Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows Explorer stürzt ab, extreme Leistungsprobleme!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 13.04.2015, 22:25   #1
User54
 
Windows Explorer stürzt ab, extreme Leistungsprobleme! - Standard

Windows Explorer stürzt ab, extreme Leistungsprobleme!



Guten Abend,

seit mittlerweile 2 Tagen ist mein Rechner nun nahezu unbenutzbar durch einen mir unbekannten Virus. Der vermeintliche Virus spiegelt sich dadurch wieder das er die "explorer.exe" andauernd zum Absturz bringt, auf dem PC eine extrem unterdurchschnittliche Leistung herbeiführt und zudem das Betriebssystem, in diesem Fall Windows 7 (64-Bit), zum Absturz bringt. Mittlerweile gehen die Performance-Probleme so weit, dass in unregelmäßigen Abständen regelrechte "Pausen" in denen lediglich die Maus bedienbar ist hervorgerufen werden. Zudem ist ein normaler PC-Start nicht mehr möglich, denn mittlerweile gibt es 3-Optionen die eintreffen können: 1. PC Startet, Fehlermeldung kommt: "Windows failed to start" - 2 Optionen - "Launch Windows Startup Repair (Recommended)" Oder "Start Windows normally" // Startup Repair ist bereits mehrmals ohne Erfolg durchgelaufen, starten von Windows resultiert in einem 30Min. andauernden Blackscreen nach dem "erstrahlen" des Windows Logos. // Möglichkeit 2: Ein Screen wird angezeigt: "Reboot and select proper Boot device or insert boot media in selected boot device and press a key" - Daraufhin drücke ich auf einen Buchstaben, und die Nachricht erscheint erneut. // Möglichkeit 3: Windows startet normal, beim "erstrahlen" des Logo's gibt es einen Blackscreen der 30min. Andauert, anschließend hat mein Zugriff auf das Betriebssystem, allerdings nur mäßig Möglichkeiten aufgrund der Leistungs-Probleme. Habe in diesem Stadium bereits versucht Kaspersky laufen zu lassen, nach 30min. kam ein Blackscreen und die in 2. genannte Meldung. - Bitte um Hilfe!

Alt 14.04.2015, 05:31   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Explorer stürzt ab, extreme Leistungsprobleme! - Standard

Windows Explorer stürzt ab, extreme Leistungsprobleme!



Hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 14.04.2015, 17:49   #3
User54
 
Windows Explorer stürzt ab, extreme Leistungsprobleme! - Standard

Windows Explorer stürzt ab, extreme Leistungsprobleme!



FRST.txt
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2015
Ran by raphael (administrator) on RAPHAEL-PC on 14-04-2015 18:41:22
Running from C:\Users\raphael\Downloads
Loaded Profiles: raphael (Available profiles: raphael)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Englisch (USA)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek) C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RtlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RtWLan.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Qihu Software Co. Limited) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Dropbox, Inc.) C:\Users\raphael\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mfeann.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [136512 2008-03-14] (McAfee, Inc.)
HKLM-x32\...\Run: [ShStatEXE] => C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE [124240 2008-09-29] (McAfee, Inc.)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1208944 2015-03-09] ()
HKU\S-1-5-21-1160107135-533625284-1534127792-1000\...\MountPoints2: {db30d1c7-6194-11e2-ad4e-806e6f6e6963} - E:\Bin\ASSETUP.exe
Startup: C:\Users\raphael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\raphael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\raphael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\raphael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\raphael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\raphael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\raphael\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\raphael\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\raphael\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49302;https=127.0.0.1:49302
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1160107135-533625284-1534127792-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKU\S-1-5-21-1160107135-533625284-1534127792-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
URLSearchHook: HKU\S-1-5-21-1160107135-533625284-1534127792-1000 - (No Name) - {2d8d9acc-f6d7-4362-8876-a275ca929591} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO-x32: GetRight IE Helper -> {31FF080D-12A3-439A-A2EF-4BA95A3148E8} -> C:\Program Files (x86)\GetRight\xx2gr.dll [2009-10-19] (Headlight Software, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1160107135-533625284-1534127792-1000 -> No Name - {2D8D9ACC-F6D7-4362-8876-A275CA929591} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\raphael\AppData\Roaming\Mozilla\Firefox\Profiles\4gqumplt.default
FF DefaultSearchEngine,S: 
FF DefaultSearchUrl: 
FF SearchEngineOrder.1: 
FF SearchEngineOrder.1,S: 
FF SelectedSearchEngine,S: 
FF Keyword.URL: 
FF Homepage: about:home|hxxp://www.giga.de/androidnews/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-06] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-04-08] ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2013-04-02] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-10-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-10-16] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-01-01] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2009-11-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-01-01] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-07-31] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Amazon-Icon - C:\Users\raphael\AppData\Roaming\Mozilla\Firefox\Profiles\4gqumplt.default\Extensions\amazon-icon@giga.de [2015-04-11]
FF Extension: Security Protection - C:\Users\raphael\AppData\Roaming\Mozilla\Firefox\Profiles\4gqumplt.default\Extensions\detgdp@gmail.com [2014-12-26]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-03-31]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-02-16]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-01-01]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\raphael\AppData\Roaming\Mozilla\Firefox\Profiles\4gqumplt.default\extensions\detgdp@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: 360网页保护 - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2015-04-07]

Chrome: 
=======
CHR Profile: C:\Users\raphael\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-31]
CHR Extension: (Google Drive) - C:\Users\raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-14]
CHR Extension: (YouTube) - C:\Users\raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-31]
CHR Extension: (Google Search) - C:\Users\raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-31]
CHR Extension: (RealDownloader) - C:\Users\raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-07-31]
CHR Extension: (Google Wallet) - C:\Users\raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-14]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-07-31]
CHR Extension: (Gmail) - C:\Users\raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-14]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-04-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ACT2_Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [1421216 2011-08-22] ()
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43112 2012-02-16] (ArcSoft Inc.)
R2 AsusSE; C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RtlService.exe [36864 2012-04-09] (Realtek) [File not signed]
S3 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S3 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S3 HcwDevCentralService; C:\Program Files (x86)\Hauppauge\DeviceCentral\HcwDevCentralService.exe [291736 2012-08-21] (Hauppauge Computer Works, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 McAfeeEngineService; C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe [17920 2008-09-29] (McAfee, Inc.)
R2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [103744 2008-03-14] (McAfee, Inc.)
R2 McShield; C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe [175072 2008-09-29] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [62800 2008-09-29] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [75656 2008-09-29] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1930608 2015-03-28] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-01-05] ()
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [821872 2015-03-09] ()
S3 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\RpcAgentSrv.exe [73200 2014-10-06] (SiSoftware) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
S2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [21096 2009-07-13] (The Within Network, LLC)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [100424 2015-03-09] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2015-03-09] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2015-03-09] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-03-09] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [314448 2015-03-09] (Qihu 360 Software Co., Ltd.)
R2 ACT2PM; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [15160 2011-06-10] ()
S1 archlp; C:\Windows\SysWow64\Drivers\archlp.sys [10624 2008-01-25] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-17] (AVG Technologies)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2015-03-09] (Qihu 360 Software Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-01] (Disc Soft Ltd)
S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [50288 2012-11-12] (UB658)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [96016 2008-09-29] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [118688 2008-09-29] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [465792 2008-09-29] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [75800 2008-09-29] (McAfee, Inc.)
R1 mfetdik; C:\Windows\System32\drivers\mfetdik.sys [82504 2008-09-29] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S2 uxpatch; C:\Windows\SysWOW64\drivers\uxpatch.sys [25448 2009-07-13] ()
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-14 18:41 - 2015-04-14 18:42 - 00023621 _____ () C:\Users\raphael\Downloads\FRST.txt
2015-04-14 18:41 - 2015-04-14 18:41 - 00000000 ____D () C:\FRST
2015-04-14 18:39 - 2015-04-14 18:39 - 02096640 _____ (Farbar) C:\Users\raphael\Downloads\FRST64.exe
2015-04-13 22:05 - 2015-04-14 18:30 - 05121336 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-13 20:44 - 2015-04-13 20:44 - 00130104 _____ () C:\Users\raphael\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-13 18:46 - 2015-04-13 18:46 - 00006768 ____N () C:\bootsqm.dat
2015-04-13 17:52 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-13 17:52 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-13 17:52 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-13 17:52 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-13 17:52 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-13 17:52 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-13 17:52 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-13 17:52 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-13 17:51 - 2015-04-14 08:03 - 00000000 ___SD () C:\ComboFix
2015-04-13 17:50 - 2015-04-13 17:51 - 00000000 ____D () C:\Qoobox
2015-04-13 17:49 - 2015-04-13 17:51 - 00000000 ___SD () C:\32788R22FWJFW
2015-04-13 17:49 - 2015-04-13 17:49 - 00000000 ____D () C:\Windows\erdnt
2015-04-13 17:48 - 2015-04-13 17:49 - 05617275 ____R (Swearware) C:\Users\raphael\Downloads\ComboFix.exe
2015-04-12 21:25 - 2015-04-13 17:41 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-04-11 22:09 - 2015-04-13 17:52 - 00000000 ____D () C:\Users\raphael\AppData\Roaming\TeamViewer
2015-04-11 21:44 - 2015-04-11 21:44 - 00001043 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-04-11 21:44 - 2015-04-11 21:44 - 00001031 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-04-11 21:44 - 2015-04-11 21:44 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-04-11 21:43 - 2015-04-11 21:44 - 07969808 _____ (TeamViewer GmbH) C:\Users\raphael\Downloads\TeamViewer_Setup_de.exe
2015-04-11 21:42 - 2015-04-11 21:42 - 00393960 _____ () C:\Users\raphael\Downloads\TeamViewer_Setup_de_CB-DL-Manager.exe
2015-04-11 21:02 - 2015-04-11 21:25 - 00000000 ____D () C:\Users\raphael\Documents\ETS2MP
2015-04-11 21:02 - 2015-04-11 21:02 - 00001189 _____ () C:\Users\Public\Desktop\Play Euro Truck Simulator 2 Multiplayer.lnk
2015-04-11 21:02 - 2015-04-11 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer
2015-04-11 21:02 - 2015-04-11 21:02 - 00000000 ____D () C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer
2015-04-11 20:59 - 2015-04-11 20:59 - 08290686 _____ () C:\Users\raphael\Downloads\ets2mp_client.zip
2015-04-11 17:51 - 2015-04-11 17:52 - 18371254 _____ () C:\Users\raphael\Downloads\ETS2 - Mercedes Benz E63 AMG.rar
2015-04-11 17:36 - 2015-04-11 17:36 - 16929933 _____ () C:\Users\raphael\Downloads\Mercedes-E63-AMG.rar
2015-04-11 17:04 - 2015-04-11 17:05 - 00024269 _____ () C:\Users\raphael\Downloads\Icon.rar
2015-04-11 04:50 - 2015-04-11 04:51 - 24179992 _____ () C:\Users\raphael\Downloads\Exetrize Mods - Mercedes_Benz_Sprinter_311CDI.rar
2015-04-11 02:01 - 2015-04-11 02:01 - 00001085 _____ () C:\Users\raphael\Desktop\Cheat Engine.lnk
2015-04-11 02:01 - 2015-04-11 02:01 - 00000000 ____D () C:\Users\raphael\Documents\My Cheat Tables
2015-04-11 02:01 - 2015-04-11 02:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-04-11 02:01 - 2015-04-11 02:01 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2015-04-11 02:00 - 2015-04-11 02:00 - 00000187 _____ () C:\Users\raphael\Desktop\Amazon.de.url
2015-04-11 02:00 - 2015-04-11 02:00 - 00000000 ____D () C:\Users\raphael\AppData\Local\Temp50c055e764d5a734a1d5cb7044eb30b0
2015-04-11 01:59 - 2015-04-11 01:59 - 01047704 _____ () C:\Users\raphael\Downloads\Cheat-Engine-lnstall.exe
2015-04-11 01:44 - 2015-04-13 17:52 - 00000000 ____D () C:\Users\raphael\Documents\Euro Truck Simulator 2
2015-04-11 01:41 - 2015-04-11 01:42 - 21516362 _____ () C:\Users\raphael\Downloads\BMW_X5_E70_With_Interior_v1.0.zip
2015-04-11 01:41 - 2015-04-11 01:41 - 03057995 _____ () C:\Users\raphael\Downloads\Fiat_ducato_Ai_Traffic_By_Taina95.rar
2015-04-11 01:40 - 2015-04-11 01:41 - 15979438 _____ () C:\Users\raphael\Downloads\ets2_1.13.xx_Jeep_Grand_Cheeroke_SRT8.rar
2015-04-11 01:40 - 2015-04-11 01:40 - 16535980 _____ () C:\Users\raphael\Downloads\ets2_1.13.xx_Jeep_Grand_Cheeroke_SRT8_v1.2a.rar
2015-04-11 01:40 - 2015-04-11 01:40 - 16355001 _____ () C:\Users\raphael\Downloads\Audi_RS4.rar
2015-04-11 01:39 - 2015-04-11 01:39 - 02917574 _____ () C:\Users\raphael\Downloads\AUD__Q7ST.rar
2015-04-10 16:27 - 2015-04-10 16:27 - 00039638 _____ () C:\Users\raphael\Downloads\allura.zip
2015-04-10 02:36 - 2015-04-10 02:36 - 02814202 _____ () C:\Users\raphael\Downloads\Arma3CruiseControl-master.zip
2015-04-09 00:18 - 2015-04-09 00:18 - 612885527 ____N () C:\Windows\MEMORY.DMP
2015-04-09 00:18 - 2015-04-09 00:18 - 00293760 _____ () C:\Windows\Minidump\040915-44756-01.dmp
2015-04-08 23:43 - 2015-04-14 18:28 - 00003136 _____ () C:\Windows\setupact.log
2015-04-08 23:43 - 2015-04-08 23:43 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-08 03:05 - 2015-04-08 03:05 - 00000693 _____ () C:\Users\Public\Desktop\ArtMoney SE v7.43.lnk
2015-04-08 03:05 - 2015-04-08 03:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtMoney SE
2015-04-08 03:05 - 2015-04-08 03:05 - 00000000 ____D () C:\Games
2015-04-08 03:04 - 2015-04-08 03:04 - 01711741 _____ (System SoftLab ) C:\Users\raphael\Downloads\artmoney7431eng.exe
2015-04-07 17:18 - 2015-01-07 05:15 - 00104896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2015-04-07 17:18 - 2015-01-07 05:10 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2015-04-07 17:18 - 2015-01-07 04:44 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2015-04-07 17:18 - 2015-01-07 03:49 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2015-04-07 17:18 - 2015-01-07 03:49 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-04-07 17:18 - 2015-01-07 03:48 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-04-07 17:18 - 2015-01-07 03:48 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-04-07 17:18 - 2015-01-07 03:48 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2015-04-07 17:09 - 2015-04-07 17:09 - 00260764 _____ () C:\Windows\msxml4-KB2758694-chs.LOG
2015-04-07 17:07 - 2015-04-07 17:15 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z...Z.Z.ZZZ
2015-04-07 05:56 - 2015-04-07 05:56 - 19094499 _____ () C:\Users\raphael\Downloads\zz.rar
2015-04-07 03:37 - 2015-04-07 03:37 - 00000000 __SHD () C:\$360Section
2015-04-07 03:26 - 2015-04-07 03:37 - 00000000 ____D () C:\ProgramData\360Quarant
2015-04-07 03:25 - 2015-04-13 17:50 - 00000000 ____D () C:\ProgramData\360TotalSecurity
2015-04-07 03:25 - 2015-04-09 08:07 - 00000000 ____D () C:\Windows\Tasks\360Disabled
2015-04-07 03:25 - 2015-04-07 17:01 - 00000000 ____D () C:\Users\raphael\AppData\Roaming\360safe
2015-04-07 03:25 - 2015-04-07 03:25 - 00001149 _____ () C:\Users\Public\Desktop\360 Total Security.lnk
2015-04-07 03:25 - 2015-04-07 03:25 - 00000000 _RSHD () C:\360SANDBOX
2015-04-07 03:25 - 2015-04-07 03:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2015-04-07 03:25 - 2015-04-07 03:25 - 00000000 ____D () C:\ProgramData\360safe
2015-04-07 03:25 - 2015-03-09 10:00 - 00314448 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\360fsflt.sys
2015-04-07 03:25 - 2015-03-09 10:00 - 00305736 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys
2015-04-07 03:25 - 2015-03-09 10:00 - 00180816 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\BAPIDRV64.SYS
2015-04-07 03:25 - 2015-03-09 10:00 - 00100424 _____ (360.cn) C:\Windows\system32\Drivers\360AntiHacker64.sys
2015-04-07 03:25 - 2015-03-09 10:00 - 00077896 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys
2015-04-07 03:25 - 2015-03-09 10:00 - 00040520 _____ (360.cn) C:\Windows\system32\Drivers\360Camera64.sys
2015-04-07 03:24 - 2015-04-07 03:24 - 00000000 ____D () C:\Program Files (x86)\360
2015-04-07 03:23 - 2015-04-07 03:23 - 01203488 _____ () C:\Users\raphael\Downloads\360 Total Security - CHIP-Installer.exe
2015-04-07 03:18 - 2015-04-07 03:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2015-04-07 03:18 - 2015-04-07 03:18 - 00000000 ____D () C:\ProgramData\Ashampoo
2015-04-07 03:18 - 2015-04-07 03:18 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2015-04-07 03:17 - 2015-04-07 03:17 - 11662984 _____ (Ashampoo GmbH & Co. KG ) C:\Users\raphael\Downloads\ashampoo_core_tuner_2_e2.0.1_sm.exe
2015-04-07 01:41 - 2015-04-07 02:48 - 19266725 _____ () C:\Users\raphael\Downloads\SealDrop-AltisLife-master.zip
2015-04-06 23:10 - 2015-04-06 23:10 - 00000000 ____D () C:\Users\raphael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2015-04-06 23:10 - 2015-04-06 23:10 - 00000000 ____D () C:\Program Files (x86)\Bohemia Interactive
2015-04-06 23:08 - 2015-04-06 23:09 - 41131144 _____ () C:\Users\raphael\Downloads\BI_Editing_Tools_2_5_1_Setup.exe
2015-04-06 23:02 - 2015-04-06 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2015-04-06 23:01 - 2015-04-06 23:01 - 02145555 _____ () C:\Users\raphael\Downloads\TexView2.zip
2015-04-06 19:32 - 2015-04-06 19:32 - 00002595 _____ () C:\Users\Public\Desktop\PBOManager v.1.4 beta.lnk
2015-04-06 19:32 - 2015-04-06 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PBO Manager
2015-04-06 19:32 - 2015-04-06 19:32 - 00000000 ____D () C:\Program Files\PBO Manager v.1.4 beta
2015-04-06 19:02 - 2015-04-06 19:02 - 06239460 _____ () C:\Users\raphael\Downloads\Polizeiskins-by-KZGames.rar
2015-04-06 18:38 - 2015-04-06 18:39 - 00801690 _____ () C:\Users\raphael\Downloads\Polizeiuniformskins-by-KZGames.rar
2015-04-05 03:02 - 2015-04-14 08:03 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-05 03:02 - 2015-04-05 03:02 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-03 19:53 - 2015-04-03 19:53 - 00060785 _____ () C:\Users\raphael\Documents\ts3_clientui-win64-1407159763-2015-04-03 19_53_20.415678.dmp
2015-04-02 16:04 - 2015-04-02 16:04 - 00070656 _____ () C:\Users\raphael\Downloads\SQM2BIEdi.exe
2015-04-02 16:04 - 2015-04-02 16:04 - 00000131 _____ () C:\Users\raphael\Downloads\3d.altis.rar
2015-04-02 15:42 - 2015-04-14 18:34 - 00000000 ___RD () C:\Users\raphael\Dropbox
2015-04-01 00:19 - 2015-04-01 00:19 - 00014472 _____ () C:\Users\raphael\Downloads\@101_editor_v1140717.rar
2015-03-31 17:20 - 2015-03-31 17:20 - 03704732 _____ () C:\Users\raphael\Downloads\pbo_manager_v14 (1).7z
2015-03-31 04:33 - 2015-03-31 04:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-30 03:56 - 2015-03-30 03:56 - 06420600 _____ (Tim Kosse) C:\Users\raphael\Downloads\FileZilla_3.10.3_win64-setup.exe
2015-03-30 03:52 - 2015-03-30 03:52 - 07166588 _____ () C:\Users\raphael\Downloads\wordpress-4.1.1-de_DE.zip
2015-03-30 03:51 - 2015-03-30 03:51 - 01203488 _____ () C:\Users\raphael\Downloads\WordPress - CHIP-Installer.exe
2015-03-30 02:55 - 2015-03-30 02:55 - 00146948 _____ () C:\Users\raphael\Documents\cc_20150330_025529.reg
2015-03-29 23:14 - 2015-03-29 23:14 - 00339729 _____ () C:\Users\raphael\Downloads\siteorigin-panels.2.0.7.zip
2015-03-29 05:21 - 2015-03-29 05:22 - 22645391 _____ () C:\Users\raphael\Downloads\Albook_extended_811_icons_by_StopDreaming.rar
2015-03-26 18:36 - 2015-04-09 18:14 - 00000000 ____D () C:\Users\raphael\AppData\Local\Arma 3 Launcher
2015-03-26 18:36 - 2015-03-26 18:36 - 00000000 ____D () C:\Users\raphael\AppData\Local\Bohemia_Interactive
2015-03-25 18:27 - 2015-03-25 18:28 - 88541782 _____ () C:\Users\raphael\Downloads\Koenigsegg ccx vray.rar
2015-03-25 18:24 - 2015-03-25 18:24 - 08368900 _____ () C:\Users\raphael\Downloads\q7x9bac5szy8-m5.zip
2015-03-23 01:26 - 2015-03-23 01:26 - 00000000 ____D () C:\Users\raphael\AppData\Local\PboM
2015-03-23 01:23 - 2015-03-23 01:24 - 49619206 _____ () C:\Users\raphael\Downloads\GO-AltisLife.de - Arma 3 Original Skins.rar
2015-03-23 01:04 - 2015-03-23 01:04 - 03704732 _____ () C:\Users\raphael\Downloads\pbo_manager_v14.7z
2015-03-22 03:03 - 2015-03-22 03:03 - 00000000 ____D () C:\Users\raphael\AppData\Local\SyncedPatcher
2015-03-22 03:02 - 2015-03-22 03:02 - 00962560 _____ (Juan Rodriguez Cabrillo) C:\Users\raphael\Downloads\synced-gaming_launcher_gray.exe
2015-03-15 06:55 - 2015-03-15 06:55 - 00000000 __SHD () C:\found.004

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-14 18:37 - 2009-07-14 06:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-14 18:37 - 2009-07-14 06:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-14 18:34 - 2014-06-27 18:15 - 00000000 ____D () C:\Users\raphael\AppData\Roaming\Dropbox
2015-04-14 18:27 - 2013-01-18 20:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-14 18:27 - 2013-01-18 19:39 - 00000000 ____D () C:\Users\raphael
2015-04-14 18:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-14 08:03 - 2014-04-25 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-14 08:03 - 2013-12-30 00:50 - 00000000 ____D () C:\ProgramData\jknnegaghihiehileooocidijlmadgbi
2015-04-14 08:03 - 2013-01-19 18:47 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-14 08:02 - 2015-01-04 23:56 - 00000000 ____D () C:\Users\raphael\AppData\Roaming\Notepad++
2015-04-14 08:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-04-13 21:12 - 2013-01-25 20:23 - 00000000 ____D () C:\QUARANTINE
2015-04-13 21:05 - 2013-01-19 18:47 - 00000000 ____D () C:\ProgramData\Skype
2015-04-13 20:56 - 2015-02-08 19:20 - 00000000 ____D () C:\Users\raphael\AppData\Roaming\TS3Client
2015-04-13 17:52 - 2015-01-11 21:35 - 00000000 ____D () C:\Users\raphael\AppData\Roaming\FileZilla
2015-04-13 17:52 - 2013-01-26 01:36 - 00000000 ____D () C:\Users\raphael\AppData\Local\CrashDumps
2015-04-13 17:52 - 2013-01-19 22:58 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-13 17:51 - 2014-02-02 18:50 - 00002446 __RSH () C:\ProgramData\ntuser.pol
2015-04-13 15:42 - 2013-01-18 19:34 - 01621603 _____ () C:\Windows\WindowsUpdate.log
2015-04-12 23:39 - 2013-01-18 20:58 - 00689126 _____ () C:\Windows\system32\perfh007.dat
2015-04-12 23:39 - 2013-01-18 20:58 - 00149098 _____ () C:\Windows\system32\perfc007.dat
2015-04-12 23:39 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-12 21:14 - 2015-02-08 19:14 - 00000000 ____D () C:\Users\raphael\AppData\Local\Arma 3
2015-04-12 19:41 - 2013-01-19 18:47 - 00000000 ____D () C:\Users\raphael\AppData\Roaming\Skype
2015-04-11 03:59 - 2014-12-13 16:07 - 00000000 ____D () C:\Users\raphael\AppData\Local\Mirillis
2015-04-11 01:23 - 2015-02-08 18:02 - 00000000 ____D () C:\Users\raphael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-04-10 16:32 - 2014-04-26 01:53 - 00000132 _____ () C:\Users\raphael\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-04-09 06:21 - 2014-09-30 18:17 - 00000000 ____D () C:\Program Files (x86)\FS Recorder for FSX
2015-04-09 03:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-09 00:21 - 2013-01-19 00:36 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-09 00:21 - 2013-01-19 00:36 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-09 00:21 - 2013-01-19 00:36 - 00003770 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-09 00:18 - 2013-09-21 01:57 - 00000000 ____D () C:\Windows\Minidump
2015-04-08 23:46 - 2014-06-27 18:16 - 00001025 _____ () C:\Users\raphael\Desktop\Dropbox.lnk
2015-04-08 23:46 - 2014-06-27 18:16 - 00000000 ____D () C:\Users\raphael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-08 08:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-07 17:09 - 2013-12-27 02:53 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2015-04-07 03:41 - 2013-01-19 04:30 - 00000000 ____D () C:\Windows\Panther
2015-04-07 03:40 - 2014-03-18 22:46 - 00000000 ____D () C:\Users\raphael\AppData\Roaming\.minecraft
2015-04-07 03:40 - 2013-08-13 21:50 - 00000000 ____D () C:\Users\raphael\AppData\Roaming\PandoraRecovery
2015-04-07 03:38 - 2013-01-25 17:14 - 00000000 ____D () C:\Users\raphael\AppData\Roaming\Sony
2015-04-07 03:37 - 2014-12-25 18:37 - 00003888 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-04-07 03:37 - 2014-12-24 15:31 - 00003372 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1160107135-533625284-1534127792-1000
2015-04-07 03:37 - 2014-01-26 13:32 - 00003242 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1160107135-533625284-1534127792-1000
2015-04-07 03:37 - 2014-01-01 19:51 - 00003350 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1160107135-533625284-1534127792-1000
2015-04-07 03:37 - 2014-01-01 19:51 - 00003220 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1160107135-533625284-1534127792-1000
2015-04-07 03:08 - 2013-03-10 00:24 - 01583208 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-06 13:22 - 2015-02-04 14:52 - 00000000 ____D () C:\ProgramData\Origin
2015-04-06 13:21 - 2015-02-04 14:52 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-04-02 15:41 - 2014-06-27 18:16 - 00000000 ___RD () C:\Users\raphael\Dropbox (Alt)
2015-04-01 22:19 - 2013-10-18 21:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-31 04:14 - 2013-03-09 20:27 - 00000000 ____D () C:\Users\raphael\AppData\Local\join.me
2015-03-29 20:07 - 2013-04-12 15:48 - 00000000 ____D () C:\Users\raphael\AppData\Roaming\Media Player Classic
2015-03-29 20:06 - 2013-01-18 19:58 - 00000000 ____D () C:\Users\raphael\AppData\Roaming\BitTorrent
2015-03-29 20:03 - 2014-12-12 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LHBP, Ferihegy HUNGARY for FS2004 A Century Of Flight
2015-03-29 20:03 - 2014-10-10 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZCA
2015-03-29 20:03 - 2014-06-15 22:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2015-03-29 19:57 - 2014-12-07 23:15 - 00186368 ___SH () C:\Users\raphael\Documents\Thumbs.db
2015-03-29 19:56 - 2014-10-14 00:55 - 00000000 ____D () C:\Users\raphael\Documents\REX Essentials
2015-03-29 19:55 - 2014-10-13 22:04 - 00000000 ____D () C:\Users\raphael\Documents\PMDG
2015-03-29 19:55 - 2014-08-28 18:29 - 00000000 ____D () C:\Users\raphael\Documents\Ice Bucket Challenge
2015-03-29 19:55 - 2014-08-01 17:18 - 00000000 ____D () C:\Users\raphael\Documents\Astral Mathy L7 Response Project File
2015-03-28 02:15 - 2014-09-20 12:00 - 00000000 ____D () C:\Users\raphael\Documents\Flight Simulator X-Dateien
2015-03-15 18:35 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-15 00:01 - 2013-03-20 16:11 - 00001456 _____ () C:\Users\raphael\AppData\Local\Adobe Für Web speichern 13.0 Prefs

==================== Files in the root of some directories =======

2015-01-11 21:34 - 2015-01-11 21:34 - 9504896 _____ () C:\Program Files (x86)\FileZilla_3.10.0_win32.zip
2013-11-10 20:15 - 2014-06-22 20:43 - 0003730 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-10-12 01:46 - 2015-01-06 00:46 - 0000132 _____ () C:\Users\raphael\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2015-02-04 17:41 - 2015-02-04 17:41 - 0000132 _____ () C:\Users\raphael\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
2014-04-26 01:53 - 2015-04-10 16:32 - 0000132 _____ () C:\Users\raphael\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-11-26 15:26 - 2015-01-06 01:18 - 0000132 _____ () C:\Users\raphael\AppData\Roaming\Adobe CS6-Targa-Format - Voreinstellungen
2014-10-09 14:36 - 2014-10-16 15:35 - 0000064 _____ () C:\Users\raphael\AppData\Roaming\Sandra.ldb
2014-10-09 14:36 - 2014-10-03 21:58 - 14286848 _____ () C:\Users\raphael\AppData\Roaming\Sandra.mdb
2013-03-20 16:11 - 2015-03-15 00:01 - 0001456 _____ () C:\Users\raphael\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-05-05 17:22 - 2014-01-22 18:21 - 0007597 _____ () C:\Users\raphael\AppData\Local\Resmon.ResmonCfg
2014-03-09 21:21 - 2014-03-09 21:21 - 0000003 _____ () C:\Users\raphael\AppData\Local\updater.log
2014-03-09 21:21 - 2014-12-18 21:23 - 0000425 _____ () C:\Users\raphael\AppData\Local\UserProducts.xml
2014-12-06 20:16 - 2014-12-06 20:16 - 0000080 _____ () C:\Users\raphael\AppData\Local\X-Plane Installer.prf
2014-12-06 19:58 - 2014-12-06 19:58 - 0000043 _____ () C:\Users\raphael\AppData\Local\x-plane_install_10.txt

Files to move or delete:
====================
C:\Users\raphael\FSDreamTeam_GSX.reg
C:\Users\raphael\GTA V.exe


Some content of TEMP:
====================
C:\Users\raphael\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_y_206.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-13 19:32

==================== End Of Log ============================
         
Und die Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2015
Ran by raphael at 2015-04-14 18:42:35
Running from C:\Users\raphael\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 6.0.0.1154 - 360 Security Center)
767 Captain (767-300 Base Pack) (HKLM-x32\...\767CAPTAIN) (Version: 1.4.00 - © 1999-2009 Captain Sim)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
AbiWord 2.9.4 (HKLM-x32\...\AbiWord2) (Version: 2.9.4 - AbiSource Developers)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.20.2 - Mirillis)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aerosoft's - Airbus A320-A321 - FSX (HKLM-x32\...\Airbus A320-A321 - FSX) (Version: 1.10 - Aerosoft)
Aerosoft's - Mega Airport Duesseldorf - FSX (HKLM-x32\...\Mega Airport Duesseldorf - FSX) (Version:  - )
aerosoft's - Mega Airport London Heathrow X (HKLM-x32\...\{2F4AF40B-433A-494E-BB41-816D113F32BA}) (Version: 1.10 - aerosoft)
aerosoft's - Professional Flight Planner X (HKLM-x32\...\{1A5D2729-4A3B-4CD5-85C8-4896FD44B78D}) (Version: 1.19 - aerosoft)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - )
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft ShowBiz (x32 Version: 5.0.1.420 - ArcSoft) Hidden
ArcSoft ShowBiz Update (HKLM-x32\...\{4653DA78-3DB2-4F38-A35D-675CA0AF49CA}) (Version: 3.5.41.83 - ArcSoft)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ArtMoney SE v7.43.1 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.43 - System SoftLab)
Ashampoo Core Tuner 2 v.2.0.1 (HKLM-x32\...\{4209F371-2541-6C11-55DB-6103A83FCB9B}_is1) (Version: 2.01 - Ashampoo GmbH & Co. KG)
ASUS PCE-N15 WLAN Card Utilities & Driver (HKLM-x32\...\{556BEFE2-30FF-4113-98F4-01234396DF2B}) (Version: 1.0.0.8 - )
B787 for FSX (HKLM-x32\...\InstallShield_{04241DC8-98A4-41AC-A419-E23D6B401AA0}) (Version: 1.00.0000 - AeroSim Co.,Ltd.)
B787 for FSX (x32 Version: 1.00.0000 - AeroSim Co.,Ltd.) Hidden
Battlefield™ Hardline-Beta (HKLM-x32\...\{F5526D9D-13AD-4270-8707-AC921D168299}) (Version: 1.0.0.2 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.7.3.28796 - BitTorrent Inc.)
BMW M3 Challenge (HKLM-x32\...\{C4CD208D-E3A2-488B-A4F4-FD8DE3DADD25}_is1) (Version: BMW M3 Challenge v1.0.0.0 - 10TACLE STUDIOS AG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brackets (HKLM-x32\...\{4BCC5124-095C-4871-8562-55FA29DD8773}) (Version: 1.1 - brackets.io)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Camtasia Studio 8 (HKLM-x32\...\{DB93E2C2-851F-44B2-B09C-351D2C624AE1}) (Version: 8.0.4.1060 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
cssSlider (HKLM-x32\...\cssSlider_is1) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
De Sims™ 3 Luxe Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.13.1 - Electronic Arts)
De Sims™ 3 Supersnelle Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
De Sims™ 3 Wereldavonturen (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.28 - DivX, LLC)
Dropbox (HKU\S-1-5-21-1160107135-533625284-1534127792-1000\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
DXTBmp (HKLM-x32\...\{2C1544E4-5DA6-4A72-B1BA-E4692991C1DC}) (Version: 1.00.000 - )
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
Elgato Game Capture HD (HKLM-x32\...\{DDB62CAC-AD5A-4C96-9D38-F42B548B615E}) (Version: 1.42.9.524 - Elgato Systems GmbH)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1.5 R3 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.5 R3 Alpha - ETS2MP Team)
EXPERTool v8.5 (HKLM-x32\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.5.0.1 - Gainward Co. Ltd.)
FFsplit version Alpha (HKLM-x32\...\{4AA62353-C8D9-4A05-A425-D9DFC4646B99}_is1) (Version: Alpha - Taqveer Doha)
FileZilla Client 3.10.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse)
FlightBeam Denver FSX (HKLM-x32\...\FlightBeam Denver FSX_is1) (Version: 1.1.2 - FlightBeam.)
FlightBeam Phoenix Sky Harbor FSX (HKLM-x32\...\FlightBeam Phoenix Sky Harbor FSX_is1) (Version: 1.2.4 - FlightBeam)
FlightBeam San Francisco International FSX (HKLM-x32\...\FlightBeam San Francisco International FSX_is1) (Version: 2.1.4 - FlightBeam)
FlightGear 2.10.0.3 (HKLM\...\FlightGear_is1) (Version:  - The FlightGear Team)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Audio CD Burner version 2.0.22.128 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: 2.0.22.128 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.0.128 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.0.128 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.0.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.0.128 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 3.2.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.2.1 - Ellora Assets Corporation)
FS Recorder 2.1  for FSX (HKLM-x32\...\{EB74294F-B8FC-4387-BEBF-275E36C6076C}) (Version: 2.1.0.0 - Matthias Neusinger)
FS Water Configurator 3.15 (HKLM\...\FS Water Configurator) (Version:  - )
FSDreamTeam GSX FSX (HKLM-x32\...\FSDreamTeam GSX FSX_is1) (Version: 1.8.4 - VIRTUALI s.a.s.)
FSDreamTeam GSX PaintKit 1.7.9.8 (HKLM-x32\...\FSDreamTeam GSX PaintKit_is1) (Version:  - )
FSDreamTeam KJFK FSX (HKLM-x32\...\FSDreamTeam KJFK FSX_is1) (Version: 1.3.2 - VIRTUALI Sagl)
FSX - Airbus A330-300 Basepack (HKLM-x32\...\FSX - Airbus A330-300 Basepack_is1) (Version:  - Thomas Ruth)
FSX - Airbus A330-300 Lufthansa (HKLM-x32\...\FSX - Airbus A330-300 Lufthansa_is1) (Version:  - Mario Monfrecola)
Game Capture HD v2.3.3.38 (HKLM-x32\...\Game Capture HD v2.3.3.38) (Version: 2.3.3.38 - Elgato Systems)
GenArts Sapphire Plug-ins 6.13 for After Effects and Compatible (HKLM\...\GenArts Sapphire AE_is1) (Version:  - )
GetRight (HKLM-x32\...\GetRight_is1) (Version:  - Headlight Software, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Gyazo 1.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Toshiyuki Masui)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Hauppauge Device Central (HKLM-x32\...\Hauppauge Device Central) (Version: 1.0.30234 - Hauppauge Computer Works, Inc.)
iFly 747-400 for Microsoft Flight Simulator X (HKLM-x32\...\{F356DAD1-2368-4892-8B84-5D3EC3ECCE63}) (Version: 1.0.0.0 - iFly Developer Team)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
IvAp v2.0.2 (build 2773) (HKLM-x32\...\IvAp-v2_is1) (Version:  - IVAO)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
join.me (HKU\S-1-5-21-1160107135-533625284-1534127792-1000\...\JoinMe) (Version: 1.20.0.125 - LogMeIn, Inc.)
Just Flight - 757 Jetliner Freemium (HKLM-x32\...\{B0F7B3B5-E856-4558-BD7C-BDA32943C783}) (Version: 1.00.000 - Just Flight)
Just Flight - FS Insider  C152 (HKLM-x32\...\{E55250B8-D012-47A3-97E2-99FFBD0D3AD3}) (Version: 1.00.000 - Just Flight)
K-Lite Mega Codec Pack 5.4.4 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.4.4 - )
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{3C09DE13-867C-4289-9F95-4510BB3A5F57}) (Version: 11.4.1 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.4.1 - Red Giant Software) Hidden
Majestic MJC8Q400 (HKLM-x32\...\MJC8Q400) (Version:  - )
McAfee Agent (HKLM-x32\...\{A638557B-1F13-40A0-9627-C892FBCA6960}) (Version: 4.0.0.1180 - McAfee, Inc.)
McAfee VirusScan Enterprise (HKLM-x32\...\{147BCE03-C0F1-4C9F-8157-6A89B6D2D973}) (Version: 8.7.0 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator X Demo (HKLM-x32\...\InstallShield_{CF6AE90D-05E8-4D0B-AF79-94F9E1CA5601}) (Version: 1.00.0000 - Microsoft Game Studios)
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
Mozilla Firefox 36.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MP3 Skype recorder (HKLM-x32\...\{2950ED4F-18AD-4571-9045-27D6EBF62320}) (Version: 4.3.0.0 - Alexander Nikiforov)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero BurningROM 12 (HKLM-x32\...\{C0CA68BF-2963-4139-8207-1E83038F86F8}) (Version: 12.0.00800 - Nero AG)
NewBlue 3D Explosions for Vegas (HKLM-x32\...\NewBlue 3D Explosions for Vegas) (Version:  - )
NewBlue 3D Explosions for Windows (HKLM-x32\...\NewBlue 3D Explosions for Windows) (Version:  - )
NewBlue 3D Transformations for Vegas (HKLM-x32\...\NewBlue 3D Transformations for Vegas) (Version:  - )
NewBlue 3D Transformations for Windows (HKLM-x32\...\NewBlue 3D Transformations for Windows) (Version:  - )
NewBlue Art Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Art Blends 2.0 for Vegas) (Version:  - )
NewBlue Art Blends for Windows (HKLM-x32\...\NewBlue Art Blends for Windows) (Version:  - )
NewBlue Art Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Art Effects 2.0 for Vegas) (Version:  - )
NewBlue Art Effects for Windows (HKLM-x32\...\NewBlue Art Effects for Windows) (Version:  - )
NewBlue Film Effects for Vegas (HKLM-x32\...\NewBlue Film Effects for Vegas) (Version:  - )
NewBlue Film Effects for Windows (HKLM-x32\...\NewBlue Film Effects for Windows) (Version:  - )
NewBlue Motion Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Blends 2.0 for Vegas) (Version:  - )
NewBlue Motion Blends for Windows (HKLM-x32\...\NewBlue Motion Blends for Windows) (Version:  - )
NewBlue Motion Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Effects 2.0 for Vegas) (Version:  - )
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version:  - )
NewBlue Paint Blends for Windows (HKLM-x32\...\NewBlue Paint Blends for Windows) (Version:  - )
NewBlue Paint Effects for Windows (HKLM-x32\...\NewBlue Paint Effects for Windows) (Version:  - )
NewBlue Sampler Pack for Windows (HKLM-x32\...\NewBlue Sampler Pack for Windows) (Version:  - )
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version:  - )
NewBlue Video Essentials II  for Windows (HKLM-x32\...\NewBlue Video Essentials II  for Windows) (Version:  - )
NewBlue Video Essentials III  for Windows (HKLM-x32\...\NewBlue Video Essentials III  for Windows) (Version:  - )
Next Car Game Free Technology Demo (HKLM-x32\...\Next Car Game Free Technology Demo) (Version:  - Bugbear Entertainment)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.48 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.48 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera 12.12 (HKLM-x32\...\Opera 12.12.1707) (Version: 12.12.1707 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Paint Kit B787 for FSX (HKLM-x32\...\InstallShield_{1F6AEDCC-46DE-4027-B625-C51AD7805E09}) (Version: 1.00.0000 - AeroSim Co.,Ltd)
Paint Kit B787 for FSX (x32 Version: 1.00.0000 - AeroSim Co.,Ltd) Hidden
Pamela RME 2.0 (HKLM-x32\...\MoodEditor) (Version: 2.0 - Scendix Software-Vertriebsges. mbH)
PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version:  - )
PBO Manager v.1.4 beta (HKLM\...\{127B5371-1802-4EDD-A25A-A43BF761D383}) (Version: 1.4.0 -  )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PMDG 737 8900 NGX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.00.3219 - PMDG Simulations, LLC.)
PMDG 747-400/400F for FSX (HKLM-x32\...\{EDCEE320-0FB3-4197-9F86-8C1CCF2278FB}) (Version: 2.10.0040 - Precision Manuals Development Group)
PMDG 777-200LR/F Base Package FSX (HKLM-x32\...\{0F16340B-5B5B-4531-8D87-4952E3BCA6E6}) (Version: 1.10.6155 - PMDG Simulations, LLC.)
PMDG BAe JS4100 (HKLM-x32\...\{FB647DBE-2231-405D-AC36-C73246CBE305}) (Version: 1.00.0970 - PMDG Simulations, LLC.)
PMDG_MD11_FSX (HKLM-x32\...\{CED6EAB9-9FFD-44B2-939A-D77905AD35F3}) (Version: 1.00.0003 - Precision Manuals Development Group)
PMDG744X_GE_LH (HKLM-x32\...\{20372FAA-3AF4-4B3D-9B1D-564CDEA5957C}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDGMD11X_GE_LH (HKLM-x32\...\{3DB1F8B4-96A5-45B8-9C50-CB5828A0B1C6}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDGMD11XF_GE_LHF (HKLM-x32\...\{93ACD680-40F5-4D37-BC07-52FD96AFDDCD}) (Version: 1.00.0000 - Precision Manuals Development Group)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RAAS Professional by FS2Crew (LOCKED) (HKLM-x32\...\RAAS Professional by FS2Crew (LOCKED)) (Version:  - )
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
ReelSmart Motion Blur 4, After Effects-compatible plugin set (HKLM-x32\...\ReelSmart Motion Blur 4, After Effects-compatible plugin set) (Version:  - )
REX Essential Plus Overdrive (HKLM-x32\...\REX Essential Plus Overdrive 3.6.2013.0415) (Version: 3.6.2013.0415 - REX Game Studios)
REX Essential Plus Overdrive (x32 Version: 3.6.2013.0415 - REX Game Studios) Hidden
Saitek Pro Flight Panels 7.0.34.109 (HKLM-x32\...\{0C95E042-3BED-4E23-9A61-3C111B0B9325}) (Version: 7.0.34.109 - Saitek)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
ShowBiz (HKLM-x32\...\InstallShield_{9D41D2EF-2D33-4CFD-8A3E-C7E6FCC3303B}) (Version: 5.0.1.420 - ArcSoft)
SiSoftware Sandra Lite 2014.SP3e (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 20.50.2014.10 - SiSoftware)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
smartCARS for FlyArcadia (HKLM\...\{573598D4-768F-81CC-918C-39AC15B10C6C}) (Version: 2.0.52.0 - TFDi Design)
Splash PRO (HKLM-x32\...\Mirillis Splash PRO) (Version: 1.13.2 - Mirillis)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)
TexView 2 Uninstall (HKLM-x32\...\TexView 2) (Version:  - )
Theme Resource Changer X64 v1.0 (HKLM\...\Theme Resource Changer X64 v1.0) (Version:  - Bad Ass Apps)
TotalMedia Extreme (HKLM-x32\...\{88B05038-C890-468B-A563-0015FD53CDC3}) (Version:  - ArcSoft)
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{5210717F-CAFD-4F21-8DF7-6ED3862725C4}) (Version: 12.1.0 - Red Giant Software)
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{A27FDB06-60C8-4D5A-BB2F-8038FD151E3C}) (Version: 11.0.3 - Red Giant Software)
Trapcode Suite 64-bit (Version: 11.0.3 - Red Giant Software) Hidden
Trapcode Suite 64-bit (Version: 12.1.0 - Red Giant Software) Hidden
UK2000 Heathrow Free FSX  (HKLM-x32\...\UK2000 Heathrow Free FSX) (Version: 3.0 - UK2000 Scenery)
Unity (HKLM-x32\...\Unity) (Version: 4.5.1f3 - Unity Technologies ApS)
UxStyle Core Beta (HKLM-x32\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 10.0 (64-bit) (HKLM\...\{7B8F9BF0-A1D5-11E0-B4E5-0013D3D69929}) (Version: 10.0.738 - Sony)
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1160107135-533625284-1534127792-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\raphael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1160107135-533625284-1534127792-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\raphael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1160107135-533625284-1534127792-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\raphael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1160107135-533625284-1534127792-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\raphael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1160107135-533625284-1534127792-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\raphael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1160107135-533625284-1534127792-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\raphael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1160107135-533625284-1534127792-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\raphael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1160107135-533625284-1534127792-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\raphael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1160107135-533625284-1534127792-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\raphael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1160107135-533625284-1534127792-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\raphael\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

13-04-2015 17:52:46 ComboFix created restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0CBD5EA8-2364-4B4A-9C01-F0D42D126356} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {28F0860D-96E6-413D-A9F6-72D760133F20} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-19] (Google Inc.)
Task: {452E5117-DE46-4F49-B3CA-9F8F0CC15C9A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-19] (Google Inc.)
Task: {4F14B451-6499-4ABA-BFBE-81799B8CACCE} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1160107135-533625284-1534127792-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {547BE1E6-DB2D-4D65-B563-BAE0EA558B74} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1160107135-533625284-1534127792-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5B305300-943C-41C4-8DE7-8901EBE1042F} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {88AD182C-AC73-42CA-91BB-BF7E4101365F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {90685776-6E0F-4191-8DC1-AC44A5208408} - System32\Tasks\{647612F2-21D9-48C0-AABD-3AD38468F416} => pcalua.exe -a C:\Users\raphael\Downloads\QW146_v1.4_FSX_P3D_Setup.exe -d C:\Users\raphael\Downloads
Task: {956D15DC-D11A-4E51-99B0-0E072E8DF72B} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1160107135-533625284-1534127792-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {A10AA3AE-0868-4B46-A0CA-71FA8F993C81} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1160107135-533625284-1534127792-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {A464F4BE-50A7-4778-B492-DBF4C8F0374A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
Task: {BE83D1DD-1B29-4169-935A-3BED37782D28} - System32\Tasks\{1C41F941-396C-4ED3-B314-EF580DA5FB96} => pcalua.exe -a "D:\Graphic Design\Editing Pack\Plugins\Twixtor Sony Vegas Pro 11\Twixtor5.11OFXInstall.exe" -d "D:\Graphic Design\Editing Pack\Plugins\Twixtor Sony Vegas Pro 11"
Task: {D34B6908-90F2-420D-9C1E-5EBE1DB00531} - System32\Tasks\{9F6661BA-5AA7-4D18-A100-D9C6FBE58385} => pcalua.exe -a "D:\ArcSoft Total Media Extreme 1.0.9.4\Installation Files\Setup.exe" -d "D:\ArcSoft Total Media Extreme 1.0.9.4\Installation Files"
Task: {DECD9F4D-7373-47A3-9CF4-8CB124472417} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {E9D7B439-69A7-47F9-BDBB-10DD5009414D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {ECFC8A03-FCDC-4E21-8815-42F2D230E56C} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1160107135-533625284-1534127792-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {FD30C576-A33B-4C62-AA30-949B2C6CF735} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)

==================== Loaded Modules (whitelisted) ==============

2015-04-07 03:25 - 2015-03-09 10:00 - 00821872 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
2013-01-18 20:10 - 2014-10-16 16:11 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-08 12:10 - 2014-12-08 12:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-04-07 03:18 - 2011-08-22 12:44 - 01421216 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
2015-04-07 03:25 - 2015-03-09 10:00 - 01208944 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
2013-01-20 01:59 - 2015-01-05 22:43 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2008-09-29 09:07 - 2008-09-29 09:07 - 00140288 _____ () C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\VsEvntUI.dll
2012-10-11 22:56 - 2012-10-11 22:56 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-10-11 22:56 - 2012-10-11 22:56 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-19 00:09 - 2012-04-09 16:21 - 00126976 _____ () C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\EnumDevLib.dll
2005-08-22 16:38 - 2005-08-22 16:38 - 03264512 _____ () C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll
2008-03-14 05:00 - 2008-03-14 05:00 - 00057344 _____ () C:\Program Files (x86)\McAfee\Common Framework\boost_thread-vc71-mt-1_32.dll
2015-04-14 18:29 - 2015-04-14 18:29 - 00043008 _____ () c:\users\raphael\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_y_206.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\raphael\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\raphael\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\raphael\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\raphael\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2008-09-29 09:07 - 2008-09-29 09:07 - 00148816 _____ () C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsEvntUI.dll
2015-01-16 17:34 - 2015-01-16 17:34 - 00039200 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-07-31 18:35 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-31 18:35 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-31 18:35 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-31 18:35 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-31 18:35 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-10-16 18:51 - 2014-10-16 18:51 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2013-01-18 19:47 - 2012-02-01 17:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-07-31 18:35 - 2014-07-15 11:24 - 14664008 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:74603393

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1160107135-533625284-1534127792-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\raphael\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MicroUpdate => All CoD Stat Editor.exe
MSCONFIG\startupreg: MP3 Skype recorder => C:\Users\raphael\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Accounts: =============================

Administrator (S-1-5-21-1160107135-533625284-1534127792-500 - Administrator - Disabled)
Guest (S-1-5-21-1160107135-533625284-1534127792-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1160107135-533625284-1534127792-1005 - Limited - Enabled)
raphael (S-1-5-21-1160107135-533625284-1534127792-1000 - Administrator - Enabled) => C:\Users\raphael

==================== Faulty Device Manager Devices =============

Name: Treiber für Datei-als-Volume
Description: Treiber für Datei-als-Volume
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: blbdrive
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/14/2015 06:29:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 08:50:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avpui.exe, Version 15.0.0.463 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b44

Startzeit: 01d076199b19e184

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe

Berichts-ID: 82ce3657-e20d-11e4-879f-08606ef3bab2

Error: (04/13/2015 08:32:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 07:05:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 05:55:36 PM) (Source: McLogEvent) (EventID: 259) (User: NT AUTHORITY)
Description: In het bestand C:\Users\raphael\AppData\Local\Temp\Av-test.txt is EICAR test file  Testen aangetroffen. De opschoonfunctie is niet beschikbaar. Het bestand is verwijderd. Gedetecteerd met behulp van scanprogramma versie 5300.2777 met DAT-versie 7769.0000.

Error: (04/13/2015 03:46:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 03:39:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 03:10:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 03:05:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 02:59:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/14/2015 06:30:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
archlp

Error: (04/14/2015 06:30:10 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "TeamViewer 10" wurde nicht richtig gestartet.

Error: (04/14/2015 06:30:07 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "McAfee McShield" wurde nicht richtig gestartet.

Error: (04/14/2015 06:27:33 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (04/14/2015 06:27:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Unsigned Themes" wurde mit folgendem Fehler beendet: 
%%2

Error: (04/14/2015 06:27:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "uxpatch" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/14/2015 06:27:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\uxpatch.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (04/14/2015 06:27:03 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.

Error: (04/14/2015 06:27:02 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.

Error: (04/14/2015 06:27:01 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.


Microsoft Office Sessions:
=========================
Error: (04/14/2015 06:29:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 08:50:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: avpui.exe15.0.0.4631b4401d076199b19e18460000C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe82ce3657-e20d-11e4-879f-08606ef3bab2

Error: (04/13/2015 08:32:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 07:05:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 05:55:36 PM) (Source: McLogEvent) (EventID: 259) (User: NT AUTHORITY)
Description: In het bestand C:\Users\raphael\AppData\Local\Temp\Av-test.txt is EICAR test file  Testen aangetroffen. De opschoonfunctie is niet beschikbaar. Het bestand is verwijderd. Gedetecteerd met behulp van scanprogramma versie 5300.2777 met DAT-versie 7769.0000.

Error: (04/13/2015 03:46:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 03:39:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 03:10:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 03:05:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 02:59:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 33%
Total physical RAM: 8144.42 MB
Available physical RAM: 5436.88 MB
Total Pagefile: 16287.03 MB
Available Pagefile: 13591.97 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:356.92 GB) (Free:58.77 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (New Volume) (Fixed) (Total:1506.09 GB) (Free:729.54 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0FBC6159)
Partition 1: (Active) - (Size=356.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1506.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Zudem eine Anmerkung: Ich habe zu der in 2. Meldung beim hochfahren recherchiert und fand so heraus das diese Meldung bezug auf die Festplatte nimmt. Kann dies mit einem evtl. existenten Festplattendefekt bzw. Teildefekt zusammen hängen bzw. kann die Problematik seitens der Hardware sein?
__________________

Alt 15.04.2015, 09:39   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Explorer stürzt ab, extreme Leistungsprobleme! - Standard

Windows Explorer stürzt ab, extreme Leistungsprobleme!



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows Explorer stürzt ab, extreme Leistungsprobleme!
absturz, betriebssystem, device, explorer, explorer.exe, failed, fehlermeldung, guten, hilfe!, kaspersky, launch, leistungsprobleme, maus, media, nicht mehr, reboot, rechner, starten, startet, startup, stürzt ab, unbekannte, unregelmäßige, windows, windows 7, windows explorer, zugriff



Ähnliche Themen: Windows Explorer stürzt ab, extreme Leistungsprobleme!


  1. Windows 7 - Windows Explorer stürzt dauernd ab und Update KB3046482 lässt sich nicht installieren
    Alles rund um Windows - 31.05.2015 (12)
  2. Windows Explorer stürzt ab
    Alles rund um Windows - 30.11.2014 (9)
  3. Windows 7 extreme: Pc stürzt andauernd ab und laggt.
    Log-Analyse und Auswertung - 22.11.2014 (27)
  4. Windows XP: Datei-Explorer stürzt ständig ab
    Log-Analyse und Auswertung - 30.07.2014 (19)
  5. Windows 7 nach Zurücksetzen auf Werkseinstellungen extrem langsam, Windows Explorer stürzt dauernd ab
    Log-Analyse und Auswertung - 22.06.2014 (13)
  6. Windows 7: Virus überlebt Systemwiederherstellung, Explorer stürzt ab
    Log-Analyse und Auswertung - 18.11.2013 (28)
  7. Windows 7: Windows Explorer stürzt ab, vermutlich nach Druckerinstallation
    Alles rund um Windows - 05.09.2013 (4)
  8. Windows Explorer stürzt ununterbrochen ab, Virus?
    Plagegeister aller Art und deren Bekämpfung - 03.04.2013 (15)
  9. W7 Windows Explorer stürzt ab
    Log-Analyse und Auswertung - 03.07.2012 (6)
  10. Windows Explorer stürzt bei Systemstart ab
    Plagegeister aller Art und deren Bekämpfung - 29.08.2011 (1)
  11. Mein Windows Explorer stürzt nach dem Booten ab
    Alles rund um Windows - 15.10.2009 (1)
  12. Windows Explorer stürzt nach dem hochfahren ab
    Alles rund um Windows - 26.08.2009 (0)
  13. Windows Explorer stürzt bei Rechtsklick ab
    Log-Analyse und Auswertung - 07.06.2009 (5)
  14. Mein HJT-Logfile - Windows Explorer stürzt ab
    Log-Analyse und Auswertung - 10.11.2005 (2)
  15. Windows Explorer stürzt immer ab
    Plagegeister aller Art und deren Bekämpfung - 10.07.2005 (3)
  16. Windows Explorer stürzt ab
    Log-Analyse und Auswertung - 06.05.2005 (2)
  17. IE stürzt ab und Windows-Explorer-Fenster schließen automatisch
    Plagegeister aller Art und deren Bekämpfung - 05.05.2005 (13)

Zum Thema Windows Explorer stürzt ab, extreme Leistungsprobleme! - Guten Abend, seit mittlerweile 2 Tagen ist mein Rechner nun nahezu unbenutzbar durch einen mir unbekannten Virus. Der vermeintliche Virus spiegelt sich dadurch wieder das er die "explorer.exe" andauernd zum - Windows Explorer stürzt ab, extreme Leistungsprobleme!...
Archiv
Du betrachtest: Windows Explorer stürzt ab, extreme Leistungsprobleme! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.