Hi thx for quick reply, herer are FRST.txt :
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015
Ran by Anneli (administrator) on PACKARDBELL on 21-04-2015 02:24:25
Running from C:\Users\Anneli\Downloads
Loaded Profiles: Anneli (Available profiles: Anneli)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Norsk, bokmål (Norge)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
() C:\Windows\system\3DG4me.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [3DG4me] => C:\Windows\System\3DG4me.exe [151552 2013-05-28] ()
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKU\S-1-5-21-1356362461-4111763735-2380446527-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1356362461-4111763735-2380446527-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1356362461-4111763735-2380446527-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1356362461-4111763735-2380446527-1000\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-1356362461-4111763735-2380446527-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PACKAR~1.SCR [456224 2010-07-29] ()
BootExecute: autocheck autochk *
GroupPolicyUsers\S-1-5-21-1356362461-4111763735-2380446527-1003\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1356362461-4111763735-2380446527-1002\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1356362461-4111763735-2380446527-1001\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1356362461-4111763735-2380446527-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://home.microsoft.com/search/search.asp
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1356362461-4111763735-2380446527-1000\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://home.microsoft.com/search/lobby/search.asp
HKU\S-1-5-21-1356362461-4111763735-2380446527-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/nb-no/?ocid=iehp
HKU\S-1-5-21-1356362461-4111763735-2380446527-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL =
http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL =
http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL =
http://www.google.com/search?q={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-1356362461-4111763735-2380446527-1000 -> No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - No File
Toolbar: HKU\S-1-5-21-1356362461-4111763735-2380446527-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2015-04-21]
Chrome:
=======
CHR StartupUrls: Profile 1 -> "hxxp://
www.sol.no/"
CHR Profile: C:\Users\Anneli\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Anneli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-22]
CHR Extension: (Google Docs) - C:\Users\Anneli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-22]
CHR Extension: (Google Drive) - C:\Users\Anneli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-22]
CHR Extension: (YouTube) - C:\Users\Anneli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-22]
CHR Extension: (Adblock Plus) - C:\Users\Anneli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-22]
CHR Extension: (Google Search) - C:\Users\Anneli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-22]
CHR Extension: (Google Sheets) - C:\Users\Anneli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-22]
CHR Extension: (HTTPS Everywhere) - C:\Users\Anneli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2015-01-22]
CHR Extension: (Norton Identity Safe) - C:\Users\Anneli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-02-07]
CHR Extension: (Norton Security Toolbar) - C:\Users\Anneli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-02-07]
CHR Extension: (Ghostery) - C:\Users\Anneli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-01-22]
CHR Extension: (Google Wallet) - C:\Users\Anneli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-22]
CHR Extension: (Gmail) - C:\Users\Anneli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] -
https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] -
https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kbemlhjodpfopddibpbppifmogphpmil] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [mpiolpdppdlenlpinemeiecpnmodalfl] - No Path Or update_url value
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [555320 2014-12-10] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [255744 2010-06-29] (NewTech Infosystems, Inc.)
S4 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1026432 2015-03-29] (Enigma Software Group USA, LLC.)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150408.001\BHDrvx64.sys [1639128 2015-04-08] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-02-07] (Emsisoft GmbH)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2015-02-06] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2015-02-06] (Symantec Corporation)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-03-29] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-03-29] ()
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-02-24] (Glarysoft Ltd)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20150417.001\IDSvia64.sys [671448 2015-03-25] (Symantec Corporation)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-04-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150418.001\ENG64.SYS [129752 2015-02-06] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150418.001\EX64.SYS [2137304 2015-02-06] (Symantec Corporation)
R3 SjtWinIo; C:\Windows\System32\DRIVERS\SjtWinIo.sys [9216 2015-04-08] (SpeedJet Technology INC.)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-02-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R3 USBADVAU; C:\Windows\System32\drivers\cm11264.sys [1308160 2009-11-25] (C-Media Electronics Inc)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 Passthru; system32\DRIVERS\passthru.sys [X]
S3 PassthruMP; system32\DRIVERS\passthru.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-21 02:24 - 2015-04-21 02:24 - 00016022 _____ () C:\Users\Anneli\Downloads\FRST.txt
2015-04-21 02:13 - 2015-04-21 02:24 - 00000000 ____D () C:\FRST
2015-04-21 01:16 - 2015-04-21 01:16 - 00000056 _____ () C:\Windows\setupact.log
2015-04-21 01:16 - 2015-04-21 01:16 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-21 01:09 - 2015-04-21 01:10 - 00448512 _____ (OldTimer Tools) C:\Users\Anneli\Downloads\TFC.exe
2015-04-21 00:43 - 2015-04-21 00:43 - 00003239 _____ () C:\Users\Anneli\Desktop\RKreport_SCN_04212015_004315.log
2015-04-21 00:36 - 2015-04-21 00:36 - 00001365 _____ () C:\Users\Anneli\Desktop\esetonlinescan.txt
2015-04-21 00:18 - 2015-04-21 00:18 - 20608088 _____ () C:\Users\Anneli\Downloads\RogueKillerX64.exe
2015-04-20 23:54 - 2015-04-20 23:54 - 02099712 _____ (Farbar) C:\Users\Anneli\Downloads\FRST64.exe
2015-04-20 23:10 - 2015-04-20 23:10 - 00781312 _____ () C:\Users\Anneli\Downloads\delfix_10.9.exe
2015-04-20 00:46 - 2015-04-20 00:47 - 00411928 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-18 23:26 - 2015-04-18 23:26 - 00000000 ____D () C:\Users\Anneli\Downloads\Linksys wireless
2015-04-18 14:52 - 2015-04-21 01:20 - 00017735 _____ () C:\Windows\WindowsUpdate.log
2015-04-11 22:57 - 2015-04-11 23:01 - 218486747 _____ () C:\Users\Anneli\Downloads\Windows6.0-KB947821-v35-x64.msu
2015-04-11 22:57 - 2015-04-11 22:57 - 00036864 _____ (Microsoft Corporation) C:\Users\Anneli\Downloads\Windows6.0-KB940520-x64-ENU.exe
2015-04-08 23:13 - 2015-04-12 04:53 - 00000000 ____D () C:\Users\Anneli\AppData\Roaming\TS3Client
2015-04-08 23:12 - 2015-04-08 23:12 - 00001188 _____ () C:\Users\Anneli\Desktop\TeamSpeak 3 Client.lnk
2015-04-08 23:12 - 2015-04-08 23:12 - 00000000 ____D () C:\Users\Anneli\AppData\Local\TeamSpeak 3 Client
2015-04-08 04:11 - 2015-04-08 04:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-04-08 04:09 - 2015-04-08 04:09 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2015-04-08 04:09 - 2015-04-08 04:09 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-04-08 04:09 - 2015-04-08 04:09 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-04-08 04:08 - 2015-04-08 04:08 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-04-08 04:08 - 2015-04-08 04:08 - 00000000 ____D () C:\Program Files\MSBuild
2015-04-08 04:05 - 2015-04-08 04:05 - 00000000 ____D () C:\Users\Anneli\AppData\Roaming\InstallShield
2015-04-08 04:01 - 2015-04-08 04:02 - 00000000 ____D () C:\Users\Anneli\Desktop\AHCI_intel
2015-04-08 02:07 - 2015-04-08 02:07 - 00009216 _____ (SpeedJet Technology INC.) C:\Windows\system32\Drivers\SjtWinIo.sys
2015-04-08 01:36 - 2015-04-08 01:36 - 05589793 _____ () C:\Users\Anneli\Downloads\AMT_Intel_6.0.0.1179_W7x86W7x64_A.zip
2015-04-08 01:35 - 2015-04-08 01:35 - 00000000 ____D () C:\Users\Anneli\Desktop\bios
2015-04-08 01:19 - 2015-04-08 01:20 - 16873491 _____ () C:\Users\Anneli\Downloads\3D_G4ME_1_Driver_V1_4.zip
2015-04-07 19:10 - 2015-04-19 03:50 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-07 19:10 - 2015-04-07 19:10 - 00000939 _____ () C:\Users\Public\Desktop\Steam.lnk
2015-04-07 19:10 - 2015-04-07 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-31 10:34 - 2015-03-31 10:34 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-03-31 10:34 - 2015-03-31 10:34 - 00000000 ___SD () C:\Windows\system32\GWX
2015-03-29 23:37 - 2015-04-11 21:58 - 00001143 _____ () C:\Users\Anneli\Desktop\SpyHunter.lnk
2015-03-29 23:37 - 2015-03-29 23:37 - 00000000 ____D () C:\Users\Anneli\AppData\Roaming\Enigma Software Group
2015-03-29 23:35 - 2015-03-29 23:35 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-03-29 23:35 - 2015-03-29 23:35 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-03-29 04:51 - 2015-04-11 21:58 - 00000878 _____ () C:\Users\Anneli\Desktop\CCleaner.lnk
2015-03-29 04:51 - 2015-03-29 04:51 - 00002798 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-03-29 04:50 - 2015-03-29 04:51 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-27 02:53 - 2015-03-27 02:53 - 00000000 ____D () C:\Users\Anneli\AppData\Local\cache
2015-03-27 02:52 - 2015-03-27 06:15 - 00000000 ____D () C:\Users\Anneli\AppData\Local\FullTiltPoker
2015-03-27 02:52 - 2015-03-27 02:52 - 00001027 _____ () C:\Users\Public\Desktop\Full Tilt Poker.lnk
2015-03-27 02:52 - 2015-03-27 02:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Tilt Poker
2015-03-27 02:51 - 2015-04-14 02:47 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker
2015-03-25 11:05 - 2015-03-25 11:05 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Anneli\Downloads\SpyHunter-Installer.exe
2015-03-24 22:30 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-24 22:30 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-24 22:30 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-24 22:30 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-24 22:30 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-24 22:30 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-24 22:30 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-24 22:30 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-24 22:26 - 2015-03-24 22:27 - 30014480 _____ (TeamSpeak Systems GmbH) C:\Users\Anneli\Downloads\TeamSpeak3-Client-win64-3.0.16.exe
2015-03-24 03:20 - 2015-03-24 03:20 - 00000000 ____D () C:\ProgramData\Apple
2015-03-24 03:19 - 2015-03-24 03:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-03-24 03:18 - 2015-03-24 03:20 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2015-03-24 00:17 - 2015-03-24 00:18 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-03-23 23:43 - 2015-03-23 23:43 - 00000000 ____D () C:\Users\Anneli\Desktop\css
2015-03-23 20:25 - 2015-03-23 20:25 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2015-03-23 01:00 - 2015-04-17 23:38 - 00000741 _____ () C:\Users\Anneli\Desktop\steam_csgo_errors.txt
2015-03-22 17:51 - 2015-03-22 17:51 - 00000374 _____ () C:\Users\Anneli\Desktop\crosshair4.cfg
2015-03-22 17:43 - 2015-03-22 17:43 - 00000372 _____ () C:\Users\Anneli\Desktop\crosshair3.cfg
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-21 01:45 - 2015-01-19 19:33 - 00000992 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-21 01:24 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-21 01:24 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-21 01:19 - 2015-02-24 17:09 - 00000334 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2015-04-21 01:18 - 2015-01-19 19:33 - 00000988 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-21 01:18 - 2014-12-02 20:59 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-21 01:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-21 01:14 - 2014-09-30 20:27 - 00000000 ____D () C:\Users\Anneli\AppData\Temp
2015-04-21 00:44 - 2015-03-09 23:19 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-04-21 00:37 - 2014-09-12 22:42 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-04-20 23:08 - 2015-02-07 18:12 - 00000769 _____ () C:\DelFix.txt
2015-04-18 23:19 - 2013-07-09 05:34 - 00585342 _____ () C:\Windows\system32\perfh014.dat
2015-04-18 23:19 - 2013-07-09 05:34 - 00129672 _____ () C:\Windows\system32\perfc014.dat
2015-04-18 23:19 - 2009-07-14 07:13 - 01604412 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-17 23:45 - 2015-02-25 20:01 - 00000000 ____D () C:\Users\Anneli\AppData\Local\NPE
2015-04-13 18:56 - 2015-02-07 19:56 - 00000000 ____D () C:\EEK
2015-04-08 22:33 - 2013-07-08 20:14 - 00000000 ____D () C:\Users\Anneli
2015-04-08 04:10 - 2010-11-01 08:36 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-04-08 02:03 - 2015-01-27 20:15 - 00000375 _____ () C:\Users\Anneli\Desktop\csgo start options.txt
2015-04-07 21:49 - 2015-02-24 17:09 - 00000000 ____D () C:\Users\Anneli\AppData\Roaming\GlarySoft
2015-04-07 19:13 - 2015-02-20 01:22 - 00000000 ____D () C:\Users\Anneli\AppData\Local\Steam
2015-04-04 14:30 - 2015-01-25 02:06 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2015-04-04 14:30 - 2010-11-01 08:46 - 00000000 ____D () C:\ProgramData\Temp
2015-03-30 01:57 - 2015-02-16 22:36 - 00000000 ____D () C:\Users\Anneli\Documents\CSGO
2015-03-29 05:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-29 04:42 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-29 04:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-24 22:40 - 2014-12-11 01:12 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-24 22:40 - 2014-09-12 23:41 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-24 03:20 - 2014-09-13 17:24 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-03-24 03:18 - 2014-09-13 17:23 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-23 20:20 - 2015-02-07 20:50 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-03-23 20:20 - 2015-02-07 20:50 - 00002473 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2015-03-23 20:20 - 2015-02-07 20:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2015-03-23 20:20 - 2015-02-07 20:49 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2015-03-22 21:24 - 2015-03-18 13:15 - 00000000 ____D () C:\Program Files\CyberGhost 5
2015-03-22 16:40 - 2013-08-06 19:01 - 00000000 ____D () C:\Users\Anneli\AppData\Local\CrashDumps
==================== Files in the root of some directories =======
2014-03-23 22:32 - 2014-03-23 22:32 - 0000024 ___SH () C:\Users\Anneli\AppData\Roaming\System5908ConfigCollection.dat
Some content of TEMP:
====================
C:\Users\Anneli\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-14 01:24
==================== End Of Log ============================