Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

EICAR-Test Virus/Malware


  • Please log in to reply

#1
Don Quischote

Don Quischote

    New Member

  • Member
  • Pip
  • 4 posts

Hi folks,

 

for quite a while Avira AntiVirus finds every day some "Eicar-Test-Signature" files. I tried BitDefender to remove it permanently but it couldn't deal with it either.

I can't notice any system effects, so I didn't care for a while. But it annoys me that it always finds new infested data! I don't know how I caught the virus. I have never used the Eicar test to check my system. Could someone review my FRST scan and help me with the problem.

Many thanks in advance!

 

Here comes the FRST Report:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Don (administrator) on BRONKOEISENZAHN on 19-06-2015 22:23:04
Running from C:\Users\Don\Desktop
Loaded Profiles: Don (Available Profiles: Don)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
(Dropbox, Inc.) C:\Users\Don\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsAPHider\AsAPHider.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(OldTimer Tools) C:\Users\Don\Downloads\OTL.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-06-09] (COMODO)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2012-01-13] (Nero AG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-18] (Apple Inc.)
HKLM-x32\...\Run: [ASUS ShellProcess Execute] => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-09-28] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-06-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2015-02-01] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKU\S-1-5-21-1427277019-3820213075-1690403859-1000\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [2433024 2011-08-12] ()
HKU\S-1-5-21-1427277019-3820213075-1690403859-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1563440 2014-06-14] (Samsung)
HKU\S-1-5-21-1427277019-3820213075-1690403859-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568 2014-06-14] (Samsung)
HKU\S-1-5-21-1427277019-3820213075-1690403859-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [694352 2013-05-11] (Adobe Systems Incorporated)
HKU\S-1-5-21-1427277019-3820213075-1690403859-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_Plugin.exe [927920 2015-06-10] (Adobe Systems Incorporated)
HKU\S-1-5-21-1427277019-3820213075-1690403859-1000\...\MountPoints2: {2708a3ad-92db-11e1-a5e9-f46d04e428bc} - I:\setup.exe
HKU\S-1-5-21-1427277019-3820213075-1690403859-1000\...\MountPoints2: {38544e07-917a-11e1-9c1e-806e6f6e6963} - G:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-1427277019-3820213075-1690403859-1000\...\MountPoints2: {719ebd49-8b28-11e2-8b72-f46d04e43389} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\index.html
Startup: C:\Users\Don\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-28]
ShortcutTarget: Dropbox.lnk -> C:\Users\Don\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Don\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Don\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Don\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Don\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Don\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Don\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Don\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
BootExecute: autocheck autochk * bddel.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1427277019-3820213075-1690403859-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1427277019-3820213075-1690403859-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files\AdTrustMedia\PrivDog\2.1.0.22\trustedads.dll [2014-04-18] (AdTrustMedia)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-01] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation)
BHO-x32: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files (x86)\AdTrustMedia\PrivDog\2.1.0.22\trustedads.dll [2014-04-18] (AdTrustMedia)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default
FF DefaultSearchEngine: Ecosia
FF SelectedSearchEngine: Ecosia
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-10] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-01-09] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-03-30] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @qq.com/npchrome -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll [2014-07-21] (Tencent)
FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll [2014-07-21] (Tencent)
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll [2013-04-08] (Tencent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1427277019-3820213075-1690403859-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Don\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-01-26] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\searchplugins\duckduckgo.xml [2014-06-19]
FF SearchPlugin: C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\searchplugins\ecosia.xml [2015-05-30]
FF Extension: Avira Browser Safety - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\[email protected] [2015-05-28]
FF Extension: Flash Video Downloader - YouTube HD Downloader [4K] - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\[email protected] [2015-06-06]
FF Extension: FoxyProxy Standard - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\[email protected] [2015-06-06]
FF Extension: PrivDog - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\P[email protected] [2014-10-02]
FF Extension: YouTube Unblocker - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\[email protected] [2015-06-11]
FF Extension: Ghostery - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\[email protected] [2013-08-03]
FF Extension: MEGA - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\[email protected] [2014-05-07]
FF Extension: Lightbeam - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\[email protected] [2013-07-05]
FF Extension: Download Manager (S3) - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\[email protected] [2014-05-02]
FF Extension: NoScript - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-07-05]
FF Extension: No Name - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\{a5acd3d4-e29d-435e-950e-e9517421e533}.xpi [2014-05-06]
FF Extension: Video DownloadHelper - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-04-11]
FF Extension: Ecosia — The search engine that plants trees! - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2014-06-19]
FF Extension: Adblock Plus - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-04-30]
FF Extension: BetterPrivacy - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2012-04-30]
FF Extension: Download Statusbar - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2012-04-30]
FF Extension: DownThemAll! - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-05-24]
FF Extension: web shield - C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\7nbljkva.default\Extensions\{f3ed8412-84cc-4981-841c-fd7c158703e0}.xpi [2014-05-06]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2015-06-06]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-07-26]

Chrome:
=======
CHR HKU\S-1-5-21-1427277019-3820213075-1690403859-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Users\Don\AppData\Local\AdTrustMedia\PrivDog\PrivDog_chrome.crx [2014-04-18]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-16] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1187336 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2014-03-20] (Comodo Security Solutions, Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5541960 2015-06-05] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-06-09] (COMODO)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-03-20] (Comodo Security Solutions, Inc.)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2014-09-24] (Bitdefender)
S2 HDDlife HDD Access service; C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe [2095368 2013-02-14] (BinarySense, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [14848 2011-09-12] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2013-06-17] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-09-21] (Bitdefender SRL)
S1 CFRMD; C:\Windows\SysWOW64\DRIVERS\CFRMD.sys [37976 2012-09-03] (Windows ® Win 7 DDK provider) [File not signed]
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20672 2015-06-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [797256 2015-06-05] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45856 2015-06-05] (COMODO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-30] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] () [File not signed]
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2014-04-30] () [File not signed]
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [31136 2013-06-24] (REALiX™)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [104584 2015-06-05] (COMODO)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [22776 2011-09-12] (Intel Corporation)
S3 KMUSBSC2; C:\Windows\System32\Drivers\KMUSBSC2.sys [48256 2008-01-10] (KYOCERA MITA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-06-23] (BitDefender S.R.L.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-19 22:23 - 2015-06-19 22:24 - 00027140 _____ C:\Users\Don\Desktop\FRST.txt
2015-06-19 22:20 - 2015-06-19 22:23 - 00000000 ____D C:\FRST
2015-06-19 22:16 - 2015-06-19 22:16 - 02109952 _____ (Farbar) C:\Users\Don\Desktop\FRST64.exe
2015-06-19 21:55 - 2015-06-19 21:55 - 00001179 _____ C:\Users\Don\Desktop\ADS Scanner 2.lnk
2015-06-19 21:55 - 2015-06-19 21:55 - 00000000 ____D C:\Users\Don\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ADS Scanner 2
2015-06-19 21:55 - 2015-06-19 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADS Scanner 2
2015-06-19 21:55 - 2015-06-19 21:55 - 00000000 ____D C:\Program Files (x86)\Pointstone
2015-06-19 21:54 - 2015-06-19 21:54 - 00881824 _____ C:\Users\Don\Downloads\ADSScannerSetup.exe
2015-06-19 21:13 - 2015-06-19 21:13 - 00089740 _____ C:\Users\Don\Downloads\Extras.Txt
2015-06-19 21:12 - 2015-06-19 21:12 - 02842238 _____ C:\Users\Don\Downloads\OTL.Txt
2015-06-19 20:53 - 2015-06-19 20:53 - 00602112 _____ (OldTimer Tools) C:\Users\Don\Downloads\OTL.exe
2015-06-14 22:49 - 2015-06-14 23:35 - 00027624 _____ C:\Windows\system32\bddel.exe
2015-06-14 22:49 - 2015-06-14 22:49 - 00000818 _____ C:\Windows\system32\bddel.dat
2015-06-09 19:46 - 2015-06-09 19:46 - 02532897 _____ C:\Users\Don\Downloads\Tpet-Display-859.zip
2015-06-06 23:48 - 2015-06-09 18:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-04 23:06 - 2015-06-04 23:06 - 00059515 _____ C:\Users\Don\Downloads\pg2264.epub
2015-06-01 19:43 - 2015-06-01 20:11 - 00000000 ____D C:\Program Files (x86)\WASTE
2015-06-01 19:43 - 2015-06-01 19:43 - 00000000 ____D C:\Users\Don\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WASTE
2015-06-01 19:43 - 2015-06-01 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WASTE
2015-05-26 14:05 - 2015-06-03 19:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-19 22:21 - 2009-07-14 06:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-19 22:21 - 2009-07-14 06:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-19 21:17 - 2014-07-27 15:47 - 00000000 ____D C:\Users\Don\Documents\Citavi 4
2015-06-19 20:27 - 2012-04-28 23:40 - 02015595 _____ C:\Windows\WindowsUpdate.log
2015-06-19 19:35 - 2014-03-21 23:43 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2015-06-18 20:13 - 2013-06-17 14:14 - 00000000 ___RD C:\Users\Don\Desktop\Programme
2015-06-18 20:12 - 2012-04-30 18:36 - 00000000 ____D C:\Users\Don\AppData\Roaming\vlc
2015-06-18 20:11 - 2013-06-17 10:08 - 00000000 ____D C:\Users\Don\AppData\Roaming\MediaMonkey
2015-06-17 11:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-16 19:13 - 2012-10-26 15:39 - 00003423 _____ C:\Users\Don\Desktop\New Songs.txt
2015-06-16 18:18 - 2012-12-01 16:36 - 00000000 ____D C:\Users\Don\AppData\Roaming\Audacity
2015-06-16 16:24 - 2013-09-21 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-16 16:22 - 2013-09-21 18:05 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-16 16:22 - 2013-09-21 18:05 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-14 22:24 - 2012-04-30 18:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-14 22:05 - 2015-05-14 16:58 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-14 20:30 - 2015-05-14 16:58 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-11 19:35 - 2013-04-29 17:29 - 00000000 ____D C:\Users\Don\AppData\Roaming\Dropbox
2015-06-11 19:34 - 2012-06-22 11:29 - 00000000 ____D C:\ProgramData\TEMP
2015-06-11 19:32 - 2015-01-31 22:45 - 00006003 _____ C:\Windows\setupact.log
2015-06-11 19:32 - 2012-05-02 19:22 - 00000000 ____D C:\Users\Don\.rainlendar2
2015-06-11 19:29 - 2015-01-31 22:44 - 00194822 _____ C:\Windows\PFRO.log
2015-06-11 19:29 - 2013-09-21 18:04 - 00000000 ____D C:\ProgramData\Avira
2015-06-11 19:29 - 2012-04-29 00:23 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-11 19:29 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-11 19:27 - 2014-12-14 23:01 - 00224640 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-06-10 23:02 - 2014-08-05 11:40 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-10 22:55 - 2013-09-21 18:04 - 00000000 ____D C:\Program Files (x86)\Avira
2015-06-10 00:28 - 2012-04-30 18:10 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-10 00:28 - 2012-04-30 18:10 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-10 00:28 - 2012-04-30 18:10 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-09 19:24 - 2009-07-14 19:58 - 01465458 _____ C:\Windows\system32\perfh007.dat
2015-06-09 19:24 - 2009-07-14 19:58 - 00396178 _____ C:\Windows\system32\perfc007.dat
2015-06-09 18:24 - 2013-04-29 17:38 - 00000000 ____D C:\Users\Don\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-09 18:13 - 2009-07-14 06:45 - 00582472 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-09 18:12 - 2012-06-08 14:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-06 23:49 - 2012-05-29 14:49 - 00000000 ____D C:\Users\Don\AppData\Local\CrashDumps
2015-06-05 15:35 - 2012-03-11 21:13 - 00797256 _____ (COMODO) C:\Windows\system32\Drivers\cmdGuard.sys
2015-06-05 15:35 - 2012-03-11 21:13 - 00045856 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2015-06-05 15:35 - 2012-03-11 21:13 - 00020672 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2015-06-05 15:35 - 2012-02-03 19:27 - 00104584 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2015-06-05 15:34 - 2012-03-11 21:13 - 00576824 _____ (COMODO) C:\Windows\system32\guard64.dll
2015-06-05 15:34 - 2012-03-11 21:13 - 00444448 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
2015-06-05 15:34 - 2012-03-11 21:13 - 00041224 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2015-06-05 15:33 - 2014-04-11 12:48 - 00358080 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll
2015-06-05 15:32 - 2014-04-11 12:48 - 00045760 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll
2015-06-05 15:31 - 2014-04-11 12:48 - 00288448 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2015-06-05 15:31 - 2014-04-11 12:48 - 00040640 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll

==================== Files in the root of some directories =======

2013-05-02 02:23 - 2013-06-19 18:37 - 0000560 _____ () C:\Users\Don\AppData\Roaming\AutoGK.ini
2014-08-13 13:21 - 2014-08-13 13:21 - 0000922 _____ () C:\Users\Don\AppData\Local\recently-used.xbel
2012-04-30 18:50 - 2012-05-05 01:57 - 0007606 _____ () C:\Users\Don\AppData\Local\Resmon.ResmonCfg
2008-02-05 13:28 - 2008-02-05 13:28 - 0000051 _____ () C:\Users\Don\AppData\Local\setup.txt
2013-06-17 09:20 - 2013-06-17 09:20 - 2738842 _____ () C:\ProgramData\1371452228.bdinstall.bin
2013-03-31 19:47 - 2013-03-31 21:34 - 0000248 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Don\AppData\Local\Temp\avgnt.exe
C:\Users\Don\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuqntms.dll
C:\Users\Don\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Don\AppData\Local\Temp\UnityWebPlayer.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-17 11:08

==================== End of log ============================

 

 

With best regards!

 

Don Quischote

 


  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP