| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PUA/Linkury.gen2Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.04.2015, 12:53
| #1 |
 |  PUA/Linkury.gen2 Vor ein paar Tagen hat AntiVir mir eine Meldung angezeigt, es wurde PUA/Linkury.gen2 auf meinem Laptop gefunden. Ich habe ihn im AntiVir in Quarantäne verschoben und habe Malwarebytes Anti-Malware drüberlaufen lassen, das wohl nichts gefunden hat. Ich finde aber dass er beim Hochfahren sehr viel Zeit braucht, das Öffnen von Outlook und anzeigen von Emails dauert lange und das Anzeigen von Bildern oder Videos geht manches Mal nicht oder dauert lange. Und der Bildschirmschoner geht manches Mal gar nicht an. Deshalb habe ich die Befürchtung da ist noch etwas oder es wurde etwas verändert. Ich bin in solchen Sachen aber absoluter Laie, bitte schreibt verständlich mit mir  Hier ist das letzte Log von dem Malware Programm Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 24.04.2015 Suchlauf-Zeit: 19:58:24 Logdatei: Log.txt Administrator: Nein Version: 2.00.4.1028 Malware Datenbank: v2015.04.24.04 Rootkit Datenbank: v2015.04.21.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: karlotti Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 304059 Verstrichene Zeit: 7 Min, 54 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 0 (Keine schädliche Elemente erkannt) Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Geändert von Jean-Louise (26.04.2015 um 13:10 Uhr) |
|
26.04.2015, 14:08
| #2 |
| /// the machine /// TB-Ausbilder    | PUA/Linkury.gen2 hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
26.04.2015, 14:36
| #3 |
| | PUA/Linkury.gen2 FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015
Ran by karlotti (ATTENTION: The logged in user is not administrator) on CHARLYNN on 26-04-2015 15:29:38
Running from C:\Users\karlotti\Desktop
Loaded Profiles: karlotti & Wangi (Available profiles: karlotti & Wangi & Administrator)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> nvvsvc.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> igfxCUIService.exe
Failed to access process -> svchost.exe
Failed to access process -> RtkAudioService64.exe
Failed to access process -> svchost.exe
Failed to access process -> wlanext.exe
Failed to access process -> conhost.exe
Failed to access process -> spoolsv.exe
Failed to access process -> sched.exe
Failed to access process -> svchost.exe
Failed to access process -> armsvc.exe
Failed to access process -> AERTSr64.exe
Failed to access process -> avguard.exe
Failed to access process -> btwdins.exe
Failed to access process -> SkypeC2CAutoUpdateSvc.exe
Failed to access process -> SkypeC2CPNRSvc.exe
Failed to access process -> GfExperienceService.exe
Failed to access process -> HeciServer.exe
Failed to access process -> nis.exe
Failed to access process -> NvNetworkService.exe
Failed to access process -> nvstreamsvc.exe
Failed to access process -> dasHost.exe
Failed to access process -> svchost.exe
Failed to access process -> TrueColorALS.exe
Failed to access process -> igfxext.exe
Failed to access process -> Avira.OE.ServiceHost.exe
Failed to access process -> nvstreamsvc.exe
Failed to access process -> conhost.exe
Failed to access process -> avshadow.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> svchost.exe
Failed to access process -> SearchIndexer.exe
Failed to access process -> svchost.exe
Failed to access process -> PresentationFontCache.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> DeliveryService.exe
Failed to access process -> DellUpService.exe
Failed to access process -> jhi_service.exe
Failed to access process -> LMS.exe
Failed to access process -> SftService.exe
Failed to access process -> SearchProtocolHost.exe
Failed to access process -> csrss.exe
Failed to access process -> winlogon.exe
Failed to access process -> dwm.exe
Failed to access process -> nvxdsync.exe
Failed to access process -> nvvsvc.exe
Failed to access process -> RAVBg64.exe
Failed to access process -> taskeng.exe
Failed to access process -> taskhostex.exe
Failed to access process -> SynTPEnh.exe
Failed to access process -> nis.exe
Failed to access process -> explorer.exe
Failed to access process -> igfxHK.exe
Failed to access process -> SynTPHelper.exe
Failed to access process -> nvtray.exe
Failed to access process -> NvBackend.exe
Failed to access process -> RtkNGUI64.exe
Failed to access process -> RAVBg64.exe
Failed to access process -> WavesSvc64.exe
Failed to access process -> quickset.exe
Failed to access process -> BTTray.exe
Failed to access process -> avgnt.exe
Failed to access process -> BTStackServer.exe
Failed to access process -> Avira.OE.Systray.exe
Failed to access process -> csrss.exe
Failed to access process -> winlogon.exe
Failed to access process -> dwm.exe
Failed to access process -> nvxdsync.exe
Failed to access process -> nvvsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
Failed to access process -> RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\TrueColor\DriverConsoleApp.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
Failed to access process -> nvstreamsvc.exe
Failed to access process -> conhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
Failed to access process -> SearchFilterHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
Failed to access process -> rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Dell) C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-14] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-31] (Waves Audio Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-17] (Dell Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [TrueColor UI] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\Run: [icq] => C:\Users\karlotti\AppData\Roaming\ICQM\icq.exe [28700192 2014-11-15] (ICQ)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\Run: [DellSystemDetect] => C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-27] (Dell)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\RunOnce: [Adobe Speed Launcher] => 1430054888
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-11-27]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\SYSTEM32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\SYSTEM32\mscoree.dll [2013-08-22] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
URLSearchHook: [S-1-5-21-2350501838-174650804-1580158862-1005] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1001 -> DefaultScope {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL =
SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1001 -> {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\karlotti\AppData\Roaming\Mozilla\Firefox\Profiles\vs6h5kbb.default
FF NewTab: www.t-online.de
FF Homepage: www.t-online.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\karlotti\AppData\Roaming\Mozilla\Firefox\Profiles\vs6h5kbb.default\Extensions\de_DE@dicts.j3e.de [2015-02-27]
FF Extension: Print pages to PDF - C:\Users\karlotti\AppData\Roaming\Mozilla\Firefox\Profiles\vs6h5kbb.default\Extensions\printPages2Pdf@reinhold.ripper [2014-11-17]
FF Extension: Classic Theme Restorer (Customize UI) - C:\Users\karlotti\AppData\Roaming\Mozilla\Firefox\Profiles\vs6h5kbb.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-11-17]
FF Extension: Adblock Plus - C:\Users\karlotti\AppData\Roaming\Mozilla\Firefox\Profiles\vs6h5kbb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-15]
FF Extension: Tab Mix Plus - C:\Users\karlotti\AppData\Roaming\Mozilla\Firefox\Profiles\vs6h5kbb.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-11-17]
FF Extension: Theme Font & Size Changer - C:\Users\karlotti\AppData\Roaming\Mozilla\Firefox\Profiles\vs6h5kbb.default\Extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}.xpi [2014-11-17]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-23]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn [2015-04-26]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-11] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-11-27] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [211320 2015-02-11] (Dell Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-03-31] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
S2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2014-04-05] (SoftThinks SAS)
R2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [89072 2014-04-30] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-27] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7488176 2013-11-27] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20150418.001\BHDrvx64.sys [1639128 2015-04-08] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-29] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20150424.001\IDSvia64.sys [671448 2015-03-26] (Symantec Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150425.002\ENG64.SYS [129752 2015-01-28] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150425.002\EX64.SYS [2137304 2015-01-28] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1507000.00B\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-11-15] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-15] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-26 15:29 - 2015-04-26 15:30 - 00024310 _____ () C:\Users\karlotti\Desktop\FRST.txt
2015-04-26 15:29 - 2015-04-26 15:29 - 00000000 ____D () C:\FRST
2015-04-26 15:28 - 2015-04-26 15:28 - 02101248 _____ (Farbar) C:\Users\karlotti\Desktop\FRST64.exe
2015-04-24 22:04 - 2015-04-26 15:28 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
2015-04-23 23:00 - 2015-04-23 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-17 22:20 - 2015-04-17 22:28 - 00000000 ____D () C:\Users\karlotti\Desktop\Kamera
2015-04-16 19:03 - 2015-04-16 19:03 - 00000401 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-04-16 18:57 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-04-16 18:57 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-04-16 18:57 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-04-16 18:57 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-04-15 17:25 - 2015-04-15 17:25 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 17:12 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-15 17:12 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-15 17:12 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-15 17:12 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-15 17:12 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-15 17:12 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-15 17:12 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-15 17:12 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-15 17:12 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-15 17:12 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-15 17:12 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-15 17:12 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-15 17:12 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-15 17:12 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-15 17:12 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-15 17:12 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-15 17:12 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-15 17:12 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-15 17:12 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-15 17:12 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-15 17:12 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-15 17:12 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-15 17:12 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-15 17:12 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-15 17:12 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-15 17:12 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-15 17:12 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 17:12 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-15 17:12 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-15 17:12 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-15 17:12 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-15 17:12 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 17:12 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-15 17:12 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-15 17:12 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-15 17:12 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-15 17:12 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-15 17:12 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-15 17:12 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-15 17:11 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-15 17:11 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-15 17:11 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-15 17:11 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-15 17:11 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-15 17:11 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-15 17:11 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-15 17:11 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-15 17:11 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-15 17:11 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-15 17:11 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-15 17:11 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-15 17:11 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-15 17:11 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-15 17:11 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-15 17:11 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-15 17:11 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-15 17:11 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-15 17:11 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-15 17:11 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 17:11 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 17:11 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 17:11 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-15 17:11 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 24802928 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 02946024 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-03-31 19:02 - 2015-03-31 19:02 - 02776408 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01513304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01402336 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01399240 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01369088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01063936 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00979800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00671352 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00623616 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00615544 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00472976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-03-31 19:02 - 2015-03-31 19:02 - 00403671 _____ () C:\WINDOWS\system32\ImageStabilization.wmv
2015-03-31 19:02 - 2015-03-31 19:02 - 00385024 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00372224 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00354136 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00304128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00279952 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-03-31 19:02 - 2015-03-31 19:02 - 00275800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00255488 _____ () C:\WINDOWS\system32\igfxCPL.cpl
2015-03-31 19:02 - 2015-03-31 19:02 - 00229888 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00213504 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00211656 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00197464 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4156.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00178672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00178176 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00135000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00127320 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ () C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00069632 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00059904 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00004016 _____ () C:\WINDOWS\system32\iglhxs64.vp
2015-03-31 19:01 - 2015-03-31 19:01 - 17761872 _____ () C:\WINDOWS\system32\igd11dxva64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 17285440 _____ () C:\WINDOWS\SysWOW64\igd11dxva32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 15982080 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 10853888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 08605632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 06021437 _____ () C:\WINDOWS\system32\igdclbif.bin
2015-03-31 19:01 - 2015-03-31 19:01 - 04877240 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-03-31 19:01 - 2015-03-31 19:01 - 03550208 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 03320320 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00636016 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00515488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00398848 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00350208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00282696 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00263120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00227328 _____ () C:\WINDOWS\system32\igdde64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00187392 _____ () C:\WINDOWS\SysWOW64\igdde32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00169984 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00152064 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2015-03-31 19:00 - 2015-03-31 19:00 - 09504256 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2015-03-31 19:00 - 2015-03-31 19:00 - 07484416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2015-03-31 19:00 - 2015-03-31 19:00 - 01131008 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2015-03-31 19:00 - 2015-03-31 19:00 - 01029008 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 01025936 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 00641530 _____ () C:\WINDOWS\system32\FilmModeDetection.wmv
2015-03-31 19:00 - 2015-03-31 19:00 - 00448912 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 00375173 _____ () C:\WINDOWS\system32\ColorImageEnhancement.wmv
2015-03-31 19:00 - 2015-03-31 19:00 - 00339344 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 00338832 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 00157072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-03-30 01:08 - 2015-01-25 11:47 - 00001117 _____ () C:\Users\karlotti\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-29 13:06 - 2015-03-29 13:06 - 00000000 ____D () C:\Users\karlotti\Tracing
2015-03-29 13:00 - 2015-03-29 13:00 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-03-29 13:00 - 2015-03-29 13:00 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-03-29 12:59 - 2015-03-29 13:10 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Skype
2015-03-29 12:59 - 2015-03-29 12:59 - 00000000 ____D () C:\Users\karlotti\AppData\Local\Skype
2015-03-29 12:58 - 2015-03-29 13:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-29 12:58 - 2015-03-29 13:04 - 00000000 ____D () C:\ProgramData\Skype
2015-03-29 12:58 - 2015-03-29 13:00 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-03-29 12:58 - 2015-03-29 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-29 12:42 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-29 12:42 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-29 12:42 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-03-29 12:42 - 2014-11-17 22:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-03-29 12:42 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-03-29 12:42 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-03-29 12:42 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-03-29 12:42 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-03-29 12:42 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-03-29 12:42 - 2014-11-14 08:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-03-29 12:42 - 2014-11-14 08:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-03-29 12:42 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-03-29 12:42 - 2014-11-10 20:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-03-29 12:42 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-03-29 12:42 - 2014-11-10 20:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-03-29 12:42 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-03-29 12:42 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-03-29 12:42 - 2014-11-10 03:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-03-29 12:42 - 2014-11-10 03:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-03-29 12:42 - 2014-11-10 03:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-03-29 12:42 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-03-29 12:42 - 2014-11-10 03:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-03-29 12:42 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-03-29 12:42 - 2014-11-10 03:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-03-29 12:42 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-03-29 12:42 - 2014-11-10 02:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-03-29 12:42 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-03-29 12:42 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-03-29 12:42 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-03-29 12:42 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-03-29 12:42 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-03-29 12:42 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-03-29 12:42 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-03-29 12:42 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-03-29 12:42 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-03-29 12:42 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-03-29 12:42 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-03-29 12:42 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-03-29 12:42 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-03-29 12:42 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-03-29 12:42 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-03-29 12:42 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-03-29 12:42 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-03-29 12:42 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-03-29 12:42 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-03-29 12:42 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-03-29 12:42 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-03-29 12:42 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-03-29 12:42 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-03-29 12:42 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-03-29 12:42 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-03-29 12:42 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-03-29 12:42 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-03-29 12:42 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-03-29 12:42 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-03-29 12:42 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-03-29 12:42 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-03-29 12:42 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-03-29 12:42 - 2014-11-04 21:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-03-29 12:42 - 2014-11-04 21:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-03-29 12:42 - 2014-11-04 08:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-03-29 12:42 - 2014-11-04 08:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-03-29 12:42 - 2014-11-04 08:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-03-29 12:42 - 2014-11-04 08:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-03-29 12:42 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-03-29 12:42 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-03-29 12:42 - 2014-10-31 02:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-03-29 12:42 - 2014-10-31 02:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-03-29 12:42 - 2014-10-29 05:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-03-29 12:42 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-03-29 12:42 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-03-29 12:42 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-03-29 12:42 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-03-29 12:42 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-03-29 12:42 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-03-29 12:42 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-03-29 12:42 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-03-29 12:42 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-03-29 12:42 - 2014-10-17 06:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-03-29 12:42 - 2014-10-17 06:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-03-29 12:42 - 2014-10-17 06:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-03-29 12:42 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-03-29 11:00 - 2015-03-29 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-29 10:59 - 2015-03-29 10:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-03-29 10:59 - 2015-03-29 10:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-03-27 20:58 - 2015-03-27 20:58 - 00000000 ____D () C:\Program Files (x86)\Dell Product Registration
2015-03-27 20:57 - 2015-03-27 22:59 - 00000000 ____D () C:\Users\karlotti\AppData\Local\Ori and the Blind Forest
2015-03-27 20:55 - 2015-03-27 20:55 - 00001088 _____ () C:\Users\karlotti\Desktop\ORI.lnk
2015-03-27 17:52 - 2015-03-27 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ori and the Blind Forest
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-26 15:27 - 2015-02-06 21:21 - 00000512 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-04-26 15:26 - 2015-02-13 20:48 - 00000000 ____D () C:\Program Files (x86)\Dell Update
2015-04-26 15:26 - 2014-12-05 10:29 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2015-04-26 15:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-26 14:59 - 2015-01-29 11:51 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-26 11:15 - 2014-09-29 14:40 - 02071240 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-26 10:48 - 2014-09-29 15:27 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-04-26 10:45 - 2013-08-22 16:46 - 00114071 _____ () C:\WINDOWS\setupact.log
2015-04-26 10:45 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-25 00:30 - 2014-11-23 22:32 - 00000000 ___RD () C:\Users\karlotti\Desktop\Dokus1
2015-04-24 18:19 - 2014-09-29 14:36 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-24 18:19 - 2013-09-03 15:39 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-04-24 18:19 - 2013-09-03 15:39 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-04-24 08:54 - 2014-12-11 01:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-22 18:00 - 2015-02-06 21:21 - 00000486 _____ () C:\WINDOWS\Tasks\ParetoLogic Registration3.job
2015-04-18 12:43 - 2015-03-01 17:11 - 00000000 ____D () C:\Users\karlotti\Desktop\Ebay
2015-04-17 18:26 - 2014-11-23 12:18 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-17 18:24 - 2014-11-23 12:18 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-04-17 18:24 - 2014-11-23 12:18 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-16 19:03 - 2014-09-29 15:15 - 00000000 ____D () C:\Intel
2015-04-16 18:57 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-16 14:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-16 12:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-15 17:25 - 2015-03-05 19:56 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-15 17:21 - 2014-11-15 18:46 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-15 17:18 - 2014-11-16 21:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 17:18 - 2014-11-15 18:46 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-14 01:24 - 2014-11-15 23:05 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2014-11-15 23:05 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-12 18:06 - 2014-11-24 01:45 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\vlc
2015-04-12 18:05 - 2014-11-24 01:46 - 00000000 ____D () C:\Users\karlotti\AppData\Local\CrashDumps
2015-04-12 09:38 - 2014-09-29 14:23 - 00390680 _____ () C:\WINDOWS\PFRO.log
2015-04-11 15:53 - 2014-09-29 15:21 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-11 15:52 - 2014-11-15 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-11 15:52 - 2014-11-15 14:12 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-11 15:51 - 2014-11-15 20:08 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Avira
2015-04-11 15:50 - 2014-11-15 14:12 - 00000000 ____D () C:\ProgramData\Avira
2015-03-31 19:02 - 2014-09-29 15:17 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-03-31 19:02 - 2014-09-29 15:17 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-03-31 19:02 - 2014-09-29 14:02 - 06067760 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 04782296 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 02024960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 00695808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 00392592 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00344976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00314256 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00278528 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 00249232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00218512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-03-31 19:01 - 2014-09-29 14:02 - 24003648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-03-31 19:01 - 2014-09-29 14:02 - 09396160 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-03-29 15:27 - 2015-02-06 21:20 - 00000000 ____D () C:\ProgramData\ParetoLogic
2015-03-29 13:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-03-29 13:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-03-29 13:06 - 2014-11-15 13:12 - 00000000 ____D () C:\Users\karlotti
2015-03-29 12:43 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-03-29 12:41 - 2014-11-15 14:38 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-03-27 20:58 - 2014-09-29 15:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
==================== Files in the root of some directories =======
2014-09-29 14:27 - 2014-09-29 14:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-25 14:35 - 2015-01-25 14:35 - 0000032 _____ () C:\ProgramData\Temp.log
2014-09-29 15:14 - 2014-09-29 15:15 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-09-29 15:10 - 2014-09-29 15:12 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-09-29 15:12 - 2014-09-29 15:13 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-09-29 15:13 - 2014-09-29 15:14 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-09-29 15:10 - 2014-09-29 15:10 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Files to move or delete:
====================
C:\Users\Public\NTUSER (1).DAT
Some content of TEMP:
====================
C:\Users\karlotti\AppData\Local\Temp\avgnt.exe
C:\Users\karlotti\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\karlotti\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
--- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2015
Ran by karlotti at 2015-04-26 15:30:32
Running from C:\Users\karlotti\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2350501838-174650804-1580158862-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-2350501838-174650804-1580158862-501 - Limited - Enabled)
karlotti (S-1-5-21-2350501838-174650804-1580158862-1001 - Limited - Enabled) => C:\Users\karlotti
Wangi (S-1-5-21-2350501838-174650804-1580158862-1005 - Administrator - Enabled) => C:\Users\Wangi
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Norton Internet Security Online (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security Online (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security Online (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
calibre 64bit (HKLM\...\{1428EEEC-F3E9-407A-A60E-2E51CF66ED80}) (Version: 2.20.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{BC8233D8-59BA-4D40-92B9-4FDE7452AA8B}) (Version: 3.0.3999.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)
Dell System Detect (HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\73f463568823ebbe) (Version: 5.12.0.3 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.1 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{D9E0A33F-19D6-45A7-83BB-535C7B5F699B}) (Version: 1.5.3000.0 - Dell Inc.)
DSC/AA Factory Installer (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 6.30.223.181 - Dell Inc.)
ICQ 8.1 (build 6346) (HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\ICQ) (Version: 8.1.6346.0 - Mail.Ru)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4156 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell)
My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Ori and the Blind Forest (HKLM-x32\...\Ori and the Blind Forest_is1) (Version: - )
Paint Shop Pro 7 Evaluation (HKLM-x32\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.0.0000 - Jasc Software Inc)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{D691E998-CF53-4F6C-AC20-E4284660E0E7}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.18 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
True Color (HKLM-x32\...\{f8476c72-fe9e-4c04-a537-40a60257e57d}) (Version: 2.0.0.1 - Entertainment Experience)
True Color (Version: 2.0.0.1 - Entertainment Experience LLC) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8070 - Broadcom Corporation)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled.
Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job =>
Task: C:\WINDOWS\Tasks\ParetoLogic Registration3.job =>
Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job =>
Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3.job =>
Task: C:\WINDOWS\Tasks\SuperEasyDriverUpdater_UPDATES.job =>
==================== Loaded Modules (whitelisted) ==============
2014-04-30 15:20 - 2014-04-30 15:20 - 00016368 _____ () C:\Program Files\TrueColor\DriverConsoleApp.exe
2014-09-29 15:29 - 2014-03-12 21:22 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2014-09-29 15:29 - 2014-03-12 21:22 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2013-10-25 13:05 - 2013-10-25 13:05 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\dell.com -> dell.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\karlotti\AppData\Local\Microsoft\Windows\Themes\German La\DesktopBackground\14_jörg_franzen_-_hallig_hooge.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\StartupApproved\Run: => "icq"
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC] => (Allow) %systemroot%\system32\wininit.exe
FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper] => (Allow) %systemroot%\system32\wininit.exe
FirewallRules: [ProximityUxHost-Sharing-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe
FirewallRules: [ProximityUxHost-Sharing-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe
FirewallRules: [NETDIS-DAS-In-UDP-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [NETDIS-DAS-In-UDP] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [EventForwarder-In-TCP] => (Allow) %SystemRoot%\system32\NetEvtFwdr.exe
FirewallRules: [TPMVSCMGR-Server-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-In-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [TPMVSCMGR-Server-Out-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
FirewallRules: [PlayTo-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-Out-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [PlayTo-In-RTSP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
FirewallRules: [WFDPRINT-DAFWSD-In-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [WFDPRINT-DAFWSD-Out-Active] => (Allow) %SystemRoot%\system32\dashost.exe
FirewallRules: [{C2FE2CE1-066B-4A23-866B-E49F91E08C46}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{092E4438-4D24-44F7-BCBA-2BC27DFDACD6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6446B6B3-4003-4D93-BF9B-90926B58B5D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{94D34013-8E65-4A41-8E00-70BEAFC80BE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{FA47F52C-4D47-4746-B2C6-E0CCA8109ACB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C4AB114D-3593-48F0-BB02-CD9350DCBDAC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C0F39CA6-5CC9-4881-A0B9-7132F01B4834}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{1FD42A06-D593-4147-B6B4-038D09522908}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{245FDBF3-FA76-4609-9DC9-17C6C9BE395B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\outlook.exe
FirewallRules: [{4A9F38D0-0A9F-44FB-9967-A01960104283}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DBB1154F-3BDB-4A6F-9CA8-ADCF0619DFBA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A6D72016-E26C-4F58-ADF5-DA29194F57E0}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{468BA989-DBFA-4622-BC07-1425F390CEA9}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{201CAEBD-12FB-47DE-BD06-760BA6A7467C}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{EFBBC70A-85CB-414E-BD24-7BE419062420}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{E61BD6EC-5B1A-4267-B1B8-4DB5B85153FC}] => (Block) D:\Games\Ori and the Blind Forest\ori.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/25/2015 09:36:01 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (04/23/2015 10:58:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 12.0.6691.5000, Zeitstempel: 0x52e8c57c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f42c2
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e5624
ID des fehlerhaften Prozesses: 0x1520
Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0
Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1
Pfad des fehlerhaften Moduls: OUTLOOK.EXE2
Berichtskennung: OUTLOOK.EXE3
Vollständiger Name des fehlerhaften Pakets: OUTLOOK.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OUTLOOK.EXE5
Error: (04/23/2015 02:31:18 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (04/22/2015 08:35:16 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (04/21/2015 08:34:18 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (04/16/2015 06:45:35 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (04/12/2015 06:05:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17668, Zeitstempel: 0x54c850f5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000582bb
ID des fehlerhaften Prozesses: 0x19ac
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (04/01/2015 07:35:07 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (03/29/2015 01:16:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxTray.exe, Version: 6.15.10.3574, Zeitstempel: 0x535821b3
Name des fehlerhaften Moduls: combase.dll, Version: 6.3.9600.17415, Zeitstempel: 0x545044f9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000394ca
ID des fehlerhaften Prozesses: 0xde0
Startzeit der fehlerhaften Anwendung: 0xigfxTray.exe0
Pfad der fehlerhaften Anwendung: igfxTray.exe1
Pfad des fehlerhaften Moduls: igfxTray.exe2
Berichtskennung: igfxTray.exe3
Vollständiger Name des fehlerhaften Pakets: igfxTray.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxTray.exe5
Error: (03/28/2015 04:15:34 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
System errors:
=============
Error: (04/26/2015 10:46:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "My Dell Client Framework" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/26/2015 10:46:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst My Dell Client Framework erreicht.
Error: (04/25/2015 07:51:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/25/2015 07:51:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.
Error: (04/25/2015 00:44:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062
Error: (04/24/2015 08:40:58 PM) (Source: DCOM) (EventID: 10010) (User: Charlynn)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (04/24/2015 00:40:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "My Dell Client Framework" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/24/2015 00:40:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst My Dell Client Framework erreicht.
Error: (04/24/2015 08:55:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "My Dell Client Framework" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/24/2015 08:55:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst My Dell Client Framework erreicht.
Microsoft Office Sessions:
=========================
Error: (01/26/2015 00:24:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6887 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 36%
Total physical RAM: 8095.82 MB
Available physical RAM: 5152.75 MB
Total Pagefile: 9375.82 MB
Available Pagefile: 6302 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: (Win) (Fixed) (Total:174.49 GB) (Free:107.46 GB) NTFS
Drive d: (Daten) (Fixed) (Total:240.5 GB) (Free:111.41 GB) NTFS
Drive e: (Doku) (Fixed) (Total:209.96 GB) (Free:118.75 GB) NTFS
Drive g: (Backup) (Fixed) (Total:292.97 GB) (Free:178.28 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
|
|
27.04.2015, 06:33
| #4 |
| /// the machine /// TB-Ausbilder | PUA/Linkury.gen2 FRST bitte nochmal, unsere Tools brauchen immer Adminrechte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.04.2015, 08:54
| #5 |
| | PUA/Linkury.gen2FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015
Ran by Wangi (administrator) on CHARLYNN on 27-04-2015 09:49:39
Running from C:\Users\karlotti\Desktop
Loaded Profiles: karlotti & Wangi (Available profiles: karlotti & Wangi & Administrator)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\TrueColor\TrueColorALS.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Dell) C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(ICQ) C:\Users\karlotti\AppData\Roaming\ICQM\icq.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\TrueColor\DriverConsoleApp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-14] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-31] (Waves Audio Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-17] (Dell Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [TrueColor UI] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\Run: [icq] => C:\Users\karlotti\AppData\Roaming\ICQM\icq.exe [28700192 2014-11-15] (ICQ)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\Run: [DellSystemDetect] => C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-27] (Dell)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\RunOnce: [Adobe Speed Launcher] => 1430120345
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\Run: [DellSystemDetect] => C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-27] (Dell)
HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\RunOnce: [Adobe Speed Launcher] => 1430120897
HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\MountPoints2: {5380a5cc-47d3-11e4-824c-806e6f6e6963} - "F:\SETUP.EXE"
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-11-27]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\SYSTEM32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\SYSTEM32\mscoree.dll [2013-08-22] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-2350501838-174650804-1580158862-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-2350501838-174650804-1580158862-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1001 -> DefaultScope {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL =
SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1001 -> {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL =
SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1005 -> DefaultScope {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL =
SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1005 -> {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Wangi\AppData\Roaming\Mozilla\Firefox\Profiles\0izdz5hd.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-23]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn [2015-04-27]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-11] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-11-27] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [211320 2015-02-11] (Dell Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-03-31] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2014-04-05] (SoftThinks SAS)
R2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [89072 2014-04-30] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-27] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7488176 2013-11-27] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20150418.001\BHDrvx64.sys [1639128 2015-04-08] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-29] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20150424.001\IDSvia64.sys [671448 2015-03-26] (Symantec Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150425.002\ENG64.SYS [129752 2015-01-28] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150425.002\EX64.SYS [2137304 2015-01-28] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1507000.00B\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-11-15] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-15] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-26 15:30 - 2015-04-26 15:30 - 00023889 _____ () C:\Users\karlotti\Desktop\Addition.txt
2015-04-26 15:29 - 2015-04-27 09:49 - 00023910 _____ () C:\Users\karlotti\Desktop\FRST.txt
2015-04-26 15:29 - 2015-04-27 09:49 - 00000000 ____D () C:\FRST
2015-04-26 15:28 - 2015-04-26 15:28 - 02101248 _____ (Farbar) C:\Users\karlotti\Desktop\FRST64.exe
2015-04-24 22:04 - 2015-04-26 15:38 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
2015-04-23 23:00 - 2015-04-23 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-17 22:20 - 2015-04-17 22:28 - 00000000 ____D () C:\Users\karlotti\Desktop\Kamera
2015-04-16 19:03 - 2015-04-16 19:03 - 00000401 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-04-16 18:57 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-04-16 18:57 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-04-16 18:57 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-04-16 18:57 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-04-15 17:25 - 2015-04-15 17:25 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 17:12 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-15 17:12 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-15 17:12 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-15 17:12 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-15 17:12 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-15 17:12 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-15 17:12 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-15 17:12 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-15 17:12 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-15 17:12 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-15 17:12 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-15 17:12 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-15 17:12 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-15 17:12 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-15 17:12 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-15 17:12 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-15 17:12 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-15 17:12 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-15 17:12 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-15 17:12 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-15 17:12 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-15 17:12 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-15 17:12 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-15 17:12 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-15 17:12 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-15 17:12 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-15 17:12 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 17:12 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-15 17:12 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-15 17:12 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-15 17:12 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-15 17:12 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 17:12 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-15 17:12 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-15 17:12 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-15 17:12 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-15 17:12 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-15 17:12 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-15 17:12 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-15 17:11 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-15 17:11 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-15 17:11 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-15 17:11 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-15 17:11 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-15 17:11 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-15 17:11 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-15 17:11 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-15 17:11 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-15 17:11 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-15 17:11 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-15 17:11 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-15 17:11 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-15 17:11 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-15 17:11 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-15 17:11 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-15 17:11 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-15 17:11 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-15 17:11 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-15 17:11 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 17:11 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 17:11 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 17:11 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-15 17:11 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 24802928 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 02946024 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-03-31 19:02 - 2015-03-31 19:02 - 02776408 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01513304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01402336 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01399240 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01369088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01063936 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00979800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00671352 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00623616 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00615544 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00472976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-03-31 19:02 - 2015-03-31 19:02 - 00403671 _____ () C:\WINDOWS\system32\ImageStabilization.wmv
2015-03-31 19:02 - 2015-03-31 19:02 - 00385024 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00372224 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00354136 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00304128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00279952 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-03-31 19:02 - 2015-03-31 19:02 - 00275800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00255488 _____ () C:\WINDOWS\system32\igfxCPL.cpl
2015-03-31 19:02 - 2015-03-31 19:02 - 00229888 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00213504 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00211656 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00197464 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4156.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00178672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00178176 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00135000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00127320 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ () C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00069632 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00059904 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00004016 _____ () C:\WINDOWS\system32\iglhxs64.vp
2015-03-31 19:01 - 2015-03-31 19:01 - 17761872 _____ () C:\WINDOWS\system32\igd11dxva64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 17285440 _____ () C:\WINDOWS\SysWOW64\igd11dxva32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 15982080 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 10853888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 08605632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 06021437 _____ () C:\WINDOWS\system32\igdclbif.bin
2015-03-31 19:01 - 2015-03-31 19:01 - 04877240 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-03-31 19:01 - 2015-03-31 19:01 - 03550208 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 03320320 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00636016 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00515488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00398848 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00350208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00282696 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00263120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00227328 _____ () C:\WINDOWS\system32\igdde64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00187392 _____ () C:\WINDOWS\SysWOW64\igdde32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00169984 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00152064 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2015-03-31 19:00 - 2015-03-31 19:00 - 09504256 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2015-03-31 19:00 - 2015-03-31 19:00 - 07484416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2015-03-31 19:00 - 2015-03-31 19:00 - 01131008 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2015-03-31 19:00 - 2015-03-31 19:00 - 01029008 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 01025936 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 00641530 _____ () C:\WINDOWS\system32\FilmModeDetection.wmv
2015-03-31 19:00 - 2015-03-31 19:00 - 00448912 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 00375173 _____ () C:\WINDOWS\system32\ColorImageEnhancement.wmv
2015-03-31 19:00 - 2015-03-31 19:00 - 00339344 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 00338832 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 00157072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-03-30 01:08 - 2015-01-25 11:47 - 00001117 _____ () C:\Users\karlotti\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-29 15:10 - 2015-03-29 15:10 - 00003110 _____ () C:\WINDOWS\System32\Tasks\{6E25C8BC-B1F6-4868-BD24-061931D008D8}
2015-03-29 13:06 - 2015-03-29 13:06 - 00000000 ____D () C:\Users\karlotti\Tracing
2015-03-29 13:00 - 2015-03-29 13:00 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-03-29 13:00 - 2015-03-29 13:00 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-03-29 12:59 - 2015-03-29 13:10 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Skype
2015-03-29 12:59 - 2015-03-29 12:59 - 00000000 ____D () C:\Users\karlotti\AppData\Local\Skype
2015-03-29 12:58 - 2015-03-29 13:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-29 12:58 - 2015-03-29 13:04 - 00000000 ____D () C:\ProgramData\Skype
2015-03-29 12:58 - 2015-03-29 13:00 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-03-29 12:58 - 2015-03-29 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-29 12:42 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-29 12:42 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-29 12:42 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-03-29 12:42 - 2014-11-17 22:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-03-29 12:42 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-03-29 12:42 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-03-29 12:42 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-03-29 12:42 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-03-29 12:42 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-03-29 12:42 - 2014-11-14 08:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-03-29 12:42 - 2014-11-14 08:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-03-29 12:42 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-03-29 12:42 - 2014-11-10 20:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-03-29 12:42 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-03-29 12:42 - 2014-11-10 20:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-03-29 12:42 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-03-29 12:42 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-03-29 12:42 - 2014-11-10 03:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-03-29 12:42 - 2014-11-10 03:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-03-29 12:42 - 2014-11-10 03:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-03-29 12:42 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-03-29 12:42 - 2014-11-10 03:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-03-29 12:42 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-03-29 12:42 - 2014-11-10 03:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-03-29 12:42 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-03-29 12:42 - 2014-11-10 02:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-03-29 12:42 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-03-29 12:42 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-03-29 12:42 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-03-29 12:42 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-03-29 12:42 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-03-29 12:42 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-03-29 12:42 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-03-29 12:42 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-03-29 12:42 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-03-29 12:42 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-03-29 12:42 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-03-29 12:42 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-03-29 12:42 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-03-29 12:42 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-03-29 12:42 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-03-29 12:42 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-03-29 12:42 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-03-29 12:42 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-03-29 12:42 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-03-29 12:42 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-03-29 12:42 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-03-29 12:42 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-03-29 12:42 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-03-29 12:42 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-03-29 12:42 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-03-29 12:42 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-03-29 12:42 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-03-29 12:42 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-03-29 12:42 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-03-29 12:42 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-03-29 12:42 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-03-29 12:42 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-03-29 12:42 - 2014-11-04 21:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-03-29 12:42 - 2014-11-04 21:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-03-29 12:42 - 2014-11-04 08:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-03-29 12:42 - 2014-11-04 08:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-03-29 12:42 - 2014-11-04 08:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-03-29 12:42 - 2014-11-04 08:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-03-29 12:42 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-03-29 12:42 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-03-29 12:42 - 2014-10-31 02:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-03-29 12:42 - 2014-10-31 02:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-03-29 12:42 - 2014-10-29 05:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-03-29 12:42 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-03-29 12:42 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-03-29 12:42 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-03-29 12:42 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-03-29 12:42 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-03-29 12:42 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-03-29 12:42 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-03-29 12:42 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-03-29 12:42 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-03-29 12:42 - 2014-10-17 06:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-03-29 12:42 - 2014-10-17 06:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-03-29 12:42 - 2014-10-17 06:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-03-29 12:42 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-03-29 11:00 - 2015-03-29 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-29 10:59 - 2015-03-29 10:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-03-29 10:59 - 2015-03-29 10:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-27 09:48 - 2015-02-06 21:21 - 00000512 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-04-27 09:44 - 2014-11-15 20:11 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1001
2015-04-27 09:44 - 2014-09-29 14:40 - 01100355 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-27 09:40 - 2014-09-29 15:27 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-04-27 09:37 - 2013-08-22 16:46 - 00114419 _____ () C:\WINDOWS\setupact.log
2015-04-27 09:37 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-26 23:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-26 22:59 - 2015-01-29 11:51 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-26 18:00 - 2015-02-06 21:21 - 00000486 _____ () C:\WINDOWS\Tasks\ParetoLogic Registration3.job
2015-04-26 16:17 - 2015-02-13 20:48 - 00000000 ____D () C:\Program Files (x86)\Dell Update
2015-04-26 16:17 - 2014-12-05 10:29 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2015-04-26 16:11 - 2014-11-16 20:29 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1005
2015-04-26 15:27 - 2014-11-16 20:29 - 00000000 ____D () C:\Users\Wangi\AppData\Roaming\Avira
2015-04-25 23:43 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-25 19:50 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-04-25 00:30 - 2014-11-23 22:32 - 00000000 ___RD () C:\Users\karlotti\Desktop\Dokus1
2015-04-24 18:19 - 2014-09-29 14:36 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-24 18:19 - 2013-09-03 15:39 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-04-24 18:19 - 2013-09-03 15:39 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-04-24 08:54 - 2014-12-11 01:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-18 12:43 - 2015-03-01 17:11 - 00000000 ____D () C:\Users\karlotti\Desktop\Ebay
2015-04-17 18:26 - 2014-11-23 12:18 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-17 18:24 - 2014-11-23 12:18 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-04-17 18:24 - 2014-11-23 12:18 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-16 19:03 - 2014-09-29 15:15 - 00000000 ____D () C:\Intel
2015-04-16 18:57 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-16 14:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-16 12:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-15 17:25 - 2015-03-05 19:56 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-15 17:21 - 2014-11-15 18:46 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-15 17:18 - 2014-11-16 21:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 17:18 - 2014-11-15 18:46 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-14 18:59 - 2015-01-29 11:51 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-04-14 01:24 - 2014-11-15 23:05 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2014-11-15 23:05 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-12 18:06 - 2014-11-24 01:45 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\vlc
2015-04-12 18:05 - 2014-11-24 01:46 - 00000000 ____D () C:\Users\karlotti\AppData\Local\CrashDumps
2015-04-12 09:38 - 2014-09-29 14:23 - 00390680 _____ () C:\WINDOWS\PFRO.log
2015-04-11 15:53 - 2014-09-29 15:21 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-11 15:52 - 2014-11-15 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-11 15:52 - 2014-11-15 14:12 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-11 15:51 - 2014-11-15 20:08 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Avira
2015-04-11 15:50 - 2014-11-15 14:12 - 00000000 ____D () C:\ProgramData\Avira
2015-03-31 19:02 - 2014-09-29 15:17 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-03-31 19:02 - 2014-09-29 15:17 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-03-31 19:02 - 2014-09-29 14:02 - 06067760 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 04782296 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 02024960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 00695808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 00392592 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00344976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00314256 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00278528 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 00249232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00218512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-03-31 19:01 - 2014-09-29 14:02 - 24003648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-03-31 19:01 - 2014-09-29 14:02 - 09396160 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-03-29 15:27 - 2015-02-06 21:20 - 00000000 ____D () C:\ProgramData\ParetoLogic
2015-03-29 13:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-03-29 13:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-03-29 13:06 - 2014-11-15 13:12 - 00000000 ____D () C:\Users\karlotti
2015-03-29 12:43 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-03-29 12:41 - 2014-11-15 14:38 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
==================== Files in the root of some directories =======
2014-09-29 14:27 - 2014-09-29 14:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-25 14:35 - 2015-01-25 14:35 - 0000032 _____ () C:\ProgramData\Temp.log
2014-09-29 15:14 - 2014-09-29 15:15 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-09-29 15:10 - 2014-09-29 15:12 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-09-29 15:12 - 2014-09-29 15:13 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-09-29 15:13 - 2014-09-29 15:14 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-09-29 15:10 - 2014-09-29 15:10 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Files to move or delete:
====================
C:\Users\Public\NTUSER (1).DAT
Some content of TEMP:
====================
C:\Users\karlotti\AppData\Local\Temp\avgnt.exe
C:\Users\karlotti\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\karlotti\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Wangi\AppData\Local\Temp\avgnt.exe
C:\Users\Wangi\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Wangi\AppData\Local\Temp\nvStInst.exe
C:\Users\Wangi\AppData\Local\Temp\ose00000.exe
C:\Users\Wangi\AppData\Local\Temp\Quarantine.exe
C:\Users\Wangi\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-15 08:46
==================== End Of Log ============================
|
|
28.04.2015, 08:50
| #6 |
| /// the machine /// TB-Ausbilder | PUA/Linkury.gen2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> PUA/Linkury.gen2 |
|
28.04.2015, 11:09
| #7 |
| | PUA/Linkury.gen2 AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.202 - Bericht erstellt 28/04/2015 um 10:24:07
# Aktualisiert 23/04/2015 von Xplode
# Datenbank : 2015-04-23.1 [Lokal]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Wangi - CHARLYNN
# Gestarted von : D:\Download\Neu\AdwCleaner_4.202.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\ParetoLogic
Ordner Gelöscht : C:\Program Files (x86)\Common Files\ParetoLogic
Ordner Gelöscht : C:\Users\karlotti\AppData\Roaming\SuperEasy Software
Ordner Gelöscht : C:\Users\Wangi\AppData\Roaming\DriverCure
Ordner Gelöscht : C:\Users\Wangi\AppData\Roaming\ParetoLogic
Ordner Gelöscht : C:\Users\Wangi\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Wangi\AppData\Roaming\SuperEasy Software
***** [ Geplante Tasks ] *****
Task Gelöscht : paretologic registration3
Task Gelöscht : paretologic update version3
Task Gelöscht : SuperEasyDriverUpdater_UPDATES
Task Gelöscht : ParetoLogic Update Version3 Startup Task
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\ParetoLogic
Schlüssel Gelöscht : HKCU\Software\SuperEasy Software
Schlüssel Gelöscht : HKLM\SOFTWARE\ParetoLogic
Schlüssel Gelöscht : HKLM\SOFTWARE\SuperEasy Software
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v37.0.2 (x86 de)
*************************
AdwCleaner[R1].txt - [1796 Bytes] - [28/04/2015 10:13:41]
AdwCleaner[S0].txt - [1557 Bytes] - [28/04/2015 10:24:07]
########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [1616 Bytes] ##########
Das Logfile von dem Junkware Removal Tool wird nicht richtig sein, weil nach dem ersten Durchlauf hat sich keine Textdatei geöffnet und ich habe auch keine Txt Datei auf dem Desktop gefunden, hab aber nicht dran gedacht das es auf dem Administrator Desktop ist und hab noch mal einen Durchlauf gemacht. Das Logfile von dem ist das untenstehende. SorryJRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.5 (04.27.2015:1)
OS: Windows 8.1 x64
Ran by Wangi on 28.04.2015 at 10:50:21,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1001
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1004
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1005
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\PCDEventLauncherTask
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\SuperEasyDriverUpdaterRunAtStartup
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\pcdr
Successfully deleted: [Folder] C:\Users\Wangi\appdata\locallow\pcdr
Successfully deleted: [Folder] C:\Users\Wangi\AppData\Roaming\pcdr
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.04.2015 at 10:53:03,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015
Ran by Wangi (administrator) on CHARLYNN on 28-04-2015 10:57:21
Running from C:\Users\karlotti\Desktop
Loaded Profiles: karlotti & Wangi (Available profiles: karlotti & Wangi & Administrator)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-14] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-31] (Waves Audio Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-17] (Dell Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [TrueColor UI] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\Run: [icq] => C:\Users\karlotti\AppData\Roaming\ICQM\icq.exe [28700192 2014-11-15] (ICQ)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\Run: [DellSystemDetect] => C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-27] (Dell)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\RunOnce: [Adobe Speed Launcher] => 1430209711
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\Run: [DellSystemDetect] => C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-27] (Dell)
HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\RunOnce: [Adobe Speed Launcher] => 1430210782
HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\MountPoints2: {5380a5cc-47d3-11e4-824c-806e6f6e6963} - "F:\SETUP.EXE"
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-11-27]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\SYSTEM32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\SYSTEM32\mscoree.dll [2013-08-22] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-2350501838-174650804-1580158862-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-2350501838-174650804-1580158862-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1001 -> {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL =
SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1005 -> {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Wangi\AppData\Roaming\Mozilla\Firefox\Profiles\0izdz5hd.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-23]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn [2015-04-28]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-11] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-11-27] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [211320 2015-02-11] (Dell Inc.)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-03-31] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
S2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2014-04-05] (SoftThinks SAS)
S2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [89072 2014-04-30] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-27] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7488176 2013-11-27] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20150418.001\BHDrvx64.sys [1639128 2015-04-08] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-29] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20150427.001\IDSvia64.sys [671448 2015-03-26] (Symantec Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150427.021\ENG64.SYS [129752 2015-01-28] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150427.021\EX64.SYS [2137304 2015-01-28] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1507000.00B\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-11-15] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-15] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-28 10:57 - 2015-04-28 10:58 - 00020540 _____ () C:\Users\karlotti\Desktop\FRST.txt
2015-04-28 10:55 - 2015-04-28 10:55 - 00001352 _____ () C:\Users\Wangi\Desktop\JRT1.txt
2015-04-28 10:54 - 2015-04-28 10:54 - 00000000 ____D () C:\Users\karlotti\Desktop\Alt
2015-04-28 10:53 - 2015-04-28 10:53 - 00001352 _____ () C:\Users\Wangi\Desktop\JRT.txt
2015-04-28 10:52 - 2015-04-28 10:52 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1001
2015-04-28 10:51 - 2015-04-28 10:51 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1005
2015-04-28 10:50 - 2015-04-28 10:50 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-CHARLYNN-Windows-8.1-(64-bit).dat
2015-04-28 10:50 - 2015-04-28 10:50 - 00000000 ____D () C:\RegBackup
2015-04-26 15:29 - 2015-04-28 10:57 - 00000000 ____D () C:\FRST
2015-04-26 15:28 - 2015-04-26 15:28 - 02101248 _____ (Farbar) C:\Users\karlotti\Desktop\FRST64.exe
2015-04-24 22:04 - 2015-04-26 15:38 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
2015-04-23 23:00 - 2015-04-23 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-17 22:20 - 2015-04-17 22:28 - 00000000 ____D () C:\Users\karlotti\Desktop\Kamera
2015-04-16 19:03 - 2015-04-16 19:03 - 00000401 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-04-16 18:57 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-04-16 18:57 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-04-16 18:57 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-04-16 18:57 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-04-15 17:25 - 2015-04-15 17:25 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 17:12 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-15 17:12 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-15 17:12 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-15 17:12 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-15 17:12 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-15 17:12 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-15 17:12 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-15 17:12 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-15 17:12 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-15 17:12 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-15 17:12 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-15 17:12 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-15 17:12 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-15 17:12 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-15 17:12 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-15 17:12 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-15 17:12 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-15 17:12 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-15 17:12 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-15 17:12 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-15 17:12 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-15 17:12 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-15 17:12 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-15 17:12 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-15 17:12 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-15 17:12 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-15 17:12 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 17:12 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-15 17:12 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-15 17:12 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-15 17:12 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-15 17:12 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 17:12 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-15 17:12 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-15 17:12 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-15 17:12 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-15 17:12 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-15 17:12 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-15 17:12 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-15 17:11 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-15 17:11 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-15 17:11 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-15 17:11 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-15 17:11 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-15 17:11 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-15 17:11 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-15 17:11 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-15 17:11 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-15 17:11 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-15 17:11 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-15 17:11 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-15 17:11 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-15 17:11 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-15 17:11 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-15 17:11 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-15 17:11 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-15 17:11 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-15 17:11 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-15 17:11 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 17:11 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 17:11 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 17:11 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-15 17:11 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 24802928 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 02946024 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-03-31 19:02 - 2015-03-31 19:02 - 02776408 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01513304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01402336 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01399240 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01369088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01063936 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00979800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00671352 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00623616 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00615544 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00472976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-03-31 19:02 - 2015-03-31 19:02 - 00403671 _____ () C:\WINDOWS\system32\ImageStabilization.wmv
2015-03-31 19:02 - 2015-03-31 19:02 - 00385024 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00372224 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00354136 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00304128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00279952 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-03-31 19:02 - 2015-03-31 19:02 - 00275800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00255488 _____ () C:\WINDOWS\system32\igfxCPL.cpl
2015-03-31 19:02 - 2015-03-31 19:02 - 00229888 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00213504 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00211656 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00197464 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4156.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00178672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00178176 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00135000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00127320 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ () C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00069632 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00059904 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00004016 _____ () C:\WINDOWS\system32\iglhxs64.vp
2015-03-31 19:01 - 2015-03-31 19:01 - 17761872 _____ () C:\WINDOWS\system32\igd11dxva64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 17285440 _____ () C:\WINDOWS\SysWOW64\igd11dxva32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 15982080 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 10853888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 08605632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 06021437 _____ () C:\WINDOWS\system32\igdclbif.bin
2015-03-31 19:01 - 2015-03-31 19:01 - 04877240 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-03-31 19:01 - 2015-03-31 19:01 - 03550208 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 03320320 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00636016 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00515488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00398848 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00350208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00282696 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00263120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00227328 _____ () C:\WINDOWS\system32\igdde64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00187392 _____ () C:\WINDOWS\SysWOW64\igdde32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00169984 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00152064 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2015-03-31 19:00 - 2015-03-31 19:00 - 09504256 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2015-03-31 19:00 - 2015-03-31 19:00 - 07484416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2015-03-31 19:00 - 2015-03-31 19:00 - 01131008 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2015-03-31 19:00 - 2015-03-31 19:00 - 01029008 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 01025936 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 00641530 _____ () C:\WINDOWS\system32\FilmModeDetection.wmv
2015-03-31 19:00 - 2015-03-31 19:00 - 00448912 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 00375173 _____ () C:\WINDOWS\system32\ColorImageEnhancement.wmv
2015-03-31 19:00 - 2015-03-31 19:00 - 00339344 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 00338832 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 00157072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-03-30 01:08 - 2015-01-25 11:47 - 00001117 _____ () C:\Users\karlotti\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-29 15:10 - 2015-03-29 15:10 - 00003110 _____ () C:\WINDOWS\System32\Tasks\{6E25C8BC-B1F6-4868-BD24-061931D008D8}
2015-03-29 13:06 - 2015-03-29 13:06 - 00000000 ____D () C:\Users\karlotti\Tracing
2015-03-29 13:00 - 2015-03-29 13:00 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-03-29 13:00 - 2015-03-29 13:00 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-03-29 12:59 - 2015-03-29 13:10 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Skype
2015-03-29 12:59 - 2015-03-29 12:59 - 00000000 ____D () C:\Users\karlotti\AppData\Local\Skype
2015-03-29 12:58 - 2015-03-29 13:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-29 12:58 - 2015-03-29 13:04 - 00000000 ____D () C:\ProgramData\Skype
2015-03-29 12:58 - 2015-03-29 13:00 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-03-29 12:58 - 2015-03-29 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-29 12:42 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-29 12:42 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-29 12:42 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-03-29 12:42 - 2014-11-17 22:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-03-29 12:42 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-03-29 12:42 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-03-29 12:42 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-03-29 12:42 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-03-29 12:42 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-03-29 12:42 - 2014-11-14 08:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-03-29 12:42 - 2014-11-14 08:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-03-29 12:42 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-03-29 12:42 - 2014-11-10 20:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-03-29 12:42 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-03-29 12:42 - 2014-11-10 20:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-03-29 12:42 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-03-29 12:42 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-03-29 12:42 - 2014-11-10 03:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-03-29 12:42 - 2014-11-10 03:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-03-29 12:42 - 2014-11-10 03:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-03-29 12:42 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-03-29 12:42 - 2014-11-10 03:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-03-29 12:42 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-03-29 12:42 - 2014-11-10 03:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-03-29 12:42 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-03-29 12:42 - 2014-11-10 02:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-03-29 12:42 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-03-29 12:42 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-03-29 12:42 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-03-29 12:42 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-03-29 12:42 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-03-29 12:42 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-03-29 12:42 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-03-29 12:42 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-03-29 12:42 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-03-29 12:42 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-03-29 12:42 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-03-29 12:42 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-03-29 12:42 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-03-29 12:42 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-03-29 12:42 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-03-29 12:42 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-03-29 12:42 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-03-29 12:42 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-03-29 12:42 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-03-29 12:42 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-03-29 12:42 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-03-29 12:42 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-03-29 12:42 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-03-29 12:42 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-03-29 12:42 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-03-29 12:42 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-03-29 12:42 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-03-29 12:42 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-03-29 12:42 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-03-29 12:42 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-03-29 12:42 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-03-29 12:42 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-03-29 12:42 - 2014-11-04 21:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-03-29 12:42 - 2014-11-04 21:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-03-29 12:42 - 2014-11-04 08:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-03-29 12:42 - 2014-11-04 08:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-03-29 12:42 - 2014-11-04 08:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-03-29 12:42 - 2014-11-04 08:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-03-29 12:42 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-03-29 12:42 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-03-29 12:42 - 2014-10-31 02:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-03-29 12:42 - 2014-10-31 02:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-03-29 12:42 - 2014-10-29 05:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-03-29 12:42 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-03-29 12:42 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-03-29 12:42 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-03-29 12:42 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-03-29 12:42 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-03-29 12:42 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-03-29 12:42 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-03-29 12:42 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-03-29 12:42 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-03-29 12:42 - 2014-10-17 06:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-03-29 12:42 - 2014-10-17 06:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-03-29 12:42 - 2014-10-17 06:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-03-29 12:42 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-03-29 11:00 - 2015-03-29 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-29 10:59 - 2015-03-29 10:59 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-03-29 10:59 - 2015-03-29 10:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-28 10:53 - 2014-09-29 14:40 - 01242466 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-28 10:29 - 2014-09-29 15:27 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-04-28 10:26 - 2013-08-22 16:46 - 00115115 _____ () C:\WINDOWS\setupact.log
2015-04-28 10:25 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-28 10:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-28 09:59 - 2015-01-29 11:51 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-27 18:01 - 2014-11-27 20:07 - 00000000 ___RD () C:\Users\karlotti\Desktop\Bilder
2015-04-27 17:13 - 2015-02-13 20:48 - 00000000 ____D () C:\Program Files (x86)\Dell Update
2015-04-27 17:13 - 2014-12-05 10:29 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2015-04-27 12:10 - 2014-09-29 14:36 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-27 12:10 - 2013-09-03 15:39 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-04-27 12:10 - 2013-09-03 15:39 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-04-26 15:27 - 2014-11-16 20:29 - 00000000 ____D () C:\Users\Wangi\AppData\Roaming\Avira
2015-04-25 23:43 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-25 19:50 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-04-25 00:30 - 2014-11-23 22:32 - 00000000 ___RD () C:\Users\karlotti\Desktop\Dokus1
2015-04-24 08:54 - 2014-12-11 01:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-18 12:43 - 2015-03-01 17:11 - 00000000 ____D () C:\Users\karlotti\Desktop\Ebay
2015-04-17 18:26 - 2014-11-23 12:18 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-17 18:24 - 2014-11-23 12:18 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-04-17 18:24 - 2014-11-23 12:18 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-16 19:03 - 2014-09-29 15:15 - 00000000 ____D () C:\Intel
2015-04-16 18:57 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-16 14:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-16 12:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-15 17:25 - 2015-03-05 19:56 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-15 17:21 - 2014-11-15 18:46 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-15 17:18 - 2014-11-16 21:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 17:18 - 2014-11-15 18:46 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-14 18:59 - 2015-01-29 11:51 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-04-14 01:24 - 2014-11-15 23:05 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2014-11-15 23:05 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-12 18:06 - 2014-11-24 01:45 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\vlc
2015-04-12 18:05 - 2014-11-24 01:46 - 00000000 ____D () C:\Users\karlotti\AppData\Local\CrashDumps
2015-04-12 09:38 - 2014-09-29 14:23 - 00390680 _____ () C:\WINDOWS\PFRO.log
2015-04-11 15:53 - 2014-09-29 15:21 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-11 15:52 - 2014-11-15 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-11 15:52 - 2014-11-15 14:12 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-11 15:51 - 2014-11-15 20:08 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Avira
2015-04-11 15:50 - 2014-11-15 14:12 - 00000000 ____D () C:\ProgramData\Avira
2015-03-31 19:02 - 2014-09-29 15:17 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-03-31 19:02 - 2014-09-29 15:17 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-03-31 19:02 - 2014-09-29 14:02 - 06067760 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 04782296 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 02024960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 00695808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 00392592 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00344976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00314256 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00278528 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 00249232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00218512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-03-31 19:01 - 2014-09-29 14:02 - 24003648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-03-31 19:01 - 2014-09-29 14:02 - 09396160 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-03-29 13:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-03-29 13:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-03-29 13:06 - 2014-11-15 13:12 - 00000000 ____D () C:\Users\karlotti
2015-03-29 12:43 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-03-29 12:41 - 2014-11-15 14:38 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
==================== Files in the root of some directories =======
2014-09-29 14:27 - 2014-09-29 14:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-25 14:35 - 2015-01-25 14:35 - 0000032 _____ () C:\ProgramData\Temp.log
2014-09-29 15:14 - 2014-09-29 15:15 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-09-29 15:10 - 2014-09-29 15:12 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-09-29 15:12 - 2014-09-29 15:13 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-09-29 15:13 - 2014-09-29 15:14 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-09-29 15:10 - 2014-09-29 15:10 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Files to move or delete:
====================
C:\Users\Public\NTUSER (1).DAT
Some content of TEMP:
====================
C:\Users\karlotti\AppData\Local\Temp\avgnt.exe
C:\Users\karlotti\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\karlotti\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Wangi\AppData\Local\Temp\avgnt.exe
C:\Users\Wangi\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Wangi\AppData\Local\Temp\nvStInst.exe
C:\Users\Wangi\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-27 16:53
==================== End Of Log ============================
--- --- --- Vielen Dank schon mal für deine Mühe |
|
29.04.2015, 07:38
| #8 |
| /// the machine /// TB-Ausbilder | PUA/Linkury.gen2ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.04.2015, 07:35
| #9 |
| | PUA/Linkury.gen2 ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=941540baef553544acbbc6a01c6714d0 # engine=20211 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-04-29 09:54:45 # local_time=2015-04-29 11:54:45 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='Norton Internet Security' # compatibility_mode=3597 16777213 100 100 1520107 192941070 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 4228023 18348327 0 0 # scanned=576764 # found=9 # cleaned=9 # scan_time=13130 sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Download\PDFCreator-1_7_3_setup.exe" sh=0BFF84AA6CC4CCF580EAE2FBF4C129FA6EA612C4 ft=1 fh=9fe1a4845276fe8f vn="Win32/Adware.ADON evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Download\Unlocker1.9.1-x64.exe" sh=566095531FD328C3054D52C571431D0305103E40 ft=1 fh=0e5c76553bbccf7f vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Downloads\Sicher\supereasy_driver_updater_1.1.1_7870.exe" sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Bluetooth\Programm\PDFCreator-1_7_3_setup.exe" sh=705FBFC2F0CD37E21A47EA467B91437E07C6D5D5 ft=1 fh=374fcfb017fb70bf vn="Win32/Toolbar.Zugo evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Download\freeripmp36-setup.exe" sh=705FBFC2F0CD37E21A47EA467B91437E07C6D5D5 ft=1 fh=374fcfb017fb70bf vn="Win32/Toolbar.Zugo evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="H:\Download\freeripmp36-setup.exe" sh=BD8AB435B2015A9689ADA1D0DC07D10D981B9223 ft=1 fh=3c4f65125da59869 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="H:\Download\SoftonicDownloader_fuer_k-lite-codec-pack.exe" sh=6CF8A9F031B45F70BE3E66E7ACC7449CDA15FA34 ft=1 fh=2de4b6f517306153 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="H:\Programme\Eingerichtet\PDFCreator-1_2_3_setup.exe" sh=705FBFC2F0CD37E21A47EA467B91437E07C6D5D5 ft=1 fh=374fcfb017fb70bf vn="Win32/Toolbar.Zugo evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="J:\Kopien\D\Download\freeripmp36-setup.exe" Results of screen317's Security Check version 1.00 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Avira Antivirus Norton Internet Security Online Windows Defender Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 8 Update 45 Java version 32-bit out of Date! Adobe Flash Player 17.0.0.169 Adobe Reader XI Mozilla Firefox (37.0.2) ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015 Ran by Wangi (administrator) on CHARLYNN on 30-04-2015 08:28:01 Running from C:\Users\karlotti\Desktop Loaded Profiles: karlotti & Wangi & Administrator (Available profiles: karlotti & Wangi & Administrator) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files\TrueColor\TrueColorALS.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe Vielen Dank für deine Hilfe Ob ich noch etwas merke kann ich erst sagen wenn ich das Laptop ein paar tage benutzt habe  Geändert von Jean-Louise (30.04.2015 um 07:26 Uhr) |
|
30.04.2015, 10:52
| #10 |
| /// the machine /// TB-Ausbilder | PUA/Linkury.gen2 FRST bitte nochmal. Das Log ist nicht komplett. Und bitte in Codetags posten:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.04.2015, 12:08
| #11 |
| | PUA/Linkury.gen2 Sorry FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015
Ran by Wangi (administrator) on CHARLYNN on 30-04-2015 08:28:01
Running from C:\Users\karlotti\Desktop
Loaded Profiles: karlotti & Wangi & Administrator (Available profiles: karlotti & Wangi & Administrator)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\TrueColor\TrueColorALS.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\karlotti\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-14] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-31] (Waves Audio Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-17] (Dell Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [TrueColor UI] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\Run: [icq] => C:\Users\karlotti\AppData\Roaming\ICQM\icq.exe [28700192 2014-11-15] (ICQ)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\Run: [DellSystemDetect] => C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-27] (Dell)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\...\RunOnce: [Adobe Speed Launcher] => 1430329589
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\Run: [DellSystemDetect] => C:\Users\karlotti\AppData\Local\Apps\2.0\A16G2CA9.CWR\KZ1KR9WJ.Z0C\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-27] (Dell)
HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\RunOnce: [Adobe Speed Launcher] => 1430330659
HKU\S-1-5-21-2350501838-174650804-1580158862-1005\...\MountPoints2: {5380a5cc-47d3-11e4-824c-806e6f6e6963} - "F:\SETUP.EXE"
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-11-27]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\SYSTEM32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\SYSTEM32\mscoree.dll [2013-08-22] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-2350501838-174650804-1580158862-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-2350501838-174650804-1580158862-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-2350501838-174650804-1580158862-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
URLSearchHook: [S-1-5-21-2350501838-174650804-1580158862-500] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1001 -> {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL =
SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-1005 -> {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL =
SearchScopes: HKU\S-1-5-21-2350501838-174650804-1580158862-500 -> DefaultScope {7F3D04BC-CB65-4EB0-9097-EBF0A92CA2D2} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Wangi\AppData\Roaming\Mozilla\Firefox\Profiles\0izdz5hd.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-23]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.1.3\coFFPlgn [2015-04-29]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-11] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-11-27] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [211320 2015-02-11] (Dell Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-03-31] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2014-04-05] (SoftThinks SAS)
R2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [89072 2014-04-30] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-27] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7488176 2013-11-27] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20150418.001\BHDrvx64.sys [1639128 2015-04-08] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-29] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20150428.001\IDSvia64.sys [671448 2015-03-26] (Symantec Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150429.003\ENG64.SYS [129752 2015-01-28] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20150429.003\EX64.SYS [2137304 2015-01-28] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1507000.00B\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-11-15] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-01-15] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-30 08:26 - 2015-04-30 08:26 - 00000852 _____ () C:\Users\Wangi\Desktop\checkup.txt
2015-04-30 08:13 - 2015-04-30 08:13 - 00852616 _____ () C:\Users\karlotti\Desktop\SecurityCheck.exe
2015-04-30 06:22 - 2015-04-30 06:22 - 00003984 _____ () C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-04-30 06:22 - 2015-04-30 06:22 - 00003440 _____ () C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
2015-04-30 06:22 - 2015-04-30 06:22 - 00003196 _____ () C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2015-04-30 06:22 - 2015-04-30 06:22 - 00000000 ____D () C:\ProgramData\PCDr
2015-04-29 20:01 - 2015-04-29 20:01 - 02347384 _____ (ESET) C:\Users\karlotti\Desktop\esetsmartinstaller_deu.exe
2015-04-29 00:02 - 2015-04-29 00:02 - 00029102 _____ () C:\Users\karlotti\Desktop\Addition.txt
2015-04-28 23:55 - 2015-04-28 23:55 - 00029102 _____ () C:\Users\Wangi\Desktop\Addition.txt
2015-04-28 23:48 - 2015-04-28 23:48 - 00001352 _____ () C:\Users\karlotti\Desktop\JRT1.txt
2015-04-28 10:57 - 2015-04-30 08:28 - 00022747 _____ () C:\Users\karlotti\Desktop\FRST.txt
2015-04-28 10:55 - 2015-04-28 10:55 - 00001352 _____ () C:\Users\Wangi\Desktop\JRT1.txt
2015-04-28 10:54 - 2015-04-28 10:54 - 00000000 ____D () C:\Users\karlotti\Desktop\Alt
2015-04-28 10:53 - 2015-04-28 10:53 - 00001352 _____ () C:\Users\Wangi\Desktop\JRT.txt
2015-04-28 10:52 - 2015-04-30 08:22 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1001
2015-04-28 10:51 - 2015-04-30 08:15 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2350501838-174650804-1580158862-1005
2015-04-28 10:50 - 2015-04-28 10:50 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-CHARLYNN-Windows-8.1-(64-bit).dat
2015-04-28 10:50 - 2015-04-28 10:50 - 00000000 ____D () C:\RegBackup
2015-04-28 10:36 - 2015-04-28 23:56 - 00011011 ____H () C:\Users\karlotti\Desktop\~WRL0003.tmp
2015-04-26 15:29 - 2015-04-30 08:28 - 00000000 ____D () C:\FRST
2015-04-26 15:28 - 2015-04-26 15:28 - 02101248 _____ (Farbar) C:\Users\karlotti\Desktop\FRST64.exe
2015-04-24 22:04 - 2015-04-26 15:38 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
2015-04-23 23:00 - 2015-04-23 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-17 22:20 - 2015-04-17 22:28 - 00000000 ____D () C:\Users\karlotti\Desktop\Kamera
2015-04-16 19:03 - 2015-04-16 19:03 - 00000401 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-04-16 18:57 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-04-16 18:57 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-04-16 18:57 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-04-16 18:57 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-04-15 17:25 - 2015-04-15 17:25 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-15 17:12 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-15 17:12 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-15 17:12 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-15 17:12 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-15 17:12 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-15 17:12 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-15 17:12 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-15 17:12 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-15 17:12 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-15 17:12 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-15 17:12 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-15 17:12 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-15 17:12 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-15 17:12 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-15 17:12 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-15 17:12 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-15 17:12 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-15 17:12 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-15 17:12 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-15 17:12 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-15 17:12 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-15 17:12 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-15 17:12 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-15 17:12 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-15 17:12 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-15 17:12 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-15 17:12 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-15 17:12 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-15 17:12 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-15 17:12 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-15 17:12 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-15 17:12 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-15 17:12 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-15 17:12 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-15 17:12 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-15 17:12 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-15 17:12 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-15 17:12 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-15 17:12 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-15 17:11 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-15 17:11 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-15 17:11 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-15 17:11 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-15 17:11 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-15 17:11 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-15 17:11 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-15 17:11 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-15 17:11 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-15 17:11 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-15 17:11 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-15 17:11 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-15 17:11 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-15 17:11 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-15 17:11 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-15 17:11 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-15 17:11 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-15 17:11 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-15 17:11 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-15 17:11 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-15 17:11 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-15 17:11 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-15 17:11 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-15 17:11 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-15 17:11 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 24802928 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 02946024 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-03-31 19:02 - 2015-03-31 19:02 - 02776408 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01513304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01402336 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01399240 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01369088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 01063936 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00979800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00671352 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00623616 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00615544 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00472976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-03-31 19:02 - 2015-03-31 19:02 - 00403671 _____ () C:\WINDOWS\system32\ImageStabilization.wmv
2015-03-31 19:02 - 2015-03-31 19:02 - 00385024 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00372224 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00354136 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00304128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00279952 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-03-31 19:02 - 2015-03-31 19:02 - 00275800 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00255488 _____ () C:\WINDOWS\system32\igfxCPL.cpl
2015-03-31 19:02 - 2015-03-31 19:02 - 00229888 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00213504 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00211656 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00197464 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00183296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4156.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00178672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00178176 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00135000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00127320 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ () C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00069632 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00059904 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-03-31 19:02 - 2015-03-31 19:02 - 00004016 _____ () C:\WINDOWS\system32\iglhxs64.vp
2015-03-31 19:01 - 2015-03-31 19:01 - 17761872 _____ () C:\WINDOWS\system32\igd11dxva64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 17285440 _____ () C:\WINDOWS\SysWOW64\igd11dxva32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 15982080 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 10853888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 08605632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 06021437 _____ () C:\WINDOWS\system32\igdclbif.bin
2015-03-31 19:01 - 2015-03-31 19:01 - 04877240 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-03-31 19:01 - 2015-03-31 19:01 - 03550208 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 03320320 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00636016 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00515488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00398848 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00350208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00282696 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00263120 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00227328 _____ () C:\WINDOWS\system32\igdde64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00187392 _____ () C:\WINDOWS\SysWOW64\igdde32.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00169984 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2015-03-31 19:01 - 2015-03-31 19:01 - 00152064 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2015-03-31 19:00 - 2015-03-31 19:00 - 09504256 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2015-03-31 19:00 - 2015-03-31 19:00 - 07484416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2015-03-31 19:00 - 2015-03-31 19:00 - 01131008 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2015-03-31 19:00 - 2015-03-31 19:00 - 01029008 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 01025936 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 00641530 _____ () C:\WINDOWS\system32\FilmModeDetection.wmv
2015-03-31 19:00 - 2015-03-31 19:00 - 00448912 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 00375173 _____ () C:\WINDOWS\system32\ColorImageEnhancement.wmv
2015-03-31 19:00 - 2015-03-31 19:00 - 00339344 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 00338832 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-03-31 19:00 - 2015-03-31 19:00 - 00157072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-30 08:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-30 07:59 - 2015-01-29 11:51 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-30 06:39 - 2014-09-29 14:40 - 01441713 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-30 00:43 - 2015-02-13 20:48 - 00000000 ____D () C:\Program Files (x86)\Dell Update
2015-04-30 00:43 - 2014-12-05 10:29 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2015-04-29 23:52 - 2012-03-01 20:32 - 00000000 ____D () C:\Download
2015-04-29 20:10 - 2014-09-29 14:36 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-29 20:10 - 2013-09-03 15:39 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-04-29 20:10 - 2013-09-03 15:39 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-04-29 19:47 - 2014-09-29 15:27 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2015-04-29 19:44 - 2013-08-22 16:46 - 00115811 _____ () C:\WINDOWS\setupact.log
2015-04-29 19:44 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-27 18:01 - 2014-11-27 20:07 - 00000000 ___RD () C:\Users\karlotti\Desktop\Bilder
2015-04-26 15:27 - 2014-11-16 20:29 - 00000000 ____D () C:\Users\Wangi\AppData\Roaming\Avira
2015-04-25 23:43 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-25 19:50 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-04-25 00:30 - 2014-11-23 22:32 - 00000000 ___RD () C:\Users\karlotti\Desktop\Dokus1
2015-04-24 08:54 - 2014-12-11 01:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-18 12:43 - 2015-03-01 17:11 - 00000000 ____D () C:\Users\karlotti\Desktop\Ebay
2015-04-17 18:26 - 2014-11-23 12:18 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-17 18:24 - 2014-11-23 12:18 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-04-17 18:24 - 2014-11-23 12:18 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-16 19:03 - 2014-09-29 15:15 - 00000000 ____D () C:\Intel
2015-04-16 18:57 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-16 14:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-16 12:43 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-15 17:25 - 2015-03-05 19:56 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-15 17:21 - 2014-11-15 18:46 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-15 17:18 - 2014-11-16 21:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 17:18 - 2014-11-15 18:46 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-14 18:59 - 2015-01-29 11:51 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-04-14 01:24 - 2014-11-15 23:05 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2014-11-15 23:05 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-12 18:06 - 2014-11-24 01:45 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\vlc
2015-04-12 18:05 - 2014-11-24 01:46 - 00000000 ____D () C:\Users\karlotti\AppData\Local\CrashDumps
2015-04-12 09:38 - 2014-09-29 14:23 - 00390680 _____ () C:\WINDOWS\PFRO.log
2015-04-11 15:53 - 2014-09-29 15:21 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-11 15:52 - 2014-11-15 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-11 15:52 - 2014-11-15 14:12 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-11 15:51 - 2014-11-15 20:08 - 00000000 ____D () C:\Users\karlotti\AppData\Roaming\Avira
2015-04-11 15:50 - 2014-11-15 14:12 - 00000000 ____D () C:\ProgramData\Avira
2015-03-31 19:02 - 2014-09-29 15:17 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-03-31 19:02 - 2014-09-29 15:17 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-03-31 19:02 - 2014-09-29 14:02 - 06067760 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 04782296 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 02024960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 00695808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 00392592 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00344976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00314256 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00278528 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-03-31 19:02 - 2014-09-29 14:02 - 00249232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00218512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-03-31 19:02 - 2014-09-29 14:02 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-03-31 19:01 - 2014-09-29 14:02 - 24003648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-03-31 19:01 - 2014-09-29 14:02 - 09396160 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
==================== Files in the root of some directories =======
2014-09-29 14:27 - 2014-09-29 14:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-25 14:35 - 2015-01-25 14:35 - 0000032 _____ () C:\ProgramData\Temp.log
2014-09-29 15:14 - 2014-09-29 15:15 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2014-09-29 15:10 - 2014-09-29 15:12 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2014-09-29 15:12 - 2014-09-29 15:13 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2014-09-29 15:13 - 2014-09-29 15:14 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2014-09-29 15:10 - 2014-09-29 15:10 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Files to move or delete:
====================
C:\Users\Public\NTUSER (1).DAT
Some content of TEMP:
====================
C:\Users\karlotti\AppData\Local\Temp\avgnt.exe
C:\Users\karlotti\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\karlotti\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Wangi\AppData\Local\Temp\avgnt.exe
C:\Users\Wangi\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Wangi\AppData\Local\Temp\nvStInst.exe
C:\Users\Wangi\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-30 04:48
==================== End Of Log ============================
--- --- --- |
|
01.05.2015, 06:15
| #12 |
| /// the machine /// TB-Ausbilder | PUA/Linkury.gen2 Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu PUA/Linkury.gen2 |
| angezeigt, anti-malware, antivir, anzeige, anzeigen, bilder, brauch, datum, emails, erkannt, hochfahren, laptop, log, malwarebytes, meldung, nichts, outlook, quarantäne, sache, sachen, schutz, verschoben, webseite, webseiten, windows |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
