Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   PC hat nicht mehr die ursprüngliche Leistung beim Betrieb Flugsimulator FSX (https://www.trojaner-board.de/141433-pc-hat-mehr-urspruengliche-leistung-beim-betrieb-flugsimulator-fsx.html)

suvannapum56 12.09.2013 19:57
PC hat nicht mehr die ursprüngliche Leistung beim Betrieb Flugsimulator FSX
 
Guten Abend,
Plötzlicher Einbruch der Leistung. Schlechte Framerates, die vorher sehr gut waren. PC hängt sich oft auf. Muss oft Ctrl-Alt-Del ausführen. Es gibt plötzlich grosse und längere Ruckler im Betrieb des Flugsims FSX, die es vorher nicht gab. Habe zahlreiche Optimierungen beim FSX vorgenommen und sehr gute FSX Konfigurationsdateien wieder eingesetzt, die vorher sehr flüssiges Spiel erlaubt haben. Vergeblich!
Danke für Eure Hilfe und

herzlicher Gruss

Anatol
CPU: i7-950 (nicht übertaktet)/GPU Nvidia GTX285/Win7-64

schrauber 13.09.2013 05:19
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


suvannapum56 13.09.2013 08:20
Guten Tag Schrauber, Danke für superprompte Antwort.
Wünschen Dir einen guten Tag.
Gruss Anatol

Hier die beiden FRST64 protokolle:
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-09-2013
Ran by Alfred (administrator) on ALFRED-PC on 13-09-2013 09:09:00
Running from C:\Users\Alfred\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
(Beepa P/L) C:\Program Files (x86)\fraps.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Beepa P/L) C:\Program Files (x86)\fraps64.dat
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer [x]
AppInit_DLLs:  [97280 2009-07-14] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB655D88E8A01CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {BEC15BFA-01C6-44A5-BD78-38BF5EBE0604} URL = hxxp://ch.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.633 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: fdm_ffext - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\Extensions\fdm_ffext@freedownloadmanager.org
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f}
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{09F060FA-566D-42D7-BF79-97AB30863433}] - C:\Program Files (x86)\Steganos Privacy Suite 12\pfplugin
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 12\spmplugin3
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Yahoo) - hxxp://ch.search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=937811&p={searchTerms}
CHR DefaultSuggestURL: (Yahoo) - hxxp://de.ff.search.yahoo.com/gossip?command={searchTerms}&output=fxjson
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\google\chrome\application\22.0.1229.95\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U32) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.320.5) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Extension: (WOT) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0
CHR Extension: (YouTube) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealDownloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx

==================== Services (Whitelisted) =================

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S4 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
S2 Secunia PSI Agent; "C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service [x]

==================== Drivers (Whitelisted) ====================

S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com)
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2010-06-06] ()
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-07-09] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-07-09] (Acronis)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-07-09] (Acronis International GmbH)
U3 a4fikk0r; C:\Windows\System32\Drivers\a4fikk0r.sys [0 ] (Advanced Micro Devices)
U3 ank2drmk; C:\Windows\System32\Drivers\ank2drmk.sys [0 ] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz132; \??\C:\Users\Alfred\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-13 09:08 - 2013-09-13 09:08 - 00000000 ____D C:\FRST
2013-09-13 08:53 - 2013-09-13 08:53 - 01949572 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64.exe
2013-09-08 09:51 - 2013-09-08 09:51 - 00007816 _____ C:\Users\Alfred\Downloads\fsx.cfg
2013-09-07 10:58 - 2013-09-10 10:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-07 10:49 - 2013-09-07 10:49 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-07 10:45 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-07 10:45 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-07 10:42 - 2013-08-20 15:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-09-07 10:42 - 2013-08-20 15:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-09-07 10:42 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-09-06 17:56 - 2013-09-06 17:57 - 96972784 _____ (VIRTUALI s.a.s.                                            ) C:\Users\Alfred\Downloads\lsgg_fsx_setup.exe
2013-09-02 11:52 - 2013-09-02 11:52 - 00001348 _____ C:\Users\Alfred\Desktop\SCREENSHOTS - Verknüpfung.lnk
2013-08-30 03:04 - 2013-08-30 03:04 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\DriverCure
2013-08-24 22:12 - 2013-08-25 15:21 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\First Class Simulations
2013-08-24 18:12 - 2013-08-25 20:18 - 00000825 _____ C:\Users\Public\Desktop\Ultimate Traffic 2.lnk
2013-08-24 18:10 - 2013-08-24 18:10 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Flight One Software
2013-08-24 00:30 - 2013-08-24 00:30 - 00000000 _____ C:\END
2013-08-19 17:06 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-19 17:06 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-19 17:06 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-19 17:06 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-19 17:06 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-19 17:06 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-19 17:06 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-19 17:06 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-19 17:06 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-19 17:06 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-19 17:06 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-19 10:31 - 2013-08-19 10:31 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EtendardIV Texture Pack
2013-08-18 10:00 - 2013-06-16 16:44 - 00001011 _____ C:\Users\Alfred\Desktop\BLUESKY SCENERIES - Verknüpfung.lnk
2013-08-16 11:49 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 11:49 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 11:49 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-16 11:49 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 11:49 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 11:49 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 11:49 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-16 11:49 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 11:49 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 11:49 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-16 11:49 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-16 11:49 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-16 11:49 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 11:49 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-16 11:49 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 11:49 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-16 11:49 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-16 11:49 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-16 11:49 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-16 11:49 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-16 11:49 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-16 11:49 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-16 11:49 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-16 11:49 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-16 11:49 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-16 11:49 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-16 11:49 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-16 11:49 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-16 11:49 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-16 11:49 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-16 11:49 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-16 11:41 - 2013-09-13 09:04 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 09:38 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-16 09:38 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-16 09:38 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-16 09:38 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-16 09:38 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-16 09:38 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-16 09:38 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-16 09:38 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-16 09:38 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-16 09:38 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-16 09:38 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-16 09:38 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-16 09:38 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-16 09:38 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-16 09:38 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-16 09:38 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

2013-09-13 09:08 - 2013-09-13 09:08 - 00000000 ____D C:\FRST
2013-09-13 09:07 - 2013-06-16 21:19 - 01102177 _____ C:\Windows\WindowsUpdate.log
2013-09-13 09:05 - 2012-05-31 09:11 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-13 09:04 - 2013-08-16 11:41 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 09:01 - 2010-06-01 14:10 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-13 08:56 - 2013-06-29 12:07 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Free Download Manager
2013-09-13 08:53 - 2013-09-13 08:53 - 01949572 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64.exe
2013-09-13 08:50 - 2011-04-11 14:25 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-13 08:37 - 2009-07-14 06:45 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-13 08:37 - 2009-07-14 06:45 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-13 08:31 - 2013-08-01 12:01 - 00003170 _____ C:\Windows\System32\Tasks\FRAPS
2013-09-13 08:30 - 2013-06-23 09:01 - 00009972 _____ C:\Windows\setupact.log
2013-09-13 08:30 - 2011-04-11 14:25 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-13 08:29 - 2013-07-18 21:21 - 00000290 _____ C:\Windows\Tasks\CheckDriveBackgroundGuard.job
2013-09-13 08:29 - 2012-07-22 22:24 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-13 08:29 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-12 22:28 - 2010-06-27 22:10 - 00000000 ____D C:\Program Files (x86)\Benchmarks
2013-09-12 20:34 - 2012-06-06 19:59 - 00001230 _____ C:\Users\Alfred\d3d_antilag.log
2013-09-12 20:31 - 2012-10-06 20:36 - 00000000 ____D C:\Users\Alfred\Documents\Flight Simulator X-Dateien
2013-09-12 18:00 - 2012-12-02 23:05 - 00000482 _____ C:\Windows\Tasks\PC Utility Kit Registration3.job
2013-09-12 12:53 - 2010-06-01 14:17 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B9570399-0E5E-4E61-89B3-CA9D442C62AF}
2013-09-11 09:15 - 2012-08-13 12:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-10 10:56 - 2013-09-07 10:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-10 10:54 - 2013-08-09 21:47 - 00000000 ____D C:\Users\Alfred\Downloads\Neuer Ordner
2013-09-08 09:51 - 2013-09-08 09:51 - 00007816 _____ C:\Users\Alfred\Downloads\fsx.cfg
2013-09-07 17:44 - 2013-06-26 14:28 - 00003624 _____ C:\Windows\PFRO.log
2013-09-07 16:56 - 2009-07-14 19:58 - 00696848 _____ C:\Windows\system32\perfh007.dat
2013-09-07 16:56 - 2009-07-14 19:58 - 00148144 _____ C:\Windows\system32\perfc007.dat
2013-09-07 16:56 - 2009-07-14 07:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-07 10:49 - 2013-09-07 10:49 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-07 10:49 - 2012-05-21 18:10 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-07 10:42 - 2012-07-22 22:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-07 10:31 - 2013-07-04 23:03 - 00003716 _____ C:\Users\Alfred\Desktop\FSX F.log
2013-09-06 18:14 - 2012-05-29 11:27 - 00000000 ____D C:\Windows\pss
2013-09-06 18:14 - 2010-06-01 13:41 - 00000000 ___RD C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-06 17:59 - 2010-06-02 07:20 - 00000000 ____D C:\ProgramData\eSellerate
2013-09-06 17:57 - 2013-09-06 17:56 - 96972784 _____ (VIRTUALI s.a.s.                                            ) C:\Users\Alfred\Downloads\lsgg_fsx_setup.exe
2013-09-05 23:39 - 2010-12-30 14:24 - 00000182 _____ C:\Users\Alfred\FSDreamTeam_Geneva.reg
2013-09-03 22:59 - 2013-06-16 20:38 - 00002151 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-02 11:52 - 2013-09-02 11:52 - 00001348 _____ C:\Users\Alfred\Desktop\SCREENSHOTS - Verknüpfung.lnk
2013-08-30 03:55 - 2012-12-02 23:05 - 00000446 _____ C:\Windows\Tasks\PC Utility Kit.job
2013-08-30 03:04 - 2013-08-30 03:04 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\DriverCure
2013-08-29 23:31 - 2010-06-07 11:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-28 17:44 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-25 22:01 - 2010-09-21 16:07 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Azureus
2013-08-25 20:18 - 2013-08-24 18:12 - 00000825 _____ C:\Users\Public\Desktop\Ultimate Traffic 2.lnk
2013-08-25 20:12 - 2012-08-12 14:20 - 00002048 _____ C:\Windows\f1utii.lic
2013-08-25 15:21 - 2013-08-24 22:12 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\First Class Simulations
2013-08-25 14:27 - 2013-06-16 10:59 - 00001204 _____ C:\Users\Alfred\Desktop\F A V O R I T E N - Verknüpfung.lnk
2013-08-24 19:38 - 2012-11-05 15:08 - 00000000 ___RD C:\Users\Alfred\Desktop\DESKTOP icons
2013-08-24 18:10 - 2013-08-24 18:10 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Flight One Software
2013-08-24 00:31 - 2010-09-21 16:06 - 00000000 ____D C:\Program Files (x86)\Vuze
2013-08-24 00:30 - 2013-08-24 00:30 - 00000000 _____ C:\END
2013-08-24 00:04 - 2012-12-02 23:05 - 00000448 _____ C:\Windows\Tasks\PC Utility Kit Update3.job
2013-08-21 14:45 - 2012-11-05 13:19 - 00000000 ____D C:\Users\Alfred\Documents\0.PW.7.5.012
2013-08-20 16:29 - 2010-06-01 13:44 - 00007600 _____ C:\Users\Alfred\AppData\Local\resmon.resmoncfg
2013-08-20 15:33 - 2013-09-07 10:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-08-20 15:32 - 2013-09-07 10:42 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-08-20 15:32 - 2013-09-07 10:42 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-08-19 10:31 - 2013-08-19 10:31 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EtendardIV Texture Pack
2013-08-17 01:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-16 22:27 - 2012-10-14 11:57 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rikoooo Add-ons

Files to move or delete:
====================
C:\Users\Alfred\Aerosoft_FlorenceX.reg
C:\Users\Alfred\Cloud9_Xcity Rome.reg
C:\Users\Alfred\FSDreamTeam_Geneva.reg
C:\Users\Alfred\FSDreamTeam_Hawaiian Airports Volume 2.reg
C:\Users\Alfred\FSDreamTeam_Honolulu.reg
C:\Users\Alfred\FSDreamTeam_ZurichX.reg
C:\Users\Alfred\AppData\Local\Temp\7z920.exe
C:\Users\Alfred\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\Alfred\AppData\Local\Temp\a2zLyrics_1060-8102_v122.exe
C:\Users\Alfred\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Alfred\AppData\Local\Temp\BabylonTB.exe
C:\Users\Alfred\AppData\Local\Temp\BI_RunOnce.exe
C:\Users\Alfred\AppData\Local\Temp\boeing737pro_Uninstall.exe
C:\Users\Alfred\AppData\Local\Temp\ERUNT.exe
C:\Users\Alfred\AppData\Local\Temp\i4jdel0.exe
C:\Users\Alfred\AppData\Local\Temp\mpegc.dll
C:\Users\Alfred\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Alfred\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Alfred\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Alfred\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Alfred\AppData\Local\Temp\nvStInst.exe
C:\Users\Alfred\AppData\Local\Temp\pricepeep_130001_0101.exe
C:\Users\Alfred\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Alfred\AppData\Local\Temp\wajam_download.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 09:46

==================== End Of Log ============================
--- --- ---

--- --- ---
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-09-2013
Ran by Alfred at 2013-09-13 09:09:38
Running from C:\Users\Alfred\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

1.01 (x32)
737 Captain (737-100 Exterior Model) 0.2 (x32 Version: 0.2.00)
737 Pilot in Command (HKCU)
777 Captain (777-200 Exterior Model) 0.1 (x32 Version: 0.1.00)
A2A Accu-Sim P-51 (x32)
A2A Wings of POWER 3 P47 Razorback (x32)
A2A Wings of POWER 3 P-51 (x32)
A2A Wings of Silver B377 Stratocruiser (x32)
Accu-Feel (x32)
Acronis Drive Monitor (x32 Version: 1.0.187)
Adisutjipto scenery (x32)
Adobe Acrobat 4.0 (x32 Version: 4.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Photoshop 7.0 (x32 Version: 7.0)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Aero_L39 Albatros FSX (x32)
aerofly FS (x32 Version: 1.0.9.11)
Aerosoft's - Aerosoft Launcher (x32 Version: 1.1.0.1)
aerosoft's - Approaching Innsbruck X (x32 Version: 1.20)
Aerosoft's - DHC-6 Twin Otter X (x32 Version: 1.10)
Aerosoft's - Dornier Do-27 FSX (x32 Version: 1.00)
Aerosoft's - F-16 Fighting Falcon - Mission Pack (x32 Version: 1.00)
aerosoft's - Faro X (x32 Version: 1.01)
Aerosoft's - FlorenceX (x32 Version: 1.04)
aerosoft's - German Airports 1 - Friedrichshafen (x32 Version: 1.01)
Aerosoft's - German Airports 1 - Friedrichshafen X (x32 Version: 1.01)
aerosoft's - German Airports 2 - Dortmund X (x32 Version: 1.00)
aerosoft's - German Airports 2-Hannover X (x32 Version: 1.00)
aerosoft's - German Airports 2-Leipzig X (x32 Version: 1.00)
aerosoft's - German Airports 3 - Berlin-Tegel X (x32 Version: 1.00)
aerosoft's - German Airports 3 - Bremen X (x32 Version: 1.00)
aerosoft's - German Airports 3 - Hamburg X (x32 Version: 1.00)
Aerosoft's - Hawaii Dillingham X (x32 Version: 1.00)
Aerosoft's - HUGHES H-1B SPECIAL (x32 Version: 1.00)
Aerosoft's - Keflavik X (x32 Version: 1.00)
aerosoft's - London City Airport X (x32 Version: 1.00)
aerosoft's - Lukla X - Mount Everest (x32 Version: 1.00)
aerosoft's - Madeira X (x32 Version: 1.00)
aerosoft's - Mallorca X for FSX (x32 Version: 1.00)
Aerosoft's - Manhattan X (x32 Version: 1.00)
Aerosoft's - Mega Airport Budapest (x32 Version: 1.50)
aerosoft's - Mega Airport Frankfurt X (x32 Version: 1.01)
aerosoft's - Mega Airport Lisbon X (x32 Version: 1.10)
aerosoft's - Mega Airport Madrid Barajas (x32 Version: 1.00)
aerosoft's - Mega Airport Paris CDG X (x32 Version: 1.00)
aerosoft's - Mega Airport Stockholm Arlanda (x32 Version: 1.10)
aerosoft's - Mega Airport Stockholm Arlanda X (x32 Version: 1.00)
aerosoft's - Mega Airport Zurich 2012 - FS2004 (x32 Version: 1.00)
Aerosoft's - Mega Airport Zurich 2012 - FSX (x32 Version: 1.01)
aerosoft's - Menorca X for FSX (x32 Version: 1.00)
aerosoft's - Mission Legacy 1 - FSX (x32)
Aerosoft's - MonacoX (x32 Version: 1.01)
Aerosoft's - MyTraffic 2010 (x32 Version: 6.00)
aerosoft's - Nice Cote dAzur X (x32 Version: 1.00)
Aerosoft's - PBY Catalina X (x32 Version: 1.00)
aerosoft's - Real Germany 1 - FS2004 (x32)
aerosoft's - Real Germany 3 - FS2004 (x32)
Aerosoft's - Robin DR400 X - FSX (x32)
aerosoft's - San Francisco (x32 Version: 2.00)
Aerosoft's - San Francisco X (x32 Version: 2.00)
aerosoft's - Santorini X (x32 Version: 1.00)
aerosoft's - USCitiesX - Chicago (x32 Version: 1.00)
aerosoft's - USCitiesX - Indianapolis (x32 Version: 1.00)
aerosoft's - USCitiesX - Los Angeles (x32 Version: 1.00)
aerosoft's - USCitiesX - New Orleans (x32 Version: 1.00)
aerosoft's - USCitiesX - San Francisco (x32 Version: 1.00)
aerosoft's - Venice X (x32 Version: 1.00)
Aerosoft's - VFR Germany 2 (x32 Version: 1.00)
Aerosoft's - VFR Germany 2010 West (x32 Version: 2.00)
Aerosoft's - VFR Germany 3 (x32 Version: 1.00)
Aerosoft's - VFR Germany 4 (x32 Version: 1.00)
aerosoft's - VFR London X (x32 Version: 1.00)
aerosoft's - Wonderful Madeira - FS2004 (x32)
Aeroworx Super King Air B200 (x32)
Afghanistan - Noshaq (Highest Mountains Package 004) for MSFS 2004 (x32)
Aircraft Factory F4u Corsair (x32)
AirSimmer A320 Basic Edition 1.0 (x32 Version: 1.0)
ALABEO Pitts S-2S (x32 Version: 1.00.00.00)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Atolls of Tuvalu FSX (x32)
Autogen Trees Update (x32)
B-25J "Briefing Time" for FSX (x32)
Beech B60 Duke Rip (x32)
Boeing 727-200 Advanced FSX SP2  (Version: )
Boeing B737-823 Advanced VC FSX & P3D (Version: 1)
Bonjour (Version: 3.0.0.10)
BufferChm (x32 Version: 130.0.331.000)
C90B King Air HD SERIES FSX (x32 Version: 1.00.00.00)
Captain Sim 707 All-in-One (x32 Version: 1.00)
Carenado Baron 58 FSX (x32 Version: 1.00.00.00)
Carenado C340 II FSX (x32 Version: 1.00.00.00)
Carenado F33A Bonanza (x32 Version: 1.00.00.00)
Carenado V35B Bonanza for FSX (HKCU)
CheckDrive (x32 Version: 4.4)
CLOUD9 Bergen FSX 1.01 (x32 Version: 1.01)
CLOUD9 Orlando FSX 1.01 (x32 Version: 1.01)
CLOUD9 Pisa 1.00 (x32 Version: 1.00)
CLOUD9 Xcity Rome 1.01 (x32 Version: 1.01)
CoffeeCup Free FTP (x32 Version: 4.3.2)
ConvertHelper 2.2 (x32)
CrystalDiskInfo 5.6.2 (x32 Version: 5.6.2)
D4300 (x32 Version: 130.0.365.000)
Data Lifeguard Diagnostic for Windows 1.24 (x32)
DeviceDiscovery (x32 Version: 130.0.465.000)
DiaporamaWeb (x32)
DJ_SF_03_D4300_Software_Min (x32 Version: 130.0.365.000)
Dortmund City (x32 Version: 3.0)
Eaglesoft Development Group  Citation X 2.0 FSX (HKCU)
EasyJet Fleet FSX & P3D (Version: 1)
Embraer EMB120 Brasilia V1.1 FSX & P3D (Version: 1)
ESET Online Scanner v3 (x32)
EtendardIV Texture Pack  (HKCU)
F9F Panther (x32)
Flight Méditerranée Autogen Pack v1.0 (HKCU)
Flight Simulator X (x32)
Flight Simulator X Service Pack 1 (x32)
FlightAlpes Nord AutogenPack (HKCU)
FlightParis AutogenPack (x32)
FlyLogic's - Altenrhein X (x32 Version: 1.00)
FlyLogic's - Bern-Belp X (x32 Version: 1.00)
FlyLogic's - Grenchen FSX (x32 Version: 1.00)
FlyLogic's - Kleinflugplätze Schweiz Teil 4 X (x32 Version: 1.00)
FlyLogic's - Lugano X (x32 Version: 1.00)
FlyLogic's - Patrouille Suisse X (x32 Version: 1.00)
FormatFactory 2.60 (x32 Version: 2.60)
Foxit Creator (x32 Version: 3,0,2,0506)
Foxit Reader (x32 Version: 4.3.0.1110)
FranceVFR FlightAlpes Sud: AutogenPack (x32)
FranceVFR FlightMeditarranee Autogen Pack v0.90 (HKCU)
Fraps (x32)
Free Download Manager 3.9.2 (x32)
FRP 2004 (x32)
FS Global 2010 (x32)
FS Global Ultimate - Asia/Oceania (x32)
FS2004 Hawker Siddeley HS.748 (x32)
FS2004 Hawker Siddeley HS.748 Texture pack 1 (x32)
FS2004 Hawker Siddeley HS.748 Texture Pack 2 (x32)
FSDreamTeam Geneva FSX/P3D 1.5.2 (x32)
FSDreamTeam Hawaiian Airports Volume 2 FSX/P3D 1.4 (x32)
FSDreamTeam Honolulu International FSX/P3D 1.2 (x32)
FSFlyingSchool 2010 (x32)
fs-freeware.net Installer - Boeing 737NG 700, 800 and 900 UAL Package version 2.5 (x32 Version: 2.5)
FSTramp for FSX (x32 Version: 5.2.0)
GayaN™ Airbus A340-300 (HKCU)
GeForce Experience NvStream Client Components (Version: 0.1.87)
Gibraltar X 1.00 (x32)
Google Chrome (x32 Version: 29.0.1547.66)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.153)
GPBaseService2 (x32 Version: 130.0.371.000)
Grand Canyon - Photorealistic Scenery (x32)
Greatest Airliners: 727 (x32)
Ground Environment X Atlantic and Pacific Tropics (x32 Version: 1.0)
Ground Environment X Europe (x32)
Ground Environment X North America (x32)
Hamburg-City Scenery  (x32)
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet D4300 Printer Driver Software 13.0 Rel. 3 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Product Detection (x32 Version: 11.14.0001)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (x32 Version: 5.003.001.001)
HPDiagnosticAlert (x32 Version: 1.00.0000)
HPPhotoGadget (x32 Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000)
HPPhotosmartEssential (x32 Version: 2.04.0000)
HPProductAssistant (x32 Version: 130.0.371.000)
HPSSupply (x32 Version: 130.0.371.000)
Hurricane (HKCU)
Image Resizer Powertoy Clone for Windows (64 bit) (Version: 2.1)
ImagineSim Chep Lap Kok Airport for FSX 1.00 (x32)
Instant Scenery (x32 Version: 2.03)
IRIS Mig-29 Fulcrum K Navy FSX  (Version: )
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (x32 Version: 7.0.250)
Just Flight - 146-200 Jetliner for FSX (F:\FSX\) (x32 Version: 1.00.000)
Just Flight - 146-200 Jetliner for FSX (x32 Version: 1.00.000)
Just Flight - 737 Pilot In Command (FSX) (x32 Version: 1.00.000)
Just Flight - 757 Captain FSX (x32 Version: 1.00.000)
Just Flight - 757 Jetliner - Freemium Livery Pack 7 (x32 Version: 1.00.000)
Just Flight - 757 Jetliner Freemium (x32 Version: 1.00.000)
Just Flight - L-1011 TriStar Jetliner (x32 Version: 1.00.0000)
KCLE v1.1.2 for FSX (x32 Version: 1.1.2)
KDAL v1.1.2 for FSX (x32 Version: 1.1.2)
KLAX v1.1.2 for FSX (Version: 1.1.2)
KLGA La Guardia FSX (x32)
KMCO v1.1.2 for FSX (Version: 1.1.2)
KMEM v1.1.1 for FS9 (Version: 1.1.1)
KMEM v1.1.2 for FSX (Version: 1.1.2)
KRDU v2.1.2 for FSX (x32 Version: 2.1.2)
L-1011 Captain (1011-1 Exterior Model) 0.1 (x32 Version: 0.1.00)
La Guadeloupe (x32)
LAGO FS Falcon FS2004 version 2.00 (x32 Version: 2.00.00)
Level-D Simulations 767-300 (x32)
LFKL Brindas (HKCU)
LFLB - Chambéry Aix les Bains FSX (HKCU)
LFLP (HKCU)
LLH5X (x32)
Logitech Gaming Software 5.10 (Version: 5.10.127)
Mailsoft's - Kleinflugplätze 6 for FS2004 (x32 Version: 1.00)
Mailsoft's - Kleinflugplätze Schweiz Teil 3 (x32 Version: 1.00)
Mailsoft's - Kleinflugplätze Schweiz Teil 3 X (x32 Version: 1.00)
Mailsoft's - Kleinflugplätze Schweiz Teil 5 X (x32 Version: 1.00)
Mailsoft's - Kleinflugplätze Schweiz Teil 6 X (x32 Version: 1.00)
Mailsoft's - Sion X (x32 Version: 1.00)
Mailsoft's - Switzerland Professional (x32 Version: 1.00)
Mailsoft's - Switzerland Professional X (x32 Version: 1.00)
MarketResearch (x32 Version: 130.0.374.000)
Marshall Islands (x32)
MegaSceneryX Las Vegas (x32 Version: 1)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Flight Simulator X (x32 Version: 1.00.0000)
Microsoft Flight Simulator X (x32 Version: 10.0.60905)
Microsoft Flight Simulator X: Acceleration (x32 Version: 10.0.61637.0)
Microsoft IntelliPoint 8.0 (Version: 8.0.225.0)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MiG E-152 M (HKCU)
MiG-29 Codename: Fulcrum (HKCU)
MIRAGE F1 for FSX SP2 or Acceleration (HKCU)
Motherboard Monitor 5 (x32 Version: 5)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Mudry Cap-10 (HKCU)
Nauru International (x32 Version: 1.0.0.0)
NMG Cape Town International 2012 (FSX) (x32)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)
NVIDIA 3D Vision Treiber 320.49 (Version: 320.49)
NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA Install Application (Version: 2.1002.133.902)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 8.3.14 (Version: 8.3.14)
NVIDIA Update Components (Version: 8.3.14)
NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
oZone3D.Net FurMark v1.8.2 (x32)
PA32R SARATOGA SP FSX (x32 Version: 1.00.00.00)
Paragon Backup & Recovery™ 2012 Free (x32 Version: 90.00.0003)
PC Utility Kit (x32 Version: 3.1.5.0)
PDF Architect (x32 Version: 1.0.41.8362)
PDFCreator (x32 Version: 1.7.1)
Phuket International Airport for FSX (x32 Version: 1.0.0.0)
PIC 737 Call 1.0 (x32 Version: 1.0)
PMDG BAe JS4100 (x32 Version: 1.10.1016)
PMDG_MD11_FSX (x32 Version: 1.20.0055)
PMDGMD11X_PW_SR (x32 Version: 1.00.0000)
PMDGMD11X_PW_SR2 (x32 Version: 1.00.0000)
PNG Bush Flying (x32 Version: 1.0.0.0)
POSKY Boeing B737-900 Alaska Airlines FSX  (Version: )
POSKY Embraer ERJ 145 FSX (Version: FSX)
Project Tupolev Tu-154m for MS FS2004 (HKCU)
PSS - Boeing 757 Pro. v1.3 (x32)
QualityWings Ultimate 146 Collection FSX (x32)
QuickTime (x32 Version: 7.74.80.86)
Real Environment Xtreme (x32 Version: 1.0.2008.1128)
Real Environment Xtreme FS2004 (x32 Version: 1.0.8)
RealDownloader (x32 Version: 1.3.2)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0)
RealPlayer (x32 Version: 16.0.2)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Rennes St-Jacques (x32)
Rio de Janeiro Galeão Intl' FSX v1.0 (x32)
SAAB 35 Draken 3.0 (x32)
SAEZ-SVMI v1.1.2 for FSX (Version: 1.1.2)
Safari (x32 Version: 5.34.57.2)
Samui International Airport for FS2004 (x32)
SBD Dauntless FSX (HKCU)
SceneryTech Asia Landclass v1.0 (x32 Version: 1.0)
SceneryTech Indo-Pacific Landclass v1.0 (x32 Version: 1.0)
SceneryTech North America Landclass v1.4 (x32 Version: 1.4)
SceneryTech South America Landclass v1.0 (x32 Version: 1.0)
Secunia PSI (3.0.0.7009) (x32 Version: 3.0.0.7009)
SHIELD Streaming (Version: 1.05.28)
Shop for HP Supplies (Version: 13.0)
Smart Data Recovery v4.3 (x32 Version: 4.3)
SmartWebPrinting (x32 Version: 130.0.457.000)
Soekarno-Hatta airport scenery (x32)
Sofia Airport (LBSF) v2.0 (x32)
SolutionCenter (x32 Version: 130.0.373.000)
SpywareBlaster 5.0 (x32 Version: 5.0.0)
SSD Fresh (x32 Version: 2013)
Status (x32 Version: 130.0.469.000)
SuperFortress 'Mania' - PRE-RELEASE - B-29B (x32)
Swordfish X (HKCU)
System Requirements Lab (x32)
TeamViewer 5 (x32 Version: 5.1.13999 )
Thai Creation - Nepal, Kathmandu VNKT (FSX Portover) (x32)
The Real VCBI (HKCU)
The Very Singapore (x32)
Toolbox (x32 Version: 130.0.648.000)
TrayApp (x32 Version: 130.0.422.000)
TreeX V2 (x32)
Trieste FSX (x32)
True Image 2013 (x32 Version: 16.0.6514)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3000.132)
Ultimate Traffic (x32 Version: 2)
UnloadSupport (x32 Version: 11.0.0)
Unlocker 1.9.1-x64 (Version: 1.9.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
USNN Scenery (x32)
VFR-Airfields Final Edition (x32)
VFR-Airfields Locarno (x32)
VFR-Airfields Lugano (x32)
VFR-Airfields Traffic (x32)
VirtualCloneDrive (x32)
VIRTUALI Addon ManagerX (x32)
VTBS-FSX 2010 1.00 Ver.FSX (x32)
Vuze (x32 Version: 5.1.0.0)
WebReg (x32 Version: 130.0.132.017)
Wings of POWER II:  P51 Mustang (x32)
WinRAR archiver
X-treme King Air B200 v.2.0.1 (x32)
YouTube Downloader 3.5 (x32)
YS-11 for FSX (x32 Version: 1.00.0000)

==================== Restore Points  =========================

13-09-2013 07:00:13 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-06-26 16:33 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {12F488FC-F24C-4CE1-8179-5DBE5F671A6F} - System32\Tasks\{90B71D0C-A26D-47EA-8562-791141A2D196} => F:\FSX\ORBX\Scripts\FTXCentral\FTXCentral.exe [2011-11-28] (Orbx Simulation Systems Pty Ltd)
Task: {1E89487B-881D-4DC6-80E3-7EFAA756BCC4} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3691312484-3524702341-236613940-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {2052A713-CA8B-4CCA-ACBB-ABE8B4C88441} - System32\Tasks\PC Utility Kit => C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\pcutilitykit.exe [2012-11-29] (PC Utility Kit)
Task: {28ADAD93-FC81-4EBB-9366-1D4140FD369A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-06-20] (Microsoft Corporation)
Task: {33AD978A-F621-4C3E-B37B-137ABBCA66BF} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3691312484-3524702341-236613940-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {5674B2E5-B1FF-46A0-9D89-CBEA16E9D43D} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3691312484-3524702341-236613940-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {58266234-6549-4EA8-A2CD-FDB39D35478D} - System32\Tasks\{FEAAE5CB-CC56-4C17-9BBD-90FB7BF32AE7} => E:\F gamerPC\FSX\1.FSX
Task: {5C2278E2-6A74-466E-AC92-6AEF4E3B18EF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {5EEBCB75-5D07-4331-83F3-65029E5DD7DF} - System32\Tasks\User_Feed_Synchronization-{B9570399-0E5E-4E61-89B3-CA9D442C62AF} => C:\Windows\system32\msfeedssync.exe [2013-06-18] (Microsoft Corporation)
Task: {6217D114-77D5-4C52-BFCF-DF39E8BCCE2F} - System32\Tasks\{044B2827-FF37-4CA9-9BFC-3B0AED03929C} => E:\F gamerPC\FSX\1.FSX
Task: {72DA1F02-EEC3-4E61-AD26-418FC57E8858} - System32\Tasks\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2013-07-16] (Abelssoft)
Task: {735783D6-1E0E-46F1-B8F1-863B49821CEC} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3691312484-3524702341-236613940-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {773B68EB-B269-4A8C-AF6B-D130EBA316C5} - System32\Tasks\PC Utility Kit Update3 => C:\Program Files (x86)\Common Files\PC Utility Kit\UUS3\Update3.exe [2012-03-27] (PC Utility Kit)
Task: {82EF7FE5-2D83-415F-9A94-8CD58491B2C9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {86FC6697-C070-4564-9512-E3A611F00E67} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {8F149B57-D2EC-4C5D-AA38-A6ED0CBB580A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-29] (Adobe Systems Incorporated)
Task: {9627C922-1B9B-4EFB-8C7A-919BCA5EDC0B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-20] (Microsoft Corporation)
Task: {9A9B5530-46BF-4E8E-A24E-11DE513E0FB2} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3691312484-3524702341-236613940-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {9B60C4AD-9DA0-4907-A8BF-3E8434E0A04E} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3691312484-3524702341-236613940-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {A34A30DE-F01B-46C4-9D82-20B95A84EDDB} - System32\Tasks\{E118B320-009D-4A25-BF00-2A474247AA2E} => E:\F gamerPC\FSX\1.FSX
Task: {BC15111F-D714-47BD-922D-8A4791757D21} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BDA32272-1823-4928-9935-14BAC6A1F738} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-11] (Google Inc.)
Task: {C368B004-6099-4FFC-B091-FA1FA1E913E1} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {C9574E93-7139-4E90-A9C3-91D7BCE4D0F8} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {CE0B3CDC-BB09-4B59-BFD7-AD00B039A928} - System32\Tasks\FRAPS => C:\Program Files (x86)\fraps.exe [2013-02-26] (Beepa P/L)
Task: {D098F37F-393C-4DD0-ACA2-00096CF7F8CB} - System32\Tasks\{14E8ACFB-E0CC-411A-A771-F01482F8C473} => F:\FSX\ORBX\Scripts\FTXCentral\FTXCentral.exe [2011-11-28] (Orbx Simulation Systems Pty Ltd)
Task: {D346836A-A89A-4490-B510-B9CD80208443} - System32\Tasks\PC Utility Kit Registration3 => C:\Program Files (x86)\Common Files\PC Utility Kit\UUS3\UUS3.dll [2012-03-27] (PC Utility Kit)
Task: {D4C49F25-BB96-4783-8ABC-31D510740F97} - System32\Tasks\{3E095D85-DC07-4C02-8946-1CEF64E631C6} => E:\F gamerPC\FSX\1.FSX
Task: {DECBC250-577A-461A-9463-A565B05CF49D} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2010-07-21] (Microsoft Corporation)
Task: {E5223509-5072-4856-8EE2-E3FE311DEB9D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-11] (Google Inc.)
Task: {F2779192-8E3D-4E42-A930-D60215482C55} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3691312484-3524702341-236613940-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-04-16] (RealNetworks, Inc.)
Task: {FA4CEEE6-F259-419A-86B4-73E36E8FA6DD} - System32\Tasks\{00EFEFE2-1944-4C07-9C49-A9C2C400669B} => E:\F gamerPC\FSX\1.FSX
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CheckDriveBackgroundGuard.job => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC Utility Kit Registration3.job => C:\Program Files (x86)\Common Files\PC Utility Kit\UUS3\UUS3.dll
Task: C:\Windows\Tasks\PC Utility Kit Update3.job => C:\Program Files (x86)\Common Files\PC Utility Kit\UUS3\Update3.exe
Task: C:\Windows\Tasks\PC Utility Kit.job => C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\pcutilitykit.exe

==================== Loaded Modules (whitelisted) =============

2013-04-09 15:43 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-02-26 08:34 - 2013-02-26 08:34 - 00186552 _____ (Beepa P/L) C:\Program Files (x86)\fraps64.dll
2009-07-14 01:37 - 2009-07-14 03:39 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Dwm.exe
2011-04-26 23:03 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\Explorer.EXE
2013-03-28 00:53 - 2013-03-28 00:53 - 02827832 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2013-07-01 15:20 - 2013-06-21 12:23 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2011-12-02 09:06 - 2010-11-20 15:25 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2013-07-18 21:21 - 2013-07-16 16:13 - 00520696 _____ (Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
2013-07-18 21:21 - 2013-07-16 16:13 - 00021496 _____ (Ascora) C:\Program Files (x86)\CheckDrive\AbSettingsKeeper.dll
2013-07-18 21:21 - 2013-07-16 16:13 - 00035832 _____ (Ascora) C:\Program Files (x86)\CheckDrive\AbFlexTrans.dll
2013-07-18 21:21 - 2013-07-16 16:13 - 00199672 _____ (Abelssoft / Ascora GmbH) C:\Program Files (x86)\CheckDrive\AbBugReporter.dll
2013-07-18 21:21 - 2013-07-16 16:13 - 00056312 _____ (Ascora) C:\Program Files (x86)\CheckDrive\AbCommons.dll
2013-07-18 21:21 - 2013-07-16 16:13 - 00036344 _____ (Ascora GmbH) C:\Program Files (x86)\CheckDrive\Controller.dll
2013-07-18 21:21 - 2013-07-16 16:13 - 00012792 _____ () C:\Program Files (x86)\CheckDrive\AbMessages.dll
2013-07-18 21:21 - 2013-07-16 16:13 - 01852408 _____ (Developer Express Inc.) C:\Program Files (x86)\CheckDrive\DevExpress.XtraEditors.v11.1.dll
2013-07-18 21:21 - 2013-07-16 16:13 - 03501560 _____ (Developer Express Inc.) C:\Program Files (x86)\CheckDrive\DevExpress.Utils.v11.1.dll
2013-07-18 21:21 - 2013-07-16 16:13 - 02109944 _____ (Developer Express Inc.) C:\Program Files (x86)\CheckDrive\DevExpress.Data.v11.1.dll
2013-07-18 21:21 - 2013-07-16 16:13 - 00584696 _____ () C:\Program Files (x86)\CheckDrive\AbScheduler.dll
2013-07-18 21:21 - 2013-07-16 16:13 - 00048120 _____ (Dennis Austin) C:\Program Files (x86)\CheckDrive\TaskScheduler.dll
2013-02-26 08:56 - 2013-02-26 08:56 - 02391736 _____ (Beepa P/L) C:\Program Files (x86)\fraps.exe
2009-07-14 01:57 - 2009-07-14 03:39 - 00045568 _____ (Microsoft Corporation) C:\Windows\System32\rundll32.exe
2013-02-26 08:56 - 2013-02-26 08:56 - 00068792 _____ (Beepa P/L) C:\Program Files (x86)\fraps64.dat
2013-07-01 16:10 - 2013-06-21 14:06 - 02936208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-06-29 12:07 - 2013-03-27 10:11 - 06875136 _____ (FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
2011-04-26 23:03 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-03-27 22:39 - 2013-03-27 22:39 - 00021824 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\x64\ti_managers_proxy_stub.dll
2010-04-15 10:16 - 2010-04-15 10:16 - 00288064 _____ (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
2012-06-22 14:12 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-13 08:53 - 2013-09-13 08:53 - 01949572 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64.exe
2011-12-02 08:31 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2013-02-26 08:34 - 2013-02-26 08:34 - 00234168 _____ (Beepa P/L) C:\Program Files (x86)\FRAPS32.DLL
2013-09-07 10:58 - 2013-09-07 10:58 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-06-29 12:07 - 2013-06-29 12:07 - 00283648 _____ () C:\ProgramData\Free Download Manager\Firefox\Extensions\1.5.8\components\vmsfdmff22.dll
2013-06-29 12:07 - 2013-03-11 12:35 - 00611328 _____ ( ) C:\Program Files (x86)\Free Download Manager\flvsniff.dll
2013-06-29 12:07 - 2013-01-11 03:17 - 00105984 _____ () C:\Program Files (x86)\Free Download Manager\fdmumsp.dll
2013-04-16 03:12 - 2013-04-16 03:12 - 00052824 _____ (RealNetworks, Inc.) C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll
2013-06-29 12:07 - 2013-01-11 03:22 - 03547136 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
2010-04-15 10:16 - 2010-04-15 10:16 - 01344832 _____ (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTCommonRes.dll
2010-04-15 10:15 - 2010-04-15 10:15 - 00026944 _____ (DT Soft Ltd.) C:\Program Files (x86)\DAEMON Tools Pro\Converter.dll
2010-03-21 00:48 - 2010-03-21 00:48 - 00292160 _____ (DT Soft Ltd.) C:\Program Files (x86)\DAEMON Tools Pro\imgengine.dll
2010-04-15 10:21 - 2010-04-15 10:21 - 02540864 _____ (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\Engine.dll
2013-09-03 22:59 - 2013-09-02 22:35 - 00709584 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
2013-09-03 22:59 - 2013-09-02 22:35 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libegl.dll
2013-09-03 22:59 - 2013-09-02 22:35 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll
2013-09-03 22:59 - 2013-09-02 22:35 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
2013-09-03 22:59 - 2013-09-02 22:35 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
2013-04-16 03:11 - 2013-04-16 03:11 - 00148480 _____ (RealNetworks, Inc.) C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
2013-04-16 03:10 - 2013-04-16 03:10 - 00507536 _____ (RealDownloader) C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Common\rndlmainbrowserrecordplugin.dll
2013-03-27 22:36 - 2013-03-27 22:36 - 00726360 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy.dll
2013-03-27 22:36 - 2013-03-27 22:36 - 00021312 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:74603393
AlternateDataStreams: C:\ProgramData\TEMP:A1D5C6AA
AlternateDataStreams: C:\ProgramData\TEMP:F98C6604


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/12/2013 07:24:35 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: fsx.exe, Version: 10.0.61637.0, Zeitstempel: 0x46fadb14
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74f8c9f5
ID des fehlerhaften Prozesses: 0x1138
Startzeit der fehlerhaften Anwendung: 0xfsx.exe0
Pfad der fehlerhaften Anwendung: fsx.exe1
Pfad des fehlerhaften Moduls: fsx.exe2
Berichtskennung: fsx.exe3

Error: (09/12/2013 07:11:04 PM) (Source: Application Hang) (User: )
Description: Programm fsx.exe, Version 10.0.61637.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 11c4

Startzeit: 01ceafdac623f5d8

Endzeit: 65

Anwendungspfad: F:\FSX\fsx.exe

Berichts-ID: 2064e767-1bce-11e3-9e5b-00241dc7db61

Error: (09/12/2013 07:00:41 PM) (Source: Application Hang) (User: )
Description: Programm FSX.EXE, Version 10.0.61637.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9fc

Startzeit: 01ceafd0668d3a93

Endzeit: 74

Anwendungspfad: F:\FSX\FSX.EXE

Berichts-ID:

Error: (09/12/2013 05:53:50 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlusiFix06.exe, Version: 5.0.0.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xe28
Startzeit der fehlerhaften Anwendung: 0xFlusiFix06.exe0
Pfad der fehlerhaften Anwendung: FlusiFix06.exe1
Pfad des fehlerhaften Moduls: FlusiFix06.exe2
Berichtskennung: FlusiFix06.exe3

Error: (09/12/2013 05:49:31 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlusiFix06.exe, Version: 5.0.0.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x7b8
Startzeit der fehlerhaften Anwendung: 0xFlusiFix06.exe0
Pfad der fehlerhaften Anwendung: FlusiFix06.exe1
Pfad des fehlerhaften Moduls: FlusiFix06.exe2
Berichtskennung: FlusiFix06.exe3

Error: (09/12/2013 05:49:07 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlusiFix06.exe, Version: 5.0.0.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xc40
Startzeit der fehlerhaften Anwendung: 0xFlusiFix06.exe0
Pfad der fehlerhaften Anwendung: FlusiFix06.exe1
Pfad des fehlerhaften Moduls: FlusiFix06.exe2
Berichtskennung: FlusiFix06.exe3

Error: (09/12/2013 05:38:41 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: fsx.exe, Version: 10.0.61637.0, Zeitstempel: 0x46fadb14
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74eec9f5
ID des fehlerhaften Prozesses: 0x1598
Startzeit der fehlerhaften Anwendung: 0xfsx.exe0
Pfad der fehlerhaften Anwendung: fsx.exe1
Pfad des fehlerhaften Moduls: fsx.exe2
Berichtskennung: fsx.exe3

Error: (09/12/2013 10:33:40 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PDF Architect.exe, Version: 1.0.41.8362, Zeitstempel: 0x50ae2f21
Name des fehlerhaften Moduls: PDF Architect.exe, Version: 1.0.41.8362, Zeitstempel: 0x50ae2f21
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0042fb1d
ID des fehlerhaften Prozesses: 0x1060
Startzeit der fehlerhaften Anwendung: 0xPDF Architect.exe0
Pfad der fehlerhaften Anwendung: PDF Architect.exe1
Pfad des fehlerhaften Moduls: PDF Architect.exe2
Berichtskennung: PDF Architect.exe3

Error: (09/12/2013 10:33:40 AM) (Source: Application Error) (User: )
Description: PDF Architect

Error: (09/12/2013 10:30:24 AM) (Source: MsiInstaller) (User: Alfred-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011004}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127


System errors:
=============
Error: (09/13/2013 08:30:46 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mbmiodrvr

Error: (09/13/2013 08:30:06 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Gemeinsame Nutzung der Internetverbindung" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (09/13/2013 08:30:06 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Secunia PSI Agent" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/13/2013 08:30:06 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (09/12/2013 05:44:53 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mbmiodrvr

Error: (09/12/2013 05:44:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Gemeinsame Nutzung der Internetverbindung" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (09/12/2013 05:44:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Secunia PSI Agent" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/12/2013 05:44:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (09/12/2013 09:32:52 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mbmiodrvr

Error: (09/12/2013 09:32:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Gemeinsame Nutzung der Internetverbindung" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068


Microsoft Office Sessions:
=========================
Error: (09/12/2013 07:24:35 PM) (Source: Application Error)(User: )
Description: fsx.exe10.0.61637.046fadb14unknown0.0.0.000000000c000000574f8c9f5113801ceafdb13ffae24F:\FSX\fsx.exeunknown317b2aa0-1bd0-11e3-9e5b-00241dc7db61

Error: (09/12/2013 07:11:04 PM) (Source: Application Hang)(User: )
Description: fsx.exe10.0.61637.011c401ceafdac623f5d865F:\FSX\fsx.exe2064e767-1bce-11e3-9e5b-00241dc7db61

Error: (09/12/2013 07:00:41 PM) (Source: Application Hang)(User: )
Description: FSX.EXE10.0.61637.09fc01ceafd0668d3a9374F:\FSX\FSX.EXE

Error: (09/12/2013 05:53:50 PM) (Source: Application Error)(User: )
Description: FlusiFix06.exe5.0.0.02a425e19KERNELBASE.dll6.1.7601.1801550b83c8a0eedfade0000c41fe2801ceafd03dcc49bfE:\F gamerPC\HANGAR Aircrafts temporary\FlusiFix-2006 V5.0\FlusiFix06.exeC:\Windows\syswow64\KERNELBASE.dll83f61cf9-1bc3-11e3-9e5b-00241dc7db61

Error: (09/12/2013 05:49:31 PM) (Source: Application Error)(User: )
Description: FlusiFix06.exe5.0.0.02a425e19KERNELBASE.dll6.1.7601.1801550b83c8a0eedfade0000c41f7b801ceafcfa19b8998E:\F gamerPC\HANGAR Aircrafts temporary\FlusiFix-2006 V5.0\FlusiFix06.exeC:\Windows\syswow64\KERNELBASE.dlle93b14de-1bc2-11e3-9e5b-00241dc7db61

Error: (09/12/2013 05:49:07 PM) (Source: Application Error)(User: )
Description: FlusiFix06.exe5.0.0.02a425e19KERNELBASE.dll6.1.7601.1801550b83c8a0eedfade0000c41fc4001ceafcf806737a6E:\F gamerPC\HANGAR Aircrafts temporary\FlusiFix-2006 V5.0\FlusiFix06.exeC:\Windows\syswow64\KERNELBASE.dlldae48af7-1bc2-11e3-9e5b-00241dc7db61

Error: (09/12/2013 05:38:41 PM) (Source: Application Error)(User: )
Description: fsx.exe10.0.61637.046fadb14unknown0.0.0.000000000c000000574eec9f5159801ceafac5763c19fF:\FSX\fsx.exeunknown6621a5a2-1bc1-11e3-9610-00241dc7db61

Error: (09/12/2013 10:33:40 AM) (Source: Application Error)(User: )
Description: PDF Architect.exe1.0.41.836250ae2f21PDF Architect.exe1.0.41.836250ae2f21c00000050042fb1d106001ceaf9277661903C:\Program Files (x86)\PDF Architect\PDF Architect.exeC:\Program Files (x86)\PDF Architect\PDF Architect.exe061216d6-1b86-11e3-9610-00241dc7db61

Error: (09/12/2013 10:33:40 AM) (Source: Application Error)(User: )
Description: PDF Architect

Error: (09/12/2013 10:30:24 AM) (Source: MsiInstaller)(User: Alfred-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011004}1625(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2013-09-13 08:29:09.763
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-13 08:29:09.654
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-12 17:43:15.654
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-12 17:43:15.544
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-12 09:31:16.747
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-12 09:31:16.638
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-11 09:15:42.638
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-11 09:15:42.529
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-10 08:37:20.186
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-10 08:37:20.076
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 41%
Total physical RAM: 6141.49 MB
Available physical RAM: 3615.77 MB
Total Pagefile: 12281.17 MB
Available Pagefile: 9560.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Volume) (Fixed) (Total:97.66 GB) (Free:1.43 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:488.28 GB) (Free:89.86 GB) NTFS
Drive e: (Volume) (Fixed) (Total:811.32 GB) (Free:67.59 GB) NTFS
Drive f: (Volume) (Fixed) (Total:119.24 GB) (Free:10.08 GB) NTFS
Drive h: (AFM_DISK1) (CDROM) (Total:5.27 GB) (Free:0 GB) CDFS
Drive m: (VERBATIM HD) (Fixed) (Total:465.76 GB) (Free:48.4 GB) NTFS
Drive r: () (Removable) (Total:14.91 GB) (Free:1.95 GB) FAT32
Drive t: () (Removable) (Total:3.74 GB) (Free:0.35 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 4BD0ABA5)
Partition 1: (Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=811 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 119 GB) (Disk ID: 7007A0F9)
Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 466 GB) (Disk ID: 38EE6082)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 15 GB) (Disk ID: 6E652072)
No partition Table on disk 3.

========================================================
Disk: 4 (Size: 4 GB) (Disk ID: 7BF4F763)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)

==================== End Of Log ============================
--- --- ---

schrauber 13.09.2013 09:13
Revo Uninstaller Pro - Uninstall Software, Remove Programs easily, Forced Uninstall, Leftovers Uninstaller
Deinstallier damit mal alles von Divx Player und Plugin und Kram.


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

suvannapum56 13.09.2013 14:14
hallo Schrauber,
Danke vielmals und schönes wikend.
Anatol

PS: wegen zuvielen Zeichen muss ich das letzte, frische logfile FRST später senden, sonst geht diese Antwort nicht weg.

Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.13.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Alfred :: ALFRED-PC [Administrator]

Schutz: Aktiviert

13.09.2013 10:25:55
mbam-log-2013-09-13 (10-25-55).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 297142
Laufzeit: 8 Minute(n), 48 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 8
C:\ProgramData\TARMA INSTALLER (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TARMA INSTALLER\{2DBEDD2C-D5FA-460A-AAB0-0EF2E8C92749} (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TARMA INSTALLER\{2DBEDD2C-D5FA-460A-AAB0-0EF2E8C92749}\Cache (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TARMA INSTALLER\{3DE32671-5023-4304-848A-16E912CA6D11} (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TARMA INSTALLER\{3DE32671-5023-4304-848A-16E912CA6D11}\Cache (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alfred\AppData\Roaming\OPENCANDY (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alfred\AppData\Roaming\OPENCANDY\CD38138625FC4E9A9DE6E730D2FFAD1C (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alfred\AppData\Roaming\OPENCANDY\FA578959C3444246B0512BD2299EE677 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 27
C:\Users\Alfred\AppData\Roaming\MicroTorrent\torrent_downloader.exe (PUP.Optional.SweetPacks.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alfred\AppData\Roaming\OpenCandy\CD38138625FC4E9A9DE6E730D2FFAD1C\LatestDLMgr.exe (PUP.Optional.OpenCandy.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alfred\AppData\Roaming\OpenCandy\FA578959C3444246B0512BD2299EE677\LatestDLMgr.exe (PUP.Optional.OpenCandy.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alfred\AppData\Local\Temp\appshat-distribution.exe (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alfred\AppData\Local\Temp\BabylonTB.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alfred\AppData\Local\Temp\BI_RunOnce.exe (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alfred\AppData\Local\Temp\pricepeep_130001_0101.exe (Adware.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alfred\AppData\Local\Temp\UpdateCheckerSetup.exe (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alfred\AppData\Local\Temp\wajam_download.exe (PUP.Optional.Wajam) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\$RECYCLE.BIN\S-1-5-21-3691312484-3524702341-236613940-1000\$R2CGJAC.exe (PUP.Optional.Somoto) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\$RECYCLE.BIN\S-1-5-21-3691312484-3524702341-236613940-1000\$R6L7I74\Novawrld.exe (Virus.Xpaj) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alfred\AppData\Local\Temp\ct2504091\ism.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TARMA INSTALLER\{2DBEDD2C-D5FA-460A-AAB0-0EF2E8C92749}\20130816222653.log (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TARMA INSTALLER\{2DBEDD2C-D5FA-460A-AAB0-0EF2E8C92749}\Setup.dat (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TARMA INSTALLER\{2DBEDD2C-D5FA-460A-AAB0-0EF2E8C92749}\Setup.exe (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TARMA INSTALLER\{2DBEDD2C-D5FA-460A-AAB0-0EF2E8C92749}\Setup.ico (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TARMA INSTALLER\{2DBEDD2C-D5FA-460A-AAB0-0EF2E8C92749}\_Setup.dll (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TARMA INSTALLER\{3DE32671-5023-4304-848A-16E912CA6D11}\20130813164126.log (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TARMA INSTALLER\{3DE32671-5023-4304-848A-16E912CA6D11}\Setup.dat (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TARMA INSTALLER\{3DE32671-5023-4304-848A-16E912CA6D11}\Setup.exe (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TARMA INSTALLER\{3DE32671-5023-4304-848A-16E912CA6D11}\Setup.ico (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\TARMA INSTALLER\{3DE32671-5023-4304-848A-16E912CA6D11}\_Setup.dll (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alfred\AppData\Roaming\OPENCANDY\CD38138625FC4E9A9DE6E730D2FFAD1C\3247.ico (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alfred\AppData\Roaming\OPENCANDY\CD38138625FC4E9A9DE6E730D2FFAD1C\TuneUpUtilities2013-2200214-p3v0.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alfred\AppData\Roaming\OPENCANDY\CD38138625FC4E9A9DE6E730D2FFAD1C\TuneUpUtilities2013-2200214_de-DE.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alfred\AppData\Roaming\OPENCANDY\FA578959C3444246B0512BD2299EE677\47A647BD-4905-48C7-9539-A95F199019A4 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Alfred\AppData\Roaming\OPENCANDY\FA578959C3444246B0512BD2299EE677\B8DCC36F-4F05-445F-B1EE-FD8FC38CBBDA (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-09-2013
Ran by Alfred (administrator) on ALFRED-PC on 13-09-2013 11:47:36
Running from C:\Users\Alfred\Desktop\FRST64.2
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
(Beepa P/L) C:\Program Files (x86)\fraps.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Beepa P/L) C:\Program Files (x86)\fraps64.dat
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
() C:\Users\Alfred\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [awch7zip54786] -  [x]
HKCU\...\Run: [AppsHat] - C:\Users\Alfred\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [202752 2012-10-26] ()
AppInit_DLLs:  [97280 2009-07-14] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB655D88E8A01CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
URLSearchHook: (No Name) - {539F76FD-084E-4858-86D5-62F02F54AE86} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {BEC15BFA-01C6-44A5-BD78-38BF5EBE0604} URL = hxxp://ch.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: a2zLyrics-1 - {11111111-1111-1111-1111-110411151154} - C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-bho64.dll (Lyrics)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.633 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\Extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com
FF Extension: AppsHat - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
FF Extension: DownloadHelper - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: fdm_ffext - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\Extensions\fdm_ffext@freedownloadmanager.org
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f}
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{09F060FA-566D-42D7-BF79-97AB30863433}] - C:\Program Files (x86)\Steganos Privacy Suite 12\pfplugin
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 12\spmplugin3
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Yahoo) - hxxp://ch.search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=937811&p={searchTerms}
CHR DefaultSuggestURL: (Yahoo) - hxxp://de.ff.search.yahoo.com/gossip?command={searchTerms}&output=fxjson
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\google\chrome\application\22.0.1229.95\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U32) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.320.5) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Extension: (a2zLyrics-1) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0
CHR Extension: (WOT) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0
CHR Extension: (YouTube) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealDownloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S4 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
S2 Secunia PSI Agent; "C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service [x]

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com)
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2010-06-06] ()
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-07-09] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-07-09] (Acronis)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-07-09] (Acronis International GmbH)
U3 a5x3xekr; C:\Windows\System32\Drivers\a5x3xekr.sys [0 ] (Microsoft Corporation)
U3 acidijki; C:\Windows\System32\Drivers\acidijki.sys [0 ] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz132; \??\C:\Users\Alfred\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-13 11:47 - 2013-09-13 11:47 - 00000000 ____D C:\Users\Alfred\Desktop\FRST64.2
2013-09-13 11:45 - 2013-09-13 11:45 - 00005298 _____ C:\Users\Alfred\Desktop\JRT.txt
2013-09-13 11:22 - 2013-09-13 11:22 - 00002120 _____ C:\Users\Alfred\Desktop\AppsHat.lnk
2013-09-13 11:22 - 2013-09-13 11:22 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2013-09-13 11:22 - 2013-09-13 11:22 - 00000000 ____D C:\Users\Alfred\AppData\Local\WebPlayer
2013-09-13 11:21 - 2013-09-13 11:22 - 00000000 ____D C:\Program Files (x86)\a2zLyrics-1
2013-09-13 11:18 - 2013-09-13 11:46 - 00000000 ____D C:\Users\Alfred\Desktop\junkware removal
2013-09-13 11:09 - 2013-09-13 11:12 - 00000000 ____D C:\AdwCleaner
2013-09-13 11:07 - 2013-09-13 11:08 - 00000000 ____D C:\Users\Alfred\Desktop\adw.cleaner
2013-09-13 10:25 - 2013-09-13 10:25 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Malwarebytes
2013-09-13 10:24 - 2013-09-13 10:24 - 00001093 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-13 10:24 - 2013-09-13 10:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-13 10:24 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-13 10:23 - 2013-09-13 10:23 - 00000000 ____D C:\Users\Alfred\Desktop\FRST64
2013-09-13 10:22 - 2013-09-13 11:00 - 00000000 ____D C:\Users\Alfred\Desktop\mbam
2013-09-13 09:08 - 2013-09-13 09:08 - 00000000 ____D C:\FRST
2013-09-13 09:04 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 09:04 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 09:04 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 09:04 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 09:04 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 09:04 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 09:04 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-13 09:04 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-13 09:04 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 09:04 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-13 09:04 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 09:04 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-13 08:36 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-13 08:36 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-13 08:36 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-13 08:36 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-13 08:36 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-13 08:36 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-13 08:36 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-13 08:36 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-13 08:36 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-13 08:36 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-13 08:36 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-13 08:36 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-13 08:36 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-13 08:36 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-13 08:36 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-13 08:36 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-13 08:36 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-13 08:36 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-13 08:36 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-13 08:36 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-13 08:36 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-13 08:36 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-13 08:36 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-13 08:36 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-13 08:36 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-13 08:36 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-08 09:51 - 2013-09-08 09:51 - 00007816 _____ C:\Users\Alfred\Downloads\fsx.cfg
2013-09-07 10:58 - 2013-09-10 10:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-07 10:49 - 2013-09-07 10:49 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-07 10:45 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-07 10:45 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-07 10:42 - 2013-08-20 15:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-09-07 10:42 - 2013-08-20 15:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-09-07 10:42 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-09-06 17:56 - 2013-09-06 17:57 - 96972784 _____ (VIRTUALI s.a.s.                                            ) C:\Users\Alfred\Downloads\lsgg_fsx_setup.exe
2013-09-02 11:52 - 2013-09-02 11:52 - 00001348 _____ C:\Users\Alfred\Desktop\SCREENSHOTS - Verknüpfung.lnk
2013-08-24 22:12 - 2013-08-25 15:21 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\First Class Simulations
2013-08-24 18:12 - 2013-08-25 20:18 - 00000825 _____ C:\Users\Public\Desktop\Ultimate Traffic 2.lnk
2013-08-24 18:10 - 2013-08-24 18:10 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Flight One Software
2013-08-19 10:31 - 2013-08-19 10:31 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EtendardIV Texture Pack
2013-08-18 10:00 - 2013-06-16 16:44 - 00001011 _____ C:\Users\Alfred\Desktop\BLUESKY SCENERIES - Verknüpfung.lnk
2013-08-16 11:41 - 2013-09-13 09:04 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 09:38 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-16 09:38 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-16 09:38 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-16 09:38 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-16 09:38 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-16 09:38 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-16 09:38 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-16 09:38 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-16 09:38 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-16 09:38 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-16 09:38 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-16 09:38 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-16 09:38 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-16 09:38 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-16 09:38 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-16 09:38 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

2013-09-13 11:47 - 2013-09-13 11:47 - 00000000 ____D C:\Users\Alfred\Desktop\FRST64.2
2013-09-13 11:46 - 2013-09-13 11:18 - 00000000 ____D C:\Users\Alfred\Desktop\junkware removal
2013-09-13 11:45 - 2013-09-13 11:45 - 00005298 _____ C:\Users\Alfred\Desktop\JRT.txt
2013-09-13 11:31 - 2013-06-29 12:07 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Free Download Manager
2013-09-13 11:26 - 2013-06-16 21:19 - 01150602 _____ C:\Windows\WindowsUpdate.log
2013-09-13 11:23 - 2009-07-14 06:45 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-13 11:23 - 2009-07-14 06:45 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-13 11:22 - 2013-09-13 11:22 - 00002120 _____ C:\Users\Alfred\Desktop\AppsHat.lnk
2013-09-13 11:22 - 2013-09-13 11:22 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2013-09-13 11:22 - 2013-09-13 11:22 - 00000000 ____D C:\Users\Alfred\AppData\Local\WebPlayer
2013-09-13 11:22 - 2013-09-13 11:21 - 00000000 ____D C:\Program Files (x86)\a2zLyrics-1
2013-09-13 11:16 - 2013-08-01 12:01 - 00003170 _____ C:\Windows\System32\Tasks\FRAPS
2013-09-13 11:15 - 2013-07-18 21:21 - 00000290 _____ C:\Windows\Tasks\CheckDriveBackgroundGuard.job
2013-09-13 11:15 - 2013-06-23 09:01 - 00010476 _____ C:\Windows\setupact.log
2013-09-13 11:15 - 2011-04-11 14:25 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-13 11:15 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-13 11:14 - 2012-07-22 22:24 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-13 11:12 - 2013-09-13 11:09 - 00000000 ____D C:\AdwCleaner
2013-09-13 11:08 - 2013-09-13 11:07 - 00000000 ____D C:\Users\Alfred\Desktop\adw.cleaner
2013-09-13 11:05 - 2012-05-31 09:11 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-13 11:03 - 2013-06-26 14:28 - 00013882 _____ C:\Windows\PFRO.log
2013-09-13 11:00 - 2013-09-13 10:22 - 00000000 ____D C:\Users\Alfred\Desktop\mbam
2013-09-13 11:00 - 2011-12-20 16:17 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\MicroTorrent
2013-09-13 10:50 - 2011-04-11 14:25 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-13 10:25 - 2013-09-13 10:25 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Malwarebytes
2013-09-13 10:24 - 2013-09-13 10:24 - 00001093 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-13 10:24 - 2013-09-13 10:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-13 10:23 - 2013-09-13 10:23 - 00000000 ____D C:\Users\Alfred\Desktop\FRST64
2013-09-13 09:29 - 2010-06-01 13:41 - 00000000 ___RD C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 09:29 - 2010-06-01 13:41 - 00000000 ___RD C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 09:28 - 2009-07-14 06:45 - 02236584 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 09:08 - 2013-09-13 09:08 - 00000000 ____D C:\FRST
2013-09-13 09:04 - 2013-08-16 11:41 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 09:01 - 2010-06-01 14:10 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-12 22:28 - 2010-06-27 22:10 - 00000000 ____D C:\Program Files (x86)\Benchmarks
2013-09-12 20:34 - 2012-06-06 19:59 - 00001230 _____ C:\Users\Alfred\d3d_antilag.log
2013-09-12 20:31 - 2012-10-06 20:36 - 00000000 ____D C:\Users\Alfred\Documents\Flight Simulator X-Dateien
2013-09-12 18:00 - 2012-12-02 23:05 - 00000482 _____ C:\Windows\Tasks\PC Utility Kit Registration3.job
2013-09-12 12:53 - 2010-06-01 14:17 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B9570399-0E5E-4E61-89B3-CA9D442C62AF}
2013-09-11 09:15 - 2012-08-13 12:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-10 10:56 - 2013-09-07 10:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-10 10:54 - 2013-08-09 21:47 - 00000000 ____D C:\Users\Alfred\Downloads\Neuer Ordner
2013-09-08 09:51 - 2013-09-08 09:51 - 00007816 _____ C:\Users\Alfred\Downloads\fsx.cfg
2013-09-07 16:56 - 2009-07-14 19:58 - 00696848 _____ C:\Windows\system32\perfh007.dat
2013-09-07 16:56 - 2009-07-14 19:58 - 00148144 _____ C:\Windows\system32\perfc007.dat
2013-09-07 16:56 - 2009-07-14 07:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-07 10:49 - 2013-09-07 10:49 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-07 10:49 - 2012-05-21 18:10 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-07 10:42 - 2012-07-22 22:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-07 10:31 - 2013-07-04 23:03 - 00003716 _____ C:\Users\Alfred\Desktop\FSX F.log
2013-09-06 18:14 - 2012-05-29 11:27 - 00000000 ____D C:\Windows\pss
2013-09-06 17:59 - 2010-06-02 07:20 - 00000000 ____D C:\ProgramData\eSellerate
2013-09-06 17:57 - 2013-09-06 17:56 - 96972784 _____ (VIRTUALI s.a.s.                                            ) C:\Users\Alfred\Downloads\lsgg_fsx_setup.exe
2013-09-05 23:39 - 2010-12-30 14:24 - 00000182 _____ C:\Users\Alfred\FSDreamTeam_Geneva.reg
2013-09-03 22:59 - 2013-06-16 20:38 - 00002151 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-02 11:52 - 2013-09-02 11:52 - 00001348 _____ C:\Users\Alfred\Desktop\SCREENSHOTS - Verknüpfung.lnk
2013-08-30 03:55 - 2012-12-02 23:05 - 00000446 _____ C:\Windows\Tasks\PC Utility Kit.job
2013-08-29 23:31 - 2010-06-07 11:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-28 17:44 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-25 22:01 - 2010-09-21 16:07 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Azureus
2013-08-25 20:18 - 2013-08-24 18:12 - 00000825 _____ C:\Users\Public\Desktop\Ultimate Traffic 2.lnk
2013-08-25 20:12 - 2012-08-12 14:20 - 00002048 _____ C:\Windows\f1utii.lic
2013-08-25 15:21 - 2013-08-24 22:12 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\First Class Simulations
2013-08-25 14:27 - 2013-06-16 10:59 - 00001204 _____ C:\Users\Alfred\Desktop\F A V O R I T E N - Verknüpfung.lnk
2013-08-24 19:38 - 2012-11-05 15:08 - 00000000 ___RD C:\Users\Alfred\Desktop\DESKTOP icons
2013-08-24 18:10 - 2013-08-24 18:10 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Flight One Software
2013-08-24 00:31 - 2010-09-21 16:06 - 00000000 ____D C:\Program Files (x86)\Vuze
2013-08-24 00:04 - 2012-12-02 23:05 - 00000448 _____ C:\Windows\Tasks\PC Utility Kit Update3.job
2013-08-21 14:45 - 2012-11-05 13:19 - 00000000 ____D C:\Users\Alfred\Documents\0.PW.7.5.012
2013-08-20 16:29 - 2010-06-01 13:44 - 00007600 _____ C:\Users\Alfred\AppData\Local\resmon.resmoncfg
2013-08-20 15:33 - 2013-09-07 10:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-08-20 15:32 - 2013-09-07 10:42 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-08-20 15:32 - 2013-09-07 10:42 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-08-19 10:31 - 2013-08-19 10:31 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EtendardIV Texture Pack
2013-08-17 01:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-16 22:27 - 2012-10-14 11:57 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rikoooo Add-ons

Files to move or delete:
====================
C:\Users\Alfred\Aerosoft_FlorenceX.reg
C:\Users\Alfred\Cloud9_Xcity Rome.reg
C:\Users\Alfred\FSDreamTeam_Geneva.reg
C:\Users\Alfred\FSDreamTeam_Hawaiian Airports Volume 2.reg
C:\Users\Alfred\FSDreamTeam_Honolulu.reg
C:\Users\Alfred\FSDreamTeam_ZurichX.reg
C:\Users\Alfred\AppData\Local\Temp\7z920.exe
C:\Users\Alfred\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\Alfred\AppData\Local\Temp\a2zLyrics_1060-8102_v122.exe
C:\Users\Alfred\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Alfred\AppData\Local\Temp\BabylonTB.exe
C:\Users\Alfred\AppData\Local\Temp\biclient.exe
C:\Users\Alfred\AppData\Local\Temp\boeing737pro_Uninstall.exe
C:\Users\Alfred\AppData\Local\Temp\ERUNT.exe
C:\Users\Alfred\AppData\Local\Temp\i4jdel0.exe
C:\Users\Alfred\AppData\Local\Temp\mpegc.dll
C:\Users\Alfred\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Alfred\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Alfred\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Alfred\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Alfred\AppData\Local\Temp\nvStInst.exe
C:\Users\Alfred\AppData\Local\Temp\Quarantine.exe
C:\Users\Alfred\AppData\Local\Temp\UpdateCheckerSetup.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 09:46

==================== End Of Log ============================
--- --- ---
AdwCleaner Logfile:
Code:
# AdwCleaner v3.003 - Bericht erstellt am 13/09/2013 um 11:12:13
# Updated 07/09/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Alfred - ALFRED-PC
# Gestartet von : C:\Users\Alfred\Desktop\adw.cleaner\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Alfred\AppData\Roaming\DriverCure
Ordner Gelöscht : C:\Users\Alfred\AppData\Roaming\pdfforge
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Uninstall.exe
Datei Gelöscht : C:\Program Files (x86)\Uninstall.exe

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_realplayer-sp_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_realplayer-sp_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_analoguhr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_analoguhr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_pdf24-pdf-creator_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_pdf24-pdf-creator_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_realplayer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_realplayer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_steganos-privacy-suite_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_steganos-privacy-suite_RASMANCS
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\prefs.js ]


-\\ Google Chrome v29.0.1547.66

[ Datei : C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2687 octets] - [13/09/2013 11:09:45]
AdwCleaner[S0].txt - [2558 octets] - [13/09/2013 11:12:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2618 octets] ##########
--- --- ---













~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.0 (09.12.2013:1)
OS: Windows 7 Home Premium x64
Ran by Alfred on 13.09.2013 at 11:38:24.01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\sdp



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\somoto
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\filesfrog update checker
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0041554.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0041554.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0041554.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0041554.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110411151154}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422152254}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550455155554}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660466156654}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440444154454}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110411151154}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220422152254}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550455155554}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660466156654}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444154454}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0041554.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0041554.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0041554.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0041554.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550455155554}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660466156654}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440444154454}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411151154}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550455155554}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660466156654}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444154454}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411151154}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\a2zLyrics-1-chromeinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\a2zLyrics-1-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\a2zLyrics-1-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\a2zLyrics-1-firefoxinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\a2zLyrics-1-updater.job



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Alfred\appdata\local\filesfrog update checker"
Successfully deleted: [Folder] "C:\Users\Alfred\appdata\local\minibar"
Successfully deleted: [Folder] "C:\Program Files (x86)\minibar"
Successfully deleted: [Folder] "C:\Users\Alfred\AppData\Roaming\microsoft\windows\start menu\programs\filesfrog update checker"



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\extensioninstallforcelist [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.09.2013 at 11:45:50.81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

suvannapum56 13.09.2013 14:15
also hier noch das letzte FRST logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-09-2013
Ran by Alfred (administrator) on ALFRED-PC on 13-09-2013 11:47:36
Running from C:\Users\Alfred\Desktop\FRST64.2
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
(Beepa P/L) C:\Program Files (x86)\fraps.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Beepa P/L) C:\Program Files (x86)\fraps64.dat
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
() C:\Users\Alfred\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [awch7zip54786] -  [x]
HKCU\...\Run: [AppsHat] - C:\Users\Alfred\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [202752 2012-10-26] ()
AppInit_DLLs:  [97280 2009-07-14] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB655D88E8A01CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
URLSearchHook: (No Name) - {539F76FD-084E-4858-86D5-62F02F54AE86} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {BEC15BFA-01C6-44A5-BD78-38BF5EBE0604} URL = hxxp://ch.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: a2zLyrics-1 - {11111111-1111-1111-1111-110411151154} - C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-bho64.dll (Lyrics)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.633 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\Extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com
FF Extension: AppsHat - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
FF Extension: DownloadHelper - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: fdm_ffext - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\Extensions\fdm_ffext@freedownloadmanager.org
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f}
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{09F060FA-566D-42D7-BF79-97AB30863433}] - C:\Program Files (x86)\Steganos Privacy Suite 12\pfplugin
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 12\spmplugin3
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Yahoo) - hxxp://ch.search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=937811&p={searchTerms}
CHR DefaultSuggestURL: (Yahoo) - hxxp://de.ff.search.yahoo.com/gossip?command={searchTerms}&output=fxjson
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\google\chrome\application\22.0.1229.95\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U32) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.320.5) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Extension: (a2zLyrics-1) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0
CHR Extension: (WOT) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0
CHR Extension: (YouTube) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealDownloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S4 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
S2 Secunia PSI Agent; "C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service [x]

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com)
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2010-06-06] ()
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-07-09] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-07-09] (Acronis)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-07-09] (Acronis International GmbH)
U3 a5x3xekr; C:\Windows\System32\Drivers\a5x3xekr.sys [0 ] (Microsoft Corporation)
U3 acidijki; C:\Windows\System32\Drivers\acidijki.sys [0 ] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz132; \??\C:\Users\Alfred\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-13 11:47 - 2013-09-13 11:47 - 00000000 ____D C:\Users\Alfred\Desktop\FRST64.2
2013-09-13 11:45 - 2013-09-13 11:45 - 00005298 _____ C:\Users\Alfred\Desktop\JRT.txt
2013-09-13 11:22 - 2013-09-13 11:22 - 00002120 _____ C:\Users\Alfred\Desktop\AppsHat.lnk
2013-09-13 11:22 - 2013-09-13 11:22 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2013-09-13 11:22 - 2013-09-13 11:22 - 00000000 ____D C:\Users\Alfred\AppData\Local\WebPlayer
2013-09-13 11:21 - 2013-09-13 11:22 - 00000000 ____D C:\Program Files (x86)\a2zLyrics-1
2013-09-13 11:18 - 2013-09-13 11:46 - 00000000 ____D C:\Users\Alfred\Desktop\junkware removal
2013-09-13 11:09 - 2013-09-13 11:12 - 00000000 ____D C:\AdwCleaner
2013-09-13 11:07 - 2013-09-13 11:08 - 00000000 ____D C:\Users\Alfred\Desktop\adw.cleaner
2013-09-13 10:25 - 2013-09-13 10:25 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Malwarebytes
2013-09-13 10:24 - 2013-09-13 10:24 - 00001093 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-13 10:24 - 2013-09-13 10:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-13 10:24 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-13 10:23 - 2013-09-13 10:23 - 00000000 ____D C:\Users\Alfred\Desktop\FRST64
2013-09-13 10:22 - 2013-09-13 11:00 - 00000000 ____D C:\Users\Alfred\Desktop\mbam
2013-09-13 09:08 - 2013-09-13 09:08 - 00000000 ____D C:\FRST
2013-09-13 09:04 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 09:04 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 09:04 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 09:04 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 09:04 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 09:04 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 09:04 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-13 09:04 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-13 09:04 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 09:04 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-13 09:04 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 09:04 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-13 08:36 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-13 08:36 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-13 08:36 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-13 08:36 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-13 08:36 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-13 08:36 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-13 08:36 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-13 08:36 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-13 08:36 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-13 08:36 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-13 08:36 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-13 08:36 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-13 08:36 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-13 08:36 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-13 08:36 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-13 08:36 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-13 08:36 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-13 08:36 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-13 08:36 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-13 08:36 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-13 08:36 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-13 08:36 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-13 08:36 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-13 08:36 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-13 08:36 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-13 08:36 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-08 09:51 - 2013-09-08 09:51 - 00007816 _____ C:\Users\Alfred\Downloads\fsx.cfg
2013-09-07 10:58 - 2013-09-10 10:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-07 10:49 - 2013-09-07 10:49 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-07 10:45 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-07 10:45 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-07 10:42 - 2013-08-20 15:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-09-07 10:42 - 2013-08-20 15:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-09-07 10:42 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-09-06 17:56 - 2013-09-06 17:57 - 96972784 _____ (VIRTUALI s.a.s.                                            ) C:\Users\Alfred\Downloads\lsgg_fsx_setup.exe
2013-09-02 11:52 - 2013-09-02 11:52 - 00001348 _____ C:\Users\Alfred\Desktop\SCREENSHOTS - Verknüpfung.lnk
2013-08-24 22:12 - 2013-08-25 15:21 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\First Class Simulations
2013-08-24 18:12 - 2013-08-25 20:18 - 00000825 _____ C:\Users\Public\Desktop\Ultimate Traffic 2.lnk
2013-08-24 18:10 - 2013-08-24 18:10 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Flight One Software
2013-08-19 10:31 - 2013-08-19 10:31 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EtendardIV Texture Pack
2013-08-18 10:00 - 2013-06-16 16:44 - 00001011 _____ C:\Users\Alfred\Desktop\BLUESKY SCENERIES - Verknüpfung.lnk
2013-08-16 11:41 - 2013-09-13 09:04 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 09:38 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-16 09:38 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-16 09:38 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-16 09:38 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-16 09:38 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-16 09:38 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-16 09:38 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-16 09:38 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-16 09:38 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-16 09:38 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-16 09:38 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-16 09:38 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-16 09:38 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-16 09:38 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-16 09:38 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-16 09:38 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

2013-09-13 11:47 - 2013-09-13 11:47 - 00000000 ____D C:\Users\Alfred\Desktop\FRST64.2
2013-09-13 11:46 - 2013-09-13 11:18 - 00000000 ____D C:\Users\Alfred\Desktop\junkware removal
2013-09-13 11:45 - 2013-09-13 11:45 - 00005298 _____ C:\Users\Alfred\Desktop\JRT.txt
2013-09-13 11:31 - 2013-06-29 12:07 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Free Download Manager
2013-09-13 11:26 - 2013-06-16 21:19 - 01150602 _____ C:\Windows\WindowsUpdate.log
2013-09-13 11:23 - 2009-07-14 06:45 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-13 11:23 - 2009-07-14 06:45 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-13 11:22 - 2013-09-13 11:22 - 00002120 _____ C:\Users\Alfred\Desktop\AppsHat.lnk
2013-09-13 11:22 - 2013-09-13 11:22 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2013-09-13 11:22 - 2013-09-13 11:22 - 00000000 ____D C:\Users\Alfred\AppData\Local\WebPlayer
2013-09-13 11:22 - 2013-09-13 11:21 - 00000000 ____D C:\Program Files (x86)\a2zLyrics-1
2013-09-13 11:16 - 2013-08-01 12:01 - 00003170 _____ C:\Windows\System32\Tasks\FRAPS
2013-09-13 11:15 - 2013-07-18 21:21 - 00000290 _____ C:\Windows\Tasks\CheckDriveBackgroundGuard.job
2013-09-13 11:15 - 2013-06-23 09:01 - 00010476 _____ C:\Windows\setupact.log
2013-09-13 11:15 - 2011-04-11 14:25 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-13 11:15 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-13 11:14 - 2012-07-22 22:24 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-13 11:12 - 2013-09-13 11:09 - 00000000 ____D C:\AdwCleaner
2013-09-13 11:08 - 2013-09-13 11:07 - 00000000 ____D C:\Users\Alfred\Desktop\adw.cleaner
2013-09-13 11:05 - 2012-05-31 09:11 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-13 11:03 - 2013-06-26 14:28 - 00013882 _____ C:\Windows\PFRO.log
2013-09-13 11:00 - 2013-09-13 10:22 - 00000000 ____D C:\Users\Alfred\Desktop\mbam
2013-09-13 11:00 - 2011-12-20 16:17 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\MicroTorrent
2013-09-13 10:50 - 2011-04-11 14:25 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-13 10:25 - 2013-09-13 10:25 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Malwarebytes
2013-09-13 10:24 - 2013-09-13 10:24 - 00001093 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-13 10:24 - 2013-09-13 10:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-13 10:23 - 2013-09-13 10:23 - 00000000 ____D C:\Users\Alfred\Desktop\FRST64
2013-09-13 09:29 - 2010-06-01 13:41 - 00000000 ___RD C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 09:29 - 2010-06-01 13:41 - 00000000 ___RD C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 09:28 - 2009-07-14 06:45 - 02236584 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 09:08 - 2013-09-13 09:08 - 00000000 ____D C:\FRST
2013-09-13 09:04 - 2013-08-16 11:41 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 09:01 - 2010-06-01 14:10 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-12 22:28 - 2010-06-27 22:10 - 00000000 ____D C:\Program Files (x86)\Benchmarks
2013-09-12 20:34 - 2012-06-06 19:59 - 00001230 _____ C:\Users\Alfred\d3d_antilag.log
2013-09-12 20:31 - 2012-10-06 20:36 - 00000000 ____D C:\Users\Alfred\Documents\Flight Simulator X-Dateien
2013-09-12 18:00 - 2012-12-02 23:05 - 00000482 _____ C:\Windows\Tasks\PC Utility Kit Registration3.job
2013-09-12 12:53 - 2010-06-01 14:17 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B9570399-0E5E-4E61-89B3-CA9D442C62AF}
2013-09-11 09:15 - 2012-08-13 12:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-10 10:56 - 2013-09-07 10:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-10 10:54 - 2013-08-09 21:47 - 00000000 ____D C:\Users\Alfred\Downloads\Neuer Ordner
2013-09-08 09:51 - 2013-09-08 09:51 - 00007816 _____ C:\Users\Alfred\Downloads\fsx.cfg
2013-09-07 16:56 - 2009-07-14 19:58 - 00696848 _____ C:\Windows\system32\perfh007.dat
2013-09-07 16:56 - 2009-07-14 19:58 - 00148144 _____ C:\Windows\system32\perfc007.dat
2013-09-07 16:56 - 2009-07-14 07:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-07 10:49 - 2013-09-07 10:49 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-07 10:49 - 2012-05-21 18:10 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-07 10:42 - 2012-07-22 22:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-07 10:31 - 2013-07-04 23:03 - 00003716 _____ C:\Users\Alfred\Desktop\FSX F.log
2013-09-06 18:14 - 2012-05-29 11:27 - 00000000 ____D C:\Windows\pss
2013-09-06 17:59 - 2010-06-02 07:20 - 00000000 ____D C:\ProgramData\eSellerate
2013-09-06 17:57 - 2013-09-06 17:56 - 96972784 _____ (VIRTUALI s.a.s.                                            ) C:\Users\Alfred\Downloads\lsgg_fsx_setup.exe
2013-09-05 23:39 - 2010-12-30 14:24 - 00000182 _____ C:\Users\Alfred\FSDreamTeam_Geneva.reg
2013-09-03 22:59 - 2013-06-16 20:38 - 00002151 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-02 11:52 - 2013-09-02 11:52 - 00001348 _____ C:\Users\Alfred\Desktop\SCREENSHOTS - Verknüpfung.lnk
2013-08-30 03:55 - 2012-12-02 23:05 - 00000446 _____ C:\Windows\Tasks\PC Utility Kit.job
2013-08-29 23:31 - 2010-06-07 11:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-28 17:44 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-25 22:01 - 2010-09-21 16:07 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Azureus
2013-08-25 20:18 - 2013-08-24 18:12 - 00000825 _____ C:\Users\Public\Desktop\Ultimate Traffic 2.lnk
2013-08-25 20:12 - 2012-08-12 14:20 - 00002048 _____ C:\Windows\f1utii.lic
2013-08-25 15:21 - 2013-08-24 22:12 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\First Class Simulations
2013-08-25 14:27 - 2013-06-16 10:59 - 00001204 _____ C:\Users\Alfred\Desktop\F A V O R I T E N - Verknüpfung.lnk
2013-08-24 19:38 - 2012-11-05 15:08 - 00000000 ___RD C:\Users\Alfred\Desktop\DESKTOP icons
2013-08-24 18:10 - 2013-08-24 18:10 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Flight One Software
2013-08-24 00:31 - 2010-09-21 16:06 - 00000000 ____D C:\Program Files (x86)\Vuze
2013-08-24 00:04 - 2012-12-02 23:05 - 00000448 _____ C:\Windows\Tasks\PC Utility Kit Update3.job
2013-08-21 14:45 - 2012-11-05 13:19 - 00000000 ____D C:\Users\Alfred\Documents\0.PW.7.5.012
2013-08-20 16:29 - 2010-06-01 13:44 - 00007600 _____ C:\Users\Alfred\AppData\Local\resmon.resmoncfg
2013-08-20 15:33 - 2013-09-07 10:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-08-20 15:32 - 2013-09-07 10:42 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-08-20 15:32 - 2013-09-07 10:42 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-08-19 10:31 - 2013-08-19 10:31 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EtendardIV Texture Pack
2013-08-17 01:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-16 22:27 - 2012-10-14 11:57 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rikoooo Add-ons

Files to move or delete:
====================
C:\Users\Alfred\Aerosoft_FlorenceX.reg
C:\Users\Alfred\Cloud9_Xcity Rome.reg
C:\Users\Alfred\FSDreamTeam_Geneva.reg
C:\Users\Alfred\FSDreamTeam_Hawaiian Airports Volume 2.reg
C:\Users\Alfred\FSDreamTeam_Honolulu.reg
C:\Users\Alfred\FSDreamTeam_ZurichX.reg
C:\Users\Alfred\AppData\Local\Temp\7z920.exe
C:\Users\Alfred\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\Alfred\AppData\Local\Temp\a2zLyrics_1060-8102_v122.exe
C:\Users\Alfred\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Alfred\AppData\Local\Temp\BabylonTB.exe
C:\Users\Alfred\AppData\Local\Temp\biclient.exe
C:\Users\Alfred\AppData\Local\Temp\boeing737pro_Uninstall.exe
C:\Users\Alfred\AppData\Local\Temp\ERUNT.exe
C:\Users\Alfred\AppData\Local\Temp\i4jdel0.exe
C:\Users\Alfred\AppData\Local\Temp\mpegc.dll
C:\Users\Alfred\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Alfred\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Alfred\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Alfred\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Alfred\AppData\Local\Temp\nvStInst.exe
C:\Users\Alfred\AppData\Local\Temp\Quarantine.exe
C:\Users\Alfred\AppData\Local\Temp\UpdateCheckerSetup.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 09:46

==================== End Of Log ============================
--- --- ---

schrauber 13.09.2013 19:43

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

suvannapum56 15.09.2013 19:49
Hallo Schrauber, hier noch die gewünschten logfiles:
ESET,SecurityCheck-FRST+addition

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f428c97e82875e42ab05ca43174aaaa8
# engine=14165
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-27 06:50:55
# local_time=2013-06-27 08:50:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 49432864 123988905 0 0
# scanned=1966529
# found=12
# cleaned=0
# scan_time=86344
sh=F64DE26AD04C759555AEDA1E0C56F0C6B15B9D36 ft=1 fh=f25b308d96983de2 vn="Win32/SuspLibLoad.B trojan" ac=I fn="C:\Windows\System32\flt1chk3.dll"
sh=F64DE26AD04C759555AEDA1E0C56F0C6B15B9D36 ft=1 fh=f25b308d96983de2 vn="Win32/SuspLibLoad.B trojan" ac=I fn="C:\Windows\SysWOW64\flt1chk3.dll"
sh=2BEC3A89EB5BF0BED90AD0923C7D12D44AEB3111 ft=1 fh=169012abcb12da52 vn="Win32/SuspLibLoad.B trojan" ac=I fn="E:\fs9 files oliver aug 010\fs9\Level-D Simulations\B767-300\flt1chk4.dll"
sh=C5D58D585A77DA6DAA16688671228DCC764CFB8B ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="K:\ALFRED-PC\Backup Set 2012-12-27 213305\Backup Files 2013-04-21 190001\Backup files 4.zip"
sh=584A350B89CAFF8BAE04BBC067DCCACE0E84DF47 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="K:\ALFRED-PC\Backup Set 2012-12-27 213305\Backup Files 2013-04-21 190001\Backup files 6.zip"
sh=0AB21BB2ADCB26A7D7A8B418CB57EAC3DAB8FF8E ft=0 fh=0000000000000000 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="K:\ALFRED-PC\Backup Set 2012-12-27 213305\Backup Files 2013-05-19 190002\Backup files 3.zip"
sh=4B146078EA24DFC676B824B771D3EFD4D2DE6DDB ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="K:\ALFRED-PC\Backup Set 2012-12-27 213305\Backup Files 2013-06-23 190001\Backup files 6.zip"
sh=8507989B7173180F7EE2C7C7685FCBE881CDDF4C ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="K:\DM12REP\Backup Set 2012-11-02 051445\Backup Files 2012-11-02 051445\Backup files 1.zip"
sh=E7D2BAE81389FF708C4B78547BF0068A8A03823C ft=0 fh=0000000000000000 vn="a variant of Win32/Adware.iBryte.D application" ac=I fn="K:\DM12REP\Backup Set 2012-11-02 051445\Backup Files 2012-11-02 051445\Backup files 4.zip"
sh=53AA317D321171BDCF4244F52906AC23D3370C3C ft=0 fh=0000000000000000 vn="Win32/Adware.Yontoo application" ac=I fn="K:\DM12REP\Backup Set 2012-12-23 190000\Backup Files 2012-12-23 190000\Backup files 20.zip"
sh=5235A1604E6A9736A069F1582E7F6BD3EF355884 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.A application" ac=I fn="K:\DM12REP\Backup Set 2012-12-23 190000\Backup Files 2012-12-23 190000\Backup files 21.zip"
sh=6929CB91E249ED3619EF9CDFBC3558B47F20C5E4 ft=0 fh=0000000000000000 vn="a variant of Win32/Adware.iBryte.D application" ac=I fn="K:\DM12REP\Backup Set 2012-12-23 190000\Backup Files 2012-12-23 190000\Backup files 26.zip"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f428c97e82875e42ab05ca43174aaaa8
# engine=15118
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-14 07:44:22
# local_time=2013-09-14 09:44:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 5602976 130774512 0 0
# scanned=133765
# found=0
# cleaned=0
# scan_time=4322
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f428c97e82875e42ab05ca43174aaaa8
# engine=15132
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-15 03:31:16
# local_time=2013-09-15 05:31:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 5717390 130888926 0 0
# scanned=3842889
# found=4
# cleaned=0
# scan_time=64270
sh=2BEC3A89EB5BF0BED90AD0923C7D12D44AEB3111 ft=1 fh=169012abcb12da52 vn="Win32/SuspLibLoad.B trojan" ac=I fn="E:\fs9 files oliver aug 010\fs9\Level-D Simulations\B767-300\flt1chk4.dll"
sh=2BEC3A89EB5BF0BED90AD0923C7D12D44AEB3111 ft=1 fh=169012abcb12da52 vn="Win32/SuspLibLoad.B trojan" ac=I fn="X:\fs9 files oliver aug 010\fs9\Level-D Simulations\B767-300\flt1chk4.dll"
sh=171FD0A4CD1F2959DF97204C6418DFEF6163B8C5 ft=0 fh=0000000000000000 vn="Win32/SuspLibLoad.B trojan" ac=I fn="X:\fs9 files oliver aug 010\fs9 Oliver aug 010 installed\flight1ATR72 setup working\Fliight_One_ATR_72_500.iso"
sh=29C1B42DA758D78D47B04496FC666E097B617252 ft=1 fh=2f2dd6068126d66c vn="Win32/SuspLibLoad.B trojan" ac=I fn="X:\fs9 files oliver aug 010\fs9 Oliver aug 010 installed\flight1ATR72 setup working\ATR\Setup.exe"




Results of screen317's Security Check version 0.99.73
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials
(On Access scanning disabled!)
Error obtaining update status for antivirus!
`````````Anti-malware/Other Utilities Check:`````````
SpywareBlaster 5.0
Secunia PSI (3.0.0.7009)
TuneUp Utilities Language Pack (de-DE)
Java 7 Update 25
Adobe Flash Player 11.7.700.224
Adobe Reader XI
Mozilla Firefox (23.0.1)
Google Chrome 29.0.1547.62
Google Chrome 29.0.1547.66
Google Chrome Plugins...
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
ESET ESET Online Scanner OnlineScannerApp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

und hier noch FRSt64 +addition
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-09-2013 05
Ran by Alfred (administrator) on ALFRED-PC on 15-09-2013 20:25:23
Running from C:\Users\Alfred\Desktop\trojanerboard.de
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) F:\FSX\fsx.exe
(Flag Mountain Software) F:\FSX\Flight One Software\Ultimate Traffic 2\UT2Services.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer [x]
HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer [x]
AppInit_DLLs:  [97280 2009-07-14] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB655D88E8A01CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
URLSearchHook: (No Name) - {539F76FD-084E-4858-86D5-62F02F54AE86} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Bing
SearchScopes: HKCU - {BEC15BFA-01C6-44A5-BD78-38BF5EBE0604} URL = hxxp://ch.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: a2zLyrics-1 - {11111111-1111-1111-1111-110411151154} - C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-bho64.dll (Lyrics)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.633 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\Extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com
FF Extension: AppsHat - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
FF Extension: DownloadHelper - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: fdm_ffext - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\Extensions\fdm_ffext@freedownloadmanager.org
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f}
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{09F060FA-566D-42D7-BF79-97AB30863433}] - C:\Program Files (x86)\Steganos Privacy Suite 12\pfplugin
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 12\spmplugin3
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Yahoo) - hxxp://ch.search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=937811&p={searchTerms}
CHR DefaultSuggestURL: (Yahoo) - hxxp://de.ff.search.yahoo.com/gossip?command={searchTerms}&output=fxjson
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\google\chrome\application\22.0.1229.95\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U32) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.320.5) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Extension: (a2zLyrics-1) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0
CHR Extension: (WOT) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0
CHR Extension: (YouTube) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealDownloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S4 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)

==================== Drivers (Whitelisted) ====================

S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com)
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2010-06-06] ()
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-07-09] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-07-09] (Acronis)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-07-09] (Acronis International GmbH)
U3 a51zaryn; C:\Windows\System32\Drivers\a51zaryn.sys [0 ] (Microsoft Corporation)
U3 ali3waxe; C:\Windows\System32\Drivers\ali3waxe.sys [0 ] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz132; \??\C:\Users\Alfred\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-14 20:27 - 2013-09-15 10:25 - 00000977 _____ C:\Windows\setupact.log
2013-09-14 20:27 - 2013-09-14 20:27 - 00000000 _____ C:\Windows\setuperr.log
2013-09-14 14:19 - 2013-09-14 14:19 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shader 3 Mod for Flight Simulator X
2013-09-14 12:20 - 2013-09-14 14:06 - 00000000 _____ C:\Users\Alfred\Desktop\fsx.cfg.entries.no go..txt
2013-09-14 12:19 - 2013-09-15 20:25 - 00000000 ____D C:\Users\Alfred\Desktop\trojanerboard.de
2013-09-14 11:38 - 2013-09-14 11:38 - 00028854 _____ C:\Users\Alfred\Desktop\fsx.gauges..txt
2013-09-14 10:05 - 2013-09-14 10:05 - 00001259 _____ C:\Users\Alfred\Desktop\Mustang Pilot's Guide.lnk
2013-09-14 10:05 - 2013-09-14 10:05 - 00001230 _____ C:\Users\Alfred\Desktop\revision_history.lnk
2013-09-14 10:03 - 2013-09-14 10:03 - 00002048 _____ C:\Windows\mustang1.lic
2013-09-14 09:56 - 2013-09-14 09:56 - 00000825 _____ C:\Users\Public\Desktop\Ultimate Traffic 2.lnk
2013-09-14 09:54 - 2013-09-14 09:54 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Flight One Software
2013-09-13 18:39 - 2013-09-13 18:40 - 00000000 ____D C:\Program Files\CCleaner
2013-09-13 18:39 - 2013-09-13 18:39 - 00002774 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-13 18:39 - 2013-09-13 18:39 - 00000830 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-13 18:35 - 2013-09-13 18:36 - 00000000 ____D C:\Users\Alfred\Documents\TROJANER-BOARD.DE.13.9.013
2013-09-13 11:21 - 2013-09-13 11:22 - 00000000 ____D C:\Program Files (x86)\a2zLyrics-1
2013-09-13 11:09 - 2013-09-13 11:12 - 00000000 ____D C:\AdwCleaner
2013-09-13 10:25 - 2013-09-13 10:25 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Malwarebytes
2013-09-13 09:08 - 2013-09-13 09:08 - 00000000 ____D C:\FRST
2013-09-13 09:04 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 09:04 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 09:04 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 09:04 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 09:04 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 09:04 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 09:04 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 09:04 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-13 09:04 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-13 09:04 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-13 09:04 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 09:04 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-13 09:04 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 09:04 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-13 08:36 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-13 08:36 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-13 08:36 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-13 08:36 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-13 08:36 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-13 08:36 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-13 08:36 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-13 08:36 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-13 08:36 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-13 08:36 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-13 08:36 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-13 08:36 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-13 08:36 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-13 08:36 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-13 08:36 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-13 08:36 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-13 08:36 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-13 08:36 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-13 08:36 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-13 08:36 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-13 08:36 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-13 08:36 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-13 08:36 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-13 08:36 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-13 08:36 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-13 08:36 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-13 08:36 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-08 09:51 - 2013-09-08 09:51 - 00007816 _____ C:\Users\Alfred\Downloads\fsx.cfg
2013-09-07 10:58 - 2013-09-10 10:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-07 10:49 - 2013-09-07 10:49 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-07 10:45 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-07 10:45 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-07 10:45 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-07 10:42 - 2013-08-20 15:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-09-07 10:42 - 2013-08-20 15:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-09-07 10:42 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-09-06 17:56 - 2013-09-06 17:57 - 96972784 _____ (VIRTUALI s.a.s.                                            ) C:\Users\Alfred\Downloads\lsgg_fsx_setup.exe
2013-09-02 11:52 - 2013-09-02 11:52 - 00001348 _____ C:\Users\Alfred\Desktop\SCREENSHOTS - Verknüpfung.lnk
2013-08-24 22:12 - 2013-08-25 15:21 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\First Class Simulations
2013-08-19 10:31 - 2013-08-19 10:31 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EtendardIV Texture Pack
2013-08-18 10:00 - 2013-06-16 16:44 - 00001011 _____ C:\Users\Alfred\Desktop\BLUESKY SCENERIES - Verknüpfung.lnk
2013-08-16 11:41 - 2013-09-13 09:04 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 09:38 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-16 09:38 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-16 09:38 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-16 09:38 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-16 09:38 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-16 09:38 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-16 09:38 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-16 09:38 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-16 09:38 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-16 09:38 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-16 09:38 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-16 09:38 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-16 09:38 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-16 09:38 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-16 09:38 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-16 09:38 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

2013-09-15 20:25 - 2013-09-14 12:19 - 00000000 ____D C:\Users\Alfred\Desktop\trojanerboard.de
2013-09-15 20:25 - 2013-06-29 12:07 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Free Download Manager
2013-09-15 20:25 - 2012-06-06 19:59 - 00001210 _____ C:\Users\Alfred\d3d_antilag.log
2013-09-15 20:05 - 2012-05-31 09:11 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-15 19:50 - 2011-04-11 14:25 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-15 18:59 - 2012-10-06 20:36 - 00000000 ____D C:\Users\Alfred\Documents\Flight Simulator X-Dateien
2013-09-15 18:00 - 2012-12-02 23:05 - 00000482 _____ C:\Windows\Tasks\PC Utility Kit Registration3.job
2013-09-15 14:28 - 2010-06-01 14:17 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B9570399-0E5E-4E61-89B3-CA9D442C62AF}
2013-09-15 10:25 - 2013-09-14 20:27 - 00000977 _____ C:\Windows\setupact.log
2013-09-15 09:35 - 2013-06-16 21:19 - 01210826 _____ C:\Windows\WindowsUpdate.log
2013-09-14 22:50 - 2011-04-11 14:25 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-14 20:45 - 2010-06-13 15:57 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flight One Software
2013-09-14 20:35 - 2009-07-14 06:45 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-14 20:35 - 2009-07-14 06:45 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-14 20:27 - 2013-09-14 20:27 - 00000000 _____ C:\Windows\setuperr.log
2013-09-14 20:27 - 2013-07-18 21:21 - 00000290 _____ C:\Windows\Tasks\CheckDriveBackgroundGuard.job
2013-09-14 20:27 - 2012-07-22 22:24 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-14 20:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-14 20:27 - 2009-07-14 06:45 - 02236584 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-14 14:44 - 2009-07-14 19:58 - 00696848 _____ C:\Windows\system32\perfh007.dat
2013-09-14 14:44 - 2009-07-14 19:58 - 00148144 _____ C:\Windows\system32\perfc007.dat
2013-09-14 14:44 - 2009-07-14 07:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-14 14:19 - 2013-09-14 14:19 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shader 3 Mod for Flight Simulator X
2013-09-14 14:06 - 2013-09-14 12:20 - 00000000 _____ C:\Users\Alfred\Desktop\fsx.cfg.entries.no go..txt
2013-09-14 11:38 - 2013-09-14 11:38 - 00028854 _____ C:\Users\Alfred\Desktop\fsx.gauges..txt
2013-09-14 10:06 - 2010-06-01 13:44 - 00072048 _____ C:\Users\Alfred\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-14 10:05 - 2013-09-14 10:05 - 00001259 _____ C:\Users\Alfred\Desktop\Mustang Pilot's Guide.lnk
2013-09-14 10:05 - 2013-09-14 10:05 - 00001230 _____ C:\Users\Alfred\Desktop\revision_history.lnk
2013-09-14 10:03 - 2013-09-14 10:03 - 00002048 _____ C:\Windows\mustang1.lic
2013-09-14 09:56 - 2013-09-14 09:56 - 00000825 _____ C:\Users\Public\Desktop\Ultimate Traffic 2.lnk
2013-09-14 09:54 - 2013-09-14 09:54 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Flight One Software
2013-09-14 09:49 - 2012-08-12 14:20 - 00002048 _____ C:\Windows\f1utii.lic
2013-09-13 20:49 - 2010-09-21 16:06 - 00000000 ____D C:\Program Files (x86)\Vuze
2013-09-13 20:43 - 2013-08-01 12:01 - 00003170 _____ C:\Windows\System32\Tasks\FRAPS
2013-09-13 18:40 - 2013-09-13 18:39 - 00000000 ____D C:\Program Files\CCleaner
2013-09-13 18:40 - 2013-07-18 23:54 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-09-13 18:40 - 2010-09-21 16:07 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Azureus
2013-09-13 18:40 - 2010-06-18 11:33 - 00000000 ____D C:\Windows\Minidump
2013-09-13 18:40 - 2010-06-01 14:29 - 00000000 ____D C:\Windows\Panther
2013-09-13 18:39 - 2013-09-13 18:39 - 00002774 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-13 18:39 - 2013-09-13 18:39 - 00000830 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-13 18:36 - 2013-09-13 18:35 - 00000000 ____D C:\Users\Alfred\Documents\TROJANER-BOARD.DE.13.9.013
2013-09-13 11:22 - 2013-09-13 11:21 - 00000000 ____D C:\Program Files (x86)\a2zLyrics-1
2013-09-13 11:12 - 2013-09-13 11:09 - 00000000 ____D C:\AdwCleaner
2013-09-13 11:00 - 2011-12-20 16:17 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\MicroTorrent
2013-09-13 10:25 - 2013-09-13 10:25 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Malwarebytes
2013-09-13 09:29 - 2010-06-01 13:41 - 00000000 ___RD C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 09:29 - 2010-06-01 13:41 - 00000000 ___RD C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 09:08 - 2013-09-13 09:08 - 00000000 ____D C:\FRST
2013-09-13 09:04 - 2013-08-16 11:41 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 09:01 - 2010-06-01 14:10 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-12 22:28 - 2010-06-27 22:10 - 00000000 ____D C:\Program Files (x86)\Benchmarks
2013-09-11 09:15 - 2012-08-13 12:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-10 10:56 - 2013-09-07 10:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-10 10:54 - 2013-08-09 21:47 - 00000000 ____D C:\Users\Alfred\Downloads\Neuer Ordner
2013-09-08 09:51 - 2013-09-08 09:51 - 00007816 _____ C:\Users\Alfred\Downloads\fsx.cfg
2013-09-07 10:49 - 2013-09-07 10:49 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-07 10:49 - 2012-05-21 18:10 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-07 10:42 - 2012-07-22 22:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-07 10:31 - 2013-07-04 23:03 - 00003716 _____ C:\Users\Alfred\Desktop\FSX F.log
2013-09-06 18:14 - 2012-05-29 11:27 - 00000000 ____D C:\Windows\pss
2013-09-06 17:59 - 2010-06-02 07:20 - 00000000 ____D C:\ProgramData\eSellerate
2013-09-06 17:57 - 2013-09-06 17:56 - 96972784 _____ (VIRTUALI s.a.s.                                            ) C:\Users\Alfred\Downloads\lsgg_fsx_setup.exe
2013-09-05 23:39 - 2010-12-30 14:24 - 00000182 _____ C:\Users\Alfred\FSDreamTeam_Geneva.reg
2013-09-03 22:59 - 2013-06-16 20:38 - 00002151 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-02 11:52 - 2013-09-02 11:52 - 00001348 _____ C:\Users\Alfred\Desktop\SCREENSHOTS - Verknüpfung.lnk
2013-08-30 03:55 - 2012-12-02 23:05 - 00000446 _____ C:\Windows\Tasks\PC Utility Kit.job
2013-08-29 23:31 - 2010-06-07 11:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-28 17:44 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-25 15:21 - 2013-08-24 22:12 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\First Class Simulations
2013-08-25 14:27 - 2013-06-16 10:59 - 00001204 _____ C:\Users\Alfred\Desktop\F A V O R I T E N - Verknüpfung.lnk
2013-08-24 19:38 - 2012-11-05 15:08 - 00000000 ___RD C:\Users\Alfred\Desktop\DESKTOP icons
2013-08-24 00:04 - 2012-12-02 23:05 - 00000448 _____ C:\Windows\Tasks\PC Utility Kit Update3.job
2013-08-21 14:45 - 2012-11-05 13:19 - 00000000 ____D C:\Users\Alfred\Documents\0.PW.7.5.012
2013-08-20 16:29 - 2010-06-01 13:44 - 00007600 _____ C:\Users\Alfred\AppData\Local\resmon.resmoncfg
2013-08-20 15:33 - 2013-09-07 10:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-08-20 15:32 - 2013-09-07 10:42 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-08-20 15:32 - 2013-09-07 10:42 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-08-19 10:31 - 2013-08-19 10:31 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EtendardIV Texture Pack
2013-08-17 01:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-16 22:27 - 2012-10-14 11:57 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rikoooo Add-ons

Files to move or delete:
====================
C:\Users\Alfred\Aerosoft_FlorenceX.reg
C:\Users\Alfred\Cloud9_Xcity Rome.reg
C:\Users\Alfred\FSDreamTeam_Geneva.reg
C:\Users\Alfred\FSDreamTeam_Hawaiian Airports Volume 2.reg
C:\Users\Alfred\FSDreamTeam_Honolulu.reg
C:\Users\Alfred\FSDreamTeam_ZurichX.reg


Some content of TEMP:
====================
C:\Users\Alfred\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Alfred\AppData\Local\Temp\vgdsbfdv.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 09:46

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-09-2013 05
Ran by Alfred at 2013-09-15 20:26:01
Running from C:\Users\Alfred\Desktop\trojanerboard.de
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

1.01 (x32)
737 Captain (737-100 Exterior Model) 0.2 (x32 Version: 0.2.00)
737 Pilot in Command (HKCU)
777 Captain (777-200 Exterior Model) 0.1 (x32 Version: 0.1.00)
A2A Accu-Sim P-51 (x32)
A2A Wings of POWER 3 P-51 (x32)
a2zLyrics-1 (x32 Version: 1.28.153.3)
Accu-Feel (x32)
Acronis Drive Monitor (x32 Version: 1.0.187)
Adisutjipto scenery (x32)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Photoshop 7.0 (x32 Version: 7.0)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Aero_L39 Albatros FSX (x32)
aerofly FS (x32 Version: 1.0.9.11)
Aerosoft's - Aerosoft Launcher (x32 Version: 1.1.0.1)
aerosoft's - Approaching Innsbruck X (x32 Version: 1.20)
Aerosoft's - DHC-6 Twin Otter X (x32 Version: 1.10)
Aerosoft's - Dornier Do-27 FSX (x32 Version: 1.00)
Aerosoft's - F-16 Fighting Falcon - Mission Pack (x32 Version: 1.00)
aerosoft's - Faro X (x32 Version: 1.01)
Aerosoft's - FlorenceX (x32 Version: 1.04)
aerosoft's - German Airports 1 - Friedrichshafen (x32 Version: 1.01)
Aerosoft's - German Airports 1 - Friedrichshafen X (x32 Version: 1.01)
aerosoft's - German Airports 2 - Dortmund X (x32 Version: 1.00)
aerosoft's - German Airports 2-Hannover X (x32 Version: 1.00)
aerosoft's - German Airports 2-Leipzig X (x32 Version: 1.00)
aerosoft's - German Airports 3 - Berlin-Tegel X (x32 Version: 1.00)
aerosoft's - German Airports 3 - Bremen X (x32 Version: 1.00)
aerosoft's - German Airports 3 - Hamburg X (x32 Version: 1.00)
Aerosoft's - Hawaii Dillingham X (x32 Version: 1.00)
Aerosoft's - HUGHES H-1B SPECIAL (x32 Version: 1.00)
Aerosoft's - Keflavik X (x32 Version: 1.00)
aerosoft's - London City Airport X (x32 Version: 1.00)
aerosoft's - Lukla X - Mount Everest (x32 Version: 1.00)
aerosoft's - Madeira X (x32 Version: 1.00)
aerosoft's - Mallorca X for FSX (x32 Version: 1.00)
Aerosoft's - Manhattan X (x32 Version: 1.00)
Aerosoft's - Mega Airport Budapest (x32 Version: 1.50)
aerosoft's - Mega Airport Frankfurt X (x32 Version: 1.01)
aerosoft's - Mega Airport Lisbon X (x32 Version: 1.10)
aerosoft's - Mega Airport Madrid Barajas (x32 Version: 1.00)
aerosoft's - Mega Airport Paris CDG X (x32 Version: 1.00)
aerosoft's - Mega Airport Stockholm Arlanda (x32 Version: 1.10)
aerosoft's - Mega Airport Stockholm Arlanda X (x32 Version: 1.00)
aerosoft's - Mega Airport Zurich 2012 - FS2004 (x32 Version: 1.00)
Aerosoft's - Mega Airport Zurich 2012 - FSX (x32 Version: 1.01)
aerosoft's - Menorca X for FSX (x32 Version: 1.00)
aerosoft's - Mission Legacy 1 - FSX (x32)
Aerosoft's - MonacoX (x32 Version: 1.01)
Aerosoft's - MyTraffic 2010 (x32 Version: 6.00)
aerosoft's - Nice Cote dAzur X (x32 Version: 1.00)
Aerosoft's - PBY Catalina X (x32 Version: 1.00)
aerosoft's - Real Germany 1 - FS2004 (x32)
aerosoft's - Real Germany 3 - FS2004 (x32)
Aerosoft's - Robin DR400 X - FSX (x32)
aerosoft's - San Francisco (x32 Version: 2.00)
Aerosoft's - San Francisco X (x32 Version: 2.00)
aerosoft's - Santorini X (x32 Version: 1.00)
aerosoft's - USCitiesX - Chicago (x32 Version: 1.00)
aerosoft's - USCitiesX - Indianapolis (x32 Version: 1.00)
aerosoft's - USCitiesX - Los Angeles (x32 Version: 1.00)
aerosoft's - USCitiesX - New Orleans (x32 Version: 1.00)
aerosoft's - USCitiesX - San Francisco (x32 Version: 1.00)
aerosoft's - Venice X (x32 Version: 1.00)
Aerosoft's - VFR Germany 2 (x32 Version: 1.00)
Aerosoft's - VFR Germany 2010 West (x32 Version: 2.00)
Aerosoft's - VFR Germany 3 (x32 Version: 1.00)
Aerosoft's - VFR Germany 4 (x32 Version: 1.00)
aerosoft's - VFR London X (x32 Version: 1.00)
aerosoft's - Wonderful Madeira - FS2004 (x32)
Aeroworx Super King Air B200 (x32)
Afghanistan - Noshaq (Highest Mountains Package 004) for MSFS 2004 (x32)
Aircraft Factory F4u Corsair (x32)
AirSimmer A320 Basic Edition 1.0 (x32 Version: 1.0)
ALABEO Pitts S-2S (x32 Version: 1.00.00.00)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Atolls of Tuvalu FSX (x32)
Autogen Trees Update (x32)
B-25J "Briefing Time" for FSX (x32)
Beech B60 Duke Rip (x32)
Boeing 727-200 Advanced FSX SP2  (Version: )
Boeing B737-823 Advanced VC FSX & P3D (Version: 1)
Bonjour (Version: 3.0.0.10)
BufferChm (x32 Version: 130.0.331.000)
C90B King Air HD SERIES FSX (x32 Version: 1.00.00.00)
Captain Sim 707 All-in-One (x32 Version: 1.00)
Carenado Baron 58 FSX (x32 Version: 1.00.00.00)
Carenado C340 II FSX (x32 Version: 1.00.00.00)
Carenado F33A Bonanza (x32 Version: 1.00.00.00)
Carenado V35B Bonanza for FSX (HKCU)
CCleaner (Version: 4.05)
CLOUD9 Bergen FSX 1.01 (x32 Version: 1.01)
CLOUD9 Orlando FSX 1.01 (x32 Version: 1.01)
CLOUD9 Pisa 1.00 (x32 Version: 1.00)
CLOUD9 Xcity Rome 1.01 (x32 Version: 1.01)
CoffeeCup Free FTP (x32 Version: 4.3.2)
ConvertHelper 2.2 (x32)
CrystalDiskInfo 5.6.2 (x32 Version: 5.6.2)
D4300 (x32 Version: 130.0.365.000)
Data Lifeguard Diagnostic for Windows 1.24 (x32)
DeviceDiscovery (x32 Version: 130.0.465.000)
DiaporamaWeb (x32)
DJ_SF_03_D4300_Software_Min (x32 Version: 130.0.365.000)
Dortmund City (x32 Version: 3.0)
Eaglesoft Development Group  Citation X 2.0 FSX (HKCU)
EasyJet Fleet FSX & P3D (Version: 1)
Embraer EMB120 Brasilia V1.1 FSX & P3D (Version: 1)
ESET Online Scanner v3 (x32)
EtendardIV Texture Pack  (HKCU)
F9F Panther (x32)
Flight Méditerranée Autogen Pack v1.0 (HKCU)
Flight Simulator X (x32)
Flight Simulator X Service Pack 1 (x32)
Flight1 Citation Mustang (x32 Version: 1.02b)
FlightAlpes Nord AutogenPack (HKCU)
FlightParis AutogenPack (x32)
FlyLogic's - Altenrhein X (x32 Version: 1.00)
FlyLogic's - Bern-Belp X (x32 Version: 1.00)
FlyLogic's - Grenchen FSX (x32 Version: 1.00)
FlyLogic's - Kleinflugplätze Schweiz Teil 4 X (x32 Version: 1.00)
FlyLogic's - Lugano X (x32 Version: 1.00)
FlyLogic's - Patrouille Suisse X (x32 Version: 1.00)
FormatFactory 2.60 (x32 Version: 2.60)
Foxit Creator (x32 Version: 3,0,2,0506)
Foxit Reader (x32 Version: 4.3.0.1110)
FranceVFR FlightAlpes Sud: AutogenPack (x32)
FranceVFR FlightMeditarranee Autogen Pack v0.90 (HKCU)
Free Download Manager 3.9.2 (x32)
FRP 2004 (x32)
FS Global 2010 (x32)
FS Global Ultimate - Asia/Oceania (x32)
FS2004 Hawker Siddeley HS.748 (x32)
FS2004 Hawker Siddeley HS.748 Texture pack 1 (x32)
FS2004 Hawker Siddeley HS.748 Texture Pack 2 (x32)
FSDreamTeam Geneva FSX/P3D 1.5.2 (x32)
FSDreamTeam Hawaiian Airports Volume 2 FSX/P3D 1.4 (x32)
FSDreamTeam Honolulu International FSX/P3D 1.2 (x32)
FSFlyingSchool 2010 (x32)
fs-freeware.net Installer - Boeing 737NG 700, 800 and 900 UAL Package version 2.5 (x32 Version: 2.5)
FSTramp for FSX (x32 Version: 5.2.0)
GayaN™ Airbus A340-300 (HKCU)
GeForce Experience NvStream Client Components (Version: 0.1.87)
Gibraltar X 1.00 (x32)
Google Chrome (x32 Version: 29.0.1547.66)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.153)
GPBaseService2 (x32 Version: 130.0.371.000)
Grand Canyon - Photorealistic Scenery (x32)
Greatest Airliners: 727 (x32)
Ground Environment X Atlantic and Pacific Tropics (x32 Version: 1.0)
Ground Environment X Europe (x32)
Ground Environment X North America (x32)
Hamburg-City Scenery  (x32)
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet D4300 Printer Driver Software 13.0 Rel. 3 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Product Detection (x32 Version: 11.14.0001)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (x32 Version: 5.003.001.001)
HPDiagnosticAlert (x32 Version: 1.00.0000)
HPPhotoGadget (x32 Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000)
HPPhotosmartEssential (x32 Version: 2.04.0000)
HPProductAssistant (x32 Version: 130.0.371.000)
HPSSupply (x32 Version: 130.0.371.000)
Hurricane (HKCU)
Image Resizer Powertoy Clone for Windows (64 bit) (Version: 2.1)
Instant Scenery (x32 Version: 2.03)
IRIS Mig-29 Fulcrum K Navy FSX  (Version: )
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (x32 Version: 7.0.250)
Just Flight - 146-200 Jetliner for FSX (F:\FSX\) (x32 Version: 1.00.000)
Just Flight - 146-200 Jetliner for FSX (x32 Version: 1.00.000)
Just Flight - 737 Pilot In Command (FSX) (x32 Version: 1.00.000)
Just Flight - 757 Captain FSX (x32 Version: 1.00.000)
Just Flight - 757 Jetliner - Freemium Livery Pack 7 (x32 Version: 1.00.000)
Just Flight - 757 Jetliner Freemium (x32 Version: 1.00.000)
Just Flight - L-1011 TriStar Jetliner (x32 Version: 1.00.0000)
KCLE v1.1.2 for FSX (x32 Version: 1.1.2)
KDAL v1.1.2 for FSX (x32 Version: 1.1.2)
KLAX v1.1.2 for FSX (Version: 1.1.2)
KLGA La Guardia FSX (x32)
KMCO v1.1.2 for FSX (Version: 1.1.2)
KMEM v1.1.1 for FS9 (Version: 1.1.1)
KMEM v1.1.2 for FSX (Version: 1.1.2)
KRDU v2.1.2 for FSX (x32 Version: 2.1.2)
L-1011 Captain (1011-1 Exterior Model) 0.1 (x32 Version: 0.1.00)
La Guadeloupe (x32)
LAGO FS Falcon FS2004 version 2.00 (x32 Version: 2.00.00)
Level-D Simulations 767-300 (x32)
LFKL Brindas (HKCU)
LFLB - Chambéry Aix les Bains FSX (HKCU)
LFLP (HKCU)
LLH5X (x32)
Logitech Gaming Software 5.10 (Version: 5.10.127)
Mailsoft's - Kleinflugplätze 6 for FS2004 (x32 Version: 1.00)
Mailsoft's - Kleinflugplätze Schweiz Teil 3 (x32 Version: 1.00)
Mailsoft's - Kleinflugplätze Schweiz Teil 3 X (x32 Version: 1.00)
Mailsoft's - Kleinflugplätze Schweiz Teil 5 X (x32 Version: 1.00)
Mailsoft's - Kleinflugplätze Schweiz Teil 6 X (x32 Version: 1.00)
Mailsoft's - Sion X (x32 Version: 1.00)
Mailsoft's - Switzerland Professional (x32 Version: 1.00)
Mailsoft's - Switzerland Professional X (x32 Version: 1.00)
MarketResearch (x32 Version: 130.0.374.000)
Marshall Islands (x32)
MegaSceneryX Las Vegas (x32 Version: 1)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Flight Simulator X (x32 Version: 1.00.0000)
Microsoft Flight Simulator X (x32 Version: 10.0.60905)
Microsoft Flight Simulator X: Acceleration (x32 Version: 10.0.61637.0)
Microsoft IntelliPoint 8.0 (Version: 8.0.225.0)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MiG E-152 M (HKCU)
MiG-29 Codename: Fulcrum (HKCU)
MIRAGE F1 for FSX SP2 or Acceleration (HKCU)
Motherboard Monitor 5 (x32 Version: 5)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Mudry Cap-10 (HKCU)
Nauru International (x32 Version: 1.0.0.0)
NMG Cape Town International 2012 (FSX) (x32)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)
NVIDIA 3D Vision Treiber 320.49 (Version: 320.49)
NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA Install Application (Version: 2.1002.133.902)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 8.3.14 (Version: 8.3.14)
NVIDIA Update Components (Version: 8.3.14)
NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
oZone3D.Net FurMark v1.8.2 (x32)
PA32R SARATOGA SP FSX (x32 Version: 1.00.00.00)
Paragon Backup & Recovery™ 2012 Free (x32 Version: 90.00.0003)
PC Utility Kit (x32 Version: 3.1.5.0)
PDF Architect (x32 Version: 1.0.41.8362)
PDFCreator (x32 Version: 1.7.1)
Phuket International Airport for FSX (x32 Version: 1.0.0.0)
PIC 737 Call 1.0 (x32 Version: 1.0)
PMDG BAe JS4100 (x32 Version: 1.10.1016)
PMDG_MD11_FSX (x32 Version: 1.20.0055)
PMDGMD11X_PW_SR (x32 Version: 1.00.0000)
PMDGMD11X_PW_SR2 (x32 Version: 1.00.0000)
PNG Bush Flying (x32 Version: 1.0.0.0)
POSKY Boeing B737-900 Alaska Airlines FSX  (Version: )
POSKY Embraer ERJ 145 FSX (Version: FSX)
Project Tupolev Tu-154m for MS FS2004 (HKCU)
PSS - Boeing 757 Pro. v1.3 (x32)
QualityWings Ultimate 146 Collection FSX (x32)
QuickTime (x32 Version: 7.74.80.86)
Real Environment Xtreme (x32 Version: 1.0.2008.1128)
Real Environment Xtreme FS2004 (x32 Version: 1.0.8)
RealDownloader (x32 Version: 1.3.2)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0)
RealPlayer (x32 Version: 16.0.2)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Rennes St-Jacques (x32)
SAAB 35 Draken 3.0 (x32)
SAEZ-SVMI v1.1.2 for FSX (Version: 1.1.2)
Safari (x32 Version: 5.34.57.2)
Samui International Airport for FS2004 (x32)
SBD Dauntless FSX (HKCU)
SceneryTech Asia Landclass v1.0 (x32 Version: 1.0)
SceneryTech Indo-Pacific Landclass v1.0 (x32 Version: 1.0)
SceneryTech North America Landclass v1.4 (x32 Version: 1.4)
SceneryTech South America Landclass v1.0 (x32 Version: 1.0)
Secunia PSI (3.0.0.7009) (x32 Version: 3.0.0.7009)
Shader 3 Mod for Flight Simulator X (x32 Version: 1.5.0)
SHIELD Streaming (Version: 1.05.28)
Shop for HP Supplies (Version: 13.0)
Smart Data Recovery v4.3 (x32 Version: 4.3)
SmartWebPrinting (x32 Version: 130.0.457.000)
Soekarno-Hatta airport scenery (x32)
Sofia Airport (LBSF) v2.0 (x32)
SolutionCenter (x32 Version: 130.0.373.000)
SpywareBlaster 5.0 (x32 Version: 5.0.0)
SSD Fresh (x32 Version: 2013)
Status (x32 Version: 130.0.469.000)
SuperFortress 'Mania' - PRE-RELEASE - B-29B (x32)
Swordfish X (HKCU)
System Requirements Lab (x32)
TeamViewer 5 (x32 Version: 5.1.13999 )
Thai Creation - Nepal, Kathmandu VNKT (FSX Portover) (x32)
The Real VCBI (HKCU)
The Very Singapore (x32)
Toolbox (x32 Version: 130.0.648.000)
TrayApp (x32 Version: 130.0.422.000)
TreeX V2 (x32)
True Image 2013 (x32 Version: 16.0.6514)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3000.132)
Ultimate Terrain X - USA (HKCU)
Ultimate Traffic (x32 Version: 2)
UnloadSupport (x32 Version: 11.0.0)
Unlocker 1.9.1-x64 (Version: 1.9.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
USNN Scenery (x32)
VFR-Airfields Final Edition (x32)
VFR-Airfields Locarno (x32)
VFR-Airfields Lugano (x32)
VFR-Airfields Traffic (x32)
VirtualCloneDrive (x32)
VIRTUALI Addon ManagerX (x32)
VTBS-FSX 2010 1.00 Ver.FSX (x32)
WebReg (x32 Version: 130.0.132.017)
Wings of POWER II:  P51 Mustang (x32)
WinRAR archiver
YouTube Downloader 3.5 (x32)
YS-11 for FSX (x32 Version: 1.00.0000)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-06-26 16:33 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {12F488FC-F24C-4CE1-8179-5DBE5F671A6F} - System32\Tasks\{90B71D0C-A26D-47EA-8562-791141A2D196} => F:\FSX\ORBX\Scripts\FTXCentral\FTXCentral.exe [2011-11-28] (Orbx Simulation Systems Pty Ltd)
Task: {1E89487B-881D-4DC6-80E3-7EFAA756BCC4} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3691312484-3524702341-236613940-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {2052A713-CA8B-4CCA-ACBB-ABE8B4C88441} - System32\Tasks\PC Utility Kit => C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\pcutilitykit.exe [2012-11-29] (PC Utility Kit)
Task: {33AD978A-F621-4C3E-B37B-137ABBCA66BF} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3691312484-3524702341-236613940-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {5674B2E5-B1FF-46A0-9D89-CBEA16E9D43D} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3691312484-3524702341-236613940-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {58266234-6549-4EA8-A2CD-FDB39D35478D} - System32\Tasks\{FEAAE5CB-CC56-4C17-9BBD-90FB7BF32AE7} => E:\F gamerPC\FSX\1.FSX
Task: {5C2278E2-6A74-466E-AC92-6AEF4E3B18EF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {5EEBCB75-5D07-4331-83F3-65029E5DD7DF} - System32\Tasks\User_Feed_Synchronization-{B9570399-0E5E-4E61-89B3-CA9D442C62AF} => C:\Windows\system32\msfeedssync.exe [2013-06-18] (Microsoft Corporation)
Task: {6217D114-77D5-4C52-BFCF-DF39E8BCCE2F} - System32\Tasks\{044B2827-FF37-4CA9-9BFC-3B0AED03929C} => E:\F gamerPC\FSX\1.FSX
Task: {72DA1F02-EEC3-4E61-AD26-418FC57E8858} - System32\Tasks\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
Task: {735783D6-1E0E-46F1-B8F1-863B49821CEC} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3691312484-3524702341-236613940-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {773B68EB-B269-4A8C-AF6B-D130EBA316C5} - System32\Tasks\PC Utility Kit Update3 => C:\Program Files (x86)\Common Files\PC Utility Kit\UUS3\Update3.exe [2012-03-27] (PC Utility Kit)
Task: {82EF7FE5-2D83-415F-9A94-8CD58491B2C9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {86FC6697-C070-4564-9512-E3A611F00E67} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {8F149B57-D2EC-4C5D-AA38-A6ED0CBB580A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-29] (Adobe Systems Incorporated)
Task: {95BF34BB-3371-43EC-9D86-20EBB9EBEB00} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-06-20] (Microsoft Corporation)
Task: {9627C922-1B9B-4EFB-8C7A-919BCA5EDC0B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-20] (Microsoft Corporation)
Task: {9A9B5530-46BF-4E8E-A24E-11DE513E0FB2} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3691312484-3524702341-236613940-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {9B60C4AD-9DA0-4907-A8BF-3E8434E0A04E} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3691312484-3524702341-236613940-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {9E58AD73-E1A1-4C06-AAAD-C4C42B923B6E} - System32\Tasks\FRAPS => C:\Program Files (x86)\fraps.exe
Task: {A34A30DE-F01B-46C4-9D82-20B95A84EDDB} - System32\Tasks\{E118B320-009D-4A25-BF00-2A474247AA2E} => E:\F gamerPC\FSX\1.FSX
Task: {BC15111F-D714-47BD-922D-8A4791757D21} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BDA32272-1823-4928-9935-14BAC6A1F738} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-11] (Google Inc.)
Task: {C368B004-6099-4FFC-B091-FA1FA1E913E1} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {C9574E93-7139-4E90-A9C3-91D7BCE4D0F8} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {D098F37F-393C-4DD0-ACA2-00096CF7F8CB} - System32\Tasks\{14E8ACFB-E0CC-411A-A771-F01482F8C473} => F:\FSX\ORBX\Scripts\FTXCentral\FTXCentral.exe [2011-11-28] (Orbx Simulation Systems Pty Ltd)
Task: {D346836A-A89A-4490-B510-B9CD80208443} - System32\Tasks\PC Utility Kit Registration3 => C:\Program Files (x86)\Common Files\PC Utility Kit\UUS3\UUS3.dll [2012-03-27] (PC Utility Kit)
Task: {D4C49F25-BB96-4783-8ABC-31D510740F97} - System32\Tasks\{3E095D85-DC07-4C02-8946-1CEF64E631C6} => E:\F gamerPC\FSX\1.FSX
Task: {DECBC250-577A-461A-9463-A565B05CF49D} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2010-07-21] (Microsoft Corporation)
Task: {E5223509-5072-4856-8EE2-E3FE311DEB9D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-11] (Google Inc.)
Task: {F2779192-8E3D-4E42-A930-D60215482C55} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3691312484-3524702341-236613940-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-04-16] (RealNetworks, Inc.)
Task: {F45954D4-55FA-48AB-B79A-54E9B32C5EB4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {FA4CEEE6-F259-419A-86B4-73E36E8FA6DD} - System32\Tasks\{00EFEFE2-1944-4C07-9C49-A9C2C400669B} => E:\F gamerPC\FSX\1.FSX
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CheckDriveBackgroundGuard.job => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC Utility Kit Registration3.job => C:\Program Files (x86)\Common Files\PC Utility Kit\UUS3\UUS3.dll
Task: C:\Windows\Tasks\PC Utility Kit Update3.job => C:\Program Files (x86)\Common Files\PC Utility Kit\UUS3\Update3.exe
Task: C:\Windows\Tasks\PC Utility Kit.job => C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\pcutilitykit.exe

==================== Loaded Modules (whitelisted) =============

2013-04-09 15:43 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2009-07-14 01:37 - 2009-07-14 03:39 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Dwm.exe
2011-04-26 23:03 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\Explorer.EXE
2013-03-28 00:53 - 2013-03-28 00:53 - 02827832 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2013-03-27 22:39 - 2013-03-27 22:39 - 00021824 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\x64\ti_managers_proxy_stub.dll
2013-03-28 00:54 - 2013-03-28 00:54 - 00152384 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2010-06-06 08:11 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2011-04-19 10:00 - 2009-12-14 19:16 - 00107688 _____ (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell1.dll
2010-04-15 10:16 - 2010-04-15 10:16 - 00293696 _____ (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShl64.dll
2013-07-01 15:20 - 2013-06-21 12:23 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2009-07-14 01:57 - 2009-07-14 03:39 - 00045568 _____ (Microsoft Corporation) C:\Windows\System32\rundll32.exe
2013-06-26 20:48 - 2013-02-07 12:35 - 00546944 _____ (ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
2010-04-15 10:16 - 2010-04-15 10:16 - 00288064 _____ (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
2009-07-14 01:56 - 2009-07-14 03:39 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2007-09-26 16:09 - 2007-09-26 16:09 - 02744384 _____ (Microsoft Corp.) F:\FSX\fsx.exe
2010-04-08 02:38 - 2010-03-19 15:50 - 01692672 _____ (Flag Mountain Software) F:\FSX\Flight One Software\Ultimate Traffic 2\UT2Services.exe
2013-06-29 12:07 - 2013-03-27 10:11 - 06875136 _____ (FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
2011-04-26 23:03 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2011-12-02 08:31 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2013-09-15 20:25 - 2013-09-15 20:24 - 01951146 _____ (Farbar) C:\Users\Alfred\Desktop\trojanerboard.de\FRST64.exe
2009-07-14 01:59 - 2009-07-14 03:39 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\DllHost.exe
2013-06-26 20:48 - 2013-02-07 12:35 - 03101344 _____ (ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScanner.ocx
2013-03-28 00:53 - 2013-03-28 00:53 - 02670136 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\tishell.dll
2013-04-16 03:12 - 2013-04-16 03:12 - 00052824 _____ (RealNetworks, Inc.) C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll
2013-09-03 22:59 - 2013-09-02 22:35 - 00709584 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
2013-09-03 22:59 - 2013-09-02 22:35 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libegl.dll
2013-09-03 22:59 - 2013-09-02 22:35 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll
2013-09-03 22:59 - 2013-09-02 22:35 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
2013-09-03 22:59 - 2013-09-02 22:35 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
2013-04-16 03:11 - 2013-04-16 03:11 - 00148480 _____ (RealNetworks, Inc.) C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
2013-04-16 03:10 - 2013-04-16 03:10 - 00507536 _____ (RealDownloader) C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Common\rndlmainbrowserrecordplugin.dll
2013-04-16 03:12 - 2013-04-16 03:12 - 00060928 _____ () C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlpepperbrowserrecordhelper.dll
2013-09-03 22:59 - 2013-09-02 22:35 - 13599184 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
2013-04-16 03:11 - 2013-04-16 03:11 - 00016384 _____ (RealNetworks, Inc.) C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
2010-04-15 10:16 - 2010-04-15 10:16 - 01344832 _____ (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTCommonRes.dll
2010-04-15 10:15 - 2010-04-15 10:15 - 00026944 _____ (DT Soft Ltd.) C:\Program Files (x86)\DAEMON Tools Pro\Converter.dll
2010-03-21 00:48 - 2010-03-21 00:48 - 00292160 _____ (DT Soft Ltd.) C:\Program Files (x86)\DAEMON Tools Pro\imgengine.dll
2010-04-15 10:21 - 2010-04-15 10:21 - 02540864 _____ (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\Engine.dll
2007-10-08 17:29 - 2007-10-08 17:29 - 00514624 _____ (Microsoft Corp.) F:\FSX\language.dll
2007-09-26 16:09 - 2007-09-26 16:09 - 01289280 _____ (Microsoft Corp.) F:\FSX\API.DLL
2007-09-26 16:07 - 2007-09-26 16:07 - 00105024 _____ (Microsoft Corp.) F:\FSX\ablscpt.dll
2007-09-26 16:08 - 2007-09-26 16:08 - 00508992 _____ (Microsoft Corp.) F:\FSX\flight.dll
2007-09-26 16:08 - 2007-09-26 16:08 - 00262720 _____ (Microsoft Corp.) F:\FSX\ai_player.dll
2007-09-26 16:08 - 2007-09-26 16:08 - 00191552 _____ (Microsoft Corp.) F:\FSX\acontain.dll
2007-09-26 16:08 - 2007-09-26 16:08 - 00244288 _____ (Microsoft Corp.) F:\FSX\controls.dll
2007-10-08 17:29 - 2007-10-08 17:29 - 01550912 _____ (Microsoft Corp.) F:\FSX\fsui.dll
2007-09-26 16:08 - 2007-09-26 16:08 - 00405056 _____ (Microsoft Corp.) F:\FSX\atc.dll
2007-09-26 16:08 - 2007-09-26 16:08 - 00273472 _____ (Microsoft Corp.) F:\FSX\facilities.dll
2007-09-26 16:07 - 2007-09-26 16:07 - 00079936 _____ (Microsoft Corp.) F:\FSX\demo.dll
2007-09-26 16:09 - 2007-09-26 16:09 - 01002560 _____ (Microsoft Corp.) F:\FSX\main.dll
2007-09-26 16:09 - 2007-09-26 16:09 - 01134144 _____ (Microsoft Corp.) F:\FSX\fe.dll
2007-09-26 16:08 - 2007-09-26 16:08 - 00244288 _____ (Microsoft Corp.) F:\FSX\util.dll
2007-09-26 16:08 - 2007-09-26 16:08 - 00179776 _____ (Microsoft Corp.) F:\FSX\simprop.dll
2007-09-26 16:09 - 2007-09-26 16:09 - 00707136 _____ (Microsoft Corp.) F:\FSX\g2d.dll
2012-10-03 23:49 - 2010-03-06 17:03 - 00014336 _____ () F:\FSX\d3d9.dll
2007-09-26 16:09 - 2007-09-26 16:09 - 00903744 _____ (Microsoft Corp.) F:\FSX\g3d.dll
2007-09-26 16:08 - 2007-09-26 16:08 - 00456768 _____ (Microsoft Corp.) F:\FSX\panels.dll
2007-09-26 16:09 - 2007-09-26 16:09 - 00824384 _____ (Microsoft Corp.) F:\FSX\multiplayer.dll
2007-09-26 16:09 - 2007-09-26 16:09 - 00880704 _____ (Microsoft Corp.) F:\FSX\ui.dll
2007-09-26 16:08 - 2007-09-26 16:08 - 00198208 _____ (Microsoft Corp.) F:\FSX\sound.dll
2007-09-26 16:09 - 2007-09-26 16:09 - 00889408 _____ (Microsoft Corp.) F:\FSX\sim1.dll
2007-09-26 16:07 - 2007-09-26 16:07 - 00042560 _____ (Microsoft Corp.) F:\FSX\simscheduler.dll
2007-09-26 16:08 - 2007-09-26 16:08 - 00203840 _____ (Microsoft Corp.) F:\FSX\visualfx.dll
2007-09-26 16:08 - 2007-09-26 16:08 - 00180800 _____ (Microsoft Corp.) F:\FSX\window.dll
2007-09-26 16:09 - 2007-09-26 16:09 - 00906816 _____ (Microsoft Corp.) F:\FSX\terrain.dll
2007-09-26 16:08 - 2007-09-26 16:08 - 00330304 _____ (Microsoft Corp.) F:\FSX\weather.dll
2007-10-08 17:29 - 2007-10-08 17:29 - 00188992 _____ (Microsoft Corp.) F:\FSX\symmap.dll
2007-09-26 16:09 - 2007-09-26 16:09 - 00689216 _____ (Microsoft Corporation) F:\FSX\xuipc.dll
2007-09-26 16:07 - 2007-09-26 16:07 - 00130624 _____ (Microsoft Corp.) F:\FSX\livingwater.dll
2007-09-26 16:07 - 2007-09-26 16:07 - 00089664 _____ (Microsoft Corp.) F:\FSX\fs-traffic.dll
2007-09-26 16:07 - 2007-09-26 16:07 - 00137280 _____ (Microsoft Corp.) F:\FSX\gps.dll
2009-07-14 02:18 - 2009-07-14 03:38 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\msadp32.acm
2011-04-20 00:47 - 2011-04-20 00:47 - 00616448 _____ () F:\FSX\SimObjects\Airplanes\CS_B777-200\panel\CaptainSim.x777.sys.GAU
2007-09-26 16:09 - 2007-09-26 16:09 - 04363840 _____ (Microsoft Corp.) F:\FSX\GAUGES\BoeingGeneric.DLL
2007-09-26 16:07 - 2007-09-26 16:07 - 00123456 _____ (Microsoft Corp.) F:\FSX\GAUGES\Magnetic_Compass.DLL
2010-04-08 02:38 - 2008-09-14 18:48 - 00343552 _____ () F:\FSX\Flight One Software\Ultimate Traffic 2\utii.dll
2010-04-08 02:38 - 2009-07-27 00:26 - 00886272 _____ () F:\FSX\Flight One Software\Ultimate Traffic 2\System.Data.SQLite.dll
2013-06-29 12:07 - 2013-03-11 12:35 - 00144896 _____ (FreeDownloadManager.org) C:\Program Files (x86)\Google\Chrome\Application\plugins\npfdm.dll
2013-06-29 12:07 - 2013-01-11 03:22 - 03547136 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
2013-03-27 22:36 - 2013-03-27 22:36 - 00726360 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy.dll
2013-03-27 22:36 - 2013-03-27 22:36 - 00021312 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:74603393
AlternateDataStreams: C:\ProgramData\TEMP:A1D5C6AA
AlternateDataStreams: C:\ProgramData\TEMP:F98C6604


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/15/2013 07:00:13 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "K:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (09/15/2013 06:55:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/15/2013 06:54:34 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/15/2013 06:29:53 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/15/2013 06:29:53 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/14/2013 11:39:28 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/14/2013 11:39:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/14/2013 11:38:12 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: fsx.exe, Version: 10.0.61637.0, Zeitstempel: 0x46fadb14
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x12e4
Startzeit der fehlerhaften Anwendung: 0xfsx.exe0
Pfad der fehlerhaften Anwendung: fsx.exe1
Pfad des fehlerhaften Moduls: fsx.exe2
Berichtskennung: fsx.exe3

Error: (09/14/2013 06:28:13 PM) (Source: Application Hang) (User: )
Description: Programm fsx.exe, Version 10.0.61637.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 15a0

Startzeit: 01ceb1667ed8d014

Endzeit: 80

Anwendungspfad: F:\FSX\fsx.exe

Berichts-ID: 9ab54203-1d5a-11e3-91b9-00241dc7db61

Error: (09/14/2013 06:11:54 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: fsx.exe, Version: 10.0.61637.0, Zeitstempel: 0x46fadb14
Name des fehlerhaften Moduls: uiautomationcore.dll, Version: 7.0.0.0, Zeitstempel: 0x4a5bdb1d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000e52a
ID des fehlerhaften Prozesses: 0xf30
Startzeit der fehlerhaften Anwendung: 0xfsx.exe0
Pfad der fehlerhaften Anwendung: fsx.exe1
Pfad des fehlerhaften Moduls: fsx.exe2
Berichtskennung: fsx.exe3


System errors:
=============
Error: (09/15/2013 00:28:08 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (09/14/2013 08:28:09 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mbmiodrvr

Error: (09/14/2013 08:27:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Gemeinsame Nutzung der Internetverbindung" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (09/14/2013 08:27:45 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (09/14/2013 08:28:12 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR5 gefunden.

Error: (09/14/2013 08:28:11 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR5 gefunden.

Error: (09/14/2013 08:28:10 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR5 gefunden.

Error: (09/14/2013 08:14:00 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
mbmiodrvr

Error: (09/14/2013 08:13:38 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Gemeinsame Nutzung der Internetverbindung" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (09/14/2013 08:13:37 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058


Microsoft Office Sessions:
=========================
Error: (09/15/2013 07:00:13 PM) (Source: Windows Backup)(User: )
Description: K:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (09/15/2013 06:55:44 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Alfred\Desktop\trojanerboard.de\esetsmartinstaller_enu.exe

Error: (09/15/2013 06:54:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (09/15/2013 06:29:53 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Alfred\Desktop\Neuer Ordner\esetsmartinstaller_enu.exe

Error: (09/15/2013 06:29:53 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Alfred\Desktop\Neuer Ordner\esetsmartinstaller_enu.exe

Error: (09/14/2013 11:39:28 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Alfred\Desktop\esetsmartinstaller_enu.exe

Error: (09/14/2013 11:39:21 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Alfred\Desktop\esetsmartinstaller_enu.exe

Error: (09/14/2013 11:38:12 PM) (Source: Application Error)(User: )
Description: fsx.exe10.0.61637.046fadb14unknown0.0.0.000000000c00000050000000012e401ceb17baa028182F:\FSX\fsx.exeunknownf3f56bb6-1d85-11e3-aa6e-00241dc7db61

Error: (09/14/2013 06:28:13 PM) (Source: Application Hang)(User: )
Description: fsx.exe10.0.61637.015a001ceb1667ed8d01480F:\FSX\fsx.exe9ab54203-1d5a-11e3-91b9-00241dc7db61

Error: (09/14/2013 06:11:54 PM) (Source: Application Error)(User: )
Description: fsx.exe10.0.61637.046fadb14uiautomationcore.dll7.0.0.04a5bdb1dc00000050000e52af3001ceb14535f22bf2F:\FSX\fsx.exeC:\Windows\system32\uiautomationcore.dll5e914613-1d58-11e3-91b9-00241dc7db61


CodeIntegrity Errors:
===================================
  Date: 2013-09-14 20:26:29.262
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-14 20:26:29.153
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-14 08:12:41.307
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-14 08:12:41.182
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-13 18:33:09.260
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-13 18:33:09.136
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-13 11:14:30.310
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-13 11:14:30.201
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-13 11:03:52.950
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-13 11:03:52.841
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 74%
Total physical RAM: 6141.49 MB
Available physical RAM: 1584.03 MB
Total Pagefile: 12281.17 MB
Available Pagefile: 8073.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Volume) (Fixed) (Total:97.66 GB) (Free:6.54 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:488.28 GB) (Free:90.18 GB) NTFS
Drive e: (Volume) (Fixed) (Total:811.32 GB) (Free:67.62 GB) NTFS
Drive f: (Volume) (Fixed) (Total:119.24 GB) (Free:7.06 GB) NTFS
Drive i: () (Removable) (Total:7.47 GB) (Free:6.6 GB) FAT32
Drive r: () (Removable) (Total:14.91 GB) (Free:1.95 GB) FAT32
Drive t: () (Removable) (Total:3.74 GB) (Free:0.35 GB) FAT32
Drive x: (Volume) (Fixed) (Total:1397.26 GB) (Free:400.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 119 GB) (Disk ID: 7007A0F9)
Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 63C4BC07)
Partition 1: (Not Active) - (Size=-698723860480) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 4BD0ABA5)
Partition 1: (Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=811 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7 GB) - (Type=0C)

========================================================
Disk: 4 (Size: 4 GB) (Disk ID: 7BF4F763)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)

========================================================
Disk: 5 (Size: 15 GB) (Disk ID: 6E652072)
No partition Table on disk 5.

==================== End Of Log ============================
--- --- ---

Letzte Bemerkungen:
1. der PC läuft nun merklich besser. Allerdings habe ich auch inzwischen einige unnötige Programme desinstalliert, von denen ich annehmen musste, sie bremsen den PC, ebenso habe ich im Flugsimulator intern einige Aenderungen vorgenommen, sodass die frame rates jetzt besser ausfallen.
Noch eine Anmerkung: Was mir auffällt, sind zahlreiche, enorm nervige
popups (alle in zusammenhang mit scannen des PCs zwecks leistungssteigerung auf der Trojaner-board.de website, sowie auf den websites, von denen die obigen Programme herunterzuladen sind.

Jetzt warte ich noch auf Deine Schlussbemerkungen
Herzlichen Dank für alles und Gruss

Anatol

schrauber 16.09.2013 09:52
n welchem Browser hast du die?

suvannapum56 16.09.2013 10:36
Hallo Schrauber,
Wenn ich Dich richtig verstehe, fragst nach der Herkunft der popups , nicht wahr? Wenn ja, eben keine. Ahnung, aber sie sind kein Thema mehr, da ich sie mit den Aktionen Deiner angegeben Reimigungsprogramme habe rausschmeissen können.
Gruss und vielen Dank
Alfred

schrauber 16.09.2013 18:48
Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:34 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131