![]() |
|
Log-Analyse und Auswertung: Windows Vista - InstallMonetizer.AQ MSIL/BrowseFox.J Toolbar.Widgi.N Systweak.AWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
| ![]() Windows Vista - InstallMonetizer.AQ MSIL/BrowseFox.J Toolbar.Widgi.N Systweak.A Aus irgendwelchen Gründen stürtzt Firefox ständig ab. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-05-2015 Ran by Lexy (administrator) on LEXY-PC on 20-05-2015 19:12:25 Running from C:\Users\Lexy\Desktop Loaded Profiles: Lexy (Available profiles: Lexy) Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States) Internet Explorer Version 9 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Sony Corporation) C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (NCP engineering GmbH) C:\Program Files\LANCOM\Advanced VPN Client\NcpBudgetGui.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe (NCP engineering GmbH) C:\Program Files\LANCOM\Advanced VPN Client\ncpclcfg.exe (NCP Engineering GmbH) C:\Program Files\LANCOM\Advanced VPN Client\ncprwsnt.exe () C:\Program Files\LANCOM\Advanced VPN Client\NCPSEC.EXE () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (Secunia) C:\Program Files\Secunia\PSI\psia.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (SigmaTel, Inc.) C:\Windows\System32\stacsv.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Secunia) C:\Program Files\Secunia\PSI\sua.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE (Expert System S.p.A.) C:\Program Files\Duden\Duden Korrektor\DKCore.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe () C:\Program Files\Opera\29.0.1795.47\opera_autoupdate.exe (Opera Software ASA) C:\Windows\Temp\Opera Autoupdate\cprogram filesopera\2780_27278\Opera_Stable_29.0.1795.60-29.0.1795.47_Patch.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (ESET) C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe () C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe (Microsoft Corporation) C:\Windows\System32\conime.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [] => [X] HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM\...\Run: [NcpBudgetGui] => C:\Program Files\LANCOM\Advanced VPN Client\NcpBudgetGui.exe [999424 2013-11-13] (NCP engineering GmbH) HKLM\...\Run: [NcpPopup] => C:\Program Files\LANCOM\Advanced VPN Client\ncppopup.exe [1011280 2012-03-20] (NCP engineering GmbH) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters). HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.) HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2014-04-02] (RealNetworks, Inc.) HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC) HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation) Winlogon\Notify\VESWinlogon: C:\Windows\SYSTEM32\VESWinlogon.dll [2007-07-25] (Sony Corporation) HKU\S-1-5-21-3626444559-52657498-4274862289-1002\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.) HKU\S-1-5-21-3626444559-52657498-4274862289-1002\...\MountPoints2: {11b66750-b5e2-11de-9df8-001bfb57dcd1} - explorer .\Start.htm HKU\S-1-5-21-3626444559-52657498-4274862289-1002\...\MountPoints2: {39296a35-1998-11e1-b200-001e101f1838} - F:\AutoRun.exe HKU\S-1-5-21-3626444559-52657498-4274862289-1002\...\MountPoints2: {858936fd-2a7a-11e1-9f04-001a804a3ef4} - F:\LaunchU3.exe -a HKU\S-1-5-21-3626444559-52657498-4274862289-1002\...\MountPoints2: {8bdb5a25-1eb6-11dd-a0f9-001bfb57dcd1} - G:\InstallTomTomHOME.exe HKU\S-1-5-21-3626444559-52657498-4274862289-1002\...\MountPoints2: {90147ad3-cb2b-11e0-a807-001a804a3ef4} - F:\AutoRun.exe HKU\S-1-5-21-3626444559-52657498-4274862289-1002\...\MountPoints2: {90147b0c-cb2b-11e0-a807-001e101f82a0} - F:\AutoRun.exe HKU\S-1-5-21-3626444559-52657498-4274862289-1002\...\MountPoints2: {f83f8188-d23d-11e0-9eab-001e101f4da1} - F:\AutoRun.exe HKU\S-1-5-21-3626444559-52657498-4274862289-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> none HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => "C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-03-23] ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com?type=668083&fr=spigot-yhp-ie HKU\S-1-5-21-3626444559-52657498-4274862289-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKU\S-1-5-21-3626444559-52657498-4274862289-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/home HKU\S-1-5-21-3626444559-52657498-4274862289-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://go.web.de/tab2 URLSearchHook: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 - IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\7.3\iobitToolbarIE.dll No File URLSearchHook: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.3\iobitappsToolbarIE.dll No File SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKLM -> {539F31C0-3B74-40B9-A47D-9655DDEBB7EC} URL = hxxp://search.aol.com/aolcom/search?query={searchTerms}&invocationType=sny_ie7 SearchScopes: HKU\.DEFAULT -> DefaultScope {3AD58498-B64A-4094-913D-BCA865C6027E} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=668083&p={searchTerms} SearchScopes: HKU\.DEFAULT -> {3AD58498-B64A-4094-913D-BCA865C6027E} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=668083&p={searchTerms} SearchScopes: HKU\.DEFAULT -> {539F31C0-3B74-40B9-A47D-9655DDEBB7EC} URL = SearchScopes: HKU\.DEFAULT -> {76D942BC-59C4-4034-B456-48CE494193B8} URL = SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> DefaultScope {76D942BC-59C4-4034-B456-48CE494193B8} URL = https://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> {0E8310AC-7BDC-4C45-8159-319CC44B4E9A} URL = hxxp://suche.gmx.net/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B8A10200B48583FC&affID=119357&tt=240913_246&tsp=5016 SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> {539F31C0-3B74-40B9-A47D-9655DDEBB7EC} URL = SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> {559EBC72-CCE9-42AE-8E31-119F867AC22D} URL = hxxp://search.1und1.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> {5AFA46B7-57B8-4318-BC64-44C5A7F12DDE} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=068d8e74-f9ba-11e0-8b53-001a804a3ef4&q={searchTerms} SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> {76D942BC-59C4-4034-B456-48CE494193B8} URL = https://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> {CF739809-1C6C-47C0-85B9-569DBB141420} URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=DVS BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-03-20] (IObit) BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation) Toolbar: HKU\.DEFAULT -> No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No File Toolbar: HKU\.DEFAULT -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Toolbar: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File Toolbar: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-US/wlscctrl2.cab DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1140/Navigram.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-07-12] (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-04-08] (Skype Technologies) Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468 FF Homepage: hxxp://www.google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-15] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2012-08-08] () FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC) FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.) FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @innoplus.de/ino3DViewer -> C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll [2008-11-26] (INNOVA-engineering GmbH Dresden) FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files\Virtual Earth 3D\ [2010-04-26] () FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-27] (Google) FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2014-04-02] (RealNetworks, Inc.) FF Plugin: @real.com/nprjplug;version=1.0.3.69 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2009-04-15] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-04-02] (RealPlayer) FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3626444559-52657498-4274862289-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Lexy\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-11-13] (Citrix Online) FF user.js: detected! => C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\user.js [2013-09-25] FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2008-06-02] (DivX, Inc) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-04-30] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2014-04-02] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2014-04-02] (RealPlayer) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll [2011-10-03] (vShare.tv ) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-06-20] (Nullsoft, Inc.) FF SearchPlugin: C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\searchplugins\babylon.xml [2013-05-27] FF SearchPlugin: C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\searchplugins\delta.xml [2013-05-27] FF Extension: Yontoo - C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\Extensions\plugin@yontoo.com [2013-04-09] FF Extension: Bitdefender QuickScan - C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-05-20] FF Extension: FreeHDSport TV - C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\Extensions\fhdp@fhdp.tv.xpi [2013-04-09] FF Extension: Ghostery - C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\Extensions\firefox@ghostery.com.xpi [2015-05-15] FF Extension: NoScript - C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-12-15] FF Extension: Adblock Plus - C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-22] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-16] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-16] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Program Files\Real\RealPlayer\browserrecord FF Extension: RealPlayer Browser Record Plugin - C:\Program Files\Real\RealPlayer\browserrecord [2009-04-15] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-25] FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-04-02] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2012-09-08] Chrome: ======= CHR Profile: C:\Users\Lexy\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Tube Karaoke) - C:\Users\Lexy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgnhgbflngpggpmpfdkhmhmfdophhepe [2013-05-27] CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Lexy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2013-04-14] CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Lexy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-05-27] CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.0.crx [2012-11-22] CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx [2013-07-05] CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14] CHR HKLM\...\Chrome\Extension: [kkfggacklibaabdomphfdpcodjgihgon] - C:\Program Files\ATDheNetTVApp.com\stv10.crx [Not Found] CHR HKLM\...\Chrome\Extension: [kpionmjnkbpcdpcflammlgllecmejgjj] - C:\Program Files\vShare.tv plugin\vshareplg.crx [2011-08-31] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09] CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26] CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files\Yontoo\YontooLayers.crx [Not Found] CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2011-12-15] (Avira Operations GmbH & Co. KG) S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2011-12-15] (Avira Operations GmbH & Co. KG) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.) S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] S3 LBTServ; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [121360 2009-07-20] (Logitech, Inc.) S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2153792 2014-03-20] (IObit) S4 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed] R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation) R2 ncpclcfg; C:\Program Files\LANCOM\Advanced VPN Client\ncpclcfg.exe [150800 2013-10-28] (NCP engineering GmbH) R2 ncprwsnt; C:\Program Files\LANCOM\Advanced VPN Client\ncprwsnt.exe [1400584 2014-02-28] (NCP Engineering GmbH) R2 NcpSec; C:\Program Files\LANCOM\Advanced VPN Client\NCPSEC.EXE [119808 2011-04-21] () [File not signed] R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation) S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed] R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia) R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia) S4 serviceIEConfig; C:\Windows\System32\ieconfig_1und1_svc.exe [662416 2009-04-15] (mquadr.at softwareengineering und consulting gmbh) R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.) S4 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed] R2 STacSV; C:\Windows\system32\stacsv.exe [94208 2007-06-12] (SigmaTel, Inc.) S4 uCamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe [104960 2007-11-09] (ArcSoft, Inc.) S4 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-06-28] (Sony Corporation) [File not signed] S4 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182392 2007-07-25] (Sony Corporation) S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-06-21] (Sony Corporation) [File not signed] S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-06-21] (Sony Corporation) [File not signed] S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-06-21] (Sony Corporation) [File not signed] S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [499712 2007-06-21] (Sony Corporation) [File not signed] S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-11] (Sony Corporation) [File not signed] S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-06-21] (Sony Corporation) [File not signed] S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-06-21] (Sony Corporation) [File not signed] S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [333088 2008-03-03] (Sony Corporation) R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2007-06-28] (Sony Corporation) [File not signed] R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1228336 2014-02-27] (Sony Corporation) R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [188416 2007-06-28] (Sony Corporation) [File not signed] R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [184320 2007-06-28] (Sony Corporation) [File not signed] R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2009-11-13] (WDC) [File not signed] R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed] S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation) S4 Application Updater; "C:\Program Files\Application Updater\ApplicationUpdater.exe" [X] S2 Yontoo Desktop Updater; "C:\Program Files\Yontoo\Y2Desktop.Updater.exe" "C:\Users\Lexy\AppData\Roaming\Yontoo\YontooDesktop.exe" ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [189720 2014-10-24] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-29] (AVG Technologies CZ, s.r.o.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [74640 2011-12-15] (Avira GmbH) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-10-20] (AVG Technologies CZ, s.r.o.) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137416 2012-02-15] (Avira GmbH) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2011-12-15] (Avira GmbH) R1 Cdr4_xp; C:\Windows\system32\Drivers\Cdr4_xp.sys [9072 2008-07-04] (Sonic Solutions) R1 Cdralw2k; C:\Windows\system32\Drivers\Cdralw2k.sys [9200 2008-07-04] (Sonic Solutions) S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [File not signed] S3 GigasetGenericUSB; C:\Windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2012-10-08] (Siemens Home and Office Communication Devices GmbH & Co. KG) R3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [40720 2009-06-17] (Logitech, Inc.) R3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10384 2009-06-17] (Logitech, Inc.) S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28560 2009-06-17] (Logitech, Inc.) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation) S3 ncpfilt; C:\Windows\System32\DRIVERS\ncplelhp.sys [87888 2014-02-28] (NCP Engineering GmbH) R3 ncplelhp; C:\Windows\System32\DRIVERS\ncplelhp.sys [87888 2014-02-28] (NCP Engineering GmbH) R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia) S3 SonyImgF; C:\Windows\System32\DRIVERS\SonyImgF.sys [31104 2007-04-05] (Sony Corporation) [File not signed] R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH) R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2010-02-25] () [File not signed] R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [326656 2007-06-12] (SigmaTel, Inc.) R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-06-05] (Texas Instruments) S3 w800bus; C:\Windows\System32\DRIVERS\w800bus.sys [60768 2005-06-13] (MCCI) S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 ivusb; system32\DRIVERS\ivusb.sys [X] S3 nmwcdnsu; system32\drivers\nmwcdnsu.sys [X] S3 nmwcdnsuc; system32\drivers\nmwcdnsuc.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X] S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X] S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X] U5 usbser; C:\Windows\System32\Drivers\usbser.sys [27648 2009-04-11] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-20 19:12 - 2015-05-20 19:15 - 00034646 _____ () C:\Users\Lexy\Desktop\FRST.txt 2015-05-20 19:11 - 2015-05-20 19:12 - 00000000 ____D () C:\FRST 2015-05-20 19:07 - 2015-05-20 19:08 - 00000470 _____ () C:\Users\Lexy\Desktop\defogger_disable.log 2015-05-20 19:07 - 2015-05-20 19:07 - 00000000 _____ () C:\Users\Lexy\defogger_reenable 2015-05-20 19:04 - 2015-05-20 19:04 - 00050477 _____ () C:\Users\Lexy\Desktop\Defogger.exe 2015-05-20 18:59 - 2015-05-20 18:59 - 01146880 _____ (Farbar) C:\Users\Lexy\Desktop\FRST.exe 2015-05-20 15:53 - 2015-05-20 15:53 - 00000000 ____D () C:\Program Files\ESET 2015-05-20 15:51 - 2015-05-20 15:51 - 02347384 _____ (ESET) C:\Users\Lexy\Downloads\esetsmartinstaller_enu.exe 2015-05-20 12:44 - 2015-05-20 12:44 - 00001842 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2015-05-20 12:43 - 2015-05-20 12:44 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2015-05-18 20:43 - 2015-05-18 20:43 - 01046430 _____ () C:\Users\Lexy\Downloads\STANDING.pdf.part 2015-05-18 00:21 - 2015-04-19 23:24 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2015-05-18 00:21 - 2015-04-19 23:24 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2015-05-18 00:21 - 2015-04-19 23:24 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2015-05-18 00:21 - 2015-04-19 23:24 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2015-05-18 00:21 - 2015-04-19 22:19 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2015-05-18 00:21 - 2015-04-19 22:18 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2015-05-18 00:21 - 2015-04-19 22:13 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2015-05-18 00:21 - 2015-04-19 22:12 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-05-18 00:21 - 2015-04-19 22:12 - 00801792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-05-18 00:21 - 2015-04-19 06:59 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-05-17 23:27 - 2015-05-17 23:27 - 00000852 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-05-17 23:24 - 2015-05-17 23:25 - 00243656 _____ () C:\Users\Lexy\Downloads\Firefox Setup Stub 38.0.1(1).exe 2015-05-17 23:24 - 2015-05-17 23:24 - 00243656 _____ () C:\Users\Lexy\Downloads\Firefox Setup Stub 38.0.1.exe 2015-05-17 19:52 - 2015-04-10 17:25 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-05-17 19:52 - 2015-04-10 17:25 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-05-17 19:52 - 2015-04-10 17:24 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-05-17 19:52 - 2015-04-10 17:21 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-05-17 19:52 - 2015-04-10 17:20 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-05-17 19:52 - 2015-04-10 17:20 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-05-17 19:52 - 2015-04-10 17:19 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-05-17 19:52 - 2015-04-10 17:19 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-05-17 19:52 - 2015-04-10 17:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-05-17 19:52 - 2015-04-10 17:19 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-05-17 19:52 - 2015-04-10 17:19 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-05-17 19:52 - 2015-04-10 17:19 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-05-17 19:52 - 2015-04-10 17:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-05-17 19:52 - 2015-04-10 17:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-05-17 19:52 - 2015-04-10 17:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-05-17 19:52 - 2015-04-10 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-05-17 19:52 - 2015-04-10 17:18 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-05-17 19:52 - 2015-04-10 17:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-05-17 19:52 - 2015-04-10 17:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-05-17 19:52 - 2015-04-10 17:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-05-17 19:52 - 2015-04-10 17:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-05-17 19:51 - 2015-04-10 17:30 - 12379136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-05-17 19:07 - 2015-01-29 03:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-05-17 19:06 - 2015-01-29 03:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-05-17 19:04 - 2015-03-09 03:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-05-17 19:04 - 2014-08-27 02:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-05-17 19:02 - 2014-06-16 00:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2015-05-17 19:02 - 2014-06-13 20:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2015-05-17 19:02 - 2014-06-13 20:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2015-05-17 19:00 - 2014-12-19 02:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2015-05-17 19:00 - 2014-10-10 03:01 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2015-05-17 19:00 - 2014-10-10 03:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-05-17 19:00 - 2014-10-10 01:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-05-17 18:58 - 2014-11-04 02:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2015-05-17 18:56 - 2015-04-30 18:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-05-17 18:56 - 2015-03-05 04:24 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-05-17 18:56 - 2015-01-15 06:13 - 00440760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-05-17 18:56 - 2014-10-10 03:00 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-05-17 18:47 - 2014-10-24 03:03 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-05-17 18:46 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2015-05-17 18:46 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2015-05-17 18:45 - 2015-03-14 04:21 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-05-17 18:45 - 2015-03-13 03:51 - 03604920 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-05-17 18:45 - 2015-03-13 03:51 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-05-17 18:45 - 2015-01-09 04:04 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-05-17 18:45 - 2015-01-09 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-05-17 18:45 - 2014-10-24 03:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2015-05-17 18:31 - 2014-11-26 04:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-05-17 18:30 - 2015-02-20 04:03 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-05-17 18:30 - 2015-02-20 02:28 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-05-17 18:26 - 2015-04-30 15:14 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-05-17 18:19 - 2015-05-17 18:21 - 00000000 ____D () C:\Users\Lexy\AppData\Local\PDFCreator 2015-05-17 18:18 - 2015-01-21 04:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-05-17 18:17 - 2014-08-12 04:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2015-05-17 18:11 - 2015-05-17 18:11 - 00000832 _____ () C:\Users\Public\Desktop\PDFCreator.lnk 2015-05-17 18:11 - 2015-05-17 18:11 - 00000000 ____D () C:\Users\Lexy\AppData\Roaming\pdfforge 2015-05-17 18:11 - 2015-05-17 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2015-05-17 18:10 - 2014-10-13 03:12 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-05-17 18:06 - 2015-05-17 18:08 - 27837984 _____ (pdfforge ) C:\Users\Lexy\Downloads\PDFCreator-2_1_1-setup.exe 2015-05-17 18:06 - 2015-05-17 18:08 - 27837984 _____ (pdfforge ) C:\Users\Lexy\Downloads\PDFCreator-2_1_1-setup(1).exe 2015-05-16 10:28 - 2014-12-06 05:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2015-05-16 10:28 - 2014-10-03 03:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-05-16 10:28 - 2014-10-03 03:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-05-16 10:28 - 2014-10-03 03:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-05-16 10:28 - 2014-10-03 03:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-05-16 10:27 - 2015-02-18 04:02 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-05-16 10:27 - 2014-12-06 05:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-05-16 10:27 - 2014-12-06 05:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2015-05-16 10:24 - 2015-04-11 01:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2015-05-16 10:19 - 2014-09-05 01:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys 2015-05-16 10:15 - 2014-12-08 03:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-05-16 10:14 - 2014-12-06 05:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-05-15 18:05 - 2015-05-15 18:07 - 00000000 ____D () C:\Users\Lexy\Desktop\STICK 2015-05-14 07:29 - 2015-05-14 07:29 - 00000000 ____D () C:\Users\Lexy\AppData\Local\Avg ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-20 19:15 - 2007-12-04 00:42 - 00000000 ____D () C:\Users\Lexy\AppData\Roaming\Skype 2015-05-20 19:07 - 2007-11-24 16:31 - 00000000 ____D () C:\Users\Lexy 2015-05-20 18:57 - 2014-01-11 23:20 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-05-20 17:51 - 2014-04-09 23:33 - 00000000 ____D () C:\ProgramData\MFAData 2015-05-20 17:44 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-20 17:44 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-20 16:26 - 2012-03-02 22:04 - 01719885 _____ () C:\Windows\WindowsUpdate.log 2015-05-20 15:45 - 2014-01-27 23:15 - 00000000 ____D () C:\Users\Lexy\AppData\Roaming\QuickScan 2015-05-20 14:05 - 2013-12-15 11:33 - 00000820 _____ () C:\Windows\Tasks\Google Software Updater.job 2015-05-20 12:46 - 2011-01-26 23:43 - 00001945 _____ () C:\Windows\epplauncher.mif 2015-05-20 11:46 - 2012-01-26 23:16 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2015-05-20 11:44 - 2014-02-22 18:47 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-20 11:44 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-20 00:00 - 2007-08-02 04:03 - 00003204 _____ () C:\Windows\bthservsdp.dat 2015-05-20 00:00 - 2006-11-02 15:01 - 00032602 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-05-19 23:02 - 2012-07-17 20:24 - 00001752 ____H () C:\Users\Lexy\Documents\Default.rdp 2015-05-19 13:38 - 2014-04-07 21:35 - 00000000 ____D () C:\Program Files\Opera 2015-05-18 21:32 - 2014-02-22 18:47 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-18 21:18 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET 2015-05-18 20:10 - 2013-07-16 10:40 - 00000000 ____D () C:\Windows\system32\MRT 2015-05-18 16:25 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache 2015-05-18 16:14 - 2006-11-02 12:33 - 00006798 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-18 16:06 - 2006-11-02 14:47 - 00442120 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-05-18 16:03 - 2014-02-16 21:47 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-05-18 16:03 - 2013-12-29 11:59 - 00476448 _____ () C:\Windows\PFRO.log 2015-05-18 16:03 - 2013-03-21 23:53 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-05-18 00:23 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\system32\XPSViewer 2015-05-18 00:23 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal 2015-05-17 23:27 - 2011-03-26 17:44 - 00000864 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-05-17 19:06 - 2007-10-10 05:14 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-05-17 18:12 - 2012-10-14 20:20 - 00000000 ____D () C:\Program Files\PDFCreator 2015-05-17 17:57 - 2011-06-16 19:53 - 00002455 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2015-05-16 10:21 - 2010-06-07 03:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-05-16 10:20 - 2008-06-01 14:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-05-16 10:09 - 2014-05-20 21:35 - 00000978 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk 2015-05-15 18:57 - 2012-05-17 08:07 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-05-15 18:57 - 2011-08-02 18:24 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-05-14 07:45 - 2007-12-04 00:38 - 00000000 ____D () C:\ProgramData\Skype 2015-05-14 07:32 - 2014-04-09 23:39 - 00000858 _____ () C:\Users\Public\Desktop\AVG 2014.lnk 2015-05-14 07:20 - 2014-03-20 21:18 - 00000000 ____D () C:\ProgramData\ProductData 2015-04-30 10:07 - 2006-11-02 12:24 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe ==================== Files in the root of some directories ======= 2007-03-12 18:59 - 2007-03-12 18:59 - 0299008 _____ () C:\Program Files\navigram_register.exe 2011-08-02 18:27 - 2011-07-14 10:31 - 1456640 _____ () C:\Program Files\Common Files\Falk Navi-Manager.msi 2008-05-10 21:31 - 2009-03-21 15:27 - 0000000 _____ () C:\Users\Lexy\AppData\Roaming\AVSDVDPlayer.m3u 2012-07-11 22:12 - 2012-07-11 22:15 - 0002415 _____ () C:\Users\Lexy\AppData\Roaming\hamster_installer_log.txt 2008-10-04 13:13 - 2011-06-12 21:19 - 0027657 _____ () C:\Users\Lexy\AppData\Roaming\Kommagetrennte Werte (Windows).ADR 2008-12-29 20:38 - 2011-04-11 22:20 - 0009521 _____ () C:\Users\Lexy\AppData\Roaming\mdbu.bin 2009-10-04 12:02 - 2009-10-04 12:02 - 0000760 _____ () C:\Users\Lexy\AppData\Roaming\setup_ldm.iss 2014-06-19 08:11 - 2014-06-19 08:11 - 0000024 _____ () C:\Users\Lexy\AppData\Roaming\temp.ini 2012-01-26 23:34 - 2012-01-26 23:34 - 0020289 _____ () C:\Users\Lexy\AppData\Roaming\UserTile.png 2007-11-25 02:26 - 2007-12-05 21:36 - 0000572 _____ () C:\Users\Lexy\AppData\Roaming\wklnhst.dat 2010-11-20 22:11 - 2012-06-11 01:14 - 0001188 _____ () C:\Users\Lexy\AppData\Local\crc32list11.txt 2007-12-04 00:39 - 2007-12-04 00:39 - 0000552 _____ () C:\Users\Lexy\AppData\Local\d3d8caps.dat 2008-02-22 20:02 - 2012-03-02 23:32 - 0001356 _____ () C:\Users\Lexy\AppData\Local\d3d9caps.dat 2007-11-24 16:39 - 2014-02-08 11:33 - 0154624 _____ () C:\Users\Lexy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-07-11 22:15 - 2012-07-11 22:15 - 0000393 _____ () C:\Users\Lexy\AppData\Local\HamsterVideoConverterSettings.cfg 2009-03-10 22:38 - 2009-04-15 09:29 - 0000089 _____ () C:\Users\Lexy\AppData\Local\qeymg.bat 2009-04-07 17:08 - 2009-04-10 08:44 - 0313413 _____ () C:\Users\Lexy\AppData\Local\ywwamqw_nav.dat 2014-01-27 23:49 - 2014-01-27 23:49 - 0764668 _____ () C:\ProgramData\1390858327.bdinstall.bin 2014-03-22 21:47 - 2014-03-22 21:47 - 0092109 _____ () C:\ProgramData\1395517664.bdinstall.bin 2014-03-22 21:50 - 2014-03-22 21:50 - 0250923 _____ () C:\ProgramData\1395517667.bdinstall.bin 2007-12-05 21:11 - 2007-12-05 21:11 - 0000032 _____ () C:\ProgramData\ezsid.dat 2008-06-01 14:36 - 2008-06-01 14:36 - 0000056 ____H () C:\ProgramData\ezsidmv.dat 2009-11-01 14:35 - 2011-05-20 18:00 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt 2007-10-10 05:18 - 2007-10-10 05:19 - 1132112 _____ () C:\ProgramData\pswi_preloaded.exe Files to move or delete: ==================== C:\ProgramData\ezsid.dat C:\ProgramData\pswi_preloaded.exe Some content of TEMP: ==================== C:\Users\Lexy\AppData\Local\Temp\DivXSetup.exe C:\Users\Lexy\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\Lexy\AppData\Local\Temp\GLF20FD.EXE C:\Users\Lexy\AppData\Local\Temp\GLF3105.EXE C:\Users\Lexy\AppData\Local\Temp\GLF3A3F.EXE C:\Users\Lexy\AppData\Local\Temp\GLF4AE.EXE C:\Users\Lexy\AppData\Local\Temp\GLF5263.EXE C:\Users\Lexy\AppData\Local\Temp\GLF5EED.EXE C:\Users\Lexy\AppData\Local\Temp\GLF6219.EXE C:\Users\Lexy\AppData\Local\Temp\GLF6756.EXE C:\Users\Lexy\AppData\Local\Temp\GLF6802.EXE C:\Users\Lexy\AppData\Local\Temp\GLF6FA0.EXE C:\Users\Lexy\AppData\Local\Temp\GLF7A24.EXE C:\Users\Lexy\AppData\Local\Temp\GLF878C.EXE C:\Users\Lexy\AppData\Local\Temp\GLF936A.EXE C:\Users\Lexy\AppData\Local\Temp\GLF9BC8.EXE C:\Users\Lexy\AppData\Local\Temp\GLFD436.EXE C:\Users\Lexy\AppData\Local\Temp\GLFE24B.EXE C:\Users\Lexy\AppData\Local\Temp\GLFE8BE.EXE C:\Users\Lexy\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\Lexy\AppData\Local\Temp\lowproc.exe C:\Users\Lexy\AppData\Local\Temp\promote-upx.exe C:\Users\Lexy\AppData\Local\Temp\SHSetup.exe C:\Users\Lexy\AppData\Local\Temp\SkypeSetup.exe C:\Users\Lexy\AppData\Local\Temp\stubhelper.dll C:\Users\Lexy\AppData\Local\Temp\updatepackasc.exe C:\Users\Lexy\AppData\Local\Temp\vlc-2.1.3-win32.exe C:\Users\Lexy\AppData\Local\Temp\vlc-2.1.5-win32.exe C:\Users\Lexy\AppData\Local\Temp\_is6F6D.exe C:\Users\Lexy\AppData\Local\Temp\_is98DD.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-20 12:04 ==================== End Of Log ============================ Code:
ATTFilter C:\Program Files\IObit Apps Toolbar\WidgiHelper.exe a variant of Win32/Toolbar.Widgi.N potentially unwanted application deleted - quarantined C:\Program Files\IObit Toolbar\WidgiHelper.exe a variant of Win32/Toolbar.Widgi.N potentially unwanted application deleted - quarantined C:\Users\Lexy\AppData\Roaming\Yontoo\dat\DIBS.dat a variant of MSIL/BrowseFox.J potentially unwanted application deleted - quarantined C:\Users\Lexy\Downloads\PDFCreator-2_1_1-setup(1).exe Win32/InstallMonetizer.AQ potentially unwanted application deleted - quarantined C:\Users\Lexy\Downloads\PDFCreator-2_1_1-setup.exe Win32/InstallMonetizer.AQ potentially unwanted application deleted - quarantined C:\Windows\System32\roboot.exe a variant of Win32/Systweak.A potentially unwanted application deleted - quarantined |
Themen zu Windows Vista - InstallMonetizer.AQ MSIL/BrowseFox.J Toolbar.Widgi.N Systweak.A |
.dll, administrator, adobe, avast, avg, avira, bonjour, browser, chromium, coupons, defender, explorer, firefox, flash player, home, homepage, mozilla, registry, scan, security, software, svchost.exe, system, temp, virus, vista, win32/toolbar.widgi.n, windows, winlogon.exe |