Trojaner-Board - PUA/Linkury.gen2

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - PUA/Linkury.gen2 (https://www.trojaner-board.de/166446-pua-linkury-gen2.html)

PUA/Linkury.gen2

Vor ein paar Tagen hat AntiVir mir eine Meldung angezeigt, es wurde PUA/Linkury.gen2 auf meinem Laptop gefunden.
Ich habe ihn im AntiVir in Quarantäne verschoben und habe Malwarebytes Anti-Malware drüberlaufen lassen, das wohl nichts gefunden hat.
Ich finde aber dass er beim Hochfahren sehr viel Zeit braucht, das Öffnen von Outlook und anzeigen von Emails dauert lange und das Anzeigen von Bildern oder Videos geht manches Mal nicht oder dauert lange.
Und der Bildschirmschoner geht manches Mal gar nicht an.

Deshalb habe ich die Befürchtung da ist noch etwas oder es wurde etwas verändert.

Ich bin in solchen Sachen aber absoluter Laie, bitte schreibt verständlich mit mir :)

Hier ist das letzte Log von dem Malware Programm

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 24.04.2015
Suchlauf-Zeit: 19:58:24
Logdatei: Log.txt
Administrator: Nein

Version: 2.00.4.1028
Malware Datenbank: v2015.04.24.04
Rootkit Datenbank: v2015.04.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: karlotti

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 304059
Verstrichene Zeit: 7 Min, 54 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)

(end)

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015

Ran by karlotti (ATTENTION: The logged in user is not administrator) on CHARLYNN on 26-04-2015 15:29:38

Running from C:\Users\karlotti\Desktop

Loaded Profiles: karlotti & Wangi (Available profiles: karlotti & Wangi & Administrator)

Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser: FF)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

Failed to access process -> smss.exe

Failed to access process -> csrss.exe

Failed to access process -> wininit.exe

Failed to access process -> services.exe

Failed to access process -> lsass.exe

Failed to access process -> svchost.exe

Failed to access process -> svchost.exe

Failed to access process -> nvvsvc.exe

Failed to access process -> svchost.exe

Failed to access process -> svchost.exe

Failed to access process -> svchost.exe

Failed to access process -> igfxCUIService.exe

Failed to access process -> svchost.exe

Failed to access process -> RtkAudioService64.exe

Failed to access process -> svchost.exe

Failed to access process -> wlanext.exe

Failed to access process -> conhost.exe

Failed to access process -> spoolsv.exe

Failed to access process -> sched.exe

Failed to access process -> svchost.exe

Failed to access process -> armsvc.exe

Failed to access process -> AERTSr64.exe

Failed to access process -> avguard.exe

Failed to access process -> btwdins.exe

Failed to access process -> SkypeC2CAutoUpdateSvc.exe

Failed to access process -> SkypeC2CPNRSvc.exe

Failed to access process -> GfExperienceService.exe

Failed to access process -> HeciServer.exe

Failed to access process -> nis.exe

Failed to access process -> NvNetworkService.exe

Failed to access process -> nvstreamsvc.exe

Failed to access process -> dasHost.exe

Failed to access process -> svchost.exe

Failed to access process -> TrueColorALS.exe

Failed to access process -> igfxext.exe

Failed to access process -> Avira.OE.ServiceHost.exe

Failed to access process -> nvstreamsvc.exe

Failed to access process -> conhost.exe

Failed to access process -> avshadow.exe

Failed to access process -> WmiPrvSE.exe

Failed to access process -> svchost.exe

Failed to access process -> SearchIndexer.exe

Failed to access process -> svchost.exe

Failed to access process -> PresentationFontCache.exe

Failed to access process -> WmiPrvSE.exe

Failed to access process -> DeliveryService.exe

Failed to access process -> DellUpService.exe

Failed to access process -> jhi_service.exe

Failed to access process -> LMS.exe

Failed to access process -> SftService.exe

Failed to access process -> SearchProtocolHost.exe

Failed to access process -> csrss.exe

Failed to access process -> winlogon.exe

Failed to access process -> dwm.exe

Failed to access process -> nvxdsync.exe

Failed to access process -> nvvsvc.exe

Failed to access process -> RAVBg64.exe

Failed to access process -> taskeng.exe

Failed to access process -> taskhostex.exe

Failed to access process -> SynTPEnh.exe

Failed to access process -> nis.exe

Failed to access process -> explorer.exe

Failed to access process -> igfxHK.exe

Failed to access process -> SynTPHelper.exe

Failed to access process -> nvtray.exe

Failed to access process -> NvBackend.exe

Failed to access process -> RtkNGUI64.exe

Failed to access process -> RAVBg64.exe

Failed to access process -> WavesSvc64.exe

Failed to access process -> quickset.exe

Failed to access process -> BTTray.exe

Failed to access process -> avgnt.exe

Failed to access process -> BTStackServer.exe

Failed to access process -> Avira.OE.Systray.exe

Failed to access process -> csrss.exe

Failed to access process -> winlogon.exe

Failed to access process -> dwm.exe

Failed to access process -> nvxdsync.exe

Failed to access process -> nvvsvc.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe

Failed to access process -> RAVBg64.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

() C:\Program Files\TrueColor\DriverConsoleApp.exe

(Intel Corporation) C:\Windows\System32\igfxext.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

Failed to access process -> nvstreamsvc.exe

Failed to access process -> conhost.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

Failed to access process -> SearchFilterHost.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

Failed to access process -> rundll32.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe

(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe

(Dell) C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-18] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-14] (Realtek Semiconductor)

HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-31] (Waves Audio Ltd.)

HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-17] (Dell Inc.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [TrueColor UI] => [X]

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-11] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\Run: [icq] => C:\Users\karlotti\AppData\Roaming\ICQM\icq.exe [28700192 2014-11-15] (ICQ)

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\Run: [DellSystemDetect] => C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-27] (Dell)

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\RunOnce: [Adobe Speed Launcher] => 1430054888

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)

HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-11-27]

ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\SYSTEM32\mscoree.dll [2013-08-22] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\SYSTEM32\mscoree.dll [2013-08-22] (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB

URLSearchHook: [S-1-5-21-2350501838-174650804-1580158862-1005] ATTENTION ==> Default URLSearchHook is missing.

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1001 -> DefaultScope {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL = 

SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1001 -> {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL = 

BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\karlotti\AppData\Roaming\Mozilla\Firefox\Profiles\vs6h5kbb.default

FF NewTab: www.t-online.de

FF Homepage: www.t-online.de

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)

FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\karlotti\AppData\Roaming\Mozilla\Firefox\Profiles\vs6h5kbb.default\Extensions\de_DE@dicts.j3e.de [2015-02-27]

FF Extension: Print pages to PDF - C:\Users\karlotti\AppData\Roaming\Mozilla\Firefox\Profiles\vs6h5kbb.default\Extensions\printPages2Pdf@reinhold.ripper [2014-11-17]

FF Extension: Classic Theme Restorer (Customize UI) - C:\Users\karlotti\AppData\Roaming\Mozilla\Firefox\Profiles\vs6h5kbb.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-11-17]

FF Extension: Adblock Plus - C:\Users\karlotti\AppData\Roaming\Mozilla\Firefox\Profiles\vs6h5kbb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-15]

FF Extension: Tab Mix Plus - C:\Users\karlotti\AppData\Roaming\Mozilla\Firefox\Profiles\vs6h5kbb.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-11-17]

FF Extension: Theme Font & Size Changer - C:\Users\karlotti\AppData\Roaming\Mozilla\Firefox\Profiles\vs6h5kbb.default\Extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}.xpi [2014-11-17]

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-23]

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn [2015-04-26]
 

Chrome: 

=======

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-11] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-11] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-11] (Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-11] (Avira Operations GmbH & Co. KG)

R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-11-27] (Broadcom Corporation.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)

R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [211320 2015-02-11] (Dell Inc.)

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-03-31] (Intel Corporation)

R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]

S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)

R2 lmhosts; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)

R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)

S2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]

R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)

R2 NlaSvc; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)

R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)

R2 nsi; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)

R2 nsi; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)

S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)

S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)

R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2014-04-05] (SoftThinks SAS)

R2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [89072 2014-04-30] ()

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-27] (Broadcom Corporation.)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7488176 2013-11-27] (Broadcom Corporation)

R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20150418.001\BHDrvx64.sys [1639128 2015-04-08] (Symantec Corporation)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-29] (Microsoft Corporation)

R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)

R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)

R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation)

R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation)

R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20150424.001\IDSvia64.sys [671448 2015-03-26] (Symantec Corporation)

R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)

R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150425.002\ENG64.SYS [129752 2015-01-28] (Symantec Corporation)

R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150425.002\EX64.SYS [2137304 2015-01-28] (Symantec Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)

R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)

S0 SymELAM; C:\Windows\System32\drivers\NISx64\1507000.00B\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)

R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-11-15] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)

R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-15] (Synaptics Incorporated)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-04-26 15:29 - 2015-04-26 15:30 - 00024310 _____ () C:\Users\karlotti\Desktop\FRST.txt

2015-04-26 15:29 - 2015-04-26 15:29 - 00000000 ____D () C:\FRST

2015-04-26 15:28 - 2015-04-26 15:28 - 02101248 _____ (Farbar) C:\Users\karlotti\Desktop\FRST64.exe

2015-04-24 22:04 - 2015-04-26 15:28 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth

2015-04-23 23:00 - 2015-04-23 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2015-04-17 22:20 - 2015-04-17 22:28 - 00000000 ____D () C:\Users\karlotti\Desktop\Kamera

2015-04-16 19:03 - 2015-04-16 19:03 - 00000401 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

2015-04-16 18:57 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys

2015-04-16 18:57 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys

2015-04-16 18:57 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll

2015-04-16 18:57 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll

2015-04-15 17:25 - 2015-04-15 17:25 - 00000000 ____D () C:\WINDOWS\system32\appraiser

2015-04-15 17:12 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-04-15 17:12 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2015-04-15 17:12 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll

2015-04-15 17:12 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2015-04-15 17:12 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll

2015-04-15 17:12 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll

2015-04-15 17:12 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll

2015-04-15 17:12 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll

2015-04-15 17:12 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe

2015-04-15 17:12 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe

2015-04-15 17:12 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll

2015-04-15 17:12 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll

2015-04-15 17:12 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-04-15 17:12 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2015-04-15 17:12 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-04-15 17:12 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-04-15 17:12 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2015-04-15 17:12 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-04-15 17:12 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2015-04-15 17:12 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2015-04-15 17:12 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-04-15 17:12 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2015-04-15 17:12 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-04-15 17:12 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2015-04-15 17:12 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2015-04-15 17:12 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-04-15 17:12 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll

2015-04-15 17:12 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2015-04-15 17:12 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2015-04-15 17:12 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2015-04-15 17:12 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2015-04-15 17:12 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll

2015-04-15 17:12 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-04-15 17:12 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-04-15 17:12 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2015-04-15 17:12 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2015-04-15 17:12 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-04-15 17:12 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2015-04-15 17:12 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll

2015-04-15 17:11 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2015-04-15 17:11 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2015-04-15 17:11 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2015-04-15 17:11 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2015-04-15 17:11 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll

2015-04-15 17:11 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll

2015-04-15 17:11 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll

2015-04-15 17:11 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2015-04-15 17:11 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll

2015-04-15 17:11 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe

2015-04-15 17:11 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2015-04-15 17:11 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2015-04-15 17:11 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2015-04-15 17:11 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2015-04-15 17:11 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2015-04-15 17:11 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll

2015-04-15 17:11 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe

2015-04-15 17:11 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2015-04-15 17:11 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2015-04-15 17:11 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2015-04-15 17:11 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll

2015-04-15 17:11 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll

2015-04-15 17:11 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys

2015-04-15 17:11 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 24802928 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 02946024 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe

2015-03-31 19:02 - 2015-03-31 19:02 - 02776408 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01513304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01402336 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01399240 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01369088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01063936 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00979800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00671352 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00623616 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00615544 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00472976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe

2015-03-31 19:02 - 2015-03-31 19:02 - 00403671 _____ () C:\WINDOWS\system32\ImageStabilization.wmv

2015-03-31 19:02 - 2015-03-31 19:02 - 00385024 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00372224 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00354136 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00304128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00279952 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe

2015-03-31 19:02 - 2015-03-31 19:02 - 00275800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00255488 _____ () C:\WINDOWS\system32\igfxCPL.cpl

2015-03-31 19:02 - 2015-03-31 19:02 - 00229888 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00213504 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00211656 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00197464 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4156.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00178672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00178176 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00135000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00127320 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ () C:\WINDOWS\system32\igfxCUIServicePS.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00069632 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00059904 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00004016 _____ () C:\WINDOWS\system32\iglhxs64.vp

2015-03-31 19:01 - 2015-03-31 19:01 - 17761872 _____ () C:\WINDOWS\system32\igd11dxva64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 17285440 _____ () C:\WINDOWS\SysWOW64\igd11dxva32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 15982080 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 10853888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 08605632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 06021437 _____ () C:\WINDOWS\system32\igdclbif.bin

2015-03-31 19:01 - 2015-03-31 19:01 - 04877240 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys

2015-03-31 19:01 - 2015-03-31 19:01 - 03550208 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 03320320 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00636016 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00515488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00398848 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00350208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00282696 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00263120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00227328 _____ () C:\WINDOWS\system32\igdde64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00187392 _____ () C:\WINDOWS\SysWOW64\igdde32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00169984 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00152064 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll

2015-03-31 19:00 - 2015-03-31 19:00 - 09504256 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll

2015-03-31 19:00 - 2015-03-31 19:00 - 07484416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll

2015-03-31 19:00 - 2015-03-31 19:00 - 01131008 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll

2015-03-31 19:00 - 2015-03-31 19:00 - 01029008 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 01025936 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 00641530 _____ () C:\WINDOWS\system32\FilmModeDetection.wmv

2015-03-31 19:00 - 2015-03-31 19:00 - 00448912 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 00375173 _____ () C:\WINDOWS\system32\ColorImageEnhancement.wmv

2015-03-31 19:00 - 2015-03-31 19:00 - 00339344 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 00338832 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 00157072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe

2015-03-30 01:08 - 2015-01-25 11:47 - 00001117 _____ () C:\Users\karlotti\Desktop\Malwarebytes Anti-Malware.lnk

2015-03-29 13:06 - 2015-03-29 13:06 - 00000000 ____D () C:\Users\karlotti\Tracing

2015-03-29 13:00 - 2015-03-29 13:00 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX

2015-03-29 13:00 - 2015-03-29 13:00 - 00000000 ___SD () C:\WINDOWS\system32\GWX

2015-03-29 12:59 - 2015-03-29 13:10 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Skype

2015-03-29 12:59 - 2015-03-29 12:59 - 00000000 ____D () C:\Users\karlotti\AppData\Local\Skype

2015-03-29 12:58 - 2015-03-29 13:04 - 00000000 ___RD () C:\Program Files (x86)\Skype

2015-03-29 12:58 - 2015-03-29 13:04 - 00000000 ____D () C:\ProgramData\Skype

2015-03-29 12:58 - 2015-03-29 13:00 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk

2015-03-29 12:58 - 2015-03-29 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2015-03-29 12:42 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2015-03-29 12:42 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2015-03-29 12:42 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe

2015-03-29 12:42 - 2014-11-17 22:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe

2015-03-29 12:42 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll

2015-03-29 12:42 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

2015-03-29 12:42 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll

2015-03-29 12:42 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2015-03-29 12:42 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll

2015-03-29 12:42 - 2014-11-14 08:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll

2015-03-29 12:42 - 2014-11-14 08:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll

2015-03-29 12:42 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2015-03-29 12:42 - 2014-11-10 20:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2015-03-29 12:42 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys

2015-03-29 12:42 - 2014-11-10 20:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

2015-03-29 12:42 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys

2015-03-29 12:42 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys

2015-03-29 12:42 - 2014-11-10 03:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL

2015-03-29 12:42 - 2014-11-10 03:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL

2015-03-29 12:42 - 2014-11-10 03:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL

2015-03-29 12:42 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll

2015-03-29 12:42 - 2014-11-10 03:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL

2015-03-29 12:42 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll

2015-03-29 12:42 - 2014-11-10 03:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll

2015-03-29 12:42 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll

2015-03-29 12:42 - 2014-11-10 02:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll

2015-03-29 12:42 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys

2015-03-29 12:42 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys

2015-03-29 12:42 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp

2015-03-29 12:42 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll

2015-03-29 12:42 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll

2015-03-29 12:42 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll

2015-03-29 12:42 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp

2015-03-29 12:42 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll

2015-03-29 12:42 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll

2015-03-29 12:42 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll

2015-03-29 12:42 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

2015-03-29 12:42 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

2015-03-29 12:42 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll

2015-03-29 12:42 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2015-03-29 12:42 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2015-03-29 12:42 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2015-03-29 12:42 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2015-03-29 12:42 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL

2015-03-29 12:42 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL

2015-03-29 12:42 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll

2015-03-29 12:42 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll

2015-03-29 12:42 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll

2015-03-29 12:42 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll

2015-03-29 12:42 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL

2015-03-29 12:42 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL

2015-03-29 12:42 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll

2015-03-29 12:42 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll

2015-03-29 12:42 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll

2015-03-29 12:42 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll

2015-03-29 12:42 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll

2015-03-29 12:42 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll

2015-03-29 12:42 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys

2015-03-29 12:42 - 2014-11-04 21:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys

2015-03-29 12:42 - 2014-11-04 21:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys

2015-03-29 12:42 - 2014-11-04 08:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys

2015-03-29 12:42 - 2014-11-04 08:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys

2015-03-29 12:42 - 2014-11-04 08:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys

2015-03-29 12:42 - 2014-11-04 08:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys

2015-03-29 12:42 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe

2015-03-29 12:42 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe

2015-03-29 12:42 - 2014-10-31 02:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2015-03-29 12:42 - 2014-10-31 02:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2015-03-29 12:42 - 2014-10-29 05:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys

2015-03-29 12:42 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll

2015-03-29 12:42 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll

2015-03-29 12:42 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll

2015-03-29 12:42 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll

2015-03-29 12:42 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll

2015-03-29 12:42 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll

2015-03-29 12:42 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll

2015-03-29 12:42 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe

2015-03-29 12:42 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll

2015-03-29 12:42 - 2014-10-17 06:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2015-03-29 12:42 - 2014-10-17 06:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2015-03-29 12:42 - 2014-10-17 06:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys

2015-03-29 12:42 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys

2015-03-29 11:00 - 2015-03-29 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-03-29 10:59 - 2015-03-29 10:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2015-03-29 10:59 - 2015-03-29 10:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2015-03-27 20:58 - 2015-03-27 20:58 - 00000000 ____D () C:\Program Files (x86)\Dell Product Registration

2015-03-27 20:57 - 2015-03-27 22:59 - 00000000 ____D () C:\Users\karlotti\AppData\Local\Ori and the Blind Forest

2015-03-27 20:55 - 2015-03-27 20:55 - 00001088 _____ () C:\Users\karlotti\Desktop\ORI.lnk

2015-03-27 17:52 - 2015-03-27 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ori and the Blind Forest
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-04-26 15:27 - 2015-02-06 21:21 - 00000512 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job

2015-04-26 15:26 - 2015-02-13 20:48 - 00000000 ____D () C:\Program Files (x86)\Dell Update

2015-04-26 15:26 - 2014-12-05 10:29 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery

2015-04-26 15:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2015-04-26 14:59 - 2015-01-29 11:51 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-04-26 11:15 - 2014-09-29 14:40 - 02071240 _____ () C:\WINDOWS\WindowsUpdate.log

2015-04-26 10:48 - 2014-09-29 15:27 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery

2015-04-26 10:45 - 2013-08-22 16:46 - 00114071 _____ () C:\WINDOWS\setupact.log

2015-04-26 10:45 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2015-04-25 00:30 - 2014-11-23 22:32 - 00000000 ___RD () C:\Users\karlotti\Desktop\Dokus1

2015-04-24 18:19 - 2014-09-29 14:36 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2015-04-24 18:19 - 2013-09-03 15:39 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat

2015-04-24 18:19 - 2013-09-03 15:39 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat

2015-04-24 08:54 - 2014-12-11 01:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2015-04-22 18:00 - 2015-02-06 21:21 - 00000486 _____ () C:\WINDOWS\Tasks\ParetoLogic Registration3.job

2015-04-18 12:43 - 2015-03-01 17:11 - 00000000 ____D () C:\Users\karlotti\Desktop\Ebay

2015-04-17 18:26 - 2014-11-23 12:18 - 00000000 ____D () C:\ProgramData\Oracle

2015-04-17 18:24 - 2014-11-23 12:18 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2015-04-17 18:24 - 2014-11-23 12:18 - 00000000 ____D () C:\Program Files (x86)\Java

2015-04-16 19:03 - 2014-09-29 15:15 - 00000000 ____D () C:\Intel

2015-04-16 18:57 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp

2015-04-16 14:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache

2015-04-16 12:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat

2015-04-15 17:25 - 2015-03-05 19:56 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2015-04-15 17:21 - 2014-11-15 18:46 - 00000000 ____D () C:\WINDOWS\system32\MRT

2015-04-15 17:18 - 2014-11-16 21:37 - 00000000 ____D () C:\ProgramData\Microsoft Help

2015-04-15 17:18 - 2014-11-15 18:46 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-04-14 01:24 - 2014-11-15 23:05 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-04-14 01:24 - 2014-11-15 23:05 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-04-12 18:06 - 2014-11-24 01:45 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\vlc

2015-04-12 18:05 - 2014-11-24 01:46 - 00000000 ____D () C:\Users\karlotti\AppData\Local\CrashDumps

2015-04-12 09:38 - 2014-09-29 14:23 - 00390680 _____ () C:\WINDOWS\PFRO.log

2015-04-11 15:53 - 2014-09-29 15:21 - 00000000 ____D () C:\ProgramData\Package Cache

2015-04-11 15:52 - 2014-11-15 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2015-04-11 15:52 - 2014-11-15 14:12 - 00000000 ____D () C:\Program Files (x86)\Avira

2015-04-11 15:51 - 2014-11-15 20:08 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Avira

2015-04-11 15:50 - 2014-11-15 14:12 - 00000000 ____D () C:\ProgramData\Avira

2015-03-31 19:02 - 2014-09-29 15:17 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL

2015-03-31 19:02 - 2014-09-29 15:17 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL

2015-03-31 19:02 - 2014-09-29 14:02 - 06067760 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 04782296 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 02024960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 00695808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 00392592 _____ () C:\WINDOWS\system32\igfxTray.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00344976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00314256 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00278528 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 00249232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00218512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll

2015-03-31 19:01 - 2014-09-29 14:02 - 24003648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll

2015-03-31 19:01 - 2014-09-29 14:02 - 09396160 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll

2015-03-29 15:27 - 2015-02-06 21:20 - 00000000 ____D () C:\ProgramData\ParetoLogic

2015-03-29 13:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup

2015-03-29 13:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup

2015-03-29 13:06 - 2014-11-15 13:12 - 00000000 ____D () C:\Users\karlotti

2015-03-29 12:43 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel

2015-03-29 12:41 - 2014-11-15 14:38 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll

2015-03-27 20:58 - 2014-09-29 15:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
 

==================== Files in the root of some directories =======
 

2014-09-29 14:27 - 2014-09-29 14:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2015-01-25 14:35 - 2015-01-25 14:35 - 0000032 _____ () C:\ProgramData\Temp.log

2014-09-29 15:14 - 2014-09-29 15:15 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log

2014-09-29 15:10 - 2014-09-29 15:12 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log

2014-09-29 15:12 - 2014-09-29 15:13 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log

2014-09-29 15:13 - 2014-09-29 15:14 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log

2014-09-29 15:10 - 2014-09-29 15:10 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 

Files to move or delete:

====================

C:\Users\Public\NTUSER (1).DAT
 
 

Some content of TEMP:

====================

C:\Users\karlotti\AppData\Local\Temp\avgnt.exe

C:\Users\karlotti\AppData\Local\Temp\jre-8u31-windows-au.exe

C:\Users\karlotti\AppData\Local\Temp\SkypeSetup.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 

==================== End Of Log ============================

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2015

Ran by karlotti at 2015-04-26 15:30:32

Running from C:\Users\karlotti\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Accounts: =============================
 

Administrator (S-1-5-21-2350501838-174650804-1580158862-500 - Administrator - Disabled) => C:\Users\Administrator

Gast (S-1-5-21-2350501838-174650804-1580158862-501 - Limited - Enabled)

karlotti (S-1-5-21-2350501838-174650804-1580158862-1001 - Limited - Enabled) => C:\Users\karlotti

Wangi (S-1-5-21-2350501838-174650804-1580158862-1005 - Administrator - Enabled) => C:\Users\Wangi
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}

AV: Norton Internet Security Online (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Norton Internet Security Online (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}

FW: Norton Internet Security Online (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)

Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden

Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)

calibre 64bit (HKLM\...\{1428EEEC-F3E9-407A-A60E-2E51CF66ED80}) (Version: 2.20.0 - Kovid Goyal)

CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)

Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden

Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden

Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden

Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.2 - Dell Inc.)

Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Dell Inc.)

Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)

Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)

Dell System Detect (HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\73f463568823ebbe) (Version: 5.12.0.3 - Dell)

Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.1 - Synaptics Incorporated)

Dell Update (HKLM-x32\...\{D9E0A33F-19D6-45A7-83BB-535C7B5F699B}) (Version: 1.5.3000.0 - Dell Inc.)

DSC/AA Factory Installer (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden

DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 6.30.223.181 - Dell Inc.)

ICQ 8.1 (build 6346) (HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\ICQ) (Version: 8.1.6346.0 - Mail.Ru)

Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4156 - Intel Corporation)

Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)

Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)

My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)

My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell)

My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) Hidden

Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)

NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)

NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)

Ori and the Blind Forest (HKLM-x32\...\Ori and the Blind Forest_is1) (Version:  - )

Paint Shop Pro 7 Evaluation (HKLM-x32\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.0.0000 - Jasc Software Inc)

PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)

PDF Architect 2 View Module (HKLM-x32\...\{D691E998-CF53-4F6C-AC20-E4284660E0E7}) (Version: 2.1.6.19758 - pdfforge GmbH)

PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.18 - Dell Inc.)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.)

SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden

Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)

Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)

True Color (HKLM-x32\...\{f8476c72-fe9e-4c04-a537-40a60257e57d}) (Version: 2.0.0.1 - Entertainment Experience)

True Color (Version: 2.0.0.1 - Entertainment Experience LLC) Hidden

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)

WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8070 - Broadcom Corporation)

WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 

==================== Restore Points  =========================
 

ATTENTION: System Restore is disabled.

Check "winmgmt" service or repair WMI.
 
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => 

Task: C:\WINDOWS\Tasks\ParetoLogic Registration3.job => 

Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job => 

Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3.job => 

Task: C:\WINDOWS\Tasks\SuperEasyDriverUpdater_UPDATES.job => 
 

==================== Loaded Modules (whitelisted) ==============
 

2014-04-30 15:20 - 2014-04-30 15:20 - 00016368 _____ () C:\Program Files\TrueColor\DriverConsoleApp.exe

2014-09-29 15:29 - 2014-03-12 21:22 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll

2014-09-29 15:29 - 2014-03-12 21:22 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll

2013-10-25 13:05 - 2013-10-25 13:05 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 

==================== EXE Association (whitelisted) ===============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== Internet Explorer trusted/restricted ===============
 

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 

IE trusted site: HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\dell.com -> dell.com
 
 

==================== Other Areas ============================
 

(Currently there is no automatic fix for this section.)
 

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\karlotti\AppData\Local\Microsoft\Windows\Themes\German La\DesktopBackground\14_jörg_franzen_-_hallig_hooge.jpg

DNS Servers: 192.168.2.1
 

==================== MSCONFIG/TASK MANAGER disabled items ==
 

(Currently there is no automatic fix for this section.)
 

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\StartupApproved\Run: => "icq"
 

==================== FirewallRules (whitelisted) ===============
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 

FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC] => (Allow) %systemroot%\system32\wininit.exe

FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper] => (Allow) %systemroot%\system32\wininit.exe

FirewallRules: [ProximityUxHost-Sharing-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe

FirewallRules: [ProximityUxHost-Sharing-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe

FirewallRules: [NETDIS-DAS-In-UDP-Active] => (Allow) %SystemRoot%\system32\dashost.exe

FirewallRules: [NETDIS-DAS-In-UDP] => (Allow) %SystemRoot%\system32\dashost.exe

FirewallRules: [EventForwarder-In-TCP] => (Allow) %SystemRoot%\system32\NetEvtFwdr.exe

FirewallRules: [TPMVSCMGR-Server-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe

FirewallRules: [TPMVSCMGR-Server-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe

FirewallRules: [TPMVSCMGR-Server-In-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe

FirewallRules: [TPMVSCMGR-Server-Out-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe

FirewallRules: [PlayTo-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe

FirewallRules: [PlayTo-In-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe

FirewallRules: [PlayTo-In-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe

FirewallRules: [PlayTo-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe

FirewallRules: [PlayTo-Out-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe

FirewallRules: [PlayTo-Out-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe

FirewallRules: [PlayTo-In-RTSP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe

FirewallRules: [PlayTo-In-RTSP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe

FirewallRules: [PlayTo-In-RTSP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe

FirewallRules: [WFDPRINT-DAFWSD-In-Active] => (Allow) %SystemRoot%\system32\dashost.exe

FirewallRules: [WFDPRINT-DAFWSD-Out-Active] => (Allow) %SystemRoot%\system32\dashost.exe

FirewallRules: [{C2FE2CE1-066B-4A23-866B-E49F91E08C46}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{092E4438-4D24-44F7-BCBA-2BC27DFDACD6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{6446B6B3-4003-4D93-BF9B-90926B58B5D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

FirewallRules: [{94D34013-8E65-4A41-8E00-70BEAFC80BE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

FirewallRules: [{FA47F52C-4D47-4746-B2C6-E0CCA8109ACB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{C4AB114D-3593-48F0-BB02-CD9350DCBDAC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{C0F39CA6-5CC9-4881-A0B9-7132F01B4834}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

FirewallRules: [{1FD42A06-D593-4147-B6B4-038D09522908}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

FirewallRules: [{245FDBF3-FA76-4609-9DC9-17C6C9BE395B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\outlook.exe

FirewallRules: [{4A9F38D0-0A9F-44FB-9967-A01960104283}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{DBB1154F-3BDB-4A6F-9CA8-ADCF0619DFBA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [TCP Query User{A6D72016-E26C-4F58-ADF5-DA29194F57E0}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe

FirewallRules: [UDP Query User{468BA989-DBFA-4622-BC07-1425F390CEA9}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe

FirewallRules: [TCP Query User{201CAEBD-12FB-47DE-BD06-760BA6A7467C}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe

FirewallRules: [UDP Query User{EFBBC70A-85CB-414E-BD24-7BE419062420}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe

FirewallRules: [{E61BD6EC-5B1A-4267-B1B8-4DB5B85153FC}] => (Block) D:\Games\Ori and the Blind Forest\ori.exe
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (04/25/2015 09:36:01 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: BITSC:\Windows\System32\bitsperf.dll8
 

Error: (04/23/2015 10:58:53 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 12.0.6691.5000, Zeitstempel: 0x52e8c57c

Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f42c2

Ausnahmecode: 0xc0000374

Fehleroffset: 0x000e5624

ID des fehlerhaften Prozesses: 0x1520

Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0

Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1

Pfad des fehlerhaften Moduls: OUTLOOK.EXE2

Berichtskennung: OUTLOOK.EXE3

Vollständiger Name des fehlerhaften Pakets: OUTLOOK.EXE4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OUTLOOK.EXE5
 

Error: (04/23/2015 02:31:18 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: BITSC:\Windows\System32\bitsperf.dll8
 

Error: (04/22/2015 08:35:16 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: BITSC:\Windows\System32\bitsperf.dll8
 

Error: (04/21/2015 08:34:18 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: BITSC:\Windows\System32\bitsperf.dll8
 

Error: (04/16/2015 06:45:35 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: BITSC:\Windows\System32\bitsperf.dll8
 

Error: (04/12/2015 06:05:55 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000

Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17668, Zeitstempel: 0x54c850f5

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00000000000582bb

ID des fehlerhaften Prozesses: 0x19ac

Startzeit der fehlerhaften Anwendung: 0xvlc.exe0

Pfad der fehlerhaften Anwendung: vlc.exe1

Pfad des fehlerhaften Moduls: vlc.exe2

Berichtskennung: vlc.exe3

Vollständiger Name des fehlerhaften Pakets: vlc.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
 

Error: (04/01/2015 07:35:07 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: BITSC:\Windows\System32\bitsperf.dll8
 

Error: (03/29/2015 01:16:13 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: igfxTray.exe, Version: 6.15.10.3574, Zeitstempel: 0x535821b3

Name des fehlerhaften Moduls: combase.dll, Version: 6.3.9600.17415, Zeitstempel: 0x545044f9

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00000000000394ca

ID des fehlerhaften Prozesses: 0xde0

Startzeit der fehlerhaften Anwendung: 0xigfxTray.exe0

Pfad der fehlerhaften Anwendung: igfxTray.exe1

Pfad des fehlerhaften Moduls: igfxTray.exe2

Berichtskennung: igfxTray.exe3

Vollständiger Name des fehlerhaften Pakets: igfxTray.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxTray.exe5
 

Error: (03/28/2015 04:15:34 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: BITSC:\Windows\System32\bitsperf.dll8
 
 

System errors:

=============

Error: (04/26/2015 10:46:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "My Dell Client Framework" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (04/26/2015 10:46:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst My Dell Client Framework erreicht.
 

Error: (04/25/2015 07:51:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (04/25/2015 07:51:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.
 

Error: (04/25/2015 00:44:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 

%%1062
 

Error: (04/24/2015 08:40:58 PM) (Source: DCOM) (EventID: 10010) (User: Charlynn)

Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 

Error: (04/24/2015 00:40:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "My Dell Client Framework" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (04/24/2015 00:40:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst My Dell Client Framework erreicht.
 

Error: (04/24/2015 08:55:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "My Dell Client Framework" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (04/24/2015 08:55:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst My Dell Client Framework erreicht.
 
 

Microsoft Office Sessions:

=========================

Error: (01/26/2015 00:24:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6887 seconds with 0 seconds of active time.  This session ended with a crash.
 
 

==================== Memory info =========================== 
 

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz

Percentage of memory in use: 36%

Total physical RAM: 8095.82 MB

Available physical RAM: 5152.75 MB

Total Pagefile: 9375.82 MB

Available Pagefile: 6302 MB

Total Virtual: 131072 MB

Available Virtual: 131071.78 MB
 

==================== Drives ================================
 

Drive c: (Win) (Fixed) (Total:174.49 GB) (Free:107.46 GB) NTFS

Drive d: (Daten) (Fixed) (Total:240.5 GB) (Free:111.41 GB) NTFS

Drive e: (Doku) (Fixed) (Total:209.96 GB) (Free:118.75 GB) NTFS

Drive g: (Backup) (Fixed) (Total:292.97 GB) (Free:178.28 GB) NTFS
 

==================== MBR & Partition Table ==================
 

==================== End Of Log ============================

--- --- ---

FRST bitte nochmal, unsere Tools brauchen immer Adminrechte.

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015

Ran by Wangi (administrator) on CHARLYNN on 27-04-2015 09:49:39

Running from C:\Users\karlotti\Desktop

Loaded Profiles: karlotti & Wangi (Available profiles: karlotti & Wangi & Administrator)

Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser: FF)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

() C:\Program Files\TrueColor\TrueColorALS.exe

(Intel Corporation) C:\Windows\System32\igfxext.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe

(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe

(Dell) C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe

(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe

(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe

(ICQ) C:\Users\karlotti\AppData\Roaming\ICQM\icq.exe

(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

() C:\Program Files\TrueColor\DriverConsoleApp.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(Intel Corporation) C:\Windows\System32\igfxext.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe

(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-18] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-14] (Realtek Semiconductor)

HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-31] (Waves Audio Ltd.)

HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-17] (Dell Inc.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [TrueColor UI] => [X]

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-11] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\Run: [icq] => C:\Users\karlotti\AppData\Roaming\ICQM\icq.exe [28700192 2014-11-15] (ICQ)

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\Run: [DellSystemDetect] => C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-27] (Dell)

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\RunOnce: [Adobe Speed Launcher] => 1430120345

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)

HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\Run: [DellSystemDetect] => C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-27] (Dell)

HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\RunOnce: [Adobe Speed Launcher] => 1430120897

HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\MountPoints2: {5380a5cc-47d3-11e4-824c-806e6f6e6963} - "F:\SETUP.EXE" 

HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-11-27]

ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\SYSTEM32\mscoree.dll [2013-08-22] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\SYSTEM32\mscoree.dll [2013-08-22] (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB

HKU\S-1-5-21-2350501838-174650804-1580158862-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB

HKU\S-1-5-21-2350501838-174650804-1580158862-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1001 -> DefaultScope {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL = 

SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1001 -> {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL = 

SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1005 -> DefaultScope {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL = 

SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1005 -> {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL = 

BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Wangi\AppData\Roaming\Mozilla\Firefox\Profiles\0izdz5hd.default

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-23]

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn [2015-04-27]
 

Chrome: 

=======

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-11] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-11] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-11] (Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-11] (Avira Operations GmbH & Co. KG)

R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-11-27] (Broadcom Corporation.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)

R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [211320 2015-02-11] (Dell Inc.)

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-03-31] (Intel Corporation)

R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]

S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)

S2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]

R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)

S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)

S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)

R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2014-04-05] (SoftThinks SAS)

R2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [89072 2014-04-30] ()

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-27] (Broadcom Corporation.)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7488176 2013-11-27] (Broadcom Corporation)

R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20150418.001\BHDrvx64.sys [1639128 2015-04-08] (Symantec Corporation)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-29] (Microsoft Corporation)

R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)

R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)

R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation)

R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation)

R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20150424.001\IDSvia64.sys [671448 2015-03-26] (Symantec Corporation)

R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)

R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150425.002\ENG64.SYS [129752 2015-01-28] (Symantec Corporation)

R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150425.002\EX64.SYS [2137304 2015-01-28] (Symantec Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)

R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)

S0 SymELAM; C:\Windows\System32\drivers\NISx64\1507000.00B\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)

R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-11-15] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)

R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-15] (Synaptics Incorporated)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-04-26 15:30 - 2015-04-26 15:30 - 00023889 _____ () C:\Users\karlotti\Desktop\Addition.txt

2015-04-26 15:29 - 2015-04-27 09:49 - 00023910 _____ () C:\Users\karlotti\Desktop\FRST.txt

2015-04-26 15:29 - 2015-04-27 09:49 - 00000000 ____D () C:\FRST

2015-04-26 15:28 - 2015-04-26 15:28 - 02101248 _____ (Farbar) C:\Users\karlotti\Desktop\FRST64.exe

2015-04-24 22:04 - 2015-04-26 15:38 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth

2015-04-23 23:00 - 2015-04-23 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2015-04-17 22:20 - 2015-04-17 22:28 - 00000000 ____D () C:\Users\karlotti\Desktop\Kamera

2015-04-16 19:03 - 2015-04-16 19:03 - 00000401 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

2015-04-16 18:57 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys

2015-04-16 18:57 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys

2015-04-16 18:57 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll

2015-04-16 18:57 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll

2015-04-15 17:25 - 2015-04-15 17:25 - 00000000 ____D () C:\WINDOWS\system32\appraiser

2015-04-15 17:12 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-04-15 17:12 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2015-04-15 17:12 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll

2015-04-15 17:12 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2015-04-15 17:12 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll

2015-04-15 17:12 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll

2015-04-15 17:12 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll

2015-04-15 17:12 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll

2015-04-15 17:12 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe

2015-04-15 17:12 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe

2015-04-15 17:12 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll

2015-04-15 17:12 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll

2015-04-15 17:12 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-04-15 17:12 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2015-04-15 17:12 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-04-15 17:12 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-04-15 17:12 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2015-04-15 17:12 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-04-15 17:12 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2015-04-15 17:12 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2015-04-15 17:12 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-04-15 17:12 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2015-04-15 17:12 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-04-15 17:12 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2015-04-15 17:12 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2015-04-15 17:12 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-04-15 17:12 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll

2015-04-15 17:12 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2015-04-15 17:12 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2015-04-15 17:12 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2015-04-15 17:12 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2015-04-15 17:12 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll

2015-04-15 17:12 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-04-15 17:12 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-04-15 17:12 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2015-04-15 17:12 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2015-04-15 17:12 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-04-15 17:12 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2015-04-15 17:12 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll

2015-04-15 17:11 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2015-04-15 17:11 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2015-04-15 17:11 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2015-04-15 17:11 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2015-04-15 17:11 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll

2015-04-15 17:11 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll

2015-04-15 17:11 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll

2015-04-15 17:11 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2015-04-15 17:11 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll

2015-04-15 17:11 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe

2015-04-15 17:11 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2015-04-15 17:11 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2015-04-15 17:11 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2015-04-15 17:11 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2015-04-15 17:11 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2015-04-15 17:11 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll

2015-04-15 17:11 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe

2015-04-15 17:11 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2015-04-15 17:11 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2015-04-15 17:11 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2015-04-15 17:11 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll

2015-04-15 17:11 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll

2015-04-15 17:11 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys

2015-04-15 17:11 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 24802928 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 02946024 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe

2015-03-31 19:02 - 2015-03-31 19:02 - 02776408 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01513304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01402336 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01399240 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01369088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01063936 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00979800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00671352 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00623616 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00615544 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00472976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe

2015-03-31 19:02 - 2015-03-31 19:02 - 00403671 _____ () C:\WINDOWS\system32\ImageStabilization.wmv

2015-03-31 19:02 - 2015-03-31 19:02 - 00385024 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00372224 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00354136 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00304128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00279952 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe

2015-03-31 19:02 - 2015-03-31 19:02 - 00275800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00255488 _____ () C:\WINDOWS\system32\igfxCPL.cpl

2015-03-31 19:02 - 2015-03-31 19:02 - 00229888 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00213504 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00211656 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00197464 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4156.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00178672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00178176 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00135000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00127320 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ () C:\WINDOWS\system32\igfxCUIServicePS.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00069632 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00059904 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00004016 _____ () C:\WINDOWS\system32\iglhxs64.vp

2015-03-31 19:01 - 2015-03-31 19:01 - 17761872 _____ () C:\WINDOWS\system32\igd11dxva64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 17285440 _____ () C:\WINDOWS\SysWOW64\igd11dxva32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 15982080 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 10853888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 08605632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 06021437 _____ () C:\WINDOWS\system32\igdclbif.bin

2015-03-31 19:01 - 2015-03-31 19:01 - 04877240 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys

2015-03-31 19:01 - 2015-03-31 19:01 - 03550208 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 03320320 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00636016 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00515488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00398848 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00350208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00282696 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00263120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00227328 _____ () C:\WINDOWS\system32\igdde64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00187392 _____ () C:\WINDOWS\SysWOW64\igdde32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00169984 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00152064 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll

2015-03-31 19:00 - 2015-03-31 19:00 - 09504256 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll

2015-03-31 19:00 - 2015-03-31 19:00 - 07484416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll

2015-03-31 19:00 - 2015-03-31 19:00 - 01131008 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll

2015-03-31 19:00 - 2015-03-31 19:00 - 01029008 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 01025936 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 00641530 _____ () C:\WINDOWS\system32\FilmModeDetection.wmv

2015-03-31 19:00 - 2015-03-31 19:00 - 00448912 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 00375173 _____ () C:\WINDOWS\system32\ColorImageEnhancement.wmv

2015-03-31 19:00 - 2015-03-31 19:00 - 00339344 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 00338832 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 00157072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe

2015-03-30 01:08 - 2015-01-25 11:47 - 00001117 _____ () C:\Users\karlotti\Desktop\Malwarebytes Anti-Malware.lnk

2015-03-29 15:10 - 2015-03-29 15:10 - 00003110 _____ () C:\WINDOWS\System32\Tasks\{6E25C8BC-B1F6-4868-BD24-061931D008D8}

2015-03-29 13:06 - 2015-03-29 13:06 - 00000000 ____D () C:\Users\karlotti\Tracing

2015-03-29 13:00 - 2015-03-29 13:00 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX

2015-03-29 13:00 - 2015-03-29 13:00 - 00000000 ___SD () C:\WINDOWS\system32\GWX

2015-03-29 12:59 - 2015-03-29 13:10 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Skype

2015-03-29 12:59 - 2015-03-29 12:59 - 00000000 ____D () C:\Users\karlotti\AppData\Local\Skype

2015-03-29 12:58 - 2015-03-29 13:04 - 00000000 ___RD () C:\Program Files (x86)\Skype

2015-03-29 12:58 - 2015-03-29 13:04 - 00000000 ____D () C:\ProgramData\Skype

2015-03-29 12:58 - 2015-03-29 13:00 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk

2015-03-29 12:58 - 2015-03-29 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2015-03-29 12:42 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2015-03-29 12:42 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2015-03-29 12:42 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe

2015-03-29 12:42 - 2014-11-17 22:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe

2015-03-29 12:42 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll

2015-03-29 12:42 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

2015-03-29 12:42 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll

2015-03-29 12:42 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2015-03-29 12:42 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll

2015-03-29 12:42 - 2014-11-14 08:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll

2015-03-29 12:42 - 2014-11-14 08:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll

2015-03-29 12:42 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2015-03-29 12:42 - 2014-11-10 20:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2015-03-29 12:42 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys

2015-03-29 12:42 - 2014-11-10 20:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

2015-03-29 12:42 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys

2015-03-29 12:42 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys

2015-03-29 12:42 - 2014-11-10 03:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL

2015-03-29 12:42 - 2014-11-10 03:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL

2015-03-29 12:42 - 2014-11-10 03:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL

2015-03-29 12:42 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll

2015-03-29 12:42 - 2014-11-10 03:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL

2015-03-29 12:42 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll

2015-03-29 12:42 - 2014-11-10 03:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll

2015-03-29 12:42 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll

2015-03-29 12:42 - 2014-11-10 02:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll

2015-03-29 12:42 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys

2015-03-29 12:42 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys

2015-03-29 12:42 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp

2015-03-29 12:42 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll

2015-03-29 12:42 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll

2015-03-29 12:42 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll

2015-03-29 12:42 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp

2015-03-29 12:42 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll

2015-03-29 12:42 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll

2015-03-29 12:42 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll

2015-03-29 12:42 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

2015-03-29 12:42 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

2015-03-29 12:42 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll

2015-03-29 12:42 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2015-03-29 12:42 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2015-03-29 12:42 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2015-03-29 12:42 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2015-03-29 12:42 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL

2015-03-29 12:42 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL

2015-03-29 12:42 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll

2015-03-29 12:42 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll

2015-03-29 12:42 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll

2015-03-29 12:42 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll

2015-03-29 12:42 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL

2015-03-29 12:42 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL

2015-03-29 12:42 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll

2015-03-29 12:42 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll

2015-03-29 12:42 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll

2015-03-29 12:42 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll

2015-03-29 12:42 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll

2015-03-29 12:42 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll

2015-03-29 12:42 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys

2015-03-29 12:42 - 2014-11-04 21:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys

2015-03-29 12:42 - 2014-11-04 21:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys

2015-03-29 12:42 - 2014-11-04 08:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys

2015-03-29 12:42 - 2014-11-04 08:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys

2015-03-29 12:42 - 2014-11-04 08:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys

2015-03-29 12:42 - 2014-11-04 08:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys

2015-03-29 12:42 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe

2015-03-29 12:42 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe

2015-03-29 12:42 - 2014-10-31 02:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2015-03-29 12:42 - 2014-10-31 02:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2015-03-29 12:42 - 2014-10-29 05:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys

2015-03-29 12:42 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll

2015-03-29 12:42 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll

2015-03-29 12:42 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll

2015-03-29 12:42 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll

2015-03-29 12:42 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll

2015-03-29 12:42 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll

2015-03-29 12:42 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll

2015-03-29 12:42 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe

2015-03-29 12:42 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll

2015-03-29 12:42 - 2014-10-17 06:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2015-03-29 12:42 - 2014-10-17 06:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2015-03-29 12:42 - 2014-10-17 06:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys

2015-03-29 12:42 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys

2015-03-29 11:00 - 2015-03-29 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-03-29 10:59 - 2015-03-29 10:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2015-03-29 10:59 - 2015-03-29 10:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-04-27 09:48 - 2015-02-06 21:21 - 00000512 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job

2015-04-27 09:44 - 2014-11-15 20:11 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1001

2015-04-27 09:44 - 2014-09-29 14:40 - 01100355 _____ () C:\WINDOWS\WindowsUpdate.log

2015-04-27 09:40 - 2014-09-29 15:27 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery

2015-04-27 09:37 - 2013-08-22 16:46 - 00114419 _____ () C:\WINDOWS\setupact.log

2015-04-27 09:37 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2015-04-26 23:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2015-04-26 22:59 - 2015-01-29 11:51 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-04-26 18:00 - 2015-02-06 21:21 - 00000486 _____ () C:\WINDOWS\Tasks\ParetoLogic Registration3.job

2015-04-26 16:17 - 2015-02-13 20:48 - 00000000 ____D () C:\Program Files (x86)\Dell Update

2015-04-26 16:17 - 2014-12-05 10:29 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery

2015-04-26 16:11 - 2014-11-16 20:29 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1005

2015-04-26 15:27 - 2014-11-16 20:29 - 00000000 ____D () C:\Users\Wangi\AppData\Roaming\Avira

2015-04-25 23:43 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2015-04-25 19:50 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2015-04-25 00:30 - 2014-11-23 22:32 - 00000000 ___RD () C:\Users\karlotti\Desktop\Dokus1

2015-04-24 18:19 - 2014-09-29 14:36 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2015-04-24 18:19 - 2013-09-03 15:39 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat

2015-04-24 18:19 - 2013-09-03 15:39 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat

2015-04-24 08:54 - 2014-12-11 01:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2015-04-18 12:43 - 2015-03-01 17:11 - 00000000 ____D () C:\Users\karlotti\Desktop\Ebay

2015-04-17 18:26 - 2014-11-23 12:18 - 00000000 ____D () C:\ProgramData\Oracle

2015-04-17 18:24 - 2014-11-23 12:18 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2015-04-17 18:24 - 2014-11-23 12:18 - 00000000 ____D () C:\Program Files (x86)\Java

2015-04-16 19:03 - 2014-09-29 15:15 - 00000000 ____D () C:\Intel

2015-04-16 18:57 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp

2015-04-16 14:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache

2015-04-16 12:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat

2015-04-15 17:25 - 2015-03-05 19:56 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2015-04-15 17:21 - 2014-11-15 18:46 - 00000000 ____D () C:\WINDOWS\system32\MRT

2015-04-15 17:18 - 2014-11-16 21:37 - 00000000 ____D () C:\ProgramData\Microsoft Help

2015-04-15 17:18 - 2014-11-15 18:46 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-04-14 18:59 - 2015-01-29 11:51 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2015-04-14 01:24 - 2014-11-15 23:05 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-04-14 01:24 - 2014-11-15 23:05 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-04-12 18:06 - 2014-11-24 01:45 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\vlc

2015-04-12 18:05 - 2014-11-24 01:46 - 00000000 ____D () C:\Users\karlotti\AppData\Local\CrashDumps

2015-04-12 09:38 - 2014-09-29 14:23 - 00390680 _____ () C:\WINDOWS\PFRO.log

2015-04-11 15:53 - 2014-09-29 15:21 - 00000000 ____D () C:\ProgramData\Package Cache

2015-04-11 15:52 - 2014-11-15 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2015-04-11 15:52 - 2014-11-15 14:12 - 00000000 ____D () C:\Program Files (x86)\Avira

2015-04-11 15:51 - 2014-11-15 20:08 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Avira

2015-04-11 15:50 - 2014-11-15 14:12 - 00000000 ____D () C:\ProgramData\Avira

2015-03-31 19:02 - 2014-09-29 15:17 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL

2015-03-31 19:02 - 2014-09-29 15:17 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL

2015-03-31 19:02 - 2014-09-29 14:02 - 06067760 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 04782296 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 02024960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 00695808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 00392592 _____ () C:\WINDOWS\system32\igfxTray.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00344976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00314256 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00278528 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 00249232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00218512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll

2015-03-31 19:01 - 2014-09-29 14:02 - 24003648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll

2015-03-31 19:01 - 2014-09-29 14:02 - 09396160 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll

2015-03-29 15:27 - 2015-02-06 21:20 - 00000000 ____D () C:\ProgramData\ParetoLogic

2015-03-29 13:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup

2015-03-29 13:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup

2015-03-29 13:06 - 2014-11-15 13:12 - 00000000 ____D () C:\Users\karlotti

2015-03-29 12:43 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel

2015-03-29 12:41 - 2014-11-15 14:38 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
 

==================== Files in the root of some directories =======
 

2014-09-29 14:27 - 2014-09-29 14:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2015-01-25 14:35 - 2015-01-25 14:35 - 0000032 _____ () C:\ProgramData\Temp.log

2014-09-29 15:14 - 2014-09-29 15:15 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log

2014-09-29 15:10 - 2014-09-29 15:12 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log

2014-09-29 15:12 - 2014-09-29 15:13 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log

2014-09-29 15:13 - 2014-09-29 15:14 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log

2014-09-29 15:10 - 2014-09-29 15:10 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 

Files to move or delete:

====================

C:\Users\Public\NTUSER (1).DAT
 
 

Some content of TEMP:

====================

C:\Users\karlotti\AppData\Local\Temp\avgnt.exe

C:\Users\karlotti\AppData\Local\Temp\jre-8u31-windows-au.exe

C:\Users\karlotti\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Wangi\AppData\Local\Temp\avgnt.exe

C:\Users\Wangi\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\Wangi\AppData\Local\Temp\nvStInst.exe

C:\Users\Wangi\AppData\Local\Temp\ose00000.exe

C:\Users\Wangi\AppData\Local\Temp\Quarantine.exe

C:\Users\Wangi\AppData\Local\Temp\sqlite3.dll
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2015-04-15 08:46
 

==================== End Of Log ============================

--- --- ---

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

AdwCleaner Logfile:

Code:

# AdwCleaner v4.202 - Bericht erstellt 28/04/2015 um 10:24:07

# Aktualisiert 23/04/2015 von Xplode

# Datenbank : 2015-04-23.1 [Lokal]

# Betriebssystem : Windows 8.1  (x64)

# Benutzername : Wangi - CHARLYNN

# Gestarted von : D:\Download\Neu\AdwCleaner_4.202.exe

# Option : Löschen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\ProgramData\ParetoLogic

Ordner Gelöscht : C:\Program Files (x86)\Common Files\ParetoLogic

Ordner Gelöscht : C:\Users\karlotti\AppData\Roaming\SuperEasy Software

Ordner Gelöscht : C:\Users\Wangi\AppData\Roaming\DriverCure

Ordner Gelöscht : C:\Users\Wangi\AppData\Roaming\ParetoLogic

Ordner Gelöscht : C:\Users\Wangi\AppData\Roaming\pdfforge

Ordner Gelöscht : C:\Users\Wangi\AppData\Roaming\SuperEasy Software
 

***** [ Geplante Tasks ] *****
 

Task Gelöscht : paretologic registration3

Task Gelöscht : paretologic update version3

Task Gelöscht : SuperEasyDriverUpdater_UPDATES

Task Gelöscht : ParetoLogic Update Version3 Startup Task
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gelöscht : HKCU\Software\OCS

Schlüssel Gelöscht : HKCU\Software\ParetoLogic

Schlüssel Gelöscht : HKCU\Software\SuperEasy Software

Schlüssel Gelöscht : HKLM\SOFTWARE\ParetoLogic

Schlüssel Gelöscht : HKLM\SOFTWARE\SuperEasy Software
 

***** [ Internetbrowser ] *****
 

-\\ Internet Explorer v11.0.9600.17416
 
 

-\\ Mozilla Firefox v37.0.2 (x86 de)
 
 

*************************
 

AdwCleaner[R1].txt - [1796 Bytes] - [28/04/2015 10:13:41]

AdwCleaner[S0].txt - [1557 Bytes] - [28/04/2015 10:24:07]
 

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [1616  Bytes] ##########

--- --- ---

Das Logfile von dem Junkware Removal Tool wird nicht richtig sein, weil nach dem ersten Durchlauf hat sich keine Textdatei geöffnet und ich habe auch keine Txt Datei auf dem Desktop gefunden, hab aber nicht dran gedacht das es auf dem Administrator Desktop ist und hab noch mal einen Durchlauf gemacht. Das Logfile von dem ist das untenstehende. SorryJRT Logfile:

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.6.5 (04.27.2015:1)

OS: Windows 8.1 x64

Ran by Wangi on 28.04.2015 at 10:50:21,34

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Tasks
 

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1001

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1004

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1005

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\PCDEventLauncherTask

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\SuperEasyDriverUpdaterRunAtStartup
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 
 
 

~~~ Files
 
 
 

~~~ Folders
 

Successfully deleted: [Folder] C:\ProgramData\pcdr

Successfully deleted: [Folder] C:\Users\Wangi\appdata\locallow\pcdr

Successfully deleted: [Folder] C:\Users\Wangi\AppData\Roaming\pcdr
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 28.04.2015 at 10:53:03,68

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---
FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015

Ran by Wangi (administrator) on CHARLYNN on 28-04-2015 10:57:21

Running from C:\Users\karlotti\Desktop

Loaded Profiles: karlotti & Wangi (Available profiles: karlotti & Wangi & Administrator)

Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser: FF)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-18] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-14] (Realtek Semiconductor)

HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-31] (Waves Audio Ltd.)

HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-17] (Dell Inc.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [TrueColor UI] => [X]

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-11] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\Run: [icq] => C:\Users\karlotti\AppData\Roaming\ICQM\icq.exe [28700192 2014-11-15] (ICQ)

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\Run: [DellSystemDetect] => C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-27] (Dell)

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\RunOnce: [Adobe Speed Launcher] => 1430209711

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)

HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\Run: [DellSystemDetect] => C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-27] (Dell)

HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\RunOnce: [Adobe Speed Launcher] => 1430210782

HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\MountPoints2: {5380a5cc-47d3-11e4-824c-806e6f6e6963} - "F:\SETUP.EXE" 

HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-11-27]

ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\SYSTEM32\mscoree.dll [2013-08-22] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\SYSTEM32\mscoree.dll [2013-08-22] (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB

HKU\S-1-5-21-2350501838-174650804-1580158862-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB

HKU\S-1-5-21-2350501838-174650804-1580158862-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1001 -> {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL = 

SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1005 -> {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL = 

BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Wangi\AppData\Roaming\Mozilla\Firefox\Profiles\0izdz5hd.default

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-23]

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn [2015-04-28]
 

Chrome: 

=======

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-11] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-11] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-11] (Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-11] (Avira Operations GmbH & Co. KG)

R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-11-27] (Broadcom Corporation.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)

S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [211320 2015-02-11] (Dell Inc.)

S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)

S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-03-31] (Intel Corporation)

R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]

S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)

S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)

S2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]

R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)

S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)

S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)

S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)

S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)

S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)

S2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2014-04-05] (SoftThinks SAS)

S2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [89072 2014-04-30] ()

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-27] (Broadcom Corporation.)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7488176 2013-11-27] (Broadcom Corporation)

R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20150418.001\BHDrvx64.sys [1639128 2015-04-08] (Symantec Corporation)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-29] (Microsoft Corporation)

R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)

R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)

R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation)

R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation)

R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20150427.001\IDSvia64.sys [671448 2015-03-26] (Symantec Corporation)

R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)

R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150427.021\ENG64.SYS [129752 2015-01-28] (Symantec Corporation)

R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150427.021\EX64.SYS [2137304 2015-01-28] (Symantec Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)

R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)

S0 SymELAM; C:\Windows\System32\drivers\NISx64\1507000.00B\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)

R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-11-15] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)

R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-15] (Synaptics Incorporated)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-04-28 10:57 - 2015-04-28 10:58 - 00020540 _____ () C:\Users\karlotti\Desktop\FRST.txt

2015-04-28 10:55 - 2015-04-28 10:55 - 00001352 _____ () C:\Users\Wangi\Desktop\JRT1.txt

2015-04-28 10:54 - 2015-04-28 10:54 - 00000000 ____D () C:\Users\karlotti\Desktop\Alt

2015-04-28 10:53 - 2015-04-28 10:53 - 00001352 _____ () C:\Users\Wangi\Desktop\JRT.txt

2015-04-28 10:52 - 2015-04-28 10:52 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1001

2015-04-28 10:51 - 2015-04-28 10:51 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1005

2015-04-28 10:50 - 2015-04-28 10:50 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-CHARLYNN-Windows-8.1-(64-bit).dat

2015-04-28 10:50 - 2015-04-28 10:50 - 00000000 ____D () C:\RegBackup

2015-04-26 15:29 - 2015-04-28 10:57 - 00000000 ____D () C:\FRST

2015-04-26 15:28 - 2015-04-26 15:28 - 02101248 _____ (Farbar) C:\Users\karlotti\Desktop\FRST64.exe

2015-04-24 22:04 - 2015-04-26 15:38 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth

2015-04-23 23:00 - 2015-04-23 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2015-04-17 22:20 - 2015-04-17 22:28 - 00000000 ____D () C:\Users\karlotti\Desktop\Kamera

2015-04-16 19:03 - 2015-04-16 19:03 - 00000401 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

2015-04-16 18:57 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys

2015-04-16 18:57 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys

2015-04-16 18:57 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll

2015-04-16 18:57 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll

2015-04-15 17:25 - 2015-04-15 17:25 - 00000000 ____D () C:\WINDOWS\system32\appraiser

2015-04-15 17:12 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-04-15 17:12 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2015-04-15 17:12 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll

2015-04-15 17:12 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2015-04-15 17:12 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll

2015-04-15 17:12 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll

2015-04-15 17:12 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll

2015-04-15 17:12 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll

2015-04-15 17:12 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe

2015-04-15 17:12 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe

2015-04-15 17:12 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll

2015-04-15 17:12 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll

2015-04-15 17:12 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-04-15 17:12 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2015-04-15 17:12 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-04-15 17:12 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-04-15 17:12 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2015-04-15 17:12 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-04-15 17:12 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2015-04-15 17:12 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2015-04-15 17:12 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-04-15 17:12 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2015-04-15 17:12 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-04-15 17:12 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2015-04-15 17:12 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2015-04-15 17:12 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-04-15 17:12 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll

2015-04-15 17:12 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2015-04-15 17:12 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2015-04-15 17:12 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2015-04-15 17:12 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2015-04-15 17:12 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll

2015-04-15 17:12 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-04-15 17:12 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-04-15 17:12 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2015-04-15 17:12 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2015-04-15 17:12 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-04-15 17:12 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2015-04-15 17:12 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll

2015-04-15 17:11 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2015-04-15 17:11 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2015-04-15 17:11 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2015-04-15 17:11 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2015-04-15 17:11 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll

2015-04-15 17:11 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll

2015-04-15 17:11 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll

2015-04-15 17:11 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2015-04-15 17:11 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll

2015-04-15 17:11 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe

2015-04-15 17:11 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2015-04-15 17:11 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2015-04-15 17:11 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2015-04-15 17:11 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2015-04-15 17:11 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2015-04-15 17:11 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll

2015-04-15 17:11 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe

2015-04-15 17:11 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2015-04-15 17:11 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2015-04-15 17:11 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2015-04-15 17:11 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll

2015-04-15 17:11 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll

2015-04-15 17:11 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys

2015-04-15 17:11 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 24802928 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 02946024 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe

2015-03-31 19:02 - 2015-03-31 19:02 - 02776408 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01513304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01402336 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01399240 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01369088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01063936 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00979800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00671352 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00623616 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00615544 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00472976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe

2015-03-31 19:02 - 2015-03-31 19:02 - 00403671 _____ () C:\WINDOWS\system32\ImageStabilization.wmv

2015-03-31 19:02 - 2015-03-31 19:02 - 00385024 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00372224 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00354136 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00304128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00279952 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe

2015-03-31 19:02 - 2015-03-31 19:02 - 00275800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00255488 _____ () C:\WINDOWS\system32\igfxCPL.cpl

2015-03-31 19:02 - 2015-03-31 19:02 - 00229888 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00213504 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00211656 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00197464 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4156.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00178672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00178176 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00135000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00127320 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ () C:\WINDOWS\system32\igfxCUIServicePS.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00069632 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00059904 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00004016 _____ () C:\WINDOWS\system32\iglhxs64.vp

2015-03-31 19:01 - 2015-03-31 19:01 - 17761872 _____ () C:\WINDOWS\system32\igd11dxva64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 17285440 _____ () C:\WINDOWS\SysWOW64\igd11dxva32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 15982080 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 10853888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 08605632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 06021437 _____ () C:\WINDOWS\system32\igdclbif.bin

2015-03-31 19:01 - 2015-03-31 19:01 - 04877240 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys

2015-03-31 19:01 - 2015-03-31 19:01 - 03550208 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 03320320 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00636016 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00515488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00398848 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00350208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00282696 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00263120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00227328 _____ () C:\WINDOWS\system32\igdde64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00187392 _____ () C:\WINDOWS\SysWOW64\igdde32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00169984 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00152064 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll

2015-03-31 19:00 - 2015-03-31 19:00 - 09504256 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll

2015-03-31 19:00 - 2015-03-31 19:00 - 07484416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll

2015-03-31 19:00 - 2015-03-31 19:00 - 01131008 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll

2015-03-31 19:00 - 2015-03-31 19:00 - 01029008 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 01025936 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 00641530 _____ () C:\WINDOWS\system32\FilmModeDetection.wmv

2015-03-31 19:00 - 2015-03-31 19:00 - 00448912 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 00375173 _____ () C:\WINDOWS\system32\ColorImageEnhancement.wmv

2015-03-31 19:00 - 2015-03-31 19:00 - 00339344 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 00338832 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 00157072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe

2015-03-30 01:08 - 2015-01-25 11:47 - 00001117 _____ () C:\Users\karlotti\Desktop\Malwarebytes Anti-Malware.lnk

2015-03-29 15:10 - 2015-03-29 15:10 - 00003110 _____ () C:\WINDOWS\System32\Tasks\{6E25C8BC-B1F6-4868-BD24-061931D008D8}

2015-03-29 13:06 - 2015-03-29 13:06 - 00000000 ____D () C:\Users\karlotti\Tracing

2015-03-29 13:00 - 2015-03-29 13:00 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX

2015-03-29 13:00 - 2015-03-29 13:00 - 00000000 ___SD () C:\WINDOWS\system32\GWX

2015-03-29 12:59 - 2015-03-29 13:10 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Skype

2015-03-29 12:59 - 2015-03-29 12:59 - 00000000 ____D () C:\Users\karlotti\AppData\Local\Skype

2015-03-29 12:58 - 2015-03-29 13:04 - 00000000 ___RD () C:\Program Files (x86)\Skype

2015-03-29 12:58 - 2015-03-29 13:04 - 00000000 ____D () C:\ProgramData\Skype

2015-03-29 12:58 - 2015-03-29 13:00 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk

2015-03-29 12:58 - 2015-03-29 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2015-03-29 12:42 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2015-03-29 12:42 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2015-03-29 12:42 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe

2015-03-29 12:42 - 2014-11-17 22:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe

2015-03-29 12:42 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll

2015-03-29 12:42 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

2015-03-29 12:42 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll

2015-03-29 12:42 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2015-03-29 12:42 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll

2015-03-29 12:42 - 2014-11-14 08:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll

2015-03-29 12:42 - 2014-11-14 08:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll

2015-03-29 12:42 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2015-03-29 12:42 - 2014-11-10 20:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2015-03-29 12:42 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys

2015-03-29 12:42 - 2014-11-10 20:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

2015-03-29 12:42 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys

2015-03-29 12:42 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys

2015-03-29 12:42 - 2014-11-10 03:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL

2015-03-29 12:42 - 2014-11-10 03:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL

2015-03-29 12:42 - 2014-11-10 03:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL

2015-03-29 12:42 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll

2015-03-29 12:42 - 2014-11-10 03:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL

2015-03-29 12:42 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll

2015-03-29 12:42 - 2014-11-10 03:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll

2015-03-29 12:42 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll

2015-03-29 12:42 - 2014-11-10 02:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll

2015-03-29 12:42 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys

2015-03-29 12:42 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys

2015-03-29 12:42 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp

2015-03-29 12:42 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll

2015-03-29 12:42 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll

2015-03-29 12:42 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll

2015-03-29 12:42 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp

2015-03-29 12:42 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll

2015-03-29 12:42 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll

2015-03-29 12:42 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll

2015-03-29 12:42 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

2015-03-29 12:42 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

2015-03-29 12:42 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll

2015-03-29 12:42 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2015-03-29 12:42 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2015-03-29 12:42 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2015-03-29 12:42 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2015-03-29 12:42 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL

2015-03-29 12:42 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL

2015-03-29 12:42 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll

2015-03-29 12:42 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll

2015-03-29 12:42 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll

2015-03-29 12:42 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll

2015-03-29 12:42 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL

2015-03-29 12:42 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL

2015-03-29 12:42 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll

2015-03-29 12:42 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll

2015-03-29 12:42 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll

2015-03-29 12:42 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll

2015-03-29 12:42 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll

2015-03-29 12:42 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll

2015-03-29 12:42 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys

2015-03-29 12:42 - 2014-11-04 21:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys

2015-03-29 12:42 - 2014-11-04 21:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys

2015-03-29 12:42 - 2014-11-04 08:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys

2015-03-29 12:42 - 2014-11-04 08:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys

2015-03-29 12:42 - 2014-11-04 08:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys

2015-03-29 12:42 - 2014-11-04 08:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys

2015-03-29 12:42 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe

2015-03-29 12:42 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe

2015-03-29 12:42 - 2014-10-31 02:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2015-03-29 12:42 - 2014-10-31 02:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2015-03-29 12:42 - 2014-10-29 05:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys

2015-03-29 12:42 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll

2015-03-29 12:42 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll

2015-03-29 12:42 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll

2015-03-29 12:42 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll

2015-03-29 12:42 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll

2015-03-29 12:42 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll

2015-03-29 12:42 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll

2015-03-29 12:42 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe

2015-03-29 12:42 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll

2015-03-29 12:42 - 2014-10-17 06:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2015-03-29 12:42 - 2014-10-17 06:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2015-03-29 12:42 - 2014-10-17 06:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys

2015-03-29 12:42 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys

2015-03-29 11:00 - 2015-03-29 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-03-29 10:59 - 2015-03-29 10:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2015-03-29 10:59 - 2015-03-29 10:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-04-28 10:53 - 2014-09-29 14:40 - 01242466 _____ () C:\WINDOWS\WindowsUpdate.log

2015-04-28 10:29 - 2014-09-29 15:27 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery

2015-04-28 10:26 - 2013-08-22 16:46 - 00115115 _____ () C:\WINDOWS\setupact.log

2015-04-28 10:25 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2015-04-28 10:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2015-04-28 09:59 - 2015-01-29 11:51 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-04-27 18:01 - 2014-11-27 20:07 - 00000000 ___RD () C:\Users\karlotti\Desktop\Bilder

2015-04-27 17:13 - 2015-02-13 20:48 - 00000000 ____D () C:\Program Files (x86)\Dell Update

2015-04-27 17:13 - 2014-12-05 10:29 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery

2015-04-27 12:10 - 2014-09-29 14:36 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2015-04-27 12:10 - 2013-09-03 15:39 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat

2015-04-27 12:10 - 2013-09-03 15:39 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat

2015-04-26 15:27 - 2014-11-16 20:29 - 00000000 ____D () C:\Users\Wangi\AppData\Roaming\Avira

2015-04-25 23:43 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2015-04-25 19:50 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2015-04-25 00:30 - 2014-11-23 22:32 - 00000000 ___RD () C:\Users\karlotti\Desktop\Dokus1

2015-04-24 08:54 - 2014-12-11 01:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2015-04-18 12:43 - 2015-03-01 17:11 - 00000000 ____D () C:\Users\karlotti\Desktop\Ebay

2015-04-17 18:26 - 2014-11-23 12:18 - 00000000 ____D () C:\ProgramData\Oracle

2015-04-17 18:24 - 2014-11-23 12:18 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2015-04-17 18:24 - 2014-11-23 12:18 - 00000000 ____D () C:\Program Files (x86)\Java

2015-04-16 19:03 - 2014-09-29 15:15 - 00000000 ____D () C:\Intel

2015-04-16 18:57 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp

2015-04-16 14:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache

2015-04-16 12:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat

2015-04-15 17:25 - 2015-03-05 19:56 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2015-04-15 17:21 - 2014-11-15 18:46 - 00000000 ____D () C:\WINDOWS\system32\MRT

2015-04-15 17:18 - 2014-11-16 21:37 - 00000000 ____D () C:\ProgramData\Microsoft Help

2015-04-15 17:18 - 2014-11-15 18:46 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-04-14 18:59 - 2015-01-29 11:51 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2015-04-14 01:24 - 2014-11-15 23:05 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-04-14 01:24 - 2014-11-15 23:05 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-04-12 18:06 - 2014-11-24 01:45 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\vlc

2015-04-12 18:05 - 2014-11-24 01:46 - 00000000 ____D () C:\Users\karlotti\AppData\Local\CrashDumps

2015-04-12 09:38 - 2014-09-29 14:23 - 00390680 _____ () C:\WINDOWS\PFRO.log

2015-04-11 15:53 - 2014-09-29 15:21 - 00000000 ____D () C:\ProgramData\Package Cache

2015-04-11 15:52 - 2014-11-15 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2015-04-11 15:52 - 2014-11-15 14:12 - 00000000 ____D () C:\Program Files (x86)\Avira

2015-04-11 15:51 - 2014-11-15 20:08 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Avira

2015-04-11 15:50 - 2014-11-15 14:12 - 00000000 ____D () C:\ProgramData\Avira

2015-03-31 19:02 - 2014-09-29 15:17 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL

2015-03-31 19:02 - 2014-09-29 15:17 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL

2015-03-31 19:02 - 2014-09-29 14:02 - 06067760 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 04782296 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 02024960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 00695808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 00392592 _____ () C:\WINDOWS\system32\igfxTray.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00344976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00314256 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00278528 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 00249232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00218512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll

2015-03-31 19:01 - 2014-09-29 14:02 - 24003648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll

2015-03-31 19:01 - 2014-09-29 14:02 - 09396160 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll

2015-03-29 13:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup

2015-03-29 13:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup

2015-03-29 13:06 - 2014-11-15 13:12 - 00000000 ____D () C:\Users\karlotti

2015-03-29 12:43 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel

2015-03-29 12:41 - 2014-11-15 14:38 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
 

==================== Files in the root of some directories =======
 

2014-09-29 14:27 - 2014-09-29 14:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2015-01-25 14:35 - 2015-01-25 14:35 - 0000032 _____ () C:\ProgramData\Temp.log

2014-09-29 15:14 - 2014-09-29 15:15 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log

2014-09-29 15:10 - 2014-09-29 15:12 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log

2014-09-29 15:12 - 2014-09-29 15:13 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log

2014-09-29 15:13 - 2014-09-29 15:14 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log

2014-09-29 15:10 - 2014-09-29 15:10 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 

Files to move or delete:

====================

C:\Users\Public\NTUSER (1).DAT
 
 

Some content of TEMP:

====================

C:\Users\karlotti\AppData\Local\Temp\avgnt.exe

C:\Users\karlotti\AppData\Local\Temp\jre-8u31-windows-au.exe

C:\Users\karlotti\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Wangi\AppData\Local\Temp\avgnt.exe

C:\Users\Wangi\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\Wangi\AppData\Local\Temp\nvStInst.exe

C:\Users\Wangi\AppData\Local\Temp\ose00000.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2015-04-27 16:53
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Vielen Dank schon mal für deine Mühe

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=941540baef553544acbbc6a01c6714d0
# engine=20211
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-04-29 09:54:45
# local_time=2015-04-29 11:54:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 1520107 192941070 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4228023 18348327 0 0
# scanned=576764
# found=9
# cleaned=9
# scan_time=13130
sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Download\PDFCreator-1_7_3_setup.exe"
sh=0BFF84AA6CC4CCF580EAE2FBF4C129FA6EA612C4 ft=1 fh=9fe1a4845276fe8f vn="Win32/Adware.ADON evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Download\Unlocker1.9.1-x64.exe"
sh=566095531FD328C3054D52C571431D0305103E40 ft=1 fh=0e5c76553bbccf7f vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Downloads\Sicher\supereasy_driver_updater_1.1.1_7870.exe"
sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Bluetooth\Programm\PDFCreator-1_7_3_setup.exe"
sh=705FBFC2F0CD37E21A47EA467B91437E07C6D5D5 ft=1 fh=374fcfb017fb70bf vn="Win32/Toolbar.Zugo evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Download\freeripmp36-setup.exe"
sh=705FBFC2F0CD37E21A47EA467B91437E07C6D5D5 ft=1 fh=374fcfb017fb70bf vn="Win32/Toolbar.Zugo evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="H:\Download\freeripmp36-setup.exe"
sh=BD8AB435B2015A9689ADA1D0DC07D10D981B9223 ft=1 fh=3c4f65125da59869 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="H:\Download\SoftonicDownloader_fuer_k-lite-codec-pack.exe"
sh=6CF8A9F031B45F70BE3E66E7ACC7449CDA15FA34 ft=1 fh=2de4b6f517306153 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="H:\Programme\Eingerichtet\PDFCreator-1_2_3_setup.exe"
sh=705FBFC2F0CD37E21A47EA467B91437E07C6D5D5 ft=1 fh=374fcfb017fb70bf vn="Win32/Toolbar.Zugo evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="J:\Kopien\D\Download\freeripmp36-setup.exe"

Results of screen317's Security Check version 1.00
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Antivirus
Norton Internet Security Online
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 45
Java version 32-bit out of Date!
Adobe Flash Player 17.0.0.169
Adobe Reader XI
Mozilla Firefox (37.0.2)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015
Ran by Wangi (administrator) on CHARLYNN on 30-04-2015 08:28:01
Running from C:\Users\karlotti\Desktop
Loaded Profiles: karlotti & Wangi & Administrator (Available profiles: karlotti & Wangi & Administrator)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\TrueColor\TrueColorALS.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe

Vielen Dank für deine Hilfe

Ob ich noch etwas merke kann ich erst sagen wenn ich das Laptop ein paar tage benutzt habe ;)

FRST bitte nochmal. Das Log ist nicht komplett. Und bitte in Codetags posten:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Sorry :)

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015

Ran by Wangi (administrator) on CHARLYNN on 30-04-2015 08:28:01

Running from C:\Users\karlotti\Desktop

Loaded Profiles: karlotti & Wangi & Administrator (Available profiles: karlotti & Wangi & Administrator)

Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser: FF)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

() C:\Program Files\TrueColor\TrueColorALS.exe

(Intel Corporation) C:\Windows\System32\igfxext.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe

(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE

(Microsoft Corporation) C:\Windows\splwow64.exe

(Microsoft Corporation) C:\Windows\System32\prevhost.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

() C:\Users\karlotti\Desktop\SecurityCheck.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-18] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-14] (Realtek Semiconductor)

HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-31] (Waves Audio Ltd.)

HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-17] (Dell Inc.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [TrueColor UI] => [X]

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-11] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\Run: [icq] => C:\Users\karlotti\AppData\Roaming\ICQM\icq.exe [28700192 2014-11-15] (ICQ)

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\Run: [DellSystemDetect] => C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-27] (Dell)

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\RunOnce: [Adobe Speed Launcher] => 1430329589

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)

HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\Run: [DellSystemDetect] => C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-27] (Dell)

HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\RunOnce: [Adobe Speed Launcher] => 1430330659

HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\MountPoints2: {5380a5cc-47d3-11e4-824c-806e6f6e6963} - "F:\SETUP.EXE" 

HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-11-27]

ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\SYSTEM32\mscoree.dll [2013-08-22] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\SYSTEM32\mscoree.dll [2013-08-22] (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB

HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB

HKU\S-1-5-21-2350501838-174650804-1580158862-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB

HKU\S-1-5-21-2350501838-174650804-1580158862-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB

URLSearchHook: [S-1-5-21-2350501838-174650804-1580158862-500] ATTENTION ==> Default URLSearchHook is missing.

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1001 -> {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL = 

SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1005 -> {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL = 

SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-500 -> DefaultScope {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL = 

BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Wangi\AppData\Roaming\Mozilla\Firefox\Profiles\0izdz5hd.default

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-23]

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn [2015-04-29]
 

Chrome: 

=======

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-11] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-11] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-11] (Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-11] (Avira Operations GmbH & Co. KG)

R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-11-27] (Broadcom Corporation.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)

R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [211320 2015-02-11] (Dell Inc.)

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-03-31] (Intel Corporation)

R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]

S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)

S2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]

R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)

S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)

S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)

R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2014-04-05] (SoftThinks SAS)

R2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [89072 2014-04-30] ()

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-27] (Broadcom Corporation.)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7488176 2013-11-27] (Broadcom Corporation)

R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20150418.001\BHDrvx64.sys [1639128 2015-04-08] (Symantec Corporation)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-29] (Microsoft Corporation)

R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)

R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)

R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation)

R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation)

R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20150428.001\IDSvia64.sys [671448 2015-03-26] (Symantec Corporation)

R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)

R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150429.003\ENG64.SYS [129752 2015-01-28] (Symantec Corporation)

R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150429.003\EX64.SYS [2137304 2015-01-28] (Symantec Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)

R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)

S0 SymELAM; C:\Windows\System32\drivers\NISx64\1507000.00B\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)

R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-11-15] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)

R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-15] (Synaptics Incorporated)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-04-30 08:26 - 2015-04-30 08:26 - 00000852 _____ () C:\Users\Wangi\Desktop\checkup.txt

2015-04-30 08:13 - 2015-04-30 08:13 - 00852616 _____ () C:\Users\karlotti\Desktop\SecurityCheck.exe

2015-04-30 06:22 - 2015-04-30 06:22 - 00003984 _____ () C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask

2015-04-30 06:22 - 2015-04-30 06:22 - 00003440 _____ () C:\WINDOWS\System32\Tasks\PCDEventLauncherTask

2015-04-30 06:22 - 2015-04-30 06:22 - 00003196 _____ () C:\WINDOWS\System32\Tasks\SystemToolsDailyTest

2015-04-30 06:22 - 2015-04-30 06:22 - 00000000 ____D () C:\ProgramData\PCDr

2015-04-29 20:01 - 2015-04-29 20:01 - 02347384 _____ (ESET) C:\Users\karlotti\Desktop\esetsmartinstaller_deu.exe

2015-04-29 00:02 - 2015-04-29 00:02 - 00029102 _____ () C:\Users\karlotti\Desktop\Addition.txt

2015-04-28 23:55 - 2015-04-28 23:55 - 00029102 _____ () C:\Users\Wangi\Desktop\Addition.txt

2015-04-28 23:48 - 2015-04-28 23:48 - 00001352 _____ () C:\Users\karlotti\Desktop\JRT1.txt

2015-04-28 10:57 - 2015-04-30 08:28 - 00022747 _____ () C:\Users\karlotti\Desktop\FRST.txt

2015-04-28 10:55 - 2015-04-28 10:55 - 00001352 _____ () C:\Users\Wangi\Desktop\JRT1.txt

2015-04-28 10:54 - 2015-04-28 10:54 - 00000000 ____D () C:\Users\karlotti\Desktop\Alt

2015-04-28 10:53 - 2015-04-28 10:53 - 00001352 _____ () C:\Users\Wangi\Desktop\JRT.txt

2015-04-28 10:52 - 2015-04-30 08:22 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1001

2015-04-28 10:51 - 2015-04-30 08:15 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1005

2015-04-28 10:50 - 2015-04-28 10:50 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-CHARLYNN-Windows-8.1-(64-bit).dat

2015-04-28 10:50 - 2015-04-28 10:50 - 00000000 ____D () C:\RegBackup

2015-04-28 10:36 - 2015-04-28 23:56 - 00011011 ____H () C:\Users\karlotti\Desktop\~WRL0003.tmp

2015-04-26 15:29 - 2015-04-30 08:28 - 00000000 ____D () C:\FRST

2015-04-26 15:28 - 2015-04-26 15:28 - 02101248 _____ (Farbar) C:\Users\karlotti\Desktop\FRST64.exe

2015-04-24 22:04 - 2015-04-26 15:38 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth

2015-04-23 23:00 - 2015-04-23 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2015-04-17 22:20 - 2015-04-17 22:28 - 00000000 ____D () C:\Users\karlotti\Desktop\Kamera

2015-04-16 19:03 - 2015-04-16 19:03 - 00000401 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

2015-04-16 18:57 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys

2015-04-16 18:57 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys

2015-04-16 18:57 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll

2015-04-16 18:57 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll

2015-04-15 17:25 - 2015-04-15 17:25 - 00000000 ____D () C:\WINDOWS\system32\appraiser

2015-04-15 17:12 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-04-15 17:12 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2015-04-15 17:12 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll

2015-04-15 17:12 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2015-04-15 17:12 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll

2015-04-15 17:12 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll

2015-04-15 17:12 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll

2015-04-15 17:12 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll

2015-04-15 17:12 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe

2015-04-15 17:12 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe

2015-04-15 17:12 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll

2015-04-15 17:12 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll

2015-04-15 17:12 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-04-15 17:12 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2015-04-15 17:12 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-04-15 17:12 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-04-15 17:12 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2015-04-15 17:12 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-04-15 17:12 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2015-04-15 17:12 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2015-04-15 17:12 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-04-15 17:12 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2015-04-15 17:12 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-04-15 17:12 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2015-04-15 17:12 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2015-04-15 17:12 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-04-15 17:12 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll

2015-04-15 17:12 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2015-04-15 17:12 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2015-04-15 17:12 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2015-04-15 17:12 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2015-04-15 17:12 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll

2015-04-15 17:12 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-04-15 17:12 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-04-15 17:12 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2015-04-15 17:12 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2015-04-15 17:12 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-04-15 17:12 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2015-04-15 17:12 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll

2015-04-15 17:11 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2015-04-15 17:11 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2015-04-15 17:11 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2015-04-15 17:11 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2015-04-15 17:11 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2015-04-15 17:11 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll

2015-04-15 17:11 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll

2015-04-15 17:11 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll

2015-04-15 17:11 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2015-04-15 17:11 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll

2015-04-15 17:11 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe

2015-04-15 17:11 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2015-04-15 17:11 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2015-04-15 17:11 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2015-04-15 17:11 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2015-04-15 17:11 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2015-04-15 17:11 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll

2015-04-15 17:11 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe

2015-04-15 17:11 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2015-04-15 17:11 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2015-04-15 17:11 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2015-04-15 17:11 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll

2015-04-15 17:11 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll

2015-04-15 17:11 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys

2015-04-15 17:11 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 24802928 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 02946024 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe

2015-03-31 19:02 - 2015-03-31 19:02 - 02776408 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01513304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01402336 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01399240 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01369088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 01063936 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00979800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00671352 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00623616 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00615544 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00472976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe

2015-03-31 19:02 - 2015-03-31 19:02 - 00403671 _____ () C:\WINDOWS\system32\ImageStabilization.wmv

2015-03-31 19:02 - 2015-03-31 19:02 - 00385024 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00372224 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00354136 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00304128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00279952 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe

2015-03-31 19:02 - 2015-03-31 19:02 - 00275800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00255488 _____ () C:\WINDOWS\system32\igfxCPL.cpl

2015-03-31 19:02 - 2015-03-31 19:02 - 00229888 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00213504 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00211656 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00197464 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4156.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00178672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00178176 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00135000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00127320 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ () C:\WINDOWS\system32\igfxCUIServicePS.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00069632 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00059904 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll

2015-03-31 19:02 - 2015-03-31 19:02 - 00004016 _____ () C:\WINDOWS\system32\iglhxs64.vp

2015-03-31 19:01 - 2015-03-31 19:01 - 17761872 _____ () C:\WINDOWS\system32\igd11dxva64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 17285440 _____ () C:\WINDOWS\SysWOW64\igd11dxva32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 15982080 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 10853888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 08605632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 06021437 _____ () C:\WINDOWS\system32\igdclbif.bin

2015-03-31 19:01 - 2015-03-31 19:01 - 04877240 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys

2015-03-31 19:01 - 2015-03-31 19:01 - 03550208 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 03320320 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00636016 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00515488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00398848 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00350208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00282696 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00263120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00227328 _____ () C:\WINDOWS\system32\igdde64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00187392 _____ () C:\WINDOWS\SysWOW64\igdde32.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00169984 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll

2015-03-31 19:01 - 2015-03-31 19:01 - 00152064 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll

2015-03-31 19:00 - 2015-03-31 19:00 - 09504256 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll

2015-03-31 19:00 - 2015-03-31 19:00 - 07484416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll

2015-03-31 19:00 - 2015-03-31 19:00 - 01131008 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll

2015-03-31 19:00 - 2015-03-31 19:00 - 01029008 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 01025936 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 00641530 _____ () C:\WINDOWS\system32\FilmModeDetection.wmv

2015-03-31 19:00 - 2015-03-31 19:00 - 00448912 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 00375173 _____ () C:\WINDOWS\system32\ColorImageEnhancement.wmv

2015-03-31 19:00 - 2015-03-31 19:00 - 00339344 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 00338832 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe

2015-03-31 19:00 - 2015-03-31 19:00 - 00157072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-04-30 08:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2015-04-30 07:59 - 2015-01-29 11:51 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-04-30 06:39 - 2014-09-29 14:40 - 01441713 _____ () C:\WINDOWS\WindowsUpdate.log

2015-04-30 00:43 - 2015-02-13 20:48 - 00000000 ____D () C:\Program Files (x86)\Dell Update

2015-04-30 00:43 - 2014-12-05 10:29 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery

2015-04-29 23:52 - 2012-03-01 20:32 - 00000000 ____D () C:\Download

2015-04-29 20:10 - 2014-09-29 14:36 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2015-04-29 20:10 - 2013-09-03 15:39 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat

2015-04-29 20:10 - 2013-09-03 15:39 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat

2015-04-29 19:47 - 2014-09-29 15:27 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery

2015-04-29 19:44 - 2013-08-22 16:46 - 00115811 _____ () C:\WINDOWS\setupact.log

2015-04-29 19:44 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2015-04-27 18:01 - 2014-11-27 20:07 - 00000000 ___RD () C:\Users\karlotti\Desktop\Bilder

2015-04-26 15:27 - 2014-11-16 20:29 - 00000000 ____D () C:\Users\Wangi\AppData\Roaming\Avira

2015-04-25 23:43 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2015-04-25 19:50 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2015-04-25 00:30 - 2014-11-23 22:32 - 00000000 ___RD () C:\Users\karlotti\Desktop\Dokus1

2015-04-24 08:54 - 2014-12-11 01:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2015-04-18 12:43 - 2015-03-01 17:11 - 00000000 ____D () C:\Users\karlotti\Desktop\Ebay

2015-04-17 18:26 - 2014-11-23 12:18 - 00000000 ____D () C:\ProgramData\Oracle

2015-04-17 18:24 - 2014-11-23 12:18 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2015-04-17 18:24 - 2014-11-23 12:18 - 00000000 ____D () C:\Program Files (x86)\Java

2015-04-16 19:03 - 2014-09-29 15:15 - 00000000 ____D () C:\Intel

2015-04-16 18:57 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp

2015-04-16 14:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache

2015-04-16 12:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat

2015-04-15 17:25 - 2015-03-05 19:56 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel

2015-04-15 17:21 - 2014-11-15 18:46 - 00000000 ____D () C:\WINDOWS\system32\MRT

2015-04-15 17:18 - 2014-11-16 21:37 - 00000000 ____D () C:\ProgramData\Microsoft Help

2015-04-15 17:18 - 2014-11-15 18:46 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-04-14 18:59 - 2015-01-29 11:51 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2015-04-14 01:24 - 2014-11-15 23:05 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-04-14 01:24 - 2014-11-15 23:05 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-04-12 18:06 - 2014-11-24 01:45 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\vlc

2015-04-12 18:05 - 2014-11-24 01:46 - 00000000 ____D () C:\Users\karlotti\AppData\Local\CrashDumps

2015-04-12 09:38 - 2014-09-29 14:23 - 00390680 _____ () C:\WINDOWS\PFRO.log

2015-04-11 15:53 - 2014-09-29 15:21 - 00000000 ____D () C:\ProgramData\Package Cache

2015-04-11 15:52 - 2014-11-15 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2015-04-11 15:52 - 2014-11-15 14:12 - 00000000 ____D () C:\Program Files (x86)\Avira

2015-04-11 15:51 - 2014-11-15 20:08 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Avira

2015-04-11 15:50 - 2014-11-15 14:12 - 00000000 ____D () C:\ProgramData\Avira

2015-03-31 19:02 - 2014-09-29 15:17 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL

2015-03-31 19:02 - 2014-09-29 15:17 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL

2015-03-31 19:02 - 2014-09-29 14:02 - 06067760 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 04782296 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 02024960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 00695808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 00392592 _____ () C:\WINDOWS\system32\igfxTray.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00344976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00314256 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00278528 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll

2015-03-31 19:02 - 2014-09-29 14:02 - 00249232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00218512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe

2015-03-31 19:02 - 2014-09-29 14:02 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll

2015-03-31 19:01 - 2014-09-29 14:02 - 24003648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll

2015-03-31 19:01 - 2014-09-29 14:02 - 09396160 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
 

==================== Files in the root of some directories =======
 

2014-09-29 14:27 - 2014-09-29 14:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2015-01-25 14:35 - 2015-01-25 14:35 - 0000032 _____ () C:\ProgramData\Temp.log

2014-09-29 15:14 - 2014-09-29 15:15 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log

2014-09-29 15:10 - 2014-09-29 15:12 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log

2014-09-29 15:12 - 2014-09-29 15:13 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log

2014-09-29 15:13 - 2014-09-29 15:14 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log

2014-09-29 15:10 - 2014-09-29 15:10 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 

Files to move or delete:

====================

C:\Users\Public\NTUSER (1).DAT
 
 

Some content of TEMP:

====================

C:\Users\karlotti\AppData\Local\Temp\avgnt.exe

C:\Users\karlotti\AppData\Local\Temp\jre-8u31-windows-au.exe

C:\Users\karlotti\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Wangi\AppData\Local\Temp\avgnt.exe

C:\Users\Wangi\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\Wangi\AppData\Local\Temp\nvStInst.exe

C:\Users\Wangi\AppData\Local\Temp\ose00000.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2015-04-30 04:48
 

==================== End Of Log ============================

--- --- ---

--- --- ---

http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:
http://filepony.de/icon/emsisoft_anti_malware.png
Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.