Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools"

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.12.2014, 13:12   #1
thesaint225
 
Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools" - Standard

Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools"



Hallo liebes Trojaner Board Team.

Gestern Abend lief der gute Rechner noch ohne Probleme, heute Plötzlich sehr langsames Ansprechen auf alle Befehle, einige Programme Startern gar nicht erst. MBAM verharrt Regungslos in der Taskleiste. Per Emsisoft hatte ich dann die oben genannten Trojaner? gefunden.
Los werde ich die Plagegeister, trotz einiger Versuche aber nichtmehr, deswegen bitte ich um eure Hilfe.

Anbei noch je die Addition.txt und die FRST.txt


Vielen Dank im voraus!!

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2014
Ran by Danny at 2014-12-05 14:07:52
Running from C:\Users\Danny\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Free Antivirus (Enabled - Up to date) {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
AS: Panda Free Antivirus (Enabled - Up to date) {8F3797EF-DB90-F073-3C72-40C753554CD1}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{BCFB58FF-181E-472F-A9DB-827B75C1EDF7}) (Version: 12.0.4.144 - Adobe Systems, Inc)
aerosoft's - German Airports 3 - Berlin-Tegel X (HKLM-x32\...\{3DAD565E-1275-4EE8-9568-932CB7B75FB8}) (Version: 1.00 - aerosoft)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.6 - Sereby Corporation)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq2414) (Version:  - Canon Inc.)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
FormatFactory 3.3.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.1.0 - Format Factory)
FSDreamTeam GSX FSX (HKLM-x32\...\FSDreamTeam GSX FSX_is1) (Version: 1.8.4 - VIRTUALI s.a.s.)
Ground Environment X Europe (HKLM-x32\...\Ground Environment X Europe) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Juniper Networks Setup Client (HKU\S-1-5-21-1203117988-4294000735-3354723111-1000\...\Juniper_Setup_Client) (Version: 8.0.4.47117 - Juniper Networks)
Junos Pulse 5.0 (HKLM-x32\...\Junos Pulse 5.0) (Version: 5.0.47117 - Juniper Networks, Inc.)
Junos Pulse Core Components (x32 Version: 5.0.47117 - Juniper Networks) Hidden
Junos Pulse Drivers Add-On (Version: 5.0.47117 - Juniper Networks) Hidden
Junos Pulse Host Checker Plugin Add-On (x32 Version: 5.0.47117 - Juniper Networks) Hidden
Junos Pulse Tunnel Manager Add-On (x32 Version: 5.0.47117 - Juniper Networks) Hidden
Junos Pulse UAC/NC Components (x32 Version: 5.0.47117 - Juniper Networks) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60830 (HKLM-x32\...\{c7ed0d4c-89c5-47fc-9e89-1088affe63f3}) (Version: 11.0.60830.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60830 (HKLM-x32\...\{9dba0447-b749-41ea-90bc-2aa19a9eb580}) (Version: 11.0.60830.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Online Plug-in (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.03 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.00.01.0000 - Panda Security)
Panda Free Antivirus (Version: 7.23.00.0000 - Panda Security) Hidden
PDF-XChange Editor (HKLM-x32\...\{87738bc6-bdf0-4e55-86b5-32ddece8f51d}) (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python 2.7.8 (64-bit) (HKLM\...\{61121B12-88BD-4261-A6EE-AB32610A56De}) (Version: 2.7.8150 - Python Software Foundation)
Real Environment Xtreme Essential (HKLM-x32\...\{DBDF2E37-701F-416F-92F6-1A239C666AA3}) (Version: 3.0.2012.0522 - REX Game Studios, LLC.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
Samsung CLP-360 Series (HKLM-x32\...\Samsung CLP-360 Series) (Version: 1.10 (25.06.2013) - Samsung Electronics Co., Ltd.)
Self-Service Plug-in (x32 Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SkyMaxx Pro (HKLM-x32\...\SkyMaxx Pro 2.1) (Version: 2.1 - X-Aviation)
StarMoney (x32 Version: 3.0.0.124 - StarFinanz) Hidden
SteveFX DX10 Scenery Fixer (HKLM-x32\...\DX10SceneryFixer) (Version:  - )
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TS-Noise version 1.0.0.4 (HKLM-x32\...\{95F8797E-AA88-4DB2-B8C6-D57902B4F372}_is1) (Version: 1.0.0.4 - Froom)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
VC8 CRT (Version: 8.0.50727.762 - Juniper Networks) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Wise Care 365 version 2.45 (HKLM-x32\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 2.45 - WiseCleaner.com, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

05-12-2014 12:46:35 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-03 17:00 - 00000027 ___AC C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {C4CDF048-BB49-4D45-9500-A61A6CB3E0A8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-03] (Adobe Systems Incorporated)
Task: {CC02857A-29B2-48D9-B108-1406B1BC99F1} - System32\Tasks\Wise Turbo Checker => D:\Wise\Wise Care 365\WiseTurbo.exe [2013-05-13] (WiseCleaner.COM)
Task: {E965D363-E00C-4C60-9A1B-54EDE5ED8887} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => D:\Wise\Wise Care 365\WiseTurbo.exe

==================== Loaded Modules (whitelisted) =============

2014-11-04 16:20 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-28 11:13 - 2006-02-23 11:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2014-03-28 11:13 - 2006-02-22 10:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2013-11-30 16:40 - 2013-05-15 07:30 - 00034304 _____ () C:\Windows\System32\sst6clm.dll
2013-11-29 18:52 - 2010-06-03 13:36 - 00053248 _____ () C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () D:\Panda Security\Panda Security Protection\SQLite3.dll
2014-10-17 18:47 - 2014-10-17 18:47 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\712c383e9837b8c37b3107f22be9455c\PSIClient.ni.dll
2014-01-04 18:52 - 2013-09-16 20:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-11-11 12:07 - 2014-11-11 12:07 - 03649648 _____ () D:\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:74603393

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupreg: BCSSync => "D:\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CitrixReceiver => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: D-Link D-Link Wireless N DWA-140 => C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: JunosPulse => C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe -tray
MSCONFIG\startupreg: Redirector => "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-1203117988-4294000735-3354723111-500 - Administrator - Disabled)
Danny (S-1-5-21-1203117988-4294000735-3354723111-1000 - Administrator - Enabled) => C:\Users\Danny
Guest (S-1-5-21-1203117988-4294000735-3354723111-501 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/05/2014 01:56:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 3.12.2014.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 135c

Startzeit: 01d0108ac1f51281

Endzeit: 16

Anwendungspfad: C:\Users\Danny\Downloads\FRST64.exe

Berichts-ID: 176cfebf-7c7e-11e4-bba3-bc5ff4534218


System errors:
=============
Error: (12/05/2014 02:07:57 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (12/05/2014 02:07:57 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (12/05/2014 02:07:57 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (12/05/2014 02:07:57 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (12/05/2014 02:07:57 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (12/05/2014 02:07:57 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (12/05/2014 02:07:57 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (12/05/2014 02:07:57 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (12/05/2014 02:07:57 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (12/05/2014 02:07:57 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.


Microsoft Office Sessions:
=========================
Error: (12/05/2014 01:56:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe3.12.2014.0135c01d0108ac1f5128116C:\Users\Danny\Downloads\FRST64.exe176cfebf-7c7e-11e4-bba3-bc5ff4534218


CodeIntegrity Errors:
===================================
  Date: 2014-11-10 10:50:42.952
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\FreshDevices\FreshDiagnose\FreshIO.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-10 10:50:42.924
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\FreshDevices\FreshDiagnose\FreshIO.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-17 16:12:30.097
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-17 16:12:30.066
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 24%
Total physical RAM: 8080.79 MB
Available physical RAM: 6111.32 MB
Total Pagefile: 8078.97 MB
Available Pagefile: 5882.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows 7) (Fixed) (Total:45.02 GB) (Free:12.92 GB) NTFS
Drive d: (Anwendungen) (Fixed) (Total:9.86 GB) (Free:7.72 GB) NTFS
Drive e: (Games) (Fixed) (Total:74.12 GB) (Free:38.66 GB) NTFS
Drive f: (Daten I) (Fixed) (Total:90.12 GB) (Free:64.93 GB) NTFS
Drive g: (Daten II) (Fixed) (Total:90.12 GB) (Free:60.35 GB) NTFS
         
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014
Ran by Danny (administrator) on DANNY-PC on 05-12-2014 14:08:28
Running from C:\Users\Danny\Downloads
Loaded Profile: Danny (Available profiles: Danny)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Englisch (USA)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Panda Security, S.L.) D:\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) D:\Panda Security\Panda Security Protection\PSUAService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Panda Security, S.L.) D:\Panda Security\Panda Security Protection\PSUAMain.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) D:\Mozilla Firefox\firefox.exe
(Emsisoft GmbH) C:\EEK\bin\a2emergencykit.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [PSUAMain] => D:\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-07-24] (Panda Security, S.L.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1203117988-4294000735-3354723111-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1203117988-4294000735-3354723111-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1203117988-4294000735-3354723111-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4BE48BA1-BD85-438A-8C34-904AEFF55E29}: [NameServer] 172.28.64.1,172.28.64.2

FireFox:
========
FF ProfilePath: C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\6l2p3kmq.default
FF SearchEngineOrder.1: SuchMaschine
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> d:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> d:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> d:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> d:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1203117988-4294000735-3354723111-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\6l2p3kmq.default\searchplugins\search_engine.xml
FF Extension: FireShot - C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\6l2p3kmq.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2014-11-08]
FF Extension: DownloadHelper - C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\6l2p3kmq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF StartMenuInternet: FIREFOX.EXE - D:\Mozilla Firefox\firefox.exe

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 D-Link Wireless N DWA-140_WPS; C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [53248 2010-06-03] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Microsoft SharePoint Workspace Audit Service; D:\Microsoft Office\Office14\GROOVE.EXE [50942144 2013-12-19] (Microsoft Corporation)
R2 NanoServiceMain; D:\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-07-24] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-07-23] (Panda Security, S.L.)
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-01] ()
R2 PSUAService; D:\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-07-24] (Panda Security, S.L.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 A2DDA; C:\EEK\BIN\a2ddax64.sys [26176 2014-12-05] (Emsisoft GmbH)
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2013-07-05] (Advanced Micro Devices) [File not signed]
R3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-12-05] (Emsisoft GmbH)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R1 jnprns; C:\Windows\System32\DRIVERS\jnprns.sys [506160 2014-04-04] (Juniper Networks)
S4 jnprTdi_804_47117; C:\Windows\system32\Drivers\jnprTdi_804_47117.sys [108344 2014-06-06] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\System32\DRIVERS\jnprva.sys [30072 2013-10-12] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\System32\DRIVERS\jnprvamgr.sys [45352 2013-10-12] (Juniper Networks, Inc.)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-10-01] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [46336 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-07-24] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [120352 2014-07-24] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-07-24] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
R3 STTub203; C:\Windows\System32\Drivers\STTub203.sys [33280 2007-05-02] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]
S3 FreshIO; \??\D:\FreshDevices\FreshDiagnose\FreshIO.sys [X]
S3 JNPRNA; system32\DRIVERS\jnprna6.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-05 14:07 - 2014-12-05 14:08 - 00017481 ____C () C:\Users\Danny\Downloads\FRST.txt
2014-12-05 14:07 - 2014-12-05 14:08 - 00000000 ___DC () C:\FRST
2014-12-05 14:07 - 2014-12-05 14:07 - 02117632 ____C (Farbar) C:\Users\Danny\Downloads\FRST64.exe
2014-12-05 14:07 - 2014-12-05 14:07 - 00023003 ____C () C:\Users\Danny\Downloads\Addition.txt
2014-12-05 13:53 - 2014-12-05 13:53 - 00000000 _SHDC () C:\Users\Danny\AppData\Local\EmieBrowserModeList
2014-12-05 13:21 - 2014-12-05 14:02 - 00000000 ___DC () C:\EEK
2014-12-05 13:21 - 2014-12-05 13:21 - 00000752 ____C () C:\Users\Danny\Desktop\Start Emsisoft Emergency Kit.lnk
2014-12-05 13:18 - 2014-03-25 14:15 - 00060400 ____C (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2014-12-05 12:18 - 2014-12-05 12:20 - 164316704 ____C () C:\Users\Danny\Downloads\EmsisoftEmergencyKit.exe
2014-12-05 12:05 - 2014-12-05 12:05 - 00000000 ___DC () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-05 12:03 - 2014-12-05 12:03 - 00000000 ___DC () C:\Program Files (x86)\ESET
2014-12-05 12:01 - 2014-12-05 13:53 - 00129752 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-05 12:01 - 2014-12-05 12:05 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-05 12:00 - 2014-12-05 12:00 - 20447072 ____C (Malwarebytes Corporation ) C:\Users\Danny\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-05 12:00 - 2014-12-05 12:00 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2014-12-05 12:00 - 2014-10-01 11:11 - 00093400 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-05 12:00 - 2014-10-01 11:11 - 00063704 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-05 12:00 - 2014-10-01 11:11 - 00025816 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-04 19:38 - 2014-12-05 13:57 - 00215336 ____C () C:\Windows\WindowsUpdate.log
2014-12-04 19:36 - 2014-12-05 13:54 - 00000560 ____C () C:\Windows\setupact.log
2014-12-04 19:36 - 2014-12-04 19:36 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2014-12-04 19:36 - 2014-12-04 19:36 - 00000000 ____C () C:\Windows\setuperr.log
2014-12-04 19:35 - 2014-12-05 13:18 - 00007122 ____C () C:\Windows\PFRO.log
2014-12-04 18:20 - 2014-11-13 01:20 - 31893136 ____C (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 24557712 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 20922512 ____C (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 19966344 ____C (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 17259664 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 16884632 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 14032984 ____C (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 13944952 ____C (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 13213512 ____C (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-04 18:20 - 2014-11-13 01:20 - 11397744 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 11336432 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 04292416 ____C (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 04011208 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 02874456 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 01876296 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 01540424 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00964928 ____C (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00935240 ____C (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00923792 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00900928 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00871648 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00500880 ____C (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00418112 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00393024 ____C (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00352016 ____C (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00348304 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00303600 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00174856 ____C (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00156840 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-04 18:20 - 2014-10-03 20:23 - 00038216 ____C (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-04 18:20 - 2014-10-03 20:23 - 00035144 ____C (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-12-04 18:20 - 2014-10-03 20:23 - 00032584 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-04 12:02 - 2014-12-04 12:20 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\DiskSpaceFan
2014-12-03 11:28 - 2014-12-03 11:28 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkyMaxx Pro
2014-11-19 20:18 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 20:18 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 20:18 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 20:18 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-15 19:43 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-15 19:43 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-15 19:43 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-15 19:43 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-15 19:43 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-15 19:43 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-15 19:43 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-15 19:43 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-15 19:43 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-15 19:43 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-15 19:43 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-15 19:43 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-15 19:43 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-15 19:43 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-15 19:43 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-15 19:43 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-15 19:43 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-15 19:43 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-15 19:43 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-15 19:43 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-15 19:43 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-15 19:43 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-15 19:43 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-15 19:43 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-15 19:43 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-15 19:43 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-15 19:43 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-15 19:43 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-15 19:43 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-15 19:43 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-15 19:43 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-15 19:43 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-15 19:43 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-15 19:43 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-15 19:43 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-15 19:43 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-15 19:43 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-15 19:43 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-15 19:43 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-15 19:43 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-15 19:43 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-15 19:43 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-15 19:43 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-15 19:43 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-15 19:43 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-15 19:43 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-15 19:43 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-15 19:43 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-15 19:43 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-15 19:43 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-15 19:43 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-15 19:43 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-15 19:43 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-15 19:43 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-15 19:43 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-15 19:43 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-15 19:43 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-15 19:43 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-15 19:43 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-15 19:43 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-15 19:43 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-15 19:43 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-15 19:43 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-15 19:43 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-15 19:43 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-15 19:43 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-15 19:43 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-15 19:43 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-15 19:42 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-15 19:42 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-15 19:42 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-15 19:42 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-15 19:42 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-15 19:42 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-15 19:42 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-15 19:42 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-15 19:42 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-15 19:42 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-15 19:42 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-15 19:42 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-15 19:42 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-15 19:42 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-15 19:42 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-15 19:42 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-15 19:42 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-15 19:42 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-15 19:42 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-15 19:42 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-15 19:42 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 12:53 - 2014-11-12 12:53 - 00000000 ___DC () C:\Users\Danny\AppData\Local\Froom
2014-11-11 20:09 - 2014-12-04 18:28 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X-Plane Python Interface
2014-11-11 12:03 - 2014-11-04 01:04 - 01876296 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispco6434465.dll
2014-11-11 12:03 - 2014-11-04 01:04 - 01539272 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434465.dll
2014-11-11 10:32 - 2014-11-11 10:32 - 00000000 ___DC () C:\ProgramData\Licenses
2014-11-11 10:23 - 2014-11-11 10:35 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\Virtuali
2014-11-11 10:23 - 2014-11-11 10:23 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FsDreamTeam
2014-11-11 10:22 - 2014-11-11 10:33 - 00000000 ___DC () C:\ProgramData\Virtuali
2014-11-11 10:22 - 2014-11-11 10:22 - 00000000 ___DC () C:\ProgramData\Esellerate
2014-11-10 19:03 - 2014-11-12 13:43 - 00009749 ____C () C:\AEMODULE.LOG
2014-11-10 18:53 - 2014-11-10 18:53 - 00000000 ___DC () C:\Users\Danny\AppData\Local\World_of_AI
2014-11-10 18:41 - 2014-11-10 18:41 - 00000000 ___DC () C:\Users\Danny\AppData\Local\Flight1 Software
2014-11-10 18:37 - 2014-11-10 18:37 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flight One Software
2014-11-10 18:34 - 2014-11-10 18:34 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shockwave 3D Lights Redux
2014-11-10 18:34 - 2014-11-10 18:34 - 00000000 ___DC () C:\Program Files (x86)\Shockwave 3D Lights Redux
2014-11-10 17:22 - 2014-11-10 17:27 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REX Essential
2014-11-10 16:30 - 2014-11-10 18:37 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flight One Software
2014-11-10 14:55 - 2014-11-10 15:45 - 00000000 ___DC () C:\Program Files (x86)\DX10SceneryFixer
2014-11-10 14:55 - 2014-11-10 14:56 - 00000000 ___DC () C:\Users\Public\Documents\DX10SceneryFixer
2014-11-10 14:55 - 2014-11-10 14:55 - 00000000 ___DC () C:\Users\Danny\AppData\Local\DX10SceneryFixer
2014-11-10 14:55 - 2014-11-10 14:55 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteveFX
2014-11-10 14:55 - 2014-11-10 14:55 - 00000000 ___DC () C:\ProgramData\DX10SceneryFixer
2014-11-10 14:54 - 2014-11-10 14:54 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlyTampa
2014-11-10 14:13 - 2014-11-10 14:13 - 00000000 ___DC () C:\ProgramData\FLEXnet
2014-11-10 14:08 - 2014-11-10 14:08 - 00000000 ___DC () C:\Users\Danny\Documents\Flight Simulator X Files
2014-11-10 14:06 - 2014-11-10 14:06 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMDG Simulations
2014-11-10 13:18 - 2014-11-12 13:57 - 00000000 ___DC () C:\Users\Danny\Documents\Flight Simulator X-Dateien
2014-11-10 11:53 - 2014-11-10 11:53 - 00000000 ___DC () C:\Windows\PCHEALTH

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-05 14:01 - 2009-07-14 05:45 - 00023408 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-05 14:01 - 2009-07-14 05:45 - 00023408 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-05 13:58 - 2013-11-29 19:02 - 00712410 ____C () C:\Windows\system32\perfh007.dat
2014-12-05 13:58 - 2013-11-29 19:02 - 00155566 ____C () C:\Windows\system32\perfc007.dat
2014-12-05 13:58 - 2009-07-14 06:13 - 01661812 ____C () C:\Windows\system32\PerfStringBackup.INI
2014-12-05 13:54 - 2009-07-14 06:08 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT
2014-12-05 13:15 - 2013-12-24 18:11 - 00000884 ____C () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-05 13:13 - 2009-07-14 03:34 - 00000215 ____C () C:\Windows\system.ini
2014-12-05 13:12 - 2013-12-24 17:33 - 00000000 ___DC () C:\ProgramData\TEMP
2014-12-04 22:50 - 2013-12-02 19:29 - 00000073 ____C () C:\Users\Danny\AppData\Local\X-Plane_drm.prf
2014-12-04 19:35 - 2014-08-01 10:56 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-04 19:35 - 2013-11-29 20:51 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\Wise Care 365
2014-12-04 18:21 - 2014-11-04 16:20 - 00000000 ___DC () C:\ProgramData\NVIDIA
2014-12-04 18:21 - 2014-09-20 10:51 - 00000000 ___DC () C:\Temp
2014-12-04 18:20 - 2013-12-02 19:27 - 00000080 ____C () C:\Users\Danny\AppData\Local\X-Plane Installer.prf
2014-12-04 12:21 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-04 12:06 - 2014-06-04 17:10 - 00000000 ___DC () C:\Program Files (x86)\Java
2014-12-04 12:06 - 2013-11-29 20:58 - 00000000 ___DC () C:\ProgramData\Oracle
2014-12-04 12:05 - 2014-08-01 10:56 - 00098216 ____C (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-04 11:52 - 2013-11-29 17:26 - 00000000 ___DC () C:\Users\Danny
2014-12-03 11:24 - 2014-09-13 15:08 - 00003822 ____C () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-03 11:24 - 2013-11-29 20:58 - 00701104 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-03 11:24 - 2013-11-29 20:58 - 00071344 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-30 19:36 - 2013-12-02 18:23 - 00000072 ____C () C:\Users\Public\LMDebug.log
2014-11-24 19:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-19 19:59 - 2013-11-29 17:54 - 00088208 ____C () C:\Users\Danny\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-19 19:59 - 2009-07-14 05:45 - 00393072 ____C () C:\Windows\system32\FNTCACHE.DAT
2014-11-19 19:58 - 2014-05-30 10:10 - 00000000 __SDC () C:\Windows\system32\CompatTel
2014-11-15 19:59 - 2013-11-29 20:47 - 00000000 ___DC () C:\ProgramData\Microsoft Help
2014-11-15 19:58 - 2013-11-29 20:18 - 00000000 ___DC () C:\Windows\system32\MRT
2014-11-15 19:56 - 2013-11-29 20:18 - 103374192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-13 01:20 - 2014-11-04 16:19 - 20986592 ____C (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-11-13 01:20 - 2014-11-04 16:19 - 18514616 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-13 01:20 - 2014-11-04 16:19 - 03262784 ____C (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-13 01:20 - 2014-11-04 16:19 - 00989056 ____C (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-11-13 01:20 - 2014-11-04 16:19 - 00027094 ____C () C:\Windows\system32\nvinfo.pb
2014-11-12 22:56 - 2014-11-04 16:20 - 06897352 ____C (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-12 22:56 - 2014-11-04 16:20 - 03534152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-12 22:56 - 2014-11-04 16:20 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-11-12 22:56 - 2014-11-04 16:20 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-12 22:56 - 2014-11-04 16:20 - 00386368 ____C (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-12 22:56 - 2014-11-04 16:20 - 00062608 ____C (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-12 17:00 - 2014-09-03 16:39 - 00000322 ____C () C:\Windows\Tasks\Wise Turbo Checker.job
2014-11-12 13:24 - 2014-01-10 18:06 - 00000000 ___DC () C:\Users\Danny\AppData\Local\CrashDumps
2014-11-12 12:57 - 2013-12-11 19:38 - 00000261 ____C () C:\Users\Danny\AppData\Roaming\OpenSceneryX Installationsprogramm.plist
2014-11-11 14:40 - 2013-11-29 20:15 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-11 12:56 - 2013-12-08 18:43 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft
2014-11-11 12:56 - 2013-11-29 17:51 - 00000000 __HDC () C:\Program Files (x86)\InstallShield Installation Information
2014-11-11 12:04 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\Help
2014-11-11 12:03 - 2014-11-04 16:18 - 00000000 ___DC () C:\Program Files\NVIDIA Corporation
2014-11-11 11:29 - 2014-11-04 16:20 - 04100776 ____C () C:\Windows\system32\nvcoproc.bin
2014-11-10 18:47 - 2013-12-06 14:27 - 00002048 ____C () C:\Windows\f1utii.lic
2014-11-10 18:43 - 2013-11-29 20:21 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thrustmaster HOTAS Cougar
2014-11-10 16:06 - 2013-12-26 18:23 - 00000000 __HDC () C:\Program Files (x86)\Temp
2014-11-10 16:03 - 2009-07-14 08:46 - 00000000 ___DC () C:\Windows\ShellNew
2014-11-10 16:03 - 2009-07-14 06:32 - 00000000 __RDC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-10 16:03 - 2009-07-14 06:32 - 00000000 ___DC () C:\Program Files\DVD Maker
2014-11-10 16:03 - 2009-07-14 04:20 - 00000000 __RDC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-10 16:03 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\PolicyDefinitions
2014-11-10 14:54 - 2014-10-22 17:29 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlyTampa
2014-11-10 14:07 - 2013-12-02 17:46 - 00000000 ___DC () C:\Windows\SysWOW64\directx
2014-11-08 13:56 - 2013-12-03 21:45 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\vlc
2014-11-07 16:16 - 2013-12-11 17:13 - 00002389 ____C () C:\Users\Danny\AppData\Roaming\WED.prefs

Some content of TEMP:
====================
C:\Users\Danny\AppData\Local\Temp\Quarantine.exe
C:\Users\Danny\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-30 19:55

==================== End Of Log ============================
         

Alt 05.12.2014, 14:12   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools" - Standard

Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools"



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________

Alt 05.12.2014, 14:44   #3
thesaint225
 
Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools" - Standard

Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools"



Hallo,
vielen Dank für deine Hilfe.
Nach dem Combofix musste ich per Reset-Knopf neu starten da ich einen leeren Desktop vor mir hatte.
Anbei das Log:

Code:
ATTFilter
ComboFix 14-12-04.01 - Danny 05.12.2014  15:37:23.1.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1033.18.8081.6415 [GMT 1:00]
ausgeführt von:: c:\users\Danny\Desktop\ComboFix.exe
AV: Panda Free Antivirus *Disabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
FW: Panda Firewall *Enabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
SP: Panda Free Antivirus *Disabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-11-05 bis 2014-12-05  ))))))))))))))))))))))))))))))
.
.
2014-12-05 14:39 . 2014-12-05 14:39	--------	dc----w-	c:\users\Public\AppData\Local\temp
2014-12-05 14:39 . 2014-12-05 14:39	--------	dc----w-	c:\users\Default\AppData\Local\temp
2014-12-05 13:07 . 2014-12-05 13:08	--------	dc----w-	C:\FRST
2014-12-05 12:53 . 2014-12-05 12:53	--------	dcsh--w-	c:\users\Danny\AppData\Local\EmieBrowserModeList
2014-12-05 12:46 . 2014-11-02 04:20	11632448	-c--a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{1B92278A-3B8C-4E32-953F-BA03C717E164}\mpengine.dll
2014-12-05 12:21 . 2014-12-05 13:02	--------	dc----w-	C:\EEK
2014-12-05 11:05 . 2014-12-05 11:05	--------	dc----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-12-05 11:01 . 2014-12-05 12:53	129752	-c--a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-05 11:00 . 2014-12-05 11:00	--------	dc----w-	c:\programdata\Malwarebytes
2014-12-05 11:00 . 2014-10-01 10:11	63704	-c--a-w-	c:\windows\system32\drivers\mwac.sys
2014-12-05 11:00 . 2014-10-01 10:11	93400	-c--a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-12-05 11:00 . 2014-10-01 10:11	25816	-c--a-w-	c:\windows\system32\drivers\mbam.sys
2014-12-04 11:06 . 2014-12-04 11:06	--------	dc----w-	c:\program files (x86)\Common Files\Java
2014-12-04 11:02 . 2014-12-04 11:20	--------	dc----w-	c:\users\Danny\AppData\Roaming\DiskSpaceFan
2014-11-19 19:18 . 2014-11-11 03:08	241152	----a-w-	c:\windows\system32\pku2u.dll
2014-11-19 19:18 . 2014-11-11 03:08	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-11-19 19:18 . 2014-11-11 02:44	186880	----a-w-	c:\windows\SysWow64\pku2u.dll
2014-11-19 19:18 . 2014-11-11 02:44	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-11-15 18:42 . 2014-08-21 06:43	1882624	----a-w-	c:\windows\system32\msxml3.dll
2014-11-12 11:53 . 2014-11-12 11:53	--------	dc----w-	c:\users\Danny\AppData\Local\Froom
2014-11-11 11:03 . 2014-11-04 00:04	1876296	-c--a-w-	c:\windows\system32\nvdispco6434465.dll
2014-11-11 11:03 . 2014-11-04 00:04	1539272	-c--a-w-	c:\windows\system32\nvdispgenco6434465.dll
2014-11-11 09:32 . 2014-11-11 09:32	--------	dc----w-	c:\programdata\Licenses
2014-11-11 09:23 . 2014-11-11 09:35	--------	dc----w-	c:\users\Danny\AppData\Roaming\Virtuali
2014-11-11 09:22 . 2014-11-11 09:22	--------	dc----w-	c:\programdata\Esellerate
2014-11-11 09:22 . 2014-11-11 09:33	--------	dc----w-	c:\programdata\Virtuali
2014-11-10 17:53 . 2014-11-10 17:53	--------	dc----w-	c:\users\Danny\AppData\Local\World_of_AI
2014-11-10 17:41 . 2014-11-10 17:41	--------	dc----w-	c:\users\Danny\AppData\Local\Flight1 Software
2014-11-10 17:34 . 2014-11-10 17:34	--------	dc----w-	c:\program files (x86)\Shockwave 3D Lights Redux
2014-11-10 13:55 . 2014-11-10 14:45	--------	dc----w-	c:\program files (x86)\DX10SceneryFixer
2014-11-10 13:55 . 2014-11-10 13:55	--------	dc----w-	c:\users\Danny\AppData\Local\DX10SceneryFixer
2014-11-10 13:55 . 2014-11-10 13:55	--------	dc----w-	c:\programdata\DX10SceneryFixer
2014-11-10 13:13 . 2014-11-10 13:13	--------	dc----w-	c:\programdata\FLEXnet
2014-11-10 11:50 . 2014-11-10 11:50	--------	dc----w-	c:\program files (x86)\Common Files\Microsoft Games
2014-11-10 10:53 . 2014-11-10 10:53	--------	dc----w-	c:\windows\PCHEALTH
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-04 11:05 . 2014-08-01 09:56	98216	-c--a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-12-03 10:24 . 2013-11-29 19:58	71344	-c--a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-03 10:24 . 2013-11-29 19:58	701104	-c--a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-15 18:56 . 2013-11-29 19:18	103374192	-c--a-w-	c:\windows\system32\MRT.exe
2014-11-13 00:20 . 2014-11-04 15:19	989056	-c--a-w-	c:\windows\system32\nvumdshimx.dll
2014-11-13 00:20 . 2014-11-04 15:19	3262784	-c--a-w-	c:\windows\system32\nvapi64.dll
2014-11-13 00:20 . 2014-11-04 15:19	20986592	-c--a-w-	c:\windows\system32\nvwgf2umx.dll
2014-11-13 00:20 . 2014-11-04 15:19	18514616	-c--a-w-	c:\windows\SysWow64\nvwgf2um.dll
2014-11-12 21:56 . 2014-11-04 15:20	6897352	-c--a-w-	c:\windows\system32\nvcpl.dll
2014-11-12 21:56 . 2014-11-04 15:20	3534152	----a-w-	c:\windows\system32\nvsvc64.dll
2014-11-12 21:56 . 2014-11-04 15:20	934032	----a-w-	c:\windows\system32\nvvsvc.exe
2014-11-12 21:56 . 2014-11-04 15:20	62608	-c--a-w-	c:\windows\system32\nvshext.dll
2014-11-12 21:56 . 2014-11-04 15:20	386368	-c--a-w-	c:\windows\system32\nvmctray.dll
2014-11-12 21:56 . 2014-11-04 15:20	2559808	----a-w-	c:\windows\system32\nvsvcr.dll
2014-11-11 10:29 . 2014-11-04 15:20	4100776	-c--a-w-	c:\windows\system32\nvcoproc.bin
2014-11-04 13:30 . 2013-11-29 18:19	275080	-c----w-	c:\windows\system32\MpSigStub.exe
2014-10-08 20:02 . 2014-10-08 20:03	244416	-c--a-w-	c:\windows\system32\msflxgrd.ocx
2014-10-08 20:01 . 2014-10-08 20:03	108336	-c--a-w-	c:\windows\system32\MSWINSCK.OCX
2014-10-08 20:01 . 2014-10-08 20:03	619008	-c--a-w-	c:\windows\system32\dx7vb.dll
2014-09-25 02:08 . 2014-10-01 14:44	371712	----a-w-	c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 14:44	519680	----a-w-	c:\windows\SysWow64\qdvd.dll
2014-09-17 04:51 . 2014-09-19 16:54	31520	-c--a-w-	c:\windows\system32\nvhdap64.dll
2014-09-17 04:51 . 2014-09-19 16:54	197408	-c--a-w-	c:\windows\system32\drivers\nvhda64v.sys
2014-09-17 04:51 . 2014-01-07 20:01	1538880	-c--a-w-	c:\windows\system32\nvhdagenco6420103.dll
2014-09-13 23:48 . 2014-09-19 16:54	1876296	-c--a-w-	c:\windows\system32\nvdispco6434411.dll
2014-09-13 23:48 . 2014-09-19 16:54	1539272	-c--a-w-	c:\windows\system32\nvdispgenco6434411.dll
2014-09-09 22:11 . 2014-09-26 10:58	2048	----a-w-	c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-26 10:58	2048	----a-w-	c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-07-18 292088]
"PSUAMain"="d:\panda security\Panda Security Protection\PSUAMain.exe" [2014-07-24 37624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 NanoServiceMain;Panda Free Antivirus Service;d:\panda security\Panda Security Protection\PSANHost.exe;d:\panda security\Panda Security Protection\PSANHost.exe [x]
R2 PandaAgent;Panda Devices Agent;c:\program files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe;c:\program files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [x]
R2 PSUAService;Panda Product Service;d:\panda security\Panda Security Protection\PSUAService.exe;d:\panda security\Panda Security Protection\PSUAService.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 cleanhlp;cleanhlp;c:\eek\bin\cleanhlp64.sys;c:\eek\bin\cleanhlp64.sys [x]
R3 DIRECTIO;DIRECTIO;c:\program files\PerformanceTest\DirectIo64.sys;c:\program files\PerformanceTest\DirectIo64.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 HtcVCom32;HTC Diagnostic Port;c:\windows\system32\DRIVERS\HtcVComV64.sys;c:\windows\SYSNATIVE\DRIVERS\HtcVComV64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 iumsvc;Intel(R) Update Manager;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [x]
R3 JNPRNA;Juniper Network Agent Miniport;c:\windows\system32\DRIVERS\jnprna6.sys;c:\windows\SYSNATIVE\DRIVERS\jnprna6.sys [x]
R3 jnprva;Juniper Networks Virtual Adapter Service;c:\windows\system32\DRIVERS\jnprva.sys;c:\windows\SYSNATIVE\DRIVERS\jnprva.sys [x]
R3 JuniperAccessService;Juniper Unified Network Service;c:\program files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe;c:\program files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [x]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;tsusbhub [x]
R4 jnprTdi_804_47117;Juniper Networks TDI Filter Driver (jnprTdi_804_47117);c:\windows\system32\Drivers\jnprTdi_804_47117.sys;c:\windows\SYSNATIVE\Drivers\jnprTdi_804_47117.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys;c:\windows\SYSNATIVE\DRIVERS\anodlwfx.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys;c:\windows\SYSNATIVE\DRIVERS\ctxusbm.sys [x]
S1 jnprns;Juniper Network Service;c:\windows\system32\DRIVERS\jnprns.sys;c:\windows\SYSNATIVE\DRIVERS\jnprns.sys [x]
S1 NNSALPC;NNSAlpc;c:\windows\system32\DRIVERS\NNSAlpc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSAlpc.sys [x]
S1 NNSHTTP;NNSHttp;c:\windows\system32\DRIVERS\NNSHttp.sys;c:\windows\SYSNATIVE\DRIVERS\NNSHttp.sys [x]
S1 NNSHTTPS;NNSHttps;c:\windows\system32\DRIVERS\NNSHttps.sys;c:\windows\SYSNATIVE\DRIVERS\NNSHttps.sys [x]
S1 NNSIDS;NNSids;c:\windows\system32\DRIVERS\NNSIds.sys;c:\windows\SYSNATIVE\DRIVERS\NNSIds.sys [x]
S1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;c:\windows\system32\DRIVERS\NNSNAHSL.sys;c:\windows\SYSNATIVE\DRIVERS\NNSNAHSL.sys [x]
S1 NNSPICC;NNSPicc;c:\windows\system32\DRIVERS\NNSPicc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPicc.sys [x]
S1 NNSPIHSW;NNSPihsw;c:\windows\system32\DRIVERS\NNSPihsw.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPihsw.sys [x]
S1 NNSPOP3;NNSPop3;c:\windows\system32\DRIVERS\NNSPop3.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPop3.sys [x]
S1 NNSPROT;NNSProt;c:\windows\system32\DRIVERS\NNSProt.sys;c:\windows\SYSNATIVE\DRIVERS\NNSProt.sys [x]
S1 NNSPRV;NNSPrv;c:\windows\system32\DRIVERS\NNSPrv.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPrv.sys [x]
S1 NNSSMTP;NNSSmtp;c:\windows\system32\DRIVERS\NNSSmtp.sys;c:\windows\SYSNATIVE\DRIVERS\NNSSmtp.sys [x]
S1 NNSSTRM;NNSStrm;c:\windows\system32\DRIVERS\NNSStrm.sys;c:\windows\SYSNATIVE\DRIVERS\NNSStrm.sys [x]
S1 NNSTLSC;NNSTlsc;c:\windows\system32\DRIVERS\NNSTlsc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSTlsc.sys [x]
S1 PSINKNC;PSINKnc;c:\windows\system32\DRIVERS\psinknc.sys;c:\windows\SYSNATIVE\DRIVERS\psinknc.sys [x]
S2 D-Link Wireless N DWA-140_WPS;D-Link Wireless N DWA-140_WPS Service;c:\program files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe;c:\program files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys;c:\windows\SYSNATIVE\DRIVERS\PSINAflt.sys [x]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys;c:\windows\SYSNATIVE\DRIVERS\PSINFile.sys [x]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys;c:\windows\SYSNATIVE\DRIVERS\PSINProc.sys [x]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys;c:\windows\SYSNATIVE\DRIVERS\PSINProt.sys [x]
S2 PSINReg;PSINReg;c:\windows\system32\DRIVERS\PSINReg.sys;c:\windows\SYSNATIVE\DRIVERS\PSINReg.sys [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 JnprVaMgr;Juniper Networks Virtual Adapter Manager Service;c:\windows\system32\DRIVERS\jnprvamgr.sys;c:\windows\SYSNATIVE\DRIVERS\jnprvamgr.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 STTub203;Thrustmaster HOTAS USB Bulk In;c:\windows\system32\Drivers\STTub203.sys;c:\windows\SYSNATIVE\Drivers\STTub203.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - PSKMAD
.
Inhalt des "geplante Tasks" Ordners
.
2014-12-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-29 10:24]
.
2014-11-12 c:\windows\Tasks\Wise Turbo Checker.job
- d:\wise\Wise Care 365\WiseTurbo.exe [2013-11-29 15:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-31 12446824]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-11-15 391152]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-11-15 771056]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xcel exportieren - d:\micros~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{4BE48BA1-BD85-438A-8C34-904AEFF55E29}: NameServer = 172.28.64.1,172.28.64.2
FF - ProfilePath - c:\users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\6l2p3kmq.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-DX10SceneryFixer - i:\microsoft games\DX10SceneryFixer\Uninstall.exe
AddRemove-FSDreamTeam GSX FSX_is1 - i:\microsoft games\Microsoft Flight Simulator X\unins000.exe
AddRemove-Ground Environment X Europe - i:\microsoft games\UninstalEurope.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-12-05  15:40:20
ComboFix-quarantined-files.txt  2014-12-05 14:40
.
Vor Suchlauf: 12 Verzeichnis(se), 13.712.625.664 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 13.565.988.864 Bytes frei
.
- - End Of File - - 92BDA024063F9BF165D03EDA8CA10027
A36C5E4F47E84449FF07ED3517B43A31
         
__________________

Alt 06.12.2014, 14:47   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools" - Standard

Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools"



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.12.2014, 15:56   #5
thesaint225
 
Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools" - Standard

Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools"



MBAM verharrt nach wie vor Regungs- und Funktionslos im Tray neben der Uhr, ein klick darauf bewirkt leider nichts. Der rest lief soweit Problemlos.

Code:
ATTFilter
# AdwCleaner v4.104 - Report created 06/12/2014 at 16:47:45
# Updated 05/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Danny - DANNY-PC
# Running from : C:\Users\Danny\Downloads\AdwCleaner_4.104.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v33.1 (x86 de)


*************************

AdwCleaner[R0].txt - [751 octets] - [06/12/2014 16:46:57]
AdwCleaner[S0].txt - [673 octets] - [06/12/2014 16:47:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [732 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Ultimate x64
Ran by Danny on 06.12.2014 at 16:49:43,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.12.2014 at 16:51:00,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2014
Ran by Danny (administrator) on DANNY-PC on 06-12-2014 16:52:25
Running from C:\Users\Danny\Downloads
Loaded Profile: Danny (Available profiles: Danny)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Englisch (USA)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Panda Security, S.L.) D:\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) D:\Panda Security\Panda Security Protection\PSUAService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Panda Security, S.L.) D:\Panda Security\Panda Security Protection\PSUAMain.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Mozilla Corporation) D:\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [PSUAMain] => D:\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-07-24] (Panda Security, S.L.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1203117988-4294000735-3354723111-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1203117988-4294000735-3354723111-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1203117988-4294000735-3354723111-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4BE48BA1-BD85-438A-8C34-904AEFF55E29}: [NameServer] 172.28.64.1,172.28.64.2

FireFox:
========
FF ProfilePath: C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\6l2p3kmq.default
FF SearchEngineOrder.1: SuchMaschine
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> d:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> d:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> d:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> d:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1203117988-4294000735-3354723111-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\6l2p3kmq.default\searchplugins\search_engine.xml
FF Extension: FireShot - C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\6l2p3kmq.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2014-11-08]
FF Extension: DownloadHelper - C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\6l2p3kmq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF StartMenuInternet: FIREFOX.EXE - D:\Mozilla Firefox\firefox.exe

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 D-Link Wireless N DWA-140_WPS; C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [53248 2010-06-03] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 NanoServiceMain; D:\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-07-24] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-07-23] (Panda Security, S.L.)
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-01] ()
R2 PSUAService; D:\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-07-24] (Panda Security, S.L.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2013-07-05] (Advanced Micro Devices) [File not signed]
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-12-05] (Emsisoft GmbH)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R1 jnprns; C:\Windows\System32\DRIVERS\jnprns.sys [506160 2014-04-04] (Juniper Networks)
S4 jnprTdi_804_47117; C:\Windows\system32\Drivers\jnprTdi_804_47117.sys [108344 2014-06-06] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\System32\DRIVERS\jnprva.sys [30072 2013-10-12] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\System32\DRIVERS\jnprvamgr.sys [45352 2013-10-12] (Juniper Networks, Inc.)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-06] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [46336 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-07-24] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [120352 2014-07-24] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-07-24] (Panda Security, S.L.)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
R3 STTub203; C:\Windows\System32\Drivers\STTub203.sys [33280 2007-05-02] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]
S3 FreshIO; \??\D:\FreshDevices\FreshDiagnose\FreshIO.sys [X]
S3 JNPRNA; system32\DRIVERS\jnprna6.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 16:52 - 2014-12-06 16:52 - 00000000 ___DC () C:\Users\Danny\Downloads\FRST-OlderVersion
2014-12-06 16:51 - 2014-12-06 16:51 - 00000621 ____C () C:\Users\Danny\Downloads\JRT.txt
2014-12-06 16:51 - 2014-12-06 16:51 - 00000621 ____C () C:\Users\Danny\Desktop\JRT.txt
2014-12-06 16:49 - 2014-03-25 14:15 - 00060400 ____C (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2014-12-06 16:46 - 2014-12-06 16:47 - 00000000 ___DC () C:\AdwCleaner
2014-12-06 16:46 - 2014-12-06 16:46 - 00000055 ____C () C:\AdwCleanerDebug.txt
2014-12-06 16:45 - 2014-12-06 16:45 - 00001115 ____C () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-06 16:44 - 2014-12-06 16:44 - 20447072 ____C (Malwarebytes Corporation ) C:\Users\Danny\Downloads\mbam-setup-2.0.4.1028(1).exe
2014-12-06 16:44 - 2014-12-06 16:44 - 02153472 ____C () C:\Users\Danny\Downloads\AdwCleaner_4.104.exe
2014-12-06 16:44 - 2014-12-06 16:44 - 01707646 ____C (Thisisu) C:\Users\Danny\Downloads\JRT.exe
2014-12-05 15:40 - 2014-12-05 15:40 - 00023262 ____C () C:\ComboFix.txt
2014-12-05 15:36 - 2011-06-26 07:45 - 00256000 ____C () C:\Windows\PEV.exe
2014-12-05 15:36 - 2010-11-07 18:20 - 00208896 ____C () C:\Windows\MBR.exe
2014-12-05 15:36 - 2009-04-20 05:56 - 00060416 ____C (NirSoft) C:\Windows\NIRCMD.exe
2014-12-05 15:36 - 2000-08-31 01:00 - 00518144 ____C (SteelWerX) C:\Windows\SWREG.exe
2014-12-05 15:36 - 2000-08-31 01:00 - 00406528 ____C (SteelWerX) C:\Windows\SWSC.exe
2014-12-05 15:36 - 2000-08-31 01:00 - 00098816 ____C () C:\Windows\sed.exe
2014-12-05 15:36 - 2000-08-31 01:00 - 00080412 ____C () C:\Windows\grep.exe
2014-12-05 15:36 - 2000-08-31 01:00 - 00068096 ____C () C:\Windows\zip.exe
2014-12-05 15:35 - 2014-12-05 15:40 - 00000000 ___DC () C:\Qoobox
2014-12-05 15:34 - 2014-12-05 15:34 - 05600479 ___RC (Swearware) C:\Users\Danny\Desktop\ComboFix.exe
2014-12-05 14:07 - 2014-12-06 16:52 - 02118144 ____C (Farbar) C:\Users\Danny\Downloads\FRST64.exe
2014-12-05 14:07 - 2014-12-06 16:52 - 00016411 ____C () C:\Users\Danny\Downloads\FRST.txt
2014-12-05 14:07 - 2014-12-06 16:52 - 00000000 ___DC () C:\FRST
2014-12-05 14:07 - 2014-12-05 14:07 - 00023003 ____C () C:\Users\Danny\Downloads\Addition.txt
2014-12-05 13:53 - 2014-12-05 13:53 - 00000000 _SHDC () C:\Users\Danny\AppData\Local\EmieBrowserModeList
2014-12-05 13:21 - 2014-12-05 14:02 - 00000000 ___DC () C:\EEK
2014-12-05 13:21 - 2014-12-05 13:21 - 00000752 ____C () C:\Users\Danny\Desktop\Start Emsisoft Emergency Kit.lnk
2014-12-05 12:18 - 2014-12-05 12:20 - 164316704 ____C () C:\Users\Danny\Downloads\EmsisoftEmergencyKit.exe
2014-12-05 12:05 - 2014-12-06 16:45 - 00000000 ___DC () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-05 12:01 - 2014-12-06 16:51 - 00129752 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-05 12:01 - 2014-12-06 16:45 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-05 12:00 - 2014-12-05 12:00 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2014-12-05 12:00 - 2014-11-21 06:14 - 00093400 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-05 12:00 - 2014-11-21 06:14 - 00063704 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-05 12:00 - 2014-11-21 06:14 - 00025816 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-04 19:38 - 2014-12-06 16:45 - 00238665 ____C () C:\Windows\WindowsUpdate.log
2014-12-04 19:36 - 2014-12-06 16:49 - 00000840 ____C () C:\Windows\setupact.log
2014-12-04 19:36 - 2014-12-04 19:36 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2014-12-04 19:36 - 2014-12-04 19:36 - 00000000 ____C () C:\Windows\setuperr.log
2014-12-04 19:35 - 2014-12-06 16:49 - 00007984 ____C () C:\Windows\PFRO.log
2014-12-04 18:20 - 2014-11-13 01:20 - 31893136 ____C (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 24557712 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 20922512 ____C (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 19966344 ____C (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 17259664 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 16884632 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 14032984 ____C (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 13944952 ____C (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 13213512 ____C (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-04 18:20 - 2014-11-13 01:20 - 11397744 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 11336432 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 04292416 ____C (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 04011208 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 02874456 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 01876296 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 01540424 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00964928 ____C (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00935240 ____C (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00923792 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00900928 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00871648 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00500880 ____C (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00418112 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00393024 ____C (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00352016 ____C (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00348304 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00303600 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00174856 ____C (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00156840 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-04 18:20 - 2014-10-03 20:23 - 00038216 ____C (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-04 18:20 - 2014-10-03 20:23 - 00035144 ____C (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-12-04 18:20 - 2014-10-03 20:23 - 00032584 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-04 12:02 - 2014-12-04 12:20 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\DiskSpaceFan
2014-12-03 11:28 - 2014-12-03 11:28 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkyMaxx Pro
2014-11-19 20:18 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 20:18 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 20:18 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 20:18 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-15 19:43 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-15 19:43 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-15 19:43 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-15 19:43 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-15 19:43 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-15 19:43 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-15 19:43 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-15 19:43 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-15 19:43 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-15 19:43 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-15 19:43 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-15 19:43 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-15 19:43 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-15 19:43 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-15 19:43 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-15 19:43 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-15 19:43 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-15 19:43 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-15 19:43 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-15 19:43 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-15 19:43 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-15 19:43 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-15 19:43 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-15 19:43 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-15 19:43 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-15 19:43 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-15 19:43 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-15 19:43 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-15 19:43 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-15 19:43 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-15 19:43 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-15 19:43 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-15 19:43 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-15 19:43 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-15 19:43 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-15 19:43 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-15 19:43 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-15 19:43 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-15 19:43 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-15 19:43 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-15 19:43 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-15 19:43 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-15 19:43 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-15 19:43 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-15 19:43 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-15 19:43 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-15 19:43 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-15 19:43 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-15 19:43 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-15 19:43 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-15 19:43 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-15 19:43 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-15 19:43 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-15 19:43 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-15 19:43 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-15 19:43 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-15 19:43 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-15 19:43 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-15 19:43 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-15 19:43 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-15 19:43 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-15 19:43 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-15 19:43 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-15 19:43 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-15 19:43 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-15 19:43 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-15 19:43 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-15 19:43 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-15 19:42 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-15 19:42 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-15 19:42 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-15 19:42 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-15 19:42 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-15 19:42 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-15 19:42 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-15 19:42 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-15 19:42 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-15 19:42 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-15 19:42 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-15 19:42 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-15 19:42 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-15 19:42 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-15 19:42 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-15 19:42 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-15 19:42 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-15 19:42 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-15 19:42 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-15 19:42 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-15 19:42 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 12:53 - 2014-11-12 12:53 - 00000000 ___DC () C:\Users\Danny\AppData\Local\Froom
2014-11-11 20:09 - 2014-12-04 18:28 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X-Plane Python Interface
2014-11-11 12:03 - 2014-11-04 01:04 - 01876296 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispco6434465.dll
2014-11-11 12:03 - 2014-11-04 01:04 - 01539272 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434465.dll
2014-11-11 10:32 - 2014-11-11 10:32 - 00000000 ___DC () C:\ProgramData\Licenses
2014-11-11 10:23 - 2014-11-11 10:35 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\Virtuali
2014-11-11 10:23 - 2014-11-11 10:23 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FsDreamTeam
2014-11-11 10:22 - 2014-11-11 10:33 - 00000000 ___DC () C:\ProgramData\Virtuali
2014-11-11 10:22 - 2014-11-11 10:22 - 00000000 ___DC () C:\ProgramData\Esellerate
2014-11-10 19:03 - 2014-11-12 13:43 - 00009749 ____C () C:\AEMODULE.LOG
2014-11-10 18:53 - 2014-11-10 18:53 - 00000000 ___DC () C:\Users\Danny\AppData\Local\World_of_AI
2014-11-10 18:41 - 2014-11-10 18:41 - 00000000 ___DC () C:\Users\Danny\AppData\Local\Flight1 Software
2014-11-10 18:37 - 2014-11-10 18:37 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flight One Software
2014-11-10 18:34 - 2014-11-10 18:34 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shockwave 3D Lights Redux
2014-11-10 18:34 - 2014-11-10 18:34 - 00000000 ___DC () C:\Program Files (x86)\Shockwave 3D Lights Redux
2014-11-10 17:22 - 2014-11-10 17:27 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REX Essential
2014-11-10 16:30 - 2014-11-10 18:37 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flight One Software
2014-11-10 14:55 - 2014-11-10 15:45 - 00000000 ___DC () C:\Program Files (x86)\DX10SceneryFixer
2014-11-10 14:55 - 2014-11-10 14:56 - 00000000 ___DC () C:\Users\Public\Documents\DX10SceneryFixer
2014-11-10 14:55 - 2014-11-10 14:55 - 00000000 ___DC () C:\Users\Danny\AppData\Local\DX10SceneryFixer
2014-11-10 14:55 - 2014-11-10 14:55 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteveFX
2014-11-10 14:55 - 2014-11-10 14:55 - 00000000 ___DC () C:\ProgramData\DX10SceneryFixer
2014-11-10 14:54 - 2014-11-10 14:54 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlyTampa
2014-11-10 14:13 - 2014-11-10 14:13 - 00000000 ___DC () C:\ProgramData\FLEXnet
2014-11-10 14:08 - 2014-11-10 14:08 - 00000000 ___DC () C:\Users\Danny\Documents\Flight Simulator X Files
2014-11-10 14:06 - 2014-11-10 14:06 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMDG Simulations
2014-11-10 13:18 - 2014-11-12 13:57 - 00000000 ___DC () C:\Users\Danny\Documents\Flight Simulator X-Dateien

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 16:49 - 2009-07-14 06:08 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT
2014-12-06 16:48 - 2009-07-14 05:45 - 00023408 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-06 16:48 - 2009-07-14 05:45 - 00023408 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-06 16:46 - 2013-11-29 19:02 - 00712410 ____C () C:\Windows\system32\perfh007.dat
2014-12-06 16:46 - 2013-11-29 19:02 - 00155566 ____C () C:\Windows\system32\perfc007.dat
2014-12-06 16:46 - 2009-07-14 06:13 - 01661812 ____C () C:\Windows\system32\PerfStringBackup.INI
2014-12-05 18:15 - 2013-12-24 18:11 - 00000884 ____C () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-05 18:07 - 2013-11-29 17:54 - 00086192 ____C () C:\Users\Danny\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-05 18:07 - 2009-07-14 05:45 - 00389952 ____C () C:\Windows\system32\FNTCACHE.DAT
2014-12-05 17:57 - 2013-11-29 20:47 - 00000000 ___DC () C:\ProgramData\Microsoft Help
2014-12-05 17:57 - 2009-07-14 08:46 - 00000000 ___DC () C:\Windows\ShellNew
2014-12-05 17:57 - 2009-07-14 04:20 - 00000000 ___DC () C:\Program Files\Common Files\System
2014-12-05 17:57 - 2009-07-14 04:20 - 00000000 ___DC () C:\Program Files\Common Files\Microsoft Shared
2014-12-05 17:57 - 2009-07-14 03:34 - 00000387 ____C () C:\Windows\win.ini
2014-12-05 15:40 - 2014-01-10 18:06 - 00000000 ___DC () C:\Users\Danny\AppData\Local\CrashDumps
2014-12-05 15:39 - 2009-07-14 03:34 - 00000215 ____C () C:\Windows\system.ini
2014-12-05 13:12 - 2013-12-24 17:33 - 00000000 ___DC () C:\ProgramData\TEMP
2014-12-04 22:50 - 2013-12-02 19:29 - 00000073 ____C () C:\Users\Danny\AppData\Local\X-Plane_drm.prf
2014-12-04 19:35 - 2014-08-01 10:56 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-04 19:35 - 2013-11-29 20:51 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\Wise Care 365
2014-12-04 18:21 - 2014-11-04 16:20 - 00000000 ___DC () C:\ProgramData\NVIDIA
2014-12-04 18:21 - 2014-09-20 10:51 - 00000000 ___DC () C:\Temp
2014-12-04 18:20 - 2013-12-02 19:27 - 00000080 ____C () C:\Users\Danny\AppData\Local\X-Plane Installer.prf
2014-12-04 12:21 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-04 12:06 - 2014-06-04 17:10 - 00000000 ___DC () C:\Program Files (x86)\Java
2014-12-04 12:06 - 2013-11-29 20:58 - 00000000 ___DC () C:\ProgramData\Oracle
2014-12-04 12:05 - 2014-08-01 10:56 - 00098216 ____C (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-04 11:52 - 2013-11-29 17:26 - 00000000 ___DC () C:\Users\Danny
2014-12-03 11:24 - 2014-09-13 15:08 - 00003822 ____C () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-03 11:24 - 2013-11-29 20:58 - 00701104 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-03 11:24 - 2013-11-29 20:58 - 00071344 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-30 19:36 - 2013-12-02 18:23 - 00000072 ____C () C:\Users\Public\LMDebug.log
2014-11-24 19:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-19 19:58 - 2014-05-30 10:10 - 00000000 __SDC () C:\Windows\system32\CompatTel
2014-11-15 19:58 - 2013-11-29 20:18 - 00000000 ___DC () C:\Windows\system32\MRT
2014-11-15 19:56 - 2013-11-29 20:18 - 103374192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-13 01:20 - 2014-11-04 16:19 - 20986592 ____C (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-11-13 01:20 - 2014-11-04 16:19 - 18514616 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-13 01:20 - 2014-11-04 16:19 - 03262784 ____C (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-13 01:20 - 2014-11-04 16:19 - 00989056 ____C (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-11-13 01:20 - 2014-11-04 16:19 - 00027094 ____C () C:\Windows\system32\nvinfo.pb
2014-11-12 22:56 - 2014-11-04 16:20 - 06897352 ____C (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-12 22:56 - 2014-11-04 16:20 - 03534152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-12 22:56 - 2014-11-04 16:20 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-11-12 22:56 - 2014-11-04 16:20 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-12 22:56 - 2014-11-04 16:20 - 00386368 ____C (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-12 22:56 - 2014-11-04 16:20 - 00062608 ____C (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-12 17:00 - 2014-09-03 16:39 - 00000322 ____C () C:\Windows\Tasks\Wise Turbo Checker.job
2014-11-12 12:57 - 2013-12-11 19:38 - 00000261 ____C () C:\Users\Danny\AppData\Roaming\OpenSceneryX Installationsprogramm.plist
2014-11-11 14:40 - 2013-11-29 20:15 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-11 12:56 - 2013-12-08 18:43 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft
2014-11-11 12:56 - 2013-11-29 17:51 - 00000000 __HDC () C:\Program Files (x86)\InstallShield Installation Information
2014-11-11 12:04 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\Help
2014-11-11 12:03 - 2014-11-04 16:18 - 00000000 ___DC () C:\Program Files\NVIDIA Corporation
2014-11-11 11:29 - 2014-11-04 16:20 - 04100776 ____C () C:\Windows\system32\nvcoproc.bin
2014-11-10 18:47 - 2013-12-06 14:27 - 00002048 ____C () C:\Windows\f1utii.lic
2014-11-10 18:43 - 2013-11-29 20:21 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thrustmaster HOTAS Cougar
2014-11-10 16:06 - 2013-12-26 18:23 - 00000000 __HDC () C:\Program Files (x86)\Temp
2014-11-10 16:03 - 2009-07-14 06:32 - 00000000 __RDC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-10 16:03 - 2009-07-14 06:32 - 00000000 ___DC () C:\Program Files\DVD Maker
2014-11-10 16:03 - 2009-07-14 04:20 - 00000000 __RDC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-10 16:03 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\PolicyDefinitions
2014-11-10 14:54 - 2014-10-22 17:29 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlyTampa
2014-11-10 14:07 - 2013-12-02 17:46 - 00000000 ___DC () C:\Windows\SysWOW64\directx
2014-11-08 13:56 - 2013-12-03 21:45 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\vlc
2014-11-07 16:16 - 2013-12-11 17:13 - 00002389 ____C () C:\Users\Danny\AppData\Roaming\WED.prefs

Some content of TEMP:
====================
C:\Users\Danny\AppData\Local\Temp\Quarantine.exe
C:\Users\Danny\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-05 15:06

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Alt 07.12.2014, 12:48   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools" - Standard

Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools"



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
C:\Windows\System32\DRIVERS\anodlwfx.sys
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools"

Alt 08.12.2014, 00:48   #7
thesaint225
 
Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools" - Standard

Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools"



Guten Abend
Die Probleme sind leider noch zu spüren. Sehr verlangsamtes System, Neustart dauert mehrere Minuten, manche Programme starten gar nicht erst.
Der Security Check dauert Scheinbar stunden, weiß nicht ob das normal ist. Er verbleibt ewig beim punkt "Performing System Health Check"

Anbei noch die logs die ich bekommen konnte:

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-12-2014 01
Ran by Danny at 2014-12-07 14:49:10 Run:1
Running from C:\Users\Danny\Downloads
Loaded Profile: Danny (Available profiles: Danny)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
C:\Windows\System32\DRIVERS\anodlwfx.sys
*****************

anodlwf => Service stopped successfully.
anodlwf => Service deleted successfully.
C:\Windows\System32\DRIVERS\anodlwfx.sys => Moved successfully.

==== End of Fixlog ====
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=9d3a5f6c16220b4486dec9fbddc70c6f
# engine=21440
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-07 03:35:23
# local_time=2014-12-07 04:35:23 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Panda Cloud Antivirus'
# compatibility_mode=1552 16777214 75 93 8211346 204162497 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 182920 169596373 0 0
# scanned=316757
# found=2
# cleaned=0
# scan_time=6157
sh=39124F7BD6F91DA2179011F51AF1B068D6FEE8A9 ft=1 fh=c719b2fe67e3bb02 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="D:\Panda Security\Panda Security Protection\Tools\PandaSecurityTb.exe"
sh=8F0A8A7C00BAA6171B058133B39D58FB6FEBFB76 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="Y:\Dateien\Programme\Ashampoo Burning Studio 2012 v10.0.15.rar"
         

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2014
Ran by Danny (administrator) on DANNY-PC on 06-12-2014 16:52:25
Running from C:\Users\Danny\Downloads
Loaded Profile: Danny (Available profiles: Danny)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Englisch (USA)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Panda Security, S.L.) D:\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) D:\Panda Security\Panda Security Protection\PSUAService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Panda Security, S.L.) D:\Panda Security\Panda Security Protection\PSUAMain.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Mozilla Corporation) D:\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [PSUAMain] => D:\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-07-24] (Panda Security, S.L.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1203117988-4294000735-3354723111-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1203117988-4294000735-3354723111-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1203117988-4294000735-3354723111-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4BE48BA1-BD85-438A-8C34-904AEFF55E29}: [NameServer] 172.28.64.1,172.28.64.2

FireFox:
========
FF ProfilePath: C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\6l2p3kmq.default
FF SearchEngineOrder.1: SuchMaschine
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> d:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> d:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> d:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> d:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1203117988-4294000735-3354723111-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\6l2p3kmq.default\searchplugins\search_engine.xml
FF Extension: FireShot - C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\6l2p3kmq.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2014-11-08]
FF Extension: DownloadHelper - C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\6l2p3kmq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF StartMenuInternet: FIREFOX.EXE - D:\Mozilla Firefox\firefox.exe

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 D-Link Wireless N DWA-140_WPS; C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [53248 2010-06-03] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 NanoServiceMain; D:\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-07-24] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-07-23] (Panda Security, S.L.)
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-01] ()
R2 PSUAService; D:\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-07-24] (Panda Security, S.L.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2013-07-05] (Advanced Micro Devices) [File not signed]
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-12-05] (Emsisoft GmbH)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R1 jnprns; C:\Windows\System32\DRIVERS\jnprns.sys [506160 2014-04-04] (Juniper Networks)
S4 jnprTdi_804_47117; C:\Windows\system32\Drivers\jnprTdi_804_47117.sys [108344 2014-06-06] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\System32\DRIVERS\jnprva.sys [30072 2013-10-12] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\System32\DRIVERS\jnprvamgr.sys [45352 2013-10-12] (Juniper Networks, Inc.)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-06] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [46336 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-07-24] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [120352 2014-07-24] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-07-24] (Panda Security, S.L.)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
R3 STTub203; C:\Windows\System32\Drivers\STTub203.sys [33280 2007-05-02] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]
S3 FreshIO; \??\D:\FreshDevices\FreshDiagnose\FreshIO.sys [X]
S3 JNPRNA; system32\DRIVERS\jnprna6.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 16:52 - 2014-12-06 16:52 - 00000000 ___DC () C:\Users\Danny\Downloads\FRST-OlderVersion
2014-12-06 16:51 - 2014-12-06 16:51 - 00000621 ____C () C:\Users\Danny\Downloads\JRT.txt
2014-12-06 16:51 - 2014-12-06 16:51 - 00000621 ____C () C:\Users\Danny\Desktop\JRT.txt
2014-12-06 16:49 - 2014-03-25 14:15 - 00060400 ____C (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2014-12-06 16:46 - 2014-12-06 16:47 - 00000000 ___DC () C:\AdwCleaner
2014-12-06 16:46 - 2014-12-06 16:46 - 00000055 ____C () C:\AdwCleanerDebug.txt
2014-12-06 16:45 - 2014-12-06 16:45 - 00001115 ____C () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-06 16:44 - 2014-12-06 16:44 - 20447072 ____C (Malwarebytes Corporation ) C:\Users\Danny\Downloads\mbam-setup-2.0.4.1028(1).exe
2014-12-06 16:44 - 2014-12-06 16:44 - 02153472 ____C () C:\Users\Danny\Downloads\AdwCleaner_4.104.exe
2014-12-06 16:44 - 2014-12-06 16:44 - 01707646 ____C (Thisisu) C:\Users\Danny\Downloads\JRT.exe
2014-12-05 15:40 - 2014-12-05 15:40 - 00023262 ____C () C:\ComboFix.txt
2014-12-05 15:36 - 2011-06-26 07:45 - 00256000 ____C () C:\Windows\PEV.exe
2014-12-05 15:36 - 2010-11-07 18:20 - 00208896 ____C () C:\Windows\MBR.exe
2014-12-05 15:36 - 2009-04-20 05:56 - 00060416 ____C (NirSoft) C:\Windows\NIRCMD.exe
2014-12-05 15:36 - 2000-08-31 01:00 - 00518144 ____C (SteelWerX) C:\Windows\SWREG.exe
2014-12-05 15:36 - 2000-08-31 01:00 - 00406528 ____C (SteelWerX) C:\Windows\SWSC.exe
2014-12-05 15:36 - 2000-08-31 01:00 - 00098816 ____C () C:\Windows\sed.exe
2014-12-05 15:36 - 2000-08-31 01:00 - 00080412 ____C () C:\Windows\grep.exe
2014-12-05 15:36 - 2000-08-31 01:00 - 00068096 ____C () C:\Windows\zip.exe
2014-12-05 15:35 - 2014-12-05 15:40 - 00000000 ___DC () C:\Qoobox
2014-12-05 15:34 - 2014-12-05 15:34 - 05600479 ___RC (Swearware) C:\Users\Danny\Desktop\ComboFix.exe
2014-12-05 14:07 - 2014-12-06 16:52 - 02118144 ____C (Farbar) C:\Users\Danny\Downloads\FRST64.exe
2014-12-05 14:07 - 2014-12-06 16:52 - 00016411 ____C () C:\Users\Danny\Downloads\FRST.txt
2014-12-05 14:07 - 2014-12-06 16:52 - 00000000 ___DC () C:\FRST
2014-12-05 14:07 - 2014-12-05 14:07 - 00023003 ____C () C:\Users\Danny\Downloads\Addition.txt
2014-12-05 13:53 - 2014-12-05 13:53 - 00000000 _SHDC () C:\Users\Danny\AppData\Local\EmieBrowserModeList
2014-12-05 13:21 - 2014-12-05 14:02 - 00000000 ___DC () C:\EEK
2014-12-05 13:21 - 2014-12-05 13:21 - 00000752 ____C () C:\Users\Danny\Desktop\Start Emsisoft Emergency Kit.lnk
2014-12-05 12:18 - 2014-12-05 12:20 - 164316704 ____C () C:\Users\Danny\Downloads\EmsisoftEmergencyKit.exe
2014-12-05 12:05 - 2014-12-06 16:45 - 00000000 ___DC () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-05 12:01 - 2014-12-06 16:51 - 00129752 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-05 12:01 - 2014-12-06 16:45 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-05 12:00 - 2014-12-05 12:00 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2014-12-05 12:00 - 2014-11-21 06:14 - 00093400 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-05 12:00 - 2014-11-21 06:14 - 00063704 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-05 12:00 - 2014-11-21 06:14 - 00025816 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-04 19:38 - 2014-12-06 16:45 - 00238665 ____C () C:\Windows\WindowsUpdate.log
2014-12-04 19:36 - 2014-12-06 16:49 - 00000840 ____C () C:\Windows\setupact.log
2014-12-04 19:36 - 2014-12-04 19:36 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2014-12-04 19:36 - 2014-12-04 19:36 - 00000000 ____C () C:\Windows\setuperr.log
2014-12-04 19:35 - 2014-12-06 16:49 - 00007984 ____C () C:\Windows\PFRO.log
2014-12-04 18:20 - 2014-11-13 01:20 - 31893136 ____C (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 24557712 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 20922512 ____C (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 19966344 ____C (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 17259664 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 16884632 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 14032984 ____C (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 13944952 ____C (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 13213512 ____C (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-04 18:20 - 2014-11-13 01:20 - 11397744 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 11336432 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 04292416 ____C (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 04011208 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 02874456 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 01876296 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 01540424 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00964928 ____C (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00935240 ____C (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00923792 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00900928 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00871648 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00500880 ____C (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00418112 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00393024 ____C (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00352016 ____C (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00348304 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00303600 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00174856 ____C (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-04 18:20 - 2014-11-13 01:20 - 00156840 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-04 18:20 - 2014-10-03 20:23 - 00038216 ____C (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-04 18:20 - 2014-10-03 20:23 - 00035144 ____C (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-12-04 18:20 - 2014-10-03 20:23 - 00032584 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-04 12:02 - 2014-12-04 12:20 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\DiskSpaceFan
2014-12-03 11:28 - 2014-12-03 11:28 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkyMaxx Pro
2014-11-19 20:18 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 20:18 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 20:18 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 20:18 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-15 19:43 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-15 19:43 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-15 19:43 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-15 19:43 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-15 19:43 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-15 19:43 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-15 19:43 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-15 19:43 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-15 19:43 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-15 19:43 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-15 19:43 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-15 19:43 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-15 19:43 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-15 19:43 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-15 19:43 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-15 19:43 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-15 19:43 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-15 19:43 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-15 19:43 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-15 19:43 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-15 19:43 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-15 19:43 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-15 19:43 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-15 19:43 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-15 19:43 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-15 19:43 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-15 19:43 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-15 19:43 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-15 19:43 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-15 19:43 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-15 19:43 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-15 19:43 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-15 19:43 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-15 19:43 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-15 19:43 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-15 19:43 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-15 19:43 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-15 19:43 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-15 19:43 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-15 19:43 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-15 19:43 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-15 19:43 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-15 19:43 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-15 19:43 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-15 19:43 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-15 19:43 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-15 19:43 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-15 19:43 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-15 19:43 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-15 19:43 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-15 19:43 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-15 19:43 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-15 19:43 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-15 19:43 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-15 19:43 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-15 19:43 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-15 19:43 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-15 19:43 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-15 19:43 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-15 19:43 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-15 19:43 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-15 19:43 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-15 19:43 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-15 19:43 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-15 19:43 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-15 19:43 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-15 19:43 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-15 19:43 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-15 19:42 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-15 19:42 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-15 19:42 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-15 19:42 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-15 19:42 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-15 19:42 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-15 19:42 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-15 19:42 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-15 19:42 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-15 19:42 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-15 19:42 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-15 19:42 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-15 19:42 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-15 19:42 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-15 19:42 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-15 19:42 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-15 19:42 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-15 19:42 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-15 19:42 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-15 19:42 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-15 19:42 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-15 19:42 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-15 19:42 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 12:53 - 2014-11-12 12:53 - 00000000 ___DC () C:\Users\Danny\AppData\Local\Froom
2014-11-11 20:09 - 2014-12-04 18:28 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X-Plane Python Interface
2014-11-11 12:03 - 2014-11-04 01:04 - 01876296 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispco6434465.dll
2014-11-11 12:03 - 2014-11-04 01:04 - 01539272 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434465.dll
2014-11-11 10:32 - 2014-11-11 10:32 - 00000000 ___DC () C:\ProgramData\Licenses
2014-11-11 10:23 - 2014-11-11 10:35 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\Virtuali
2014-11-11 10:23 - 2014-11-11 10:23 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FsDreamTeam
2014-11-11 10:22 - 2014-11-11 10:33 - 00000000 ___DC () C:\ProgramData\Virtuali
2014-11-11 10:22 - 2014-11-11 10:22 - 00000000 ___DC () C:\ProgramData\Esellerate
2014-11-10 19:03 - 2014-11-12 13:43 - 00009749 ____C () C:\AEMODULE.LOG
2014-11-10 18:53 - 2014-11-10 18:53 - 00000000 ___DC () C:\Users\Danny\AppData\Local\World_of_AI
2014-11-10 18:41 - 2014-11-10 18:41 - 00000000 ___DC () C:\Users\Danny\AppData\Local\Flight1 Software
2014-11-10 18:37 - 2014-11-10 18:37 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flight One Software
2014-11-10 18:34 - 2014-11-10 18:34 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shockwave 3D Lights Redux
2014-11-10 18:34 - 2014-11-10 18:34 - 00000000 ___DC () C:\Program Files (x86)\Shockwave 3D Lights Redux
2014-11-10 17:22 - 2014-11-10 17:27 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REX Essential
2014-11-10 16:30 - 2014-11-10 18:37 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flight One Software
2014-11-10 14:55 - 2014-11-10 15:45 - 00000000 ___DC () C:\Program Files (x86)\DX10SceneryFixer
2014-11-10 14:55 - 2014-11-10 14:56 - 00000000 ___DC () C:\Users\Public\Documents\DX10SceneryFixer
2014-11-10 14:55 - 2014-11-10 14:55 - 00000000 ___DC () C:\Users\Danny\AppData\Local\DX10SceneryFixer
2014-11-10 14:55 - 2014-11-10 14:55 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteveFX
2014-11-10 14:55 - 2014-11-10 14:55 - 00000000 ___DC () C:\ProgramData\DX10SceneryFixer
2014-11-10 14:54 - 2014-11-10 14:54 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlyTampa
2014-11-10 14:13 - 2014-11-10 14:13 - 00000000 ___DC () C:\ProgramData\FLEXnet
2014-11-10 14:08 - 2014-11-10 14:08 - 00000000 ___DC () C:\Users\Danny\Documents\Flight Simulator X Files
2014-11-10 14:06 - 2014-11-10 14:06 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMDG Simulations
2014-11-10 13:18 - 2014-11-12 13:57 - 00000000 ___DC () C:\Users\Danny\Documents\Flight Simulator X-Dateien

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 16:49 - 2009-07-14 06:08 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT
2014-12-06 16:48 - 2009-07-14 05:45 - 00023408 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-06 16:48 - 2009-07-14 05:45 - 00023408 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-06 16:46 - 2013-11-29 19:02 - 00712410 ____C () C:\Windows\system32\perfh007.dat
2014-12-06 16:46 - 2013-11-29 19:02 - 00155566 ____C () C:\Windows\system32\perfc007.dat
2014-12-06 16:46 - 2009-07-14 06:13 - 01661812 ____C () C:\Windows\system32\PerfStringBackup.INI
2014-12-05 18:15 - 2013-12-24 18:11 - 00000884 ____C () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-05 18:07 - 2013-11-29 17:54 - 00086192 ____C () C:\Users\Danny\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-05 18:07 - 2009-07-14 05:45 - 00389952 ____C () C:\Windows\system32\FNTCACHE.DAT
2014-12-05 17:57 - 2013-11-29 20:47 - 00000000 ___DC () C:\ProgramData\Microsoft Help
2014-12-05 17:57 - 2009-07-14 08:46 - 00000000 ___DC () C:\Windows\ShellNew
2014-12-05 17:57 - 2009-07-14 04:20 - 00000000 ___DC () C:\Program Files\Common Files\System
2014-12-05 17:57 - 2009-07-14 04:20 - 00000000 ___DC () C:\Program Files\Common Files\Microsoft Shared
2014-12-05 17:57 - 2009-07-14 03:34 - 00000387 ____C () C:\Windows\win.ini
2014-12-05 15:40 - 2014-01-10 18:06 - 00000000 ___DC () C:\Users\Danny\AppData\Local\CrashDumps
2014-12-05 15:39 - 2009-07-14 03:34 - 00000215 ____C () C:\Windows\system.ini
2014-12-05 13:12 - 2013-12-24 17:33 - 00000000 ___DC () C:\ProgramData\TEMP
2014-12-04 22:50 - 2013-12-02 19:29 - 00000073 ____C () C:\Users\Danny\AppData\Local\X-Plane_drm.prf
2014-12-04 19:35 - 2014-08-01 10:56 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-04 19:35 - 2013-11-29 20:51 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\Wise Care 365
2014-12-04 18:21 - 2014-11-04 16:20 - 00000000 ___DC () C:\ProgramData\NVIDIA
2014-12-04 18:21 - 2014-09-20 10:51 - 00000000 ___DC () C:\Temp
2014-12-04 18:20 - 2013-12-02 19:27 - 00000080 ____C () C:\Users\Danny\AppData\Local\X-Plane Installer.prf
2014-12-04 12:21 - 2009-07-14 06:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-04 12:06 - 2014-06-04 17:10 - 00000000 ___DC () C:\Program Files (x86)\Java
2014-12-04 12:06 - 2013-11-29 20:58 - 00000000 ___DC () C:\ProgramData\Oracle
2014-12-04 12:05 - 2014-08-01 10:56 - 00098216 ____C (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-04 11:52 - 2013-11-29 17:26 - 00000000 ___DC () C:\Users\Danny
2014-12-03 11:24 - 2014-09-13 15:08 - 00003822 ____C () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-03 11:24 - 2013-11-29 20:58 - 00701104 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-03 11:24 - 2013-11-29 20:58 - 00071344 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-30 19:36 - 2013-12-02 18:23 - 00000072 ____C () C:\Users\Public\LMDebug.log
2014-11-24 19:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-19 19:58 - 2014-05-30 10:10 - 00000000 __SDC () C:\Windows\system32\CompatTel
2014-11-15 19:58 - 2013-11-29 20:18 - 00000000 ___DC () C:\Windows\system32\MRT
2014-11-15 19:56 - 2013-11-29 20:18 - 103374192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-13 01:20 - 2014-11-04 16:19 - 20986592 ____C (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-11-13 01:20 - 2014-11-04 16:19 - 18514616 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-13 01:20 - 2014-11-04 16:19 - 03262784 ____C (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-13 01:20 - 2014-11-04 16:19 - 00989056 ____C (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-11-13 01:20 - 2014-11-04 16:19 - 00027094 ____C () C:\Windows\system32\nvinfo.pb
2014-11-12 22:56 - 2014-11-04 16:20 - 06897352 ____C (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-12 22:56 - 2014-11-04 16:20 - 03534152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-12 22:56 - 2014-11-04 16:20 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-11-12 22:56 - 2014-11-04 16:20 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-12 22:56 - 2014-11-04 16:20 - 00386368 ____C (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-12 22:56 - 2014-11-04 16:20 - 00062608 ____C (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-12 17:00 - 2014-09-03 16:39 - 00000322 ____C () C:\Windows\Tasks\Wise Turbo Checker.job
2014-11-12 12:57 - 2013-12-11 19:38 - 00000261 ____C () C:\Users\Danny\AppData\Roaming\OpenSceneryX Installationsprogramm.plist
2014-11-11 14:40 - 2013-11-29 20:15 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-11 12:56 - 2013-12-08 18:43 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft
2014-11-11 12:56 - 2013-11-29 17:51 - 00000000 __HDC () C:\Program Files (x86)\InstallShield Installation Information
2014-11-11 12:04 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\Help
2014-11-11 12:03 - 2014-11-04 16:18 - 00000000 ___DC () C:\Program Files\NVIDIA Corporation
2014-11-11 11:29 - 2014-11-04 16:20 - 04100776 ____C () C:\Windows\system32\nvcoproc.bin
2014-11-10 18:47 - 2013-12-06 14:27 - 00002048 ____C () C:\Windows\f1utii.lic
2014-11-10 18:43 - 2013-11-29 20:21 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thrustmaster HOTAS Cougar
2014-11-10 16:06 - 2013-12-26 18:23 - 00000000 __HDC () C:\Program Files (x86)\Temp
2014-11-10 16:03 - 2009-07-14 06:32 - 00000000 __RDC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-10 16:03 - 2009-07-14 06:32 - 00000000 ___DC () C:\Program Files\DVD Maker
2014-11-10 16:03 - 2009-07-14 04:20 - 00000000 __RDC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-10 16:03 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\PolicyDefinitions
2014-11-10 14:54 - 2014-10-22 17:29 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlyTampa
2014-11-10 14:07 - 2013-12-02 17:46 - 00000000 ___DC () C:\Windows\SysWOW64\directx
2014-11-08 13:56 - 2013-12-03 21:45 - 00000000 ___DC () C:\Users\Danny\AppData\Roaming\vlc
2014-11-07 16:16 - 2013-12-11 17:13 - 00002389 ____C () C:\Users\Danny\AppData\Roaming\WED.prefs

Some content of TEMP:
====================
C:\Users\Danny\AppData\Local\Temp\Quarantine.exe
C:\Users\Danny\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-05 15:06

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---


Wie gesagt das Security Check bekommm ich nicht oder erst morgen sofern das Programm wirklich Stunden braucht?

Was mir grad noch einfällt, hab noch das Log vom Emsisoft Emergency Kit das ich noch erstellt habe bevor ich mich hier gemeldet hab.

Code:
ATTFilter
Emsisoft Emergency Kit - Version 9.0
Letztes Update: 05.12.2014 13:21:59
Benutzerkonto: Danny-PC\Danny

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\, E:\, F:\, G:\, Y:\

PUPs-Erkennung: An
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn:	05.12.2014 13:22:21
Value: HKEY_USERS\S-1-5-21-1203117988-4294000735-3354723111-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR 	gefunden: Setting.DisableTaskMgr (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS 	gefunden: Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-1203117988-4294000735-3354723111-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS 	gefunden: Setting.DisableRegistryTools (A)

Gescannt	253178
Gefunden	3

Scan Ende:	05.12.2014 13:52:06
Scan Zeit:	0:29:45

Value: HKEY_USERS\S-1-5-21-1203117988-4294000735-3354723111-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS	Quarantäne Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS	Quarantäne Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-1203117988-4294000735-3354723111-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR	Quarantäne Setting.DisableTaskMgr (A)

Quarantäne	3
         
Diese drei zeigt es auch jetzt noch als Funde an.
MFG Danny

Nach einigen Stunden hier noch das Security Check Log:

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.91  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Panda Free Antivirus   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 25  
 Java version 32-bit out of Date! 
 Adobe Flash Player 15.0.0.239  
 Mozilla Firefox (33.1) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbam.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Und hier noch hinterher geschoben das MBAM Log, Plötzlich lief das MBAM ohne mein zu tzun und ich konnte den Suchlauf Starten

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 08.12.2014
Scan Time: 01:42:00
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.08.01
Rootkit Database: v2014.12.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Danny

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 342412
Time Elapsed: 3 min, 36 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
         

Alt 09.12.2014, 00:37   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools" - Standard

Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools"



Die EAM Funde kannste entfernen lassen, das sind nur Registry Einträge.

Gewusst wie: Durchführen eines sauberen Neustarts in Windows

Bitte einen Clean Boot machen. Wenn das Problem dann weg ist, einzeln wieder Dienste aktivieren, dazwischen immer einen Reboot machen. Solange bis Du weißt welcher Dienst die Probleme macht.

Diesen dann hier benennen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.12.2014, 19:31   #9
thesaint225
 
Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools" - Standard

Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools"



Guten Abend,

Also der Clean Boot brachte leider auch nicht den gewünschten Erfolg, auch ohne die aktivierten Dienste bestehen die Probleme noch.

Ich weiß nicht wie Ehrgeizig du bist aber wegen mir können wir gerne an der Stelle Schluss machen und ich setz das System neu auf. Es läuft mittlerweile schon seit über 2 Jahren und so hat es sich den ruhestand verdient. Daten währen soweit gesichert und alles vorbereitet.

Wenn du denn fall allerdings knacken willst, dann will ich dir gerne behilflich sein

Ansonsten werden ich nach kurzer Antwort morgen einfach mit der Neuinstallation starten.

MFG Danny

Alt 10.12.2014, 14:29   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools" - Standard

Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools"



Mein nächster Tipp wäre neuaufsetzen. Wenn der Clean Boot nichts bringt ist WIndows ansich das Problem
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools"
adware, antivirus, browser, combofix, cpu, defender, desktop, firefox, flash player, helper, homepage, iexplore.exe, langsam, performance, scan, security, services.exe, spyware, svchost.exe, tracker, trojaner, trojaner board, trojaner?, tunnel, uplay, usb, windows, wiso



Ähnliche Themen: Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools"


  1. win 7 firefox langsam "keine Rückmeldung" immer wieder Meldung "ein skript auf dieser Seite ist eventuell beschädigt...."
    Plagegeister aller Art und deren Bekämpfung - 14.01.2015 (11)
  2. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  3. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  4. "search.ueep.com" und "Antivirus Security Pro" entfernen
    Plagegeister aller Art und deren Bekämpfung - 08.11.2013 (36)
  5. WIN 7: Malwarebytes Anti-Malware meldet "PUM.UserWLoad" & "Trojan.Ransom"
    Log-Analyse und Auswertung - 04.09.2013 (21)
  6. SPAM-Vorwurf durch Internet-Anbieter / "Malwarebytes Anti-Malware"-Abstürze / Nachfrage zu "Secunia PSI"
    Log-Analyse und Auswertung - 30.08.2013 (17)
  7. Gibt es einen Schutz vor "Malware Defense", "Antivirus 2010pro" und Co?
    Antiviren-, Firewall- und andere Schutzprogramme - 30.12.2012 (25)
  8. "Deutsche Post(eMail-Anhang)" Alle "EXE(Programme)" werden blockiert "WIN 7 Defender"
    Plagegeister aller Art und deren Bekämpfung - 27.12.2012 (3)
  9. "The document has moved. Redirecting"+"Popup unten rechts"+"Nicht alle Links anklickbar"
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (38)
  10. Öffentliches Netzwerk: Opera sendet/empfängt Daten an/von "Dani-PC", "Anne-PC", "PAULA-HP"...
    Netzwerk und Hardware - 02.05.2011 (14)
  11. Trojaner "Backdoor.Bifrose" ,Fund durch "Spyware Doctor"
    Plagegeister aller Art und deren Bekämpfung - 27.01.2010 (9)
  12. Windows XP Sehr Langsam und Probleme mit der "Senden an" Funktion
    Log-Analyse und Auswertung - 10.07.2009 (0)
  13. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)
  14. "Hijacked Internet access by WebHancer" installiert "Antivirus 2009 XP"
    Log-Analyse und Auswertung - 18.08.2008 (1)
  15. "error cleaner" "privacy protector" "spyware&malware protection"
    Plagegeister aller Art und deren Bekämpfung - 28.06.2008 (7)
  16. "error cleaner" "privacy protector" "spyware und malware protection"
    Plagegeister aller Art und deren Bekämpfung - 28.06.2008 (2)
  17. ">"">><meta http-equiv="Refresh" content="0;url=http://askimizsonsuza.com/code/">"">
    Plagegeister aller Art und deren Bekämpfung - 04.09.2006 (4)

Zum Thema Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools" - Hallo liebes Trojaner Board Team. Gestern Abend lief der gute Rechner noch ohne Probleme, heute Plötzlich sehr langsames Ansprechen auf alle Befehle, einige Programme Startern gar nicht erst. MBAM verharrt - Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools"...
Archiv
Du betrachtest: Anti Spyware+ Antivirus ohne funktion, PC langsam, "Setting.DisableTaskMgr", "Setting.DisableRegistryTools" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.