Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows Vista - InstallMonetizer.AQ MSIL/BrowseFox.J Toolbar.Widgi.N Systweak.A

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 20.05.2015, 21:45   #1
alexbk
 
Windows Vista - InstallMonetizer.AQ MSIL/BrowseFox.J Toolbar.Widgi.N Systweak.A - Standard

Windows Vista - InstallMonetizer.AQ MSIL/BrowseFox.J Toolbar.Widgi.N Systweak.A



Aus irgendwelchen Gründen stürtzt Firefox ständig ab.


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-05-2015
Ran by Lexy (administrator) on LEXY-PC on 20-05-2015 19:12:25
Running from C:\Users\Lexy\Desktop
Loaded Profiles: Lexy (Available profiles: Lexy)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Sony Corporation) C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
(NCP engineering GmbH) C:\Program Files\LANCOM\Advanced VPN Client\NcpBudgetGui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(NCP engineering GmbH) C:\Program Files\LANCOM\Advanced VPN Client\ncpclcfg.exe
(NCP Engineering GmbH) C:\Program Files\LANCOM\Advanced VPN Client\ncprwsnt.exe
() C:\Program Files\LANCOM\Advanced VPN Client\NCPSEC.EXE
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(SigmaTel, Inc.) C:\Windows\System32\stacsv.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
(Expert System S.p.A.) C:\Program Files\Duden\Duden Korrektor\DKCore.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
() C:\Program Files\Opera\29.0.1795.47\opera_autoupdate.exe
(Opera Software ASA) C:\Windows\Temp\Opera Autoupdate\cprogram filesopera\2780_27278\Opera_Stable_29.0.1795.60-29.0.1795.47_Patch.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ESET) C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
() C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [NcpBudgetGui] => C:\Program Files\LANCOM\Advanced VPN Client\NcpBudgetGui.exe [999424 2013-11-13] (NCP engineering GmbH)
HKLM\...\Run: [NcpPopup] => C:\Program Files\LANCOM\Advanced VPN Client\ncppopup.exe [1011280 2012-03-20] (NCP engineering GmbH)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2014-04-02] (RealNetworks, Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
Winlogon\Notify\VESWinlogon: C:\Windows\SYSTEM32\VESWinlogon.dll [2007-07-25] (Sony Corporation)
HKU\S-1-5-21-3626444559-52657498-4274862289-1002\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3626444559-52657498-4274862289-1002\...\MountPoints2: {11b66750-b5e2-11de-9df8-001bfb57dcd1} - explorer .\Start.htm
HKU\S-1-5-21-3626444559-52657498-4274862289-1002\...\MountPoints2: {39296a35-1998-11e1-b200-001e101f1838} - F:\AutoRun.exe
HKU\S-1-5-21-3626444559-52657498-4274862289-1002\...\MountPoints2: {858936fd-2a7a-11e1-9f04-001a804a3ef4} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3626444559-52657498-4274862289-1002\...\MountPoints2: {8bdb5a25-1eb6-11dd-a0f9-001bfb57dcd1} - G:\InstallTomTomHOME.exe
HKU\S-1-5-21-3626444559-52657498-4274862289-1002\...\MountPoints2: {90147ad3-cb2b-11e0-a807-001a804a3ef4} - F:\AutoRun.exe
HKU\S-1-5-21-3626444559-52657498-4274862289-1002\...\MountPoints2: {90147b0c-cb2b-11e0-a807-001e101f82a0} - F:\AutoRun.exe
HKU\S-1-5-21-3626444559-52657498-4274862289-1002\...\MountPoints2: {f83f8188-d23d-11e0-9eab-001e101f4da1} - F:\AutoRun.exe
HKU\S-1-5-21-3626444559-52657498-4274862289-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> none
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => "C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-03-23]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com?type=668083&fr=spigot-yhp-ie
HKU\S-1-5-21-3626444559-52657498-4274862289-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3626444559-52657498-4274862289-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/home
HKU\S-1-5-21-3626444559-52657498-4274862289-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://go.web.de/tab2
URLSearchHook: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 - IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\7.3\iobitToolbarIE.dll No File
URLSearchHook: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.3\iobitappsToolbarIE.dll No File
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKLM -> {539F31C0-3B74-40B9-A47D-9655DDEBB7EC} URL = hxxp://search.aol.com/aolcom/search?query={searchTerms}&invocationType=sny_ie7
SearchScopes: HKU\.DEFAULT -> DefaultScope {3AD58498-B64A-4094-913D-BCA865C6027E} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=668083&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> {3AD58498-B64A-4094-913D-BCA865C6027E} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=668083&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> {539F31C0-3B74-40B9-A47D-9655DDEBB7EC} URL = 
SearchScopes: HKU\.DEFAULT -> {76D942BC-59C4-4034-B456-48CE494193B8} URL = 
SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> DefaultScope {76D942BC-59C4-4034-B456-48CE494193B8} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> {0E8310AC-7BDC-4C45-8159-319CC44B4E9A} URL = hxxp://suche.gmx.net/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B8A10200B48583FC&affID=119357&tt=240913_246&tsp=5016
SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> {539F31C0-3B74-40B9-A47D-9655DDEBB7EC} URL = 
SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> {559EBC72-CCE9-42AE-8E31-119F867AC22D} URL = hxxp://search.1und1.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> {5AFA46B7-57B8-4318-BC64-44C5A7F12DDE} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=068d8e74-f9ba-11e0-8b53-001a804a3ef4&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> {76D942BC-59C4-4034-B456-48CE494193B8} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> {CF739809-1C6C-47C0-85B9-569DBB141420} URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=DVS
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-03-20] (IObit)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
Toolbar: HKU\.DEFAULT -> No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} -  No File
Toolbar: HKU\.DEFAULT -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-3626444559-52657498-4274862289-1002 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-US/wlscctrl2.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1140/Navigram.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-07-12] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-04-08] (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2012-08-08] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @innoplus.de/ino3DViewer -> C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll [2008-11-26] (INNOVA-engineering GmbH Dresden)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files\Virtual Earth 3D\ [2010-04-26] ()
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-27] (Google)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2014-04-02] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.69 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2009-04-15] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-04-02] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3626444559-52657498-4274862289-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Lexy\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-11-13] (Citrix Online)
FF user.js: detected! => C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\user.js [2013-09-25]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2008-06-02] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2014-04-02] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2014-04-02] (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll [2011-10-03] (vShare.tv )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-06-20] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\searchplugins\babylon.xml [2013-05-27]
FF SearchPlugin: C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\searchplugins\delta.xml [2013-05-27]
FF Extension: Yontoo - C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\Extensions\plugin@yontoo.com [2013-04-09]
FF Extension: Bitdefender QuickScan - C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-05-20]
FF Extension: FreeHDSport TV - C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\Extensions\fhdp@fhdp.tv.xpi [2013-04-09]
FF Extension: Ghostery - C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\Extensions\firefox@ghostery.com.xpi [2015-05-15]
FF Extension: NoScript - C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-12-15]
FF Extension: Adblock Plus - C:\Users\Lexy\AppData\Roaming\Mozilla\Firefox\Profiles\xft0vk8n.default-1363947649468\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-22]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-16]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-16]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Program Files\Real\RealPlayer\browserrecord
FF Extension: RealPlayer Browser Record Plugin - C:\Program Files\Real\RealPlayer\browserrecord [2009-04-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-25]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-04-02]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2012-09-08]

Chrome: 
=======
CHR Profile: C:\Users\Lexy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Tube Karaoke) - C:\Users\Lexy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgnhgbflngpggpmpfdkhmhmfdophhepe [2013-05-27]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Lexy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2013-04-14]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Lexy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-05-27]
CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.0.crx [2012-11-22]
CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx [2013-07-05]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [kkfggacklibaabdomphfdpcodjgihgon] - C:\Program Files\ATDheNetTVApp.com\stv10.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [kpionmjnkbpcdpcflammlgllecmejgjj] - C:\Program Files\vShare.tv plugin\vshareplg.crx [2011-08-31]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]
CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files\Yontoo\YontooLayers.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2011-12-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2011-12-15] (Avira Operations GmbH & Co. KG)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 LBTServ; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [121360 2009-07-20] (Logitech, Inc.)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2153792 2014-03-20] (IObit)
S4 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 ncpclcfg; C:\Program Files\LANCOM\Advanced VPN Client\ncpclcfg.exe [150800 2013-10-28] (NCP engineering GmbH)
R2 ncprwsnt; C:\Program Files\LANCOM\Advanced VPN Client\ncprwsnt.exe [1400584 2014-02-28] (NCP Engineering GmbH)
R2 NcpSec; C:\Program Files\LANCOM\Advanced VPN Client\NCPSEC.EXE [119808 2011-04-21] () [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S4 serviceIEConfig; C:\Windows\System32\ieconfig_1und1_svc.exe [662416 2009-04-15] (mquadr.at softwareengineering und consulting gmbh)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S4 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed]
R2 STacSV; C:\Windows\system32\stacsv.exe [94208 2007-06-12] (SigmaTel, Inc.)
S4 uCamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe [104960 2007-11-09] (ArcSoft, Inc.)
S4 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-06-28] (Sony Corporation) [File not signed]
S4 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182392 2007-07-25] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-06-21] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-06-21] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-06-21] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [499712 2007-06-21] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-11] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-06-21] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-06-21] (Sony Corporation) [File not signed]
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [333088 2008-03-03] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2007-06-28] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1228336 2014-02-27] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [188416 2007-06-28] (Sony Corporation) [File not signed]
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [184320 2007-06-28] (Sony Corporation) [File not signed]
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2009-11-13] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S4 Application Updater; "C:\Program Files\Application Updater\ApplicationUpdater.exe" [X]
S2 Yontoo Desktop Updater; "C:\Program Files\Yontoo\Y2Desktop.Updater.exe" "C:\Users\Lexy\AppData\Roaming\Yontoo\YontooDesktop.exe"

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [189720 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-29] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [74640 2011-12-15] (Avira GmbH)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-10-20] (AVG Technologies CZ, s.r.o.)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137416 2012-02-15] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2011-12-15] (Avira GmbH)
R1 Cdr4_xp; C:\Windows\system32\Drivers\Cdr4_xp.sys [9072 2008-07-04] (Sonic Solutions)
R1 Cdralw2k; C:\Windows\system32\Drivers\Cdralw2k.sys [9200 2008-07-04] (Sonic Solutions)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [File not signed]
S3 GigasetGenericUSB; C:\Windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2012-10-08] (Siemens Home and Office Communication Devices GmbH & Co. KG)
R3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [40720 2009-06-17] (Logitech, Inc.)
R3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10384 2009-06-17] (Logitech, Inc.)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28560 2009-06-17] (Logitech, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 ncpfilt; C:\Windows\System32\DRIVERS\ncplelhp.sys [87888 2014-02-28] (NCP Engineering GmbH)
R3 ncplelhp; C:\Windows\System32\DRIVERS\ncplelhp.sys [87888 2014-02-28] (NCP Engineering GmbH)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia)
S3 SonyImgF; C:\Windows\System32\DRIVERS\SonyImgF.sys [31104 2007-04-05] (Sony Corporation) [File not signed]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2010-02-25] () [File not signed]
R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [326656 2007-06-12] (SigmaTel, Inc.)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-06-05] (Texas Instruments)
S3 w800bus; C:\Windows\System32\DRIVERS\w800bus.sys [60768 2005-06-13] (MCCI)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 ivusb; system32\DRIVERS\ivusb.sys [X]
S3 nmwcdnsu; system32\drivers\nmwcdnsu.sys [X]
S3 nmwcdnsuc; system32\drivers\nmwcdnsuc.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
U5 usbser; C:\Windows\System32\Drivers\usbser.sys [27648 2009-04-11] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-20 19:12 - 2015-05-20 19:15 - 00034646 _____ () C:\Users\Lexy\Desktop\FRST.txt
2015-05-20 19:11 - 2015-05-20 19:12 - 00000000 ____D () C:\FRST
2015-05-20 19:07 - 2015-05-20 19:08 - 00000470 _____ () C:\Users\Lexy\Desktop\defogger_disable.log
2015-05-20 19:07 - 2015-05-20 19:07 - 00000000 _____ () C:\Users\Lexy\defogger_reenable
2015-05-20 19:04 - 2015-05-20 19:04 - 00050477 _____ () C:\Users\Lexy\Desktop\Defogger.exe
2015-05-20 18:59 - 2015-05-20 18:59 - 01146880 _____ (Farbar) C:\Users\Lexy\Desktop\FRST.exe
2015-05-20 15:53 - 2015-05-20 15:53 - 00000000 ____D () C:\Program Files\ESET
2015-05-20 15:51 - 2015-05-20 15:51 - 02347384 _____ (ESET) C:\Users\Lexy\Downloads\esetsmartinstaller_enu.exe
2015-05-20 12:44 - 2015-05-20 12:44 - 00001842 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-05-20 12:43 - 2015-05-20 12:44 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-05-18 20:43 - 2015-05-18 20:43 - 01046430 _____ () C:\Users\Lexy\Downloads\STANDING.pdf.part
2015-05-18 00:21 - 2015-04-19 23:24 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-05-18 00:21 - 2015-04-19 23:24 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-05-18 00:21 - 2015-04-19 23:24 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-05-18 00:21 - 2015-04-19 23:24 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-05-18 00:21 - 2015-04-19 22:19 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-05-18 00:21 - 2015-04-19 22:18 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-05-18 00:21 - 2015-04-19 22:13 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-05-18 00:21 - 2015-04-19 22:12 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-18 00:21 - 2015-04-19 22:12 - 00801792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-18 00:21 - 2015-04-19 06:59 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-17 23:27 - 2015-05-17 23:27 - 00000852 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-17 23:24 - 2015-05-17 23:25 - 00243656 _____ () C:\Users\Lexy\Downloads\Firefox Setup Stub 38.0.1(1).exe
2015-05-17 23:24 - 2015-05-17 23:24 - 00243656 _____ () C:\Users\Lexy\Downloads\Firefox Setup Stub 38.0.1.exe
2015-05-17 19:52 - 2015-04-10 17:25 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-17 19:52 - 2015-04-10 17:25 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-17 19:52 - 2015-04-10 17:24 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-17 19:52 - 2015-04-10 17:21 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-17 19:52 - 2015-04-10 17:20 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-17 19:52 - 2015-04-10 17:20 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-17 19:52 - 2015-04-10 17:19 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-17 19:52 - 2015-04-10 17:19 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-17 19:52 - 2015-04-10 17:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-17 19:52 - 2015-04-10 17:19 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-17 19:52 - 2015-04-10 17:19 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-17 19:52 - 2015-04-10 17:19 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-17 19:52 - 2015-04-10 17:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-17 19:52 - 2015-04-10 17:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-17 19:52 - 2015-04-10 17:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-17 19:52 - 2015-04-10 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-17 19:52 - 2015-04-10 17:18 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-17 19:52 - 2015-04-10 17:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-17 19:52 - 2015-04-10 17:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-17 19:52 - 2015-04-10 17:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-05-17 19:52 - 2015-04-10 17:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-17 19:51 - 2015-04-10 17:30 - 12379136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-17 19:07 - 2015-01-29 03:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-05-17 19:06 - 2015-01-29 03:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-05-17 19:04 - 2015-03-09 03:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-05-17 19:04 - 2014-08-27 02:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-05-17 19:02 - 2014-06-16 00:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-05-17 19:02 - 2014-06-13 20:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-05-17 19:02 - 2014-06-13 20:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-05-17 19:00 - 2014-12-19 02:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-05-17 19:00 - 2014-10-10 03:01 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-05-17 19:00 - 2014-10-10 03:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-17 19:00 - 2014-10-10 01:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-17 18:58 - 2014-11-04 02:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-05-17 18:56 - 2015-04-30 18:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-17 18:56 - 2015-03-05 04:24 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-05-17 18:56 - 2015-01-15 06:13 - 00440760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-17 18:56 - 2014-10-10 03:00 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-17 18:47 - 2014-10-24 03:03 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-17 18:46 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-05-17 18:46 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-05-17 18:45 - 2015-03-14 04:21 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-17 18:45 - 2015-03-13 03:51 - 03604920 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-05-17 18:45 - 2015-03-13 03:51 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-17 18:45 - 2015-01-09 04:04 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-17 18:45 - 2015-01-09 02:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-17 18:45 - 2014-10-24 03:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-05-17 18:31 - 2014-11-26 04:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-05-17 18:30 - 2015-02-20 04:03 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-05-17 18:30 - 2015-02-20 02:28 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-05-17 18:26 - 2015-04-30 15:14 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-17 18:19 - 2015-05-17 18:21 - 00000000 ____D () C:\Users\Lexy\AppData\Local\PDFCreator
2015-05-17 18:18 - 2015-01-21 04:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-05-17 18:17 - 2014-08-12 04:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-05-17 18:11 - 2015-05-17 18:11 - 00000832 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2015-05-17 18:11 - 2015-05-17 18:11 - 00000000 ____D () C:\Users\Lexy\AppData\Roaming\pdfforge
2015-05-17 18:11 - 2015-05-17 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-05-17 18:10 - 2014-10-13 03:12 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-05-17 18:06 - 2015-05-17 18:08 - 27837984 _____ (pdfforge ) C:\Users\Lexy\Downloads\PDFCreator-2_1_1-setup.exe
2015-05-17 18:06 - 2015-05-17 18:08 - 27837984 _____ (pdfforge ) C:\Users\Lexy\Downloads\PDFCreator-2_1_1-setup(1).exe
2015-05-16 10:28 - 2014-12-06 05:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-05-16 10:28 - 2014-10-03 03:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-05-16 10:28 - 2014-10-03 03:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-05-16 10:28 - 2014-10-03 03:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-05-16 10:28 - 2014-10-03 03:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-05-16 10:27 - 2015-02-18 04:02 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-05-16 10:27 - 2014-12-06 05:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-05-16 10:27 - 2014-12-06 05:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-05-16 10:24 - 2015-04-11 01:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-16 10:19 - 2014-09-05 01:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-05-16 10:15 - 2014-12-08 03:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-05-16 10:14 - 2014-12-06 05:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-05-15 18:05 - 2015-05-15 18:07 - 00000000 ____D () C:\Users\Lexy\Desktop\STICK
2015-05-14 07:29 - 2015-05-14 07:29 - 00000000 ____D () C:\Users\Lexy\AppData\Local\Avg

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-20 19:15 - 2007-12-04 00:42 - 00000000 ____D () C:\Users\Lexy\AppData\Roaming\Skype
2015-05-20 19:07 - 2007-11-24 16:31 - 00000000 ____D () C:\Users\Lexy
2015-05-20 18:57 - 2014-01-11 23:20 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-20 17:51 - 2014-04-09 23:33 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-20 17:44 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-20 17:44 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-20 16:26 - 2012-03-02 22:04 - 01719885 _____ () C:\Windows\WindowsUpdate.log
2015-05-20 15:45 - 2014-01-27 23:15 - 00000000 ____D () C:\Users\Lexy\AppData\Roaming\QuickScan
2015-05-20 14:05 - 2013-12-15 11:33 - 00000820 _____ () C:\Windows\Tasks\Google Software Updater.job
2015-05-20 12:46 - 2011-01-26 23:43 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-05-20 11:46 - 2012-01-26 23:16 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-05-20 11:44 - 2014-02-22 18:47 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-20 11:44 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-20 00:00 - 2007-08-02 04:03 - 00003204 _____ () C:\Windows\bthservsdp.dat
2015-05-20 00:00 - 2006-11-02 15:01 - 00032602 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-19 23:02 - 2012-07-17 20:24 - 00001752 ____H () C:\Users\Lexy\Documents\Default.rdp
2015-05-19 13:38 - 2014-04-07 21:35 - 00000000 ____D () C:\Program Files\Opera
2015-05-18 21:32 - 2014-02-22 18:47 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-18 21:18 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-18 20:10 - 2013-07-16 10:40 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-18 16:25 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2015-05-18 16:14 - 2006-11-02 12:33 - 00006798 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-18 16:06 - 2006-11-02 14:47 - 00442120 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-18 16:03 - 2014-02-16 21:47 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-05-18 16:03 - 2013-12-29 11:59 - 00476448 _____ () C:\Windows\PFRO.log
2015-05-18 16:03 - 2013-03-21 23:53 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-18 00:23 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\system32\XPSViewer
2015-05-18 00:23 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-17 23:27 - 2011-03-26 17:44 - 00000864 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-17 19:06 - 2007-10-10 05:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-17 18:12 - 2012-10-14 20:20 - 00000000 ____D () C:\Program Files\PDFCreator
2015-05-17 17:57 - 2011-06-16 19:53 - 00002455 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-05-16 10:21 - 2010-06-07 03:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-16 10:20 - 2008-06-01 14:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-16 10:09 - 2014-05-20 21:35 - 00000978 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2015-05-15 18:57 - 2012-05-17 08:07 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-05-15 18:57 - 2011-08-02 18:24 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-05-14 07:45 - 2007-12-04 00:38 - 00000000 ____D () C:\ProgramData\Skype
2015-05-14 07:32 - 2014-04-09 23:39 - 00000858 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2015-05-14 07:20 - 2014-03-20 21:18 - 00000000 ____D () C:\ProgramData\ProductData
2015-04-30 10:07 - 2006-11-02 12:24 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

==================== Files in the root of some directories =======

2007-03-12 18:59 - 2007-03-12 18:59 - 0299008 _____ () C:\Program Files\navigram_register.exe
2011-08-02 18:27 - 2011-07-14 10:31 - 1456640 _____ () C:\Program Files\Common Files\Falk Navi-Manager.msi
2008-05-10 21:31 - 2009-03-21 15:27 - 0000000 _____ () C:\Users\Lexy\AppData\Roaming\AVSDVDPlayer.m3u
2012-07-11 22:12 - 2012-07-11 22:15 - 0002415 _____ () C:\Users\Lexy\AppData\Roaming\hamster_installer_log.txt
2008-10-04 13:13 - 2011-06-12 21:19 - 0027657 _____ () C:\Users\Lexy\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2008-12-29 20:38 - 2011-04-11 22:20 - 0009521 _____ () C:\Users\Lexy\AppData\Roaming\mdbu.bin
2009-10-04 12:02 - 2009-10-04 12:02 - 0000760 _____ () C:\Users\Lexy\AppData\Roaming\setup_ldm.iss
2014-06-19 08:11 - 2014-06-19 08:11 - 0000024 _____ () C:\Users\Lexy\AppData\Roaming\temp.ini
2012-01-26 23:34 - 2012-01-26 23:34 - 0020289 _____ () C:\Users\Lexy\AppData\Roaming\UserTile.png
2007-11-25 02:26 - 2007-12-05 21:36 - 0000572 _____ () C:\Users\Lexy\AppData\Roaming\wklnhst.dat
2010-11-20 22:11 - 2012-06-11 01:14 - 0001188 _____ () C:\Users\Lexy\AppData\Local\crc32list11.txt
2007-12-04 00:39 - 2007-12-04 00:39 - 0000552 _____ () C:\Users\Lexy\AppData\Local\d3d8caps.dat
2008-02-22 20:02 - 2012-03-02 23:32 - 0001356 _____ () C:\Users\Lexy\AppData\Local\d3d9caps.dat
2007-11-24 16:39 - 2014-02-08 11:33 - 0154624 _____ () C:\Users\Lexy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-07-11 22:15 - 2012-07-11 22:15 - 0000393 _____ () C:\Users\Lexy\AppData\Local\HamsterVideoConverterSettings.cfg
2009-03-10 22:38 - 2009-04-15 09:29 - 0000089 _____ () C:\Users\Lexy\AppData\Local\qeymg.bat
2009-04-07 17:08 - 2009-04-10 08:44 - 0313413 _____ () C:\Users\Lexy\AppData\Local\ywwamqw_nav.dat
2014-01-27 23:49 - 2014-01-27 23:49 - 0764668 _____ () C:\ProgramData\1390858327.bdinstall.bin
2014-03-22 21:47 - 2014-03-22 21:47 - 0092109 _____ () C:\ProgramData\1395517664.bdinstall.bin
2014-03-22 21:50 - 2014-03-22 21:50 - 0250923 _____ () C:\ProgramData\1395517667.bdinstall.bin
2007-12-05 21:11 - 2007-12-05 21:11 - 0000032 _____ () C:\ProgramData\ezsid.dat
2008-06-01 14:36 - 2008-06-01 14:36 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-11-01 14:35 - 2011-05-20 18:00 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2007-10-10 05:18 - 2007-10-10 05:19 - 1132112 _____ () C:\ProgramData\pswi_preloaded.exe

Files to move or delete:
====================
C:\ProgramData\ezsid.dat
C:\ProgramData\pswi_preloaded.exe


Some content of TEMP:
====================
C:\Users\Lexy\AppData\Local\Temp\DivXSetup.exe
C:\Users\Lexy\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Lexy\AppData\Local\Temp\GLF20FD.EXE
C:\Users\Lexy\AppData\Local\Temp\GLF3105.EXE
C:\Users\Lexy\AppData\Local\Temp\GLF3A3F.EXE
C:\Users\Lexy\AppData\Local\Temp\GLF4AE.EXE
C:\Users\Lexy\AppData\Local\Temp\GLF5263.EXE
C:\Users\Lexy\AppData\Local\Temp\GLF5EED.EXE
C:\Users\Lexy\AppData\Local\Temp\GLF6219.EXE
C:\Users\Lexy\AppData\Local\Temp\GLF6756.EXE
C:\Users\Lexy\AppData\Local\Temp\GLF6802.EXE
C:\Users\Lexy\AppData\Local\Temp\GLF6FA0.EXE
C:\Users\Lexy\AppData\Local\Temp\GLF7A24.EXE
C:\Users\Lexy\AppData\Local\Temp\GLF878C.EXE
C:\Users\Lexy\AppData\Local\Temp\GLF936A.EXE
C:\Users\Lexy\AppData\Local\Temp\GLF9BC8.EXE
C:\Users\Lexy\AppData\Local\Temp\GLFD436.EXE
C:\Users\Lexy\AppData\Local\Temp\GLFE24B.EXE
C:\Users\Lexy\AppData\Local\Temp\GLFE8BE.EXE
C:\Users\Lexy\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Lexy\AppData\Local\Temp\lowproc.exe
C:\Users\Lexy\AppData\Local\Temp\promote-upx.exe
C:\Users\Lexy\AppData\Local\Temp\SHSetup.exe
C:\Users\Lexy\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Lexy\AppData\Local\Temp\stubhelper.dll
C:\Users\Lexy\AppData\Local\Temp\updatepackasc.exe
C:\Users\Lexy\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\Lexy\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Lexy\AppData\Local\Temp\_is6F6D.exe
C:\Users\Lexy\AppData\Local\Temp\_is98DD.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-20 12:04

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
C:\Program Files\IObit Apps Toolbar\WidgiHelper.exe	a variant of Win32/Toolbar.Widgi.N potentially unwanted application	deleted - quarantined
C:\Program Files\IObit Toolbar\WidgiHelper.exe	a variant of Win32/Toolbar.Widgi.N potentially unwanted application	deleted - quarantined
C:\Users\Lexy\AppData\Roaming\Yontoo\dat\DIBS.dat	a variant of MSIL/BrowseFox.J potentially unwanted application	deleted - quarantined
C:\Users\Lexy\Downloads\PDFCreator-2_1_1-setup(1).exe	Win32/InstallMonetizer.AQ potentially unwanted application	deleted - quarantined
C:\Users\Lexy\Downloads\PDFCreator-2_1_1-setup.exe	Win32/InstallMonetizer.AQ potentially unwanted application	deleted - quarantined
C:\Windows\System32\roboot.exe	a variant of Win32/Systweak.A potentially unwanted application	deleted - quarantined
         

 

Themen zu Windows Vista - InstallMonetizer.AQ MSIL/BrowseFox.J Toolbar.Widgi.N Systweak.A
.dll, administrator, adobe, avast, avg, avira, bonjour, browser, chromium, coupons, defender, explorer, firefox, flash player, home, homepage, mozilla, registry, scan, security, software, svchost.exe, system, temp, virus, vista, win32/toolbar.widgi.n, windows, winlogon.exe




Ähnliche Themen: Windows Vista - InstallMonetizer.AQ MSIL/BrowseFox.J Toolbar.Widgi.N Systweak.A


  1. Windows Vista Home Premium Service Pack 2 Win32/Bundled.Toolbar.Google.D und Variante von Win32/OpenCandy.C mit eset online scanner gefunden
    Log-Analyse und Auswertung - 16.10.2015 (9)
  2. Windows 7: PUA/Linkury.Gen2, TR/Spy.Agent.509120, TR/Dropper.Gen, ADWARE/BrowseFox.Gen
    Log-Analyse und Auswertung - 09.08.2015 (18)
  3. Windows Vista incredibar-search ASK-Toolbar vermutlich Malware, Rechner sehr langsam
    Log-Analyse und Auswertung - 28.04.2015 (11)
  4. Windows Vista: Mindspark Toolbar Plattform funktioniert nicht mehr
    Alles rund um Windows - 26.03.2015 (15)
  5. win7 Trojaner erst gendropper jetzt win32/toolbar. visicom a, conduit, systweak h, your file downloader
    Log-Analyse und Auswertung - 20.11.2014 (15)
  6. Windows 7: Rechner lahmt durch Systweak und Co.
    Plagegeister aller Art und deren Bekämpfung - 23.08.2014 (9)
  7. Widgi Toolbar gefunden und deinstalliert - Weitere Malware vorhanden ?
    Log-Analyse und Auswertung - 18.12.2013 (10)
  8. Windows Vista: PUP.Babylon.a, qone8 Toolbar etc. ...
    Log-Analyse und Auswertung - 08.11.2013 (5)
  9. Windows 7 Trojaner: (PUP.Optional.InstallMonetizer.A), allerdings keine Anzeichen
    Log-Analyse und Auswertung - 05.10.2013 (26)
  10. Vista / AskPartnerNetwork\Toolbar gefunden
    Log-Analyse und Auswertung - 16.09.2013 (9)
  11. Admin Profil nicht mehr da - Widgi Toolbar
    Log-Analyse und Auswertung - 26.08.2013 (27)
  12. Win32/Toolbar.Widgi Anwendung
    Plagegeister aller Art und deren Bekämpfung - 07.01.2013 (30)
  13. pdfforge und widgi toolbar, sowie SpyHunter entfernen?
    Log-Analyse und Auswertung - 04.09.2012 (1)
  14. Java/HackAV.A, Win32/Toolbar.Babylon, MSIL/Solimba.B, Win32/SoftonicDownloader.A, etc.
    Log-Analyse und Auswertung - 08.03.2012 (1)
  15. widgi toolbar
    Überwachung, Datenschutz und Spam - 22.01.2012 (0)
  16. spyhunter, widgi toolbar, spigot....was tue ich am Besten?
    Plagegeister aller Art und deren Bekämpfung - 08.01.2012 (35)
  17. Worm.Autorun.B u. Adware Widgi Toolbar , Kaspersky außer Kontrolle
    Plagegeister aller Art und deren Bekämpfung - 17.11.2010 (3)

Zum Thema Windows Vista - InstallMonetizer.AQ MSIL/BrowseFox.J Toolbar.Widgi.N Systweak.A - Aus irgendwelchen Gründen stürtzt Firefox ständig ab. FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-05-2015 Ran by Lexy (administrator) on - Windows Vista - InstallMonetizer.AQ MSIL/BrowseFox.J Toolbar.Widgi.N Systweak.A...
Archiv
Du betrachtest: Windows Vista - InstallMonetizer.AQ MSIL/BrowseFox.J Toolbar.Widgi.N Systweak.A auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.