\MAGIX_{9F2049D9-A3BF-4711-94E5-53E85855C5BF}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Titeleffekte) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Überblendeffekte) (HKLM-x32\...\MAGIX_{9F17B0CC-9ED8-4B53-97CB-E0CB022DC16A}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Überblendeffekte) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (Video Plugins) (HKLM-x32\...\MAGIX_{B1DA7E9C-4822-41DD-8797-43C5B42F275F}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video Pro X4 (Video Plugins) (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Pro X4 (x32 Version: 11.0.5.26 - MAGIX AG) Hidden
MAGIX Video Pro X4 Update (Version: 11.0.7.8 - MAGIX AG) Hidden
MAGIX Video Pro X4 Update (Version: 11.0.9.0 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1003 - Marvell)
Melodyne 3.1 (HKLM-x32\...\{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}) (Version: 3.1.0200 - Celemony Software GmbH)
Melodyne 3.1 (x32 Version: 3.1.0200 - Celemony Software GmbH) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Miroslav Philharmonik (HKLM-x32\...\{BA0D0121-A3BA-487D-9C78-7AB0E676C722}) (Version: 1.0.0 - IK Multimedia)
Miroslav Philharmonik Instruments (HKLM-x32\...\{9FCCC8D1-3152-4699-8793-6CB0B9E26EBB}) (Version: 1.0 - IK Multimedia)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
mocha Pro V3.2.1-7276 (HKLM-x32\...\{110ABF3B-74FA-45A4-B893-8482DA52AA9D}) (Version: 3.21.7276 - Imagineer Systems)
Mopis VSTi v1.1 (HKLM-x32\...\Mopis VSTi v1.1) (Version:  - )
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.49a (HKLM-x32\...\Mp3tag) (Version: v2.49a - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Native Instruments B4 II (HKLM-x32\...\Native Instruments B4 II) (Version:  - )
Native Instruments Battery 3 (HKLM-x32\...\Native Instruments Battery 3) (Version:  - )
Native Instruments Guitar Combo III (HKLM-x32\...\Native Instruments Guitar Combo III) (Version:  - )
Native Instruments Kinetic Metal (HKLM-x32\...\Native Instruments Kinetic Metal) (Version: 1.0.0.12 - Native Instruments)
Native Instruments Kinetic Metal (Version: 1.0.0.12 - Native Instruments) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (Version: 5.1.0.6066 - Native Instruments) Hidden
Native Instruments Kontakt 5 Demo Content (HKLM-x32\...\Native Instruments Kontakt 5 Demo Content) (Version:  - Native Instruments)
Native Instruments Kontakt 5 Demo Content (Version: 1.0.0.000 - Native Instruments) Hidden
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Massive (Version: 1.3.0.2050 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments)
Native Instruments Service Center (Version: 2.5.2.1549 - Native Instruments) Hidden
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.1.0.418 - Native Instruments)
Native Instruments Supercharger (Version: 1.1.0.418 - Native Instruments) Hidden
Native Power Pack vol 1 v2.5 (HKLM-x32\...\NPP vol 1) (Version:  - )
Native Power Pack vol 2 v2.5 (HKLM-x32\...\NPP vol 2) (Version:  - )
Nero Burning ROM 11 (HKLM-x32\...\{E656D89A-8CBB-497F-918F-8361A4071C26}) (Version: 11.0.10400 - Nero AG)
Nero Burning ROM 11 (x32 Version: 11.0.12200.23.100 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero ControlCenter 11 (x32 Version: 11.0.12300.0.23 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Core Components 11 (x32 Version: 11.0.14700.1.9 - Nero AG) Hidden
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.10623.22.0 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20007 - Nero AG) Hidden
NewBlueFX Light Blends (HKLM-x32\...\NewBlueFX Light Blends) (Version: 1.4 - NewBlue)
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Octopus (HKLM-x32\...\Octopus) (Version:  - )
Ohm Force - Ohmicide VST (HKLM-x32\...\Ohmicide VST) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.3.1.0494 - PACE Anti-Piracy, Inc.) Hidden
PCM Native Reverb Bundle (HKLM-x32\...\PCM Native Reverb Bundle) (Version:  - Lexicon)
PCM Native Reverb Bundle (x32 Version: 1.1.3 - Lexicon) Hidden
PCR-Treiber (HKLM\...\RolandRDID0027) (Version:  - Roland Corporation)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.1 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v6.5 (HKLM-x32\...\{169917C4-4A77-45F4-B20E-860703FD5E6F}) (Version: 6.5 - Spigot, Inc.) <==== ATTENTION
Photo to Cartoon (HKLM-x32\...\{3A6A34D3-37EE-40F3-BF81-EC7A4BF7F24D}) (Version: 1.0.0 - Caricature Software)
Pinguin Audio Meter v2.2 (HKLM-x32\...\Pinguin Audio Meter v2.2) (Version:  - )
proDAD DeFishr 1.0 (HKLM-x32\...\proDAD-DeFishr-1.0) (Version: 1.0.59.1 - proDAD GmbH)
proDAD Mercalli 1.0 (HKLM-x32\...\proDAD-Mercalli-1.0) (Version:  - )
proDAD Mercalli 2.0 (HKLM-x32\...\proDAD-Mercalli-2.0) (Version: 2.0.112.2 - proDAD GmbH)
proDAD Mercalli 3.0 (HKLM-x32\...\proDAD-Mercalli-3.0) (Version: 3.0.215.1 - proDAD GmbH)
proDAD ProDRENALIN 1.0 (HKLM-x32\...\proDAD-ProDRENALIN-1.0) (Version: 1.0.22.1 - proDAD GmbH)
proDAD Vitascene 1.0 (HKLM-x32\...\proDAD-Vitascene-1.0) (Version:  - )
proDAD Vitascene 2.0 (64bit) (HKLM\...\proDAD-Vitascene-2.0) (Version: 2.0.108 - proDAD GmbH)
proDAD Vitascene 2.0 (HKLM-x32\...\proDAD-Vitascene-2.0) (Version: 2.0.108 - proDAD GmbH)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
Revoice Pro (32 bit) (HKLM-x32\...\{7481C12D-51CF-4747-B1D5-3D7FE7612F0F}) (Version: 2.3.0.5 - Synchro Arts Ltd)
RgcAudio Pentagon I v1.4 (HKLM-x32\...\RgcAudio Pentagon I v1.4) (Version:  - )
RME Fireface USB (HKLM\...\FIREFACE_USB) (Version: 1.0.46.0 - RME Intelligent Audio Solutions)
Rob Papen Albino 3 (HKLM-x32\...\Rob Papen Albino 3) (Version:  - )
Rob Papen Blue VSTi v1.01  (HKLM-x32\...\Rob Papen Blue VSTi v1.01 ) (Version:  - )
Rob Papen Predator V1.1 b (HKLM-x32\...\Predator_is1) (Version:  - RPCX)
Saints Row The Third (HKLM-x32\...\Saints Row The Third_is1) (Version:  - )
SheepDog 1.0 (HKLM-x32\...\{8DDD8A6E-C353-4489-9935-63B8F0E4C6C4}) (Version: 1.0.0.0 - Josh Sklare)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Sndbad Shaders 1.04 (HKLM-x32\...\Sndbad Shaders 1.04) (Version: 1.04 - Sndbad)
Softube Acoustic Feedback VST RTAS v1.0.7 (HKLM-x32\...\Softube Acoustic Feedback VST RTAS_is1) (Version:  - )
Softube Bass Amp Room VST RTAS v1.0.2 (HKLM-x32\...\Softube Bass Amp Room VST RTAS_is1) (Version:  - )
Softube FET Compressor VST RTAS v1.0.3 (HKLM-x32\...\Softube FET Compressor VST RTAS_is1) (Version:  - )
Softube Metal Amp Room VST RTAS v1.1.5 (HKLM-x32\...\Softube Metal Amp Room VST RTAS_is1) (Version:  - )
Softube Passive-Active Pack VST RTAS v1.0.2 (HKLM-x32\...\Softube Passive-Active Pack VST RTAS_is1) (Version:  - )
Softube Spring Reverb VST RTAS v1.0.4 (HKLM-x32\...\Softube Spring Reverb VST RTAS_is1) (Version:  - )
Softube Tonelux Tilt VST RTAS v1.0 (HKLM-x32\...\Softube Tonelux Tilt_is1) (Version:  - )
Softube Trident A-Range VST RTAS v1.0.2 (HKLM-x32\...\Softube Trident A-Range VST RTAS_is1) (Version:  - )
Softube Tube Delay VST RTAS v1.0.5 (HKLM-x32\...\Softube Tube Delay VST RTAS_is1) (Version:  - )
Softube Tube-Tech CL 1B VST RTAS v1.0.3 (HKLM-x32\...\Softube Tube-Tech CL 1B VST RTAS_is1) (Version:  - )
Softube Tube-Tech PE 1C VST RTAS v1.0.1 (HKLM-x32\...\Softube Tube-Tech PE 1C_is1) (Version:  - )
Softube Valley People Dyna-mite VST RTAS v1.0.1 (HKLM-x32\...\Softube Valley People Dyna-mite VST RTAS_is1) (Version:  - )
Softube Vintage Amp Room VST RTAS v1.05 (HKLM-x32\...\Softube Vintage Amp Room VST RTAS_is1) (Version:  - )
Sonalksis Plug-Ins for Windows 3.00 (HKLM-x32\...\Sonalksis Plug-Ins for Windows_is1) (Version:  - Sonalksis)
Sonnox Oxford Inflator Native VST v1.5.1 (HKLM-x32\...\Sonnox Oxford Inflator Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Inflator PowerCore VST v1.5.1 (HKLM-x32\...\Sonnox Oxford Inflator PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Limiter Native VST v1.1.1 (HKLM-x32\...\Sonnox Oxford Limiter Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Limiter PowerCore VST v1.1.1 (HKLM-x32\...\Sonnox Oxford Limiter PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 Dynamics Native VST v1.3.1 (HKLM-x32\...\Sonnox Oxford R3 Dynamics Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 Dynamics PowerCore VST v1.3.1 (HKLM-x32\...\Sonnox Oxford R3 Dynamics PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 EQ Native VST v1.6.1 (HKLM-x32\...\Sonnox Oxford R3 EQ Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford R3 EQ PowerCore VST v1.6.1 (HKLM-x32\...\Sonnox Oxford R3 EQ PowerCore VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford Reverb Native VST v1.0 (HKLM-x32\...\Sonnox Oxford Reverb Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford TransMod Native VST v1.3.1 (HKLM-x32\...\Sonnox Oxford TransMod Native VST_is1) (Version:  - Team AiR 2007)
Sonnox Oxford TransMod PowerCore VST v1.3.1 (HKLM-x32\...\Sonnox Oxford TransMod PowerCore VST_is1) (Version:  - Team AiR 2007)
Sony ACID 4.0f (HKLM-x32\...\{36235A3F-92C7-4F90-84E7-3697C59AD369}) (Version: 4.0.446 - Sony)
SoundToys Devil-Loc Deluxe - Academic V1 (HKLM-x32\...\Devil-Loc Deluxe - Academic V1_is1) (Version:  - SoundToys Inc)
SoundToys MicroShift V1 (HKLM-x32\...\MicroShift V1_is1) (Version:  - SoundToys Inc)
SoundToys NTV FX V4 - Academic V4 (HKLM\...\SoundToys NTV FX V4 - Academic V4_is1) (Version:  - SoundToys Inc)
SoundToys NTV FX V4 - Academic V4 (HKLM-x32\...\SoundToys NTV FX V4 - Academic V4_is1) (Version:  - SoundToys Inc)
SP ver 4.71 (HKLM-x32\...\SP Inc. Panoramic Tools, SP_STITCHER_is1) (Version:  - )
SPL Analog Code Vitalizer MK2-T VST RTAS v1.2 (HKLM-x32\...\SPL Analog Code Vitalizer MK2-T VST RTAS_is1) (Version:  - )
Steinberg Cubase 7 (HKLM-x32\...\{36035C23-2361-495A-9AE9-D1FF9A9F70B7}) (Version: 7.0.5 - Steinberg Media Technologies GmbH)
Steinberg Cubase 7.5 (HKLM-x32\...\{C75F4809-1E91-49F4-8093-45D9B053E89D}) (Version: 7.5.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg EDM Toolbox MIDI Loops (HKLM-x32\...\{8C9B2EA8-9A30-4347-95E9-10E919C4F32E}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Eucon Adapter 6.5 (HKLM-x32\...\{000F81EC-1EF7-4926-BE38-1B5E3A41E109}) (Version: 6.5.2 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Allen Morgan Signature Drums (HKLM-x32\...\{611A7035-0172-4B9B-8BB6-5046F6867D8A}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE (HKLM-x32\...\{A6790D47-D653-4B88-BED4-96878DBE5191}) (Version: 4.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE (HKLM-x32\...\{EF7800A8-575E-4776-95A5-A9D904A85D5F}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 1.6.1 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop (HKLM-x32\...\{DC0A50F1-AD2A-4B8C-BD9E-C047B3D8F9E5}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue (HKLM-x32\...\{0EB4D2B3-9410-4FB7-AD46-C48CE45B9498}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Stereoizer3 v3.1 (HKLM\...\Stereoizer3_is1) (Version:  - NUGEN Audio)
Sugar Bytes Cyclop 1.0.1 (HKLM\...\Cyclop_is1) (Version: 1.0.1 - Sugar Bytes)
Sugar Bytes Guitarist 1.0.2 (HKLM\...\Guitarist_is1) (Version: 1.0.2 - Sugar Bytes)
Sugar Bytes Guitarist Library 1.0 (HKLM-x32\...\Guitarist Library_is1) (Version: 1.0 - Sugar Bytes)
Sugar Bytes Turnado 1.5 (HKLM\...\Turnado_is1) (Version: 1.5 - Sugar Bytes)
Sylenth1 v2.20 (HKLM\...\Sylenth1_is1) (Version:  - )
SynthMaker 1.0 (HKLM-x32\...\SynthMaker) (Version:  - Outsim)
TC Native Bundle v3.1 (HKLM-x32\...\TC Native Bundle v3.1) (Version:  - )
TerraTec Komplexer VSTi v1.0.2.0 (HKLM-x32\...\TerraTec Komplexer_is1) (Version:  - )
Timeworks ReverbX (HKLM-x32\...\Timeworks ReverbX) (Version:  - )
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version:  - Image-Line bvba)
Tpkd x64 (HKLM\...\{6347E7B5-806F-4302-906A-05C62CCEA502}) (Version: 5.9.6 - PACE Anti-Piracy, Inc.)
Trilogy (HKLM-x32\...\Trilogy_is1) (Version:  - Spectrasonics, Inc.)
TrojanHunter 5.5 (HKLM-x32\...\TrojanHunter_is1) (Version: 5.5 - Mischel Internet Security)
TruePianos 1.4.1 (HKLM\...\TruePianos_is1) (Version:  - 4Front Technologies)
TruePianos: Amber Module 1.4.0 (HKLM-x32\...\TruePianos: Amber Module_is1) (Version:  - 4Front Technologies)
TruePianos: Diamond Module 1.4.0 (HKLM-x32\...\TruePianos: Diamond Module_is1) (Version:  - 4Front Technologies)
TruePianos: Emerald Module 1.4.0 (HKLM-x32\...\TruePianos: Emerald Module_is1) (Version:  - 4Front Technologies)
Tunatic (HKLM-x32\...\Tunatic) (Version:  - )
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
UAD drivers. This may take a while... (x32 Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{b5c448f3-fa31-47bf-85ed-13451fbdfe90}) (Version: 7.3.0.4295 - Universal Audio, Inc.)
UAD Powered Plug-Ins (Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (x32 Version: 7.3.0.4295 - Universal Audio, Inc.) Hidden
URS Classic Console EQ Bundle VST Native (HKLM-x32\...\URS Classic Console EQ Bundle VST Native1.0) (Version: 1.0 - URS Unique Recording Software)
URS Everything EQ Bundle v4.0 (HKLM-x32\...\URS Everything EQ Bundle v4.0) (Version:  - )
USB Display Device (Trigger Family) 13.02.0329.3679 (HKLM-x32\...\{81C5AD1D-C7C6-48AC-AC85-8F04293B1780}) (Version: 13.02.0329.3679 - StarTech)
Vengeance Producer Suite - Glitch Bitch 1.0.3 (HKLM-x32\...\{67715E04-59FB-442A-9A23-76F9C0F0D78D}_is1) (Version:  - keilwerth Audio / Vengeance Sound)
Vengeance Producer Suite - TapeStop 1.0.1 (HKLM-x32\...\{24293F25-0C00-4DD9-8DCD-257E415FF5E4}_is1) (Version:  - keilwerth Audio / Vengeance Sound)
Viral Outbreak v1.00 VSTi (HKLM-x32\...\Viral Outbreak v1.00 VSTi_is1) (Version:  - )
VIRTU 1.0.0 (HKLM\...\VIRTU_is1) (Version: 1.0.0 - Lucidlogix Technologies LTD)
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ 64-bit Redistributables (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (x32 Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
VocALign Pro 4 VST (HKLM-x32\...\{EB77C666-B349-4046-8BD3-E4941119E1EF}) (Version: 4.2 - Synchro Arts Ltd)
V-Station 1.5.1 (HKLM-x32\...\{842C6AFC-7856-4fd9-99AF-8900554ACAA2}_is1) (Version: 1.5.1 - Novation Digital Music Systems Ltd.)
Waves Mercury Bundle (HKLM-x32\...\Waves Mercury Bundle) (Version: 5.0 - Team AiR)
Waves SSL Collection v1.2 (HKLM-x32\...\Waves SSL Collection v1.2) (Version:  - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - RME Fireface USB (04/02/2014 1.0.46.0) (HKLM\...\EA40120374767D22CA5438C62B3763D87EB7BEB0) (Version: 04/02/2014 1.0.46.0 - RME)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WordBuilder (HKLM-x32\...\{B7DAD844-34CD-456B-83CC-88065323DD69}) (Version: 1.1.21 - East West)
XFastUsb (HKLM-x32\...\XFastUsb) (Version:  - )
Yamaha Steinberg FW Driver (HKLM-x32\...\InstallShield_{755036CF-6EC8-48E3-A193-B3434E8A4F59}) (Version: 1.6.5 - Yamaha Corporation)
Yamaha Steinberg FW Driver (Version: 1.6.5 - Yamaha Corporation) Hidden
YTD Video Downloader 4.7.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.1 - GreenTree Applications SRL)
Zero-G Nostalgia (HKLM-x32\...\Zero-G Nostalgia) (Version:  - )

==================== Restore Points  =========================

06-06-2012 19:37:15 Installed Active@ ISO Burner
06-06-2012 19:37:45 SPTD setup V1.62
22-05-2014 13:50:35 ComboFix created restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-22 16:28 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {19BE80B5-54F2-4DBB-A5FE-5E5453896226} - System32\Tasks\Google Updater and Installer => C:\Users\Rafa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {1AB66A4A-F6E6-43CA-A080-197C00D1C61F} - System32\Tasks\AdobeAAMUpdater-1.0-Rafa-PC-Rafa => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {1B37D9E5-3425-46E7-8C57-2D94552EC7BB} - System32\Tasks\{F68D4C34-DD44-4E41-9633-193DC626206B} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {221B9D0C-B2DF-4B57-AC9D-33BE824FE9D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {4727FFD6-A804-4ECD-B1E9-BCD53AFF1D24} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-680937111-310360728-3594482816-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {4CE47BE3-3942-40B5-AE81-EC304CFC9577} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {5B98D882-72B5-422D-B9CA-E9D85DF1B5B6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {6AC39706-D091-468D-83C4-7A8DF6E979FA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-680937111-310360728-3594482816-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {7A07574B-B584-407D-81E2-3323EA442BD2} - \Browser Manager No Task File <==== ATTENTION
Task: {84326A1B-429A-4188-AB35-B2C558D03636} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {84AB0070-4A65-462A-BEDD-1CEC7CB02CB5} - System32\Tasks\{C7DD9DD2-B840-48A2-A54F-E67DADD4518E} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {88B6246D-3C3C-43D3-BF7F-BE11C23B88DC} - System32\Tasks\{B8B5160B-43C2-44F5-ABB5-A6C7375B9D91} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {8946CD17-40AD-41EA-BFC9-A92971E73976} - \DealPly No Task File <==== ATTENTION
Task: {8F18BF3C-4BCB-4A2D-B28E-F067F95B17D9} - System32\Tasks\Amazon Music Helper => C:\Users\Rafa\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2013-12-12] ()
Task: {C0D44A6D-9C3C-46A6-8135-1075D0504BD1} - System32\Tasks\{7EE3FCBD-EA2D-43A4-97C5-8D3A75FF8DF4} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {DA3623FC-BFCA-4CE2-8BA9-E09CA4E5744E} - System32\Tasks\{A17CBABF-DCC3-4AC2-B912-F5108225B8C7} => C:\Program Files (x86)\Steinberg\Cubase 5\Cubase5.exe
Task: {F294DDB7-8BC5-4E5A-BFAE-5E0189AAF08F} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-05-23] (RealNetworks, Inc.)
Task: {FF4983CF-5622-4E85-8ED6-062DF8FD97CA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-03-20 17:33 - 2014-02-08 19:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-26 22:12 - 2012-08-28 14:20 - 00313432 _____ () C:\Windows\system32\GManager.exe
2013-08-26 22:12 - 2011-05-03 18:13 - 00199296 _____ () C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
2011-08-31 16:40 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-08-30 21:23 - 2011-04-10 04:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 02118032 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 07008656 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 02089360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 01270160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00192912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00758160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll
2011-04-20 19:56 - 2011-04-20 19:56 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
2013-10-03 11:47 - 2013-10-03 11:47 - 00215552 _____ () C:\Windows\system32\UAD2DriverClient.dll
2014-05-22 19:38 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-22 19:38 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-22 19:38 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-22 19:38 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-22 19:38 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:6B2C3EB805B95CCC
AlternateDataStreams: C:\Users\All Users:6B2C3EB805B95CCC
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:6B2C3EB805B95CCC
AlternateDataStreams: C:\ProgramData\Application Data:6B2C3EB805B95CCC
AlternateDataStreams: C:\ProgramData\Microsoft:9GfbPn7I2dnm69Vg8hx83KVZs6I
AlternateDataStreams: C:\ProgramData\Microsoft:arB2SIJxwBlqmBIFgwJ111
AlternateDataStreams: C:\ProgramData\Microsoft:CQYlRZaNOTvnr3sfr4wR1qQ8nWB
AlternateDataStreams: C:\ProgramData\Microsoft:DfR7cG2QbtTrnbsCnvyY
AlternateDataStreams: C:\ProgramData\Microsoft:EMn2wgc2TG24GXM4W8r
AlternateDataStreams: C:\ProgramData\Microsoft:g91J712M2n6reqk6McL7L1In
AlternateDataStreams: C:\ProgramData\Microsoft:haxHCk9aiJr8dqclwRv
AlternateDataStreams: C:\ProgramData\Microsoft:MpWJm58TJ8xnCw4C9
AlternateDataStreams: C:\ProgramData\Microsoft:N5xzcucgqjpNx07Te37XVaWW
AlternateDataStreams: C:\ProgramData\Microsoft:Ojbe8fDrwLNUnRVzFJEk8cY
AlternateDataStreams: C:\ProgramData\Microsoft:R3FhgPZi6qZ6hx64J56zbHKDn
AlternateDataStreams: C:\ProgramData\Microsoft:UoPPj49CoEJPPQwp3QC1ud
AlternateDataStreams: C:\Users\Rafa\Cookies:tljAKpFFkuo8DlcbF
AlternateDataStreams: C:\Users\Rafa\Lokale Einstellungen:AJcbHRGW4XBmKM4CFYxSlKAB
AlternateDataStreams: C:\Users\Rafa\Lokale Einstellungen:cuhSv73dqXMTWOvVsg
AlternateDataStreams: C:\Users\Rafa\AppData\Local:AJcbHRGW4XBmKM4CFYxSlKAB
AlternateDataStreams: C:\Users\Rafa\AppData\Local:cuhSv73dqXMTWOvVsg
AlternateDataStreams: C:\Users\Rafa\AppData\Local\8fqn0PiuYWM5PwH:x4aeB20PPn2olnnjA4
AlternateDataStreams: C:\Users\Rafa\AppData\Local\Anwendungsdaten:AJcbHRGW4XBmKM4CFYxSlKAB
AlternateDataStreams: C:\Users\Rafa\AppData\Local\Anwendungsdaten:cuhSv73dqXMTWOvVsg
AlternateDataStreams: C:\Users\Rafa\AppData\Local\Temporary Internet Files:7I32hhmb4yY1GsOxB0eRjX2YLT
AlternateDataStreams: C:\Users\Rafa\AppData\Local\Temporary Internet Files:aGBT1PY25E2Uu8mEiu0Efbmxv
AlternateDataStreams: C:\Users\Rafa\AppData\Local\Temporary Internet Files:QFWKewmrb5MD0x0ukZgFbQ
AlternateDataStreams: C:\Users\Rafa\AppData\Local\Temporary Internet Files:ywfIgNmf3W1ZrIAeoqe0wacHqp9

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Windows-Ereignisprotokoll wird gestartet.
Windows-Ereignisprotokoll konnte nicht gestartet werden.

Ein Systemfehler ist aufgetreten.

Das System hat keinen Meldungstext f�r die Meldungsnummer 0x1069 in der Meldungsdatei (null) gefunden.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 4201 eingeben.


==================== Memory info ===========================

Percentage of memory in use: 16%
Total physical RAM: 16296.58 MB
Available physical RAM: 13607.65 MB
Total Pagefile: 32591.35 MB
Available Pagefile: 29708.56 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.5 GB) (Free:199.41 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Rafau) (Fixed) (Total:465.76 GB) (Free:3.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F99A8EF3)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 1CB12ABD)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================

cosinus 23.05.2014 09:35
Zitat:
Running from C:\Users\Mama\Desktop
Dieses Benutzerkonto scheint i.O. zu sein. Kannst du damit normal arbeiten?

Rafau2012 23.05.2014 11:24
Ja kann super damit arbeiten...und ist sogar sehr schnell!

Nur meine ganzen Firefox Ljnks (seiten) sind weg und...und die ganzen programme!

hmm

Wie kann ich das Profil jetzt wieder so zurücksetzen wie es beim anderen war?

z.b. Firefox seiten und keys


sind die alten firefox daten auf dem alten profil vorhandenß???

cosinus 23.05.2014 11:43
Die sind nicht weg. Du bist in einem völlig anderen Nutzerkonto, da ist das Sinn und Zweck, dass dieses Konto ein völlig anderes Profil hat und selbstverständlich nicht dein Firefox-Profil haben kann!

Dein Firefox-Profil findest du in C:\Users\rafa\AppData\Roaming\Mozilla\; von dort am besten mal den Ordner Firefox nach C:\Users\Mama\AppData\Roaming\Mozilla\ kopieren. Den dort vorhandenen Ordner Firefox umbenennen zB zu Firefox-backup

Rafau2012 23.05.2014 11:52
Oh geilo:) dankeschön! (Profi)

Ich bekomme auch ständig eine fehlermeldung wen ich mich am profil anmelde!

Problem occured while loading userSettings.xml.
The Error returned is:
Cannot find C:/Users/mama/lucidlogix/userSettings.xml.

Would you like to restore files to default?
(Pressing NO will quit VirtuControlPanel)


Was n des??

cosinus 23.05.2014 11:55
Zitat:
Was n des??
Google bei dir defekt? :D

Scheint zu diesem Programm gehören:

VIRTU 1.0.0 (HKLM\...\VIRTU_is1) (Version: 1.0.0 - Lucidlogix Technologies LTD

Kein Plan ob man das wirklich braucht, ich bräuchte es nicht...

Rafau2012 23.05.2014 16:41
:)

sag mal...was mache ich jetzt mit dem anderen (Rafa) Profil? löschen oder behalten? oder wie gehe ich jetzt vor??

cosinus 23.05.2014 21:00
Warum willst du das sofoert löschen?! Behalt es falls du da doch vergessen hast wichtige Daten rauszufischen

Rafau2012 23.05.2014 22:06
Ja haste recht! Sag mal wo krieg ich die Daten für Google chrome?? Ich hab vergessen das ich chrome benutzt habe und nicht Firefox:/

cosinus 24.05.2014 14:18
Das sind die Profilordner von Google Chrome:

Code:
Windows XP:
%USERPROFILE%\Local Settings\Application Data\Google\Chrome\User Data\

Windows Vista/Windows 7/Windows 8:
%LOCALAPPDATA%\Google\Chrome\User Data\


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:18 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131