Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to download files


  • Please log in to reply
12 replies to this topic

#1 alex88t

alex88t

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 10 March 2014 - 06:20 PM

Hi guys. It's a long time that i'm having this annoying issue whit my pc, i've tried to search over internet, into you're forum but didn't find nothing like this. maybe i'm wrong... :unsure:
 
Every time i try to download one of this files:
kav_rescue_10.iso
Razer Synapse
bitdefender
comodo firewall
Junkware Removal Tool
uTorrent
 
they always get stuck at 3-10%. Even when i try to update razer gets stuck at 15%. :scratchhead:
I've tried whit to format, remove the firewall, remove the antivirus, remove both but nothing changed. 
 
The only solution is to download them whit my cellphone(wifi conn. same router) and then transfer to pc. Or using anchorfree that seems to be magic everything works but i don't really trust this kind of programs so i remove it as soon as possible.
 
As antivirus i'm using avg free and comodo firewall(only firewall). Sometimes i do a scan whit malewarebytes or spybot.
 
Sorry for my bad english. Can someone please help me?? :mellow:
 
P.S. also tried different browsers like firefox or chrome but nothing.
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16518
Run by Amministratore at 20:37:19 on 2014-03-10
Microsoft Windows 7 Professional   6.1.7601.1.1252.39.1040.18.8191.5892 [GMT 1:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, enhanced for Bing and MSN
mStart Page = about:blank
BHO: Guida per l'accesso all'account Microsoft: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{5CE233CE-BB9C-4FE5-8209-B1DC9A25242B} : NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{5CE233CE-BB9C-4FE5-8209-B1DC9A25242B} : DHCPNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-11-25 196376]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
R0 RzFilter;RzFilter;C:\Windows\System32\drivers\RzFilter.sys [2013-11-14 74432]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-25 150808]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-25 243480]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R1 BdAgent;BullGuard Security Agent;C:\Windows\System32\drivers\BdAgent.sys [2013-10-14 117192]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2013-9-24 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2013-11-14 709144]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2013-9-24 48872]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-1-22 3788816]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-6 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-10-24 16941856]
R2 RzOvlMon;Razer Overlay Subsystem Emergency Service;C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe [2013-12-11 32960]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-3-10 411936]
R3 DKRtWrt;DKRtWrt;C:\Windows\System32\drivers\DKRtWrt.sys [2013-11-20 44624]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-1-24 39200]
R3 RTL8023x64;Driver Realtek 10/100 NIC Family NDIS x64;C:\Windows\System32\drivers\Rtnic64.sys [2009-6-10 51712]
R3 RzDxgk;RzDxgk;C:\Windows\System32\drivers\RzDxgk.sys [2013-11-14 129472]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2013-11-15 149160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2013-11-16 35840]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-9-24 164056]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-12 111616]
S3 IOMap;IOMap;C:\Windows\System32\drivers\IOMap64.sys [2014-1-29 24824]
S3 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-1-24 3921880]
S3 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-1-24 1042272]
S3 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-1-24 171416]
S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2014-1-17 155824]
S3 StorSvc;Servizio di archiviazione;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-11-13 42184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-10-24 59392]
S3 WatAdminSvc;Servizio Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-10-24 1255736]
S4 NETGEARGenieDaemon;NETGEARGenieDaemon;C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [2013-11-14 232192]
.
=============== Created Last 30 ================
.
2014-03-10 19:12:18 599840 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-03-10 18:04:57 -------- d-----w- C:\NVIDIA
2014-03-08 20:19:28 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2014-03-01 14:30:31 -------- d-----w- C:\Songr
2014-03-01 14:26:06 -------- d-----w- C:\Users\Amministratore\AppData\Local\Songr
2014-02-27 18:57:08 -------- d-----w- C:\Program Files (x86)\Europa Universalis IV
2014-02-22 11:29:05 -------- d-----w- C:\Users\Amministratore\AppData\Local\Windows Live
2014-02-21 21:25:39 -------- d-----w- C:\Program Files (x86)\Common Files\Overwolf
2014-02-21 21:03:12 -------- d-----w- C:\Users\Amministratore\AppData\Roaming\TS3Client
2014-02-21 21:03:12 -------- d-----w- C:\Users\Amministratore\AppData\Local\Overwolf
2014-02-21 21:03:00 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client
2014-02-21 17:37:54 -------- d-----r- C:\Program Files (x86)\Skype
2014-02-19 08:54:58 -------- d-----w- C:\Users\Amministratore\AppData\Roaming\Malwarebytes
2014-02-19 08:33:39 -------- d-----w- C:\Users\Amministratore\AppData\Local\CrashDumps
2014-02-19 08:25:51 1885472 ----a-w- C:\Windows\System32\nvdispco6433489.dll
2014-02-19 08:25:51 1515296 ----a-w- C:\Windows\System32\nvdispgenco6433489.dll
2014-02-13 10:33:52 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center
2014-02-12 23:18:56 -------- d-----w- C:\Users\Amministratore\AppData\Local\Adobe
2014-02-12 19:02:40 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe
2014-02-11 09:42:27 -------- d-----w- C:\Users\Amministratore\AppData\Local\Razer_Inc
2014-02-11 09:41:49 -------- d-----w- C:\Users\Amministratore\AppData\Local\Razer
2014-02-11 08:16:35 -------- d-----w- C:\Users\Amministratore\AppData\Roaming\Wargaming.net
.
==================== Find3M  ====================
.
2014-03-04 13:06:00 6714312 ----a-w- C:\Windows\System32\nvcpl.dll
2014-03-04 13:06:00 3497816 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-03-04 13:05:58 922968 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-03-04 13:05:58 64968 ----a-w- C:\Windows\System32\nvshext.dll
2014-03-04 13:05:58 2558808 ----a-w- C:\Windows\System32\nvsvcr.dll
2014-03-04 13:05:57 386336 ----a-w- C:\Windows\System32\nvmctray.dll
2014-03-04 13:05:53 3649185 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-02-21 16:25:40 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 16:25:40 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-08 18:34:51 947296 ----a-w- C:\Windows\System32\SETFC4B.tmp
2014-02-08 18:34:51 3090184 ----a-w- C:\Windows\System32\SETE63F.tmp
2014-02-08 18:34:51 2713728 ----a-w- C:\Windows\SysWow64\SET2B8.tmp
2014-02-08 18:34:51 14669032 ----a-w- C:\Windows\SysWow64\SETE33.tmp
2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-05 09:31:00 1048152 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-02-05 09:30:41 1179576 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-01-22 16:37:02 89304 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-01-20 20:05:09 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2014-01-20 20:05:09 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2014-01-20 20:05:09 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll
2014-01-19 07:33:29 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-01-16 00:08:42 74512 ----a-w- C:\Windows\SysWow64\bdsandboxuiskin32.dll
2014-01-16 00:08:42 74512 ----a-w- C:\Windows\System32\bdsandboxuiskin32.dll
2014-01-04 03:26:08 369168 ----a-w- C:\Windows\System32\wpcap.dll
2014-01-04 03:26:08 35344 ----a-w- C:\Windows\System32\drivers\npf.sys
2014-01-04 03:26:08 106000 ----a-w- C:\Windows\System32\packet.dll
2014-01-02 06:06:48 217176 ----a-w- C:\Windows\SysWow64\unrar.dll
2014-01-02 03:52:24 136008 ----a-w- C:\Windows\SysWow64\msinet.ocx
2013-12-27 18:42:26 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2013-12-27 18:42:16 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2013-12-27 18:42:16 33056 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-12-21 09:53:45 548864 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-12-19 20:33:31 1884448 ----a-w- C:\Windows\System32\nvdispco6433221.dll
2013-12-19 20:33:31 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433221.dll
.
============= FINISH: 20:39:10,70 ===============
 

Attached Files


Edited by alex88t, 10 March 2014 - 06:24 PM.


BC AdBot (Login to Remove)

 


#2 alex88t

alex88t
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 13 March 2014 - 02:30 PM

 Good news, whit the new updates(gj micrs. :thumbup2: ) kav_rescue.iso and utorrent.exe start working. The rest not changed( post immage). What could be??Any ideas???

Attached Files



#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:42 AM

Posted 14 March 2014 - 07:35 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.

#4 alex88t

alex88t
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 14 March 2014 - 09:48 PM

Thanks for reply. The problem persists and had the same issue with adwcleaner. I also have an old scan from adw, don't know if might be useful...

 

# AdwCleaner v3.010 - Report created 29/01/2014 at 02:51:22
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Alex - ALEX-PC
# Running from : C:\Users\Utente\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Google Chrome v32.0.1700.102
 
[ File : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R2].txt - [711 octets] - [29/01/2014 02:51:22]
 
########## EOF - \AdwCleaner\AdwCleaner[R2].txt - [770 octets] ##########
# AdwCleaner v3.010 - Report created 29/01/2014 at 02:53:24
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Alex - ALEX-PC
# Running from : C:\Users\Utente\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Google Chrome v32.0.1700.102
 
[ File : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R2].txt - [847 octets] - [29/01/2014 02:51:22]
AdwCleaner[S1].txt - [771 octets] - [29/01/2014 02:53:24]
 
########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [830 octets] ##########
 
# AdwCleaner v3.010 - Report created 14/03/2014 at 21:21:39
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Amministratore - ALEX-PC
# Running from : C:\Users\Utente\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Conduit
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16521
 
 
-\\ Google Chrome v33.0.1750.146
 
[ File : C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Amministratore\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R2].txt - [847 octets] - [29/01/2014 02:51:22]
AdwCleaner[R3].txt - [998 octets] - [14/03/2014 21:21:39]
AdwCleaner[S1].txt - [907 octets] - [29/01/2014 02:53:24]
 
########## EOF - \AdwCleaner\AdwCleaner[R3].txt - [1116 octets] ##########
# AdwCleaner v3.010 - Report created 14/03/2014 at 21:23:23
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Amministratore - ALEX-PC
# Running from : C:\Users\Utente\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16521
 
 
-\\ Google Chrome v33.0.1750.146
 
[ File : C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Amministratore\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R2].txt - [847 octets] - [29/01/2014 02:51:22]
AdwCleaner[R3].txt - [1198 octets] - [14/03/2014 21:21:39]
AdwCleaner[S1].txt - [907 octets] - [29/01/2014 02:53:24]
AdwCleaner[S2].txt - [1087 octets] - [14/03/2014 21:23:23]
 
########## EOF - \AdwCleaner\AdwCleaner[S2].txt - [1147 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Professional x64
Ran by Amministratore on 15/03/2014 at  0:51:16,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15/03/2014 at  3:02:33,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2014 01
Ran by Amministratore (administrator) on ALEX-PC on 15-03-2014 03:05:35
Running from C:\Users\Amministratore\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Italian Standard
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1612504 2013-11-11] (COMODO)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8067616 2009-08-18] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4962320 2014-01-22] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
AppInit_DLLs: => File Not Found
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it-IT
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x90DB5F3C903CCF01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Guida per l'accesso all'account Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5CE233CE-BB9C-4FE5-8209-B1DC9A25242B}: [NameServer]156.154.70.25,156.154.71.25
 
Chrome: 
=======
CHR Extension: (Google Wallet) - C:\Users\Amministratore\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-30]
 
==================== Services (Whitelisted) =================
 
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6254152 2013-10-20] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [164056 2013-09-24] (COMODO)
R2 Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2646864 2012-01-04] (Diskeeper Corporation)
S4 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2013-11-14] (NETGEAR)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2013-12-11] (Razer, Inc.)
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-02-27] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 BdAgent; C:\Windows\System32\DRIVERS\BdAgent.sys [117192 2013-10-14] (BullGuard Ltd.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2013-09-24] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [709144 2013-11-14] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48872 2013-09-24] (COMODO)
R3 DKRtWrt; C:\Windows\System32\DRIVERS\DKRtWrt.sys [44624 2011-02-14] (Diskeeper Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [96800 2013-09-24] (COMODO)
S3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2013-02-19] (ASUSTeK Computer Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2013-10-24] ()
S3 NPF; C:\Windows\System32\drivers\NPF.sys [35344 2014-01-04] (CACE Technologies, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2013-10-25] (Razer, Inc.)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2013-10-25] (Razer, Inc.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-11-13] (Anchorfree Inc.)
R3 ZSMC301b; C:\Windows\System32\Drivers\usbVM31b.sys [432512 2006-06-06] (VM)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 NVNET; system32\DRIVERS\nvmf6264.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-15 03:05 - 2014-03-15 03:06 - 00009256 _____ () C:\Users\Amministratore\Desktop\FRST.txt
2014-03-15 03:05 - 2014-03-15 03:05 - 00000000 ____D () C:\FRST
2014-03-15 03:02 - 2014-03-15 03:02 - 00000634 _____ () C:\Users\Amministratore\Desktop\JRT.txt
2014-03-15 00:29 - 2014-03-15 00:29 - 00028514 _____ () C:\Users\Utente\Desktop\DxDiag.txt
2014-03-14 21:23 - 2014-03-14 21:23 - 00001225 _____ () C:\Users\Utente\Desktop\AdwCleaner[S2].txt
2014-03-14 21:21 - 2014-03-14 21:22 - 00001198 _____ () C:\Users\Utente\Desktop\AdwCleaner[R3].txt
2014-03-14 21:16 - 2014-01-29 02:50 - 01060070 _____ () C:\Users\Utente\Desktop\AdwCleaner.exe
2014-03-14 21:16 - 2014-01-29 02:46 - 01037068 _____ (Thisisu) C:\JRT.exe
2014-03-14 21:01 - 2014-03-14 21:01 - 00856475 _____ () C:\Users\Utente\Downloads\FRST64 (1).exe
2014-03-13 18:45 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 18:45 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 18:45 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 18:45 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 18:45 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 18:45 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 18:45 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 18:45 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 18:45 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 18:45 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 18:45 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 18:45 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 18:45 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 18:45 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 18:45 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 18:45 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 18:45 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 18:45 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 18:45 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 18:45 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 18:45 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 18:45 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 18:45 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 18:45 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 18:45 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 18:45 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 18:45 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 18:45 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 18:45 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 18:45 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 18:45 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 18:45 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 18:45 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 18:45 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 18:45 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 18:45 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 18:45 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 18:45 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 18:45 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 18:45 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 18:44 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 18:44 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 18:44 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 18:44 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 18:44 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 18:44 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 18:44 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 18:44 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-11 08:17 - 2014-03-11 08:17 - 00000037 _____ () C:\Users\Utente\Desktop\songs.txt
2014-03-10 21:01 - 2014-03-10 21:01 - 00000000 ____D () C:\Users\Utente\AppData\Local\Razer
2014-03-10 20:39 - 2014-03-10 20:40 - 00016599 _____ () C:\Users\Amministratore\Desktop\dds.txt
2014-03-10 20:39 - 2014-03-10 20:39 - 00005073 _____ () C:\Users\Amministratore\Desktop\attach.txt
2014-03-10 20:12 - 2014-03-04 12:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-10 19:07 - 2014-03-04 15:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-10 19:07 - 2014-03-04 15:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-10 19:07 - 2014-03-04 15:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-10 19:04 - 2014-03-10 19:04 - 00000000 ____D () C:\NVIDIA
2014-03-08 22:54 - 2014-03-08 22:54 - 00688992 ____R (Swearware) C:\Users\Utente\Downloads\dds.com
2014-03-08 22:27 - 2014-03-08 22:28 - 02156544 _____ (Farbar) C:\Users\Amministratore\Desktop\FRST64.exe
2014-03-08 22:07 - 2014-03-08 22:07 - 00274838 _____ () C:\Users\Utente\Downloads\TCPOptimizer.zip
2014-03-08 22:05 - 2014-03-08 22:05 - 34827424 _____ (Skype Technologies S.A.) C:\Users\Utente\Downloads\SkypeSetupFull.exe
2014-03-08 22:04 - 2014-03-08 22:04 - 01678496 _____ (Skype Technologies S.A.) C:\Users\Utente\Downloads\SkypeSetup.exe
2014-03-08 21:21 - 2014-03-08 21:22 - 04462384 _____ (AVG Technologies) C:\Users\Utente\Downloads\avg_free_stb_all_2014_4335.exe
2014-03-08 21:19 - 2014-03-08 22:05 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-03-08 16:44 - 2014-03-08 16:44 - 00000000 ____D () C:\Users\Utente\.swt
2014-03-08 16:41 - 2014-03-08 17:29 - 00000000 ____D () C:\Users\Utente\AppData\Roaming\Azureus
2014-03-08 16:11 - 2014-03-08 16:11 - 00000000 ____D () C:\Users\Utente\Downloads\Metro.Last.Light-RELOADED
2014-03-08 16:11 - 2014-03-08 16:11 - 00000000 ____D () C:\Users\Utente\Downloads\Call.of.Duty.Ghosts-RELOADED
2014-03-03 18:58 - 2014-03-03 18:58 - 08258908 _____ () C:\Users\Utente\Desktop\ExtendedTimeline 0.5.1.zip
2014-03-03 18:56 - 2014-03-03 18:56 - 01337553 _____ () C:\Users\Utente\Desktop\better_terra_incognita.zip
2014-03-03 03:51 - 2014-03-03 03:51 - 00000550 _____ () C:\Users\Utente\Desktop\auto.txt
2014-03-03 03:38 - 2014-03-03 03:38 - 00001854 _____ () C:\Users\Utente\Desktop\concessionarie.txt
2014-03-03 03:35 - 2014-03-03 03:38 - 00120374 _____ () C:\Windows\DPINST.LOG
2014-03-02 19:22 - 2014-03-02 19:22 - 00000861 _____ () C:\Users\Utente\Desktop\Songr.lnk
2014-03-01 15:30 - 2014-03-11 17:43 - 00000000 ____D () C:\Users\Utente\AppData\Local\Songr
2014-03-01 15:30 - 2014-03-11 17:43 - 00000000 ____D () C:\Songr
2014-03-01 15:26 - 2014-03-01 15:29 - 00001061 _____ () C:\Users\Amministratore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Songr.lnk
2014-03-01 15:26 - 2014-03-01 15:26 - 00000000 ____D () C:\Users\Amministratore\AppData\Local\Songr
2014-02-27 19:57 - 2014-02-27 20:00 - 00000000 ____D () C:\Program Files (x86)\Europa Universalis IV
2014-02-27 06:01 - 2014-02-27 06:01 - 00000000 ____D () C:\Users\Utente\Documents\Paradox Interactive
2014-02-27 05:57 - 2014-02-27 05:58 - 00017627 _____ () C:\Windows\DirectX.log
2014-02-27 05:33 - 2014-02-27 05:46 - 00000000 ____D () C:\Users\Utente\Downloads\Europa_Universalis_IV_Conquest_of_Paradise-FLT
2014-02-26 19:09 - 2014-02-26 19:09 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-02-26 19:09 - 2014-02-26 19:09 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-02-22 12:30 - 2014-02-22 12:30 - 00000000 ____D () C:\Program Files\Windows Live
2014-02-22 12:29 - 2014-02-22 12:29 - 00000000 ____D () C:\Users\Amministratore\AppData\Local\Windows Live
2014-02-22 12:25 - 2014-02-22 12:38 - 00000000 ____D () C:\Users\Utente\AppData\Local\Windows Live
2014-02-21 22:26 - 2014-02-26 19:22 - 00000000 ____D () C:\Users\Utente\AppData\Local\Overwolf
2014-02-21 22:25 - 2014-02-21 22:25 - 00000000 ____D () C:\Users\Amministratore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-02-21 22:10 - 2014-02-27 14:33 - 00000000 ____D () C:\Users\Utente\AppData\Roaming\TS3Client
2014-02-21 22:03 - 2014-02-21 22:25 - 00000000 ____D () C:\Users\Amministratore\AppData\Local\Overwolf
2014-02-21 22:03 - 2014-02-21 22:09 - 00000000 ____D () C:\Users\Amministratore\AppData\Roaming\TS3Client
2014-02-21 22:03 - 2014-02-21 22:03 - 00001162 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-02-21 22:03 - 2014-02-21 22:03 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-02-21 21:42 - 2014-02-21 21:46 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\Utente\Desktop\TeamSpeak3-Client-win32-3.0.13.1.exe
2014-02-21 18:38 - 2014-02-25 20:25 - 00000000 ____D () C:\Users\Utente\AppData\Roaming\Skype
2014-02-21 18:38 - 2014-02-21 18:38 - 00000000 ____D () C:\Users\Utente\AppData\Local\Skype
2014-02-21 18:37 - 2014-02-21 18:43 - 34827424 _____ (Skype Technologies S.A.) C:\Users\Utente\Desktop\SkypeSetupFull.exe
2014-02-21 18:37 - 2014-02-21 18:37 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-21 17:06 - 2014-02-21 17:06 - 05852480 _____ (TeamViewer GmbH) C:\Users\Utente\Desktop\TeamViewer_Setup_it.exe
2014-02-21 16:57 - 2014-02-21 17:26 - 00000000 ____D () C:\Users\Utente\AppData\Roaming\TeamViewer
2014-02-21 16:27 - 2014-02-21 16:27 - 00000000 ____D () C:\Users\Utente\AppData\Roaming\NVIDIA
2014-02-21 16:12 - 2014-02-22 14:11 - 00000000 ____D () C:\Users\Utente\AppData\Local\Facebook
2014-02-19 11:08 - 2014-03-14 22:59 - 00012946 _____ () C:\Windows\setupact.log
2014-02-19 11:08 - 2014-03-08 21:07 - 00001416 _____ () C:\Windows\PFRO.log
2014-02-19 11:08 - 2014-02-19 11:08 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-19 09:54 - 2014-02-19 09:54 - 00000000 ____D () C:\Users\Amministratore\AppData\Roaming\Malwarebytes
2014-02-19 09:47 - 2014-02-19 09:47 - 00000000 ____D () C:\Users\Amministratore\AppData\Roaming\Macromedia
2014-02-19 09:46 - 2014-02-19 09:50 - 00000490 _____ () C:\Users\Amministratore\Desktop\cpuz.ini
2014-02-19 09:45 - 2014-01-10 16:05 - 02872040 _____ (CPUID) C:\Users\Amministratore\Desktop\cpuz_x64.exe
2014-02-19 09:44 - 2014-02-19 09:45 - 01995603 _____ () C:\Users\Amministratore\Downloads\cpu-z_1.68-en.zip
2014-02-19 09:33 - 2014-03-14 22:52 - 00000000 ____D () C:\Users\Amministratore\AppData\Local\CrashDumps
2014-02-19 09:31 - 2014-02-19 09:31 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-19 09:25 - 2014-02-08 19:34 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2014-02-19 09:25 - 2014-02-08 19:34 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2014-02-18 09:26 - 2014-02-18 09:26 - 00096590 _____ () C:\Users\Utente\Desktop\MTS_Delphy_1048017_Sims3Dashboard.rar
2014-02-18 08:24 - 2014-02-18 08:24 - 00001401 _____ () C:\Users\Utente\Desktop\FrameworkSetup.zip
2014-02-18 05:51 - 2014-02-18 05:51 - 01569578 _____ () C:\Users\Utente\Desktop\Store_Fixes.rar
2014-02-18 05:44 - 2014-02-18 05:44 - 00000000 ____D () C:\Users\Utente\Documents\Electronic Arts
2014-02-17 20:09 - 2014-02-17 20:09 - 00000000 ____D () C:\Users\Utente\AppData\Roaming\Malwarebytes
2014-02-14 02:27 - 2014-02-14 02:27 - 00000000 ____D () C:\Users\Utente\AppData\Local\FalloutNV
2014-02-13 11:34 - 2014-02-13 11:34 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-02-13 11:34 - 2014-02-13 11:34 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-02-13 11:33 - 2014-02-13 11:33 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-02-13 00:18 - 2014-02-13 00:20 - 00000000 ____D () C:\Users\Amministratore\AppData\Local\Adobe
 
==================== One Month Modified Files and Folders =======
 
2014-03-15 03:06 - 2014-03-15 03:05 - 00009256 _____ () C:\Users\Amministratore\Desktop\FRST.txt
2014-03-15 03:05 - 2014-03-15 03:05 - 00000000 ____D () C:\FRST
2014-03-15 03:02 - 2014-03-15 03:02 - 00000634 _____ () C:\Users\Amministratore\Desktop\JRT.txt
2014-03-15 02:49 - 2014-01-15 23:56 - 01746232 _____ () C:\Windows\WindowsUpdate.log
2014-03-15 02:25 - 2013-10-24 17:49 - 00000978 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-15 02:16 - 2014-01-21 03:58 - 00001146 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-15 00:48 - 2014-01-21 03:58 - 00001142 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-15 00:29 - 2014-03-15 00:29 - 00028514 _____ () C:\Users\Utente\Desktop\DxDiag.txt
2014-03-15 00:27 - 2014-01-30 00:35 - 00001468 _____ () C:\Users\Utente\Desktop\DiskMark.lnk
2014-03-14 23:07 - 2009-07-14 05:45 - 00013792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-14 23:07 - 2009-07-14 05:45 - 00013792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-14 22:59 - 2014-02-19 11:08 - 00012946 _____ () C:\Windows\setupact.log
2014-03-14 22:59 - 2013-10-24 12:41 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-14 22:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-14 22:52 - 2014-02-19 09:33 - 00000000 ____D () C:\Users\Amministratore\AppData\Local\CrashDumps
2014-03-14 21:28 - 2014-01-29 02:51 - 00000000 ____D () C:\AdwCleaner
2014-03-14 21:23 - 2014-03-14 21:23 - 00001225 _____ () C:\Users\Utente\Desktop\AdwCleaner[S2].txt
2014-03-14 21:22 - 2014-03-14 21:21 - 00001198 _____ () C:\Users\Utente\Desktop\AdwCleaner[R3].txt
2014-03-14 21:01 - 2014-03-14 21:01 - 00856475 _____ () C:\Users\Utente\Downloads\FRST64 (1).exe
2014-03-14 20:53 - 2013-10-24 04:58 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-13 23:50 - 2009-07-14 11:53 - 00808360 _____ () C:\Windows\system32\perfh010.dat
2014-03-13 23:50 - 2009-07-14 11:53 - 00172456 _____ () C:\Windows\system32\perfc010.dat
2014-03-13 23:50 - 2009-07-14 06:13 - 01834912 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-13 20:00 - 2013-10-24 15:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-13 19:56 - 2013-10-24 15:34 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-13 19:24 - 2009-07-14 05:45 - 00375304 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 19:23 - 2013-12-16 17:12 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 19:23 - 2013-12-16 17:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 00:25 - 2013-10-24 17:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 00:25 - 2013-10-24 17:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 00:25 - 2013-10-24 17:49 - 00003916 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 17:43 - 2014-03-01 15:30 - 00000000 ____D () C:\Users\Utente\AppData\Local\Songr
2014-03-11 17:43 - 2014-03-01 15:30 - 00000000 ____D () C:\Songr
2014-03-11 08:17 - 2014-03-11 08:17 - 00000037 _____ () C:\Users\Utente\Desktop\songs.txt
2014-03-10 21:01 - 2014-03-10 21:01 - 00000000 ____D () C:\Users\Utente\AppData\Local\Razer
2014-03-10 20:40 - 2014-03-10 20:39 - 00016599 _____ () C:\Users\Amministratore\Desktop\dds.txt
2014-03-10 20:39 - 2014-03-10 20:39 - 00005073 _____ () C:\Users\Amministratore\Desktop\attach.txt
2014-03-10 20:12 - 2013-10-24 12:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-10 19:04 - 2014-03-10 19:04 - 00000000 ____D () C:\NVIDIA
2014-03-08 22:54 - 2014-03-08 22:54 - 00688992 ____R (Swearware) C:\Users\Utente\Downloads\dds.com
2014-03-08 22:28 - 2014-03-08 22:27 - 02156544 _____ (Farbar) C:\Users\Amministratore\Desktop\FRST64.exe
2014-03-08 22:07 - 2014-03-08 22:07 - 00274838 _____ () C:\Users\Utente\Downloads\TCPOptimizer.zip
2014-03-08 22:05 - 2014-03-08 22:05 - 34827424 _____ (Skype Technologies S.A.) C:\Users\Utente\Downloads\SkypeSetupFull.exe
2014-03-08 22:05 - 2014-03-08 21:19 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-03-08 22:04 - 2014-03-08 22:04 - 01678496 _____ (Skype Technologies S.A.) C:\Users\Utente\Downloads\SkypeSetup.exe
2014-03-08 21:22 - 2014-03-08 21:21 - 04462384 _____ (AVG Technologies) C:\Users\Utente\Downloads\avg_free_stb_all_2014_4335.exe
2014-03-08 21:07 - 2014-02-19 11:08 - 00001416 _____ () C:\Windows\PFRO.log
2014-03-08 19:39 - 2013-10-24 16:27 - 00000000 ____D () C:\Program Files\PeerBlock
2014-03-08 19:36 - 2014-02-08 18:17 - 00000000 ____D () C:\Users\Utente\AppData\Roaming\uTorrent
2014-03-08 17:29 - 2014-03-08 16:41 - 00000000 ____D () C:\Users\Utente\AppData\Roaming\Azureus
2014-03-08 16:44 - 2014-03-08 16:44 - 00000000 ____D () C:\Users\Utente\.swt
2014-03-08 16:44 - 2014-01-28 20:22 - 00000000 ____D () C:\Users\Utente
2014-03-08 16:11 - 2014-03-08 16:11 - 00000000 ____D () C:\Users\Utente\Downloads\Metro.Last.Light-RELOADED
2014-03-08 16:11 - 2014-03-08 16:11 - 00000000 ____D () C:\Users\Utente\Downloads\Call.of.Duty.Ghosts-RELOADED
2014-03-08 15:33 - 2009-07-14 06:08 - 00032548 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-04 15:35 - 2014-03-10 19:07 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-04 15:35 - 2014-03-10 19:07 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-04 15:35 - 2014-03-10 19:07 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-04 15:35 - 2013-10-24 12:39 - 00062408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-04 15:35 - 2013-10-24 12:39 - 00054216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-04 15:35 - 2013-10-24 12:38 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-04 15:35 - 2013-10-24 12:38 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-04 15:35 - 2013-10-24 12:38 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-04 15:35 - 2013-10-24 12:38 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-04 15:35 - 2013-10-24 12:38 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-04 14:06 - 2013-10-24 12:40 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-04 14:06 - 2013-10-24 12:40 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-04 14:05 - 2013-10-24 12:40 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-04 14:05 - 2013-10-24 12:40 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-04 14:05 - 2013-10-24 12:40 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-04 14:05 - 2013-10-24 12:40 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-04 14:05 - 2013-10-24 12:40 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-04 12:32 - 2014-03-10 20:12 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-03 18:58 - 2014-03-03 18:58 - 08258908 _____ () C:\Users\Utente\Desktop\ExtendedTimeline 0.5.1.zip
2014-03-03 18:56 - 2014-03-03 18:56 - 01337553 _____ () C:\Users\Utente\Desktop\better_terra_incognita.zip
2014-03-03 03:51 - 2014-03-03 03:51 - 00000550 _____ () C:\Users\Utente\Desktop\auto.txt
2014-03-03 03:38 - 2014-03-03 03:38 - 00001854 _____ () C:\Users\Utente\Desktop\concessionarie.txt
2014-03-03 03:38 - 2014-03-03 03:35 - 00120374 _____ () C:\Windows\DPINST.LOG
2014-03-02 19:22 - 2014-03-02 19:22 - 00000861 _____ () C:\Users\Utente\Desktop\Songr.lnk
2014-03-01 15:29 - 2014-03-01 15:26 - 00001061 _____ () C:\Users\Amministratore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Songr.lnk
2014-03-01 15:26 - 2014-03-01 15:26 - 00000000 ____D () C:\Users\Amministratore\AppData\Local\Songr
2014-03-01 07:05 - 2014-03-13 18:45 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 18:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 18:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 18:45 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 18:45 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 18:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 18:45 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 18:45 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 18:45 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 18:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 18:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 18:45 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 18:45 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 18:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 18:45 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 18:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 18:45 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 18:45 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 18:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 18:45 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 18:45 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 18:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 18:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 18:45 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 18:45 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 18:45 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 18:45 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 18:45 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 18:45 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 18:45 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 18:45 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 18:45 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 18:45 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 18:45 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 18:45 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 18:45 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 18:45 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 18:45 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 18:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 18:45 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-27 20:00 - 2014-02-27 19:57 - 00000000 ____D () C:\Program Files (x86)\Europa Universalis IV
2014-02-27 14:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-27 14:33 - 2014-02-21 22:10 - 00000000 ____D () C:\Users\Utente\AppData\Roaming\TS3Client
2014-02-27 14:32 - 2014-02-10 19:38 - 00000000 ____D () C:\Users\Utente\AppData\Local\CrashDumps
2014-02-27 06:10 - 2013-10-24 16:30 - 00000000 ___RD () C:\Users\Utente\Desktop\Giochi
2014-02-27 06:01 - 2014-02-27 06:01 - 00000000 ____D () C:\Users\Utente\Documents\Paradox Interactive
2014-02-27 05:58 - 2014-02-27 05:57 - 00017627 _____ () C:\Windows\DirectX.log
2014-02-27 05:46 - 2014-02-27 05:33 - 00000000 ____D () C:\Users\Utente\Downloads\Europa_Universalis_IV_Conquest_of_Paradise-FLT
2014-02-26 19:23 - 2014-01-28 20:22 - 00000000 ____D () C:\Users\Utente\AppData\Local\Avg2014
2014-02-26 19:22 - 2014-02-21 22:26 - 00000000 ____D () C:\Users\Utente\AppData\Local\Overwolf
2014-02-26 19:09 - 2014-02-26 19:09 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-02-26 19:09 - 2014-02-26 19:09 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-02-26 05:27 - 2014-01-28 20:22 - 00000000 ____D () C:\Users\Utente\AppData\Local\VirtualStore
2014-02-25 20:25 - 2014-02-21 18:38 - 00000000 ____D () C:\Users\Utente\AppData\Roaming\Skype
2014-02-24 13:29 - 2014-01-04 03:13 - 00000000 ____D () C:\ProgramData\Skype
2014-02-22 14:11 - 2014-02-21 16:12 - 00000000 ____D () C:\Users\Utente\AppData\Local\Facebook
2014-02-22 12:38 - 2014-02-22 12:25 - 00000000 ____D () C:\Users\Utente\AppData\Local\Windows Live
2014-02-22 12:30 - 2014-02-22 12:30 - 00000000 ____D () C:\Program Files\Windows Live
2014-02-22 12:30 - 2013-11-03 07:43 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-02-22 12:29 - 2014-02-22 12:29 - 00000000 ____D () C:\Users\Amministratore\AppData\Local\Windows Live
2014-02-22 12:24 - 2013-10-24 04:34 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-02-21 22:25 - 2014-02-21 22:25 - 00000000 ____D () C:\Users\Amministratore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-02-21 22:25 - 2014-02-21 22:03 - 00000000 ____D () C:\Users\Amministratore\AppData\Local\Overwolf
2014-02-21 22:09 - 2014-02-21 22:03 - 00000000 ____D () C:\Users\Amministratore\AppData\Roaming\TS3Client
2014-02-21 22:03 - 2014-02-21 22:03 - 00001162 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-02-21 22:03 - 2014-02-21 22:03 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-02-21 21:46 - 2014-02-21 21:42 - 30095736 _____ (TeamSpeak Systems GmbH) C:\Users\Utente\Desktop\TeamSpeak3-Client-win32-3.0.13.1.exe
2014-02-21 18:43 - 2014-02-21 18:37 - 34827424 _____ (Skype Technologies S.A.) C:\Users\Utente\Desktop\SkypeSetupFull.exe
2014-02-21 18:38 - 2014-02-21 18:38 - 00000000 ____D () C:\Users\Utente\AppData\Local\Skype
2014-02-21 18:37 - 2014-02-21 18:37 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-21 17:26 - 2014-02-21 16:57 - 00000000 ____D () C:\Users\Utente\AppData\Roaming\TeamViewer
2014-02-21 17:06 - 2014-02-21 17:06 - 05852480 _____ (TeamViewer GmbH) C:\Users\Utente\Desktop\TeamViewer_Setup_it.exe
2014-02-21 16:27 - 2014-02-21 16:27 - 00000000 ____D () C:\Users\Utente\AppData\Roaming\NVIDIA
2014-02-19 11:08 - 2014-02-19 11:08 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-19 09:54 - 2014-02-19 09:54 - 00000000 ____D () C:\Users\Amministratore\AppData\Roaming\Malwarebytes
2014-02-19 09:50 - 2014-02-19 09:46 - 00000490 _____ () C:\Users\Amministratore\Desktop\cpuz.ini
2014-02-19 09:47 - 2014-02-19 09:47 - 00000000 ____D () C:\Users\Amministratore\AppData\Roaming\Macromedia
2014-02-19 09:45 - 2014-02-19 09:44 - 01995603 _____ () C:\Users\Amministratore\Downloads\cpu-z_1.68-en.zip
2014-02-19 09:41 - 2014-01-30 02:10 - 00000000 ____D () C:\Users\Amministratore\AppData\Local\Avg2014
2014-02-19 09:32 - 2014-01-30 02:10 - 00000000 ____D () C:\Users\Amministratore\AppData\Local\NVIDIA Corporation
2014-02-19 09:31 - 2014-02-19 09:31 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-19 08:47 - 2014-01-30 02:09 - 00000000 ____D () C:\Users\Amministratore\AppData\Local\NVIDIA
2014-02-18 09:26 - 2014-02-18 09:26 - 00096590 _____ () C:\Users\Utente\Desktop\MTS_Delphy_1048017_Sims3Dashboard.rar
2014-02-18 08:24 - 2014-02-18 08:24 - 00001401 _____ () C:\Users\Utente\Desktop\FrameworkSetup.zip
2014-02-18 05:51 - 2014-02-18 05:51 - 01569578 _____ () C:\Users\Utente\Desktop\Store_Fixes.rar
2014-02-18 05:44 - 2014-02-18 05:44 - 00000000 ____D () C:\Users\Utente\Documents\Electronic Arts
2014-02-17 20:09 - 2014-02-17 20:09 - 00000000 ____D () C:\Users\Utente\AppData\Roaming\Malwarebytes
2014-02-17 08:01 - 2014-01-28 23:19 - 00000000 ____D () C:\Users\Utente\AppData\Roaming\vlc
2014-02-16 06:11 - 2014-01-21 03:58 - 00004142 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-16 06:11 - 2014-01-21 03:58 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-14 02:27 - 2014-02-14 02:27 - 00000000 ____D () C:\Users\Utente\AppData\Local\FalloutNV
2014-02-13 12:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-13 11:34 - 2014-02-13 11:34 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-02-13 11:34 - 2014-02-13 11:34 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-02-13 11:33 - 2014-02-13 11:33 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-02-13 00:20 - 2014-02-13 00:18 - 00000000 ____D () C:\Users\Amministratore\AppData\Local\Adobe
 
Some content of TEMP:
====================
C:\Users\Alex\AppData\Local\temp\Install BullGuard Internet Security.exe
C:\Users\Amministratore\AppData\Local\temp\bitool.dll
C:\Users\Amministratore\AppData\Local\temp\Installer.exe
C:\Users\Amministratore\AppData\Local\temp\nvSCPAPI.dll
C:\Users\Amministratore\AppData\Local\temp\nvStInst.exe
C:\Users\Amministratore\AppData\Local\temp\Quarantine.exe
C:\Users\Utente\AppData\Local\temp\i4jdel0.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-10 20:26
 
==================== End Of Log ============================

 

Attached Files



#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:42 AM

Posted 15 March 2014 - 07:46 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

HKLM-x32\...\Run: [] - [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 NVNET; system32\DRIVERS\nvmf6264.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

end

Save the files as fixlist.txt in to the same folder as FRST
Run FRST and click Fix only once and wait
The tool will create a log (Fixlog.txt) please post it to your reply.

====

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


#6 alex88t

alex88t
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 15 March 2014 - 10:08 AM

I had to disable antivirus & firewall because he create a white fixlog.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-03-2014 01
Ran by Amministratore at 2014-03-15 15:55:14 Run:5
Running from C:\Users\Amministratore\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
 
HKLM-x32\...\Run: [] - [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 NVNET; system32\DRIVERS\nvmf6264.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
 
end
 
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
catchme => Service deleted successfully.
NVNET => Service deleted successfully.
VBoxNetFlt => Service deleted successfully.
 
==== End of Fixlog ====
Farbar Service Scanner Version: 25-02-2014
Ran by Amministratore (administrator) on 15-03-2014 at 15:58:51
Running from "C:\Users\Amministratore\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****

 



#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:42 AM

Posted 15 March 2014 - 12:50 PM

Reset your TCP/IP.
Select the Fix it for me on this page.

How to reset TCP/IP by using the NetShell utility
http://support.microsoft.com/kb/299357

How is the download issue now?

If that fails, which browser do you normally use for the download.

#8 alex88t

alex88t
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 16 March 2014 - 04:42 AM

I couldn't download the fix with chrome but work with ie11 also notice that comodo can be downloaded with ie. After the fix chrome start downloading comodo too.

I've made a test to see if something changed:

 

kav_rescue_10.iso-->         0 B/s - 4,0 MB di 379 MB(ie and chrome)
Razer Synapse-->               0 B/s - 512 kB di 17,2 MB(ie and chrome)
bitdefender-->                     0 B/s - 205 kB di 6,8 MB(ie and chrome)
comodo firewall-->              OK(ie and chrome)
Junkware Removal Tool--> 0 B/s - 67,8 kB di 1.013 kB(ie and chrome)
uTorrent-->                         0 B/s - 1.443 kB di 1.577 kB(ie and chrome)


#9 nasdaq

nasdaq

  • Malware Response Team
  • 39,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:42 AM

Posted 16 March 2014 - 08:09 AM

From what is see I suspect that Comodo is checking the downloads and at one point for what ever reason it stopping it.

Disable Comodo while you are trying a download. If successful then to the others.

Keep me posted.

#10 alex88t

alex88t
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 16 March 2014 - 02:14 PM

sorry but not much change. I disabled the firewall, auto-sandbox and Hips is already disabled. Also temporarily disabled avg for 10min. The results are the same... Didn't try to download bitdefender and comodo firewall but the rest is exactly the same.

 

Don't know, i usually format every 6-10 months, last time i also tried a deep(low-level) format, nothing changed. My Hd will have a very short life...

I've been thinking that maybe the motherboard cause this issue. Is the only one left between the network and the Hd....

 

I also had to change the network adapter(integrated to motherboard) because didn't work anymore. This one is a Digicom 10/100Mb(8e4054 pci lan 10-100) is kind of crappy pci lan but works and the drivers are recognized.

 

I change the video card too because was getting obsolete now i have a gtx650. For this cpu(phenom 9650) is fairly good.

 

As i said before, the motherboard... asus M4N78 with the last bios update 1103. In bios i didn't find any specific settings for the network traffic but is the only one left. Was reading this article http://www.computerworlduk.com/news/security/9009/hackers-hide-rootkits-in-hardware/ and if is true i'm screwed. I don't use my pc only for playing also buy stuff on the internet and use credit cards...

 

In conclusion my pc is all garbage, maybe  i should just buy a new pc. :(


Edited by alex88t, 16 March 2014 - 05:03 PM.


#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:42 AM

Posted 17 March 2014 - 07:45 AM

If you had a rootkit infection you would have other problems then the download issues.

I just search this on Google unable to complete downloads windows 7

I got many hits.

One that I would like you to have a look at refers to the Router.
http://forums.cnet.com/7723-19411_102-409427/unable-to-complete-file-downloads-after-win-7-install/

It may not be that your router is old but possibly it needs to be reset.

Try this.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

How to Secure Your Wireless Router
http://www.ehow.com/how_2253625_secure-wireless-router.html

Keep me posted.

#12 alex88t

alex88t
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:42 AM

Posted 17 March 2014 - 10:20 AM

Thanks man, i really appreciate your help and the time dedicated helping this forum. :)

 

When i format i also do a factory reset and a password change.

I did it again(factory reset), firewall off, no filter and also lost the config for the extend wifi. Still got this issue  :unsure:

 

For the router(dgn3500), 20min and is back like new. By the way is new(only 5months) and has the last firmware.

 

I also tried linux(Mint,Mepis,Arc,Ubuntu,Sabayon,Chakra and Pc-Bsd), same story. Must be some kind of issue os/hardware :(

I give it up... the technology win this one.

 

If u don't mind one last question and u can close the topic. Anchorfree seems to bypass this issue... use encryption protocols, dedicated servers and who knows what else. Is it safe for downloading some file that comes up and might not work ??

 

From what i know some advertising but nothing to get worried...



#13 nasdaq

nasdaq

  • Malware Response Team
  • 39,256 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:42 AM

Posted 18 March 2014 - 07:31 AM

. Anchorfree seems to bypass this issue...

You should remove Anchorfree.
http://www.systemlookup.com/search.php?type=name&client=malwaresearch-chrome&search=Anchorfree
===

If a .exe file is not dowloaded completely then it will not executed.
Any other incomplete file will not work.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users