Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

The worst Trojan I've ever seen


  • This topic is locked This topic is locked
6 replies to this topic

#1 MainoneedsHelp

MainoneedsHelp

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:07 PM

Posted 27 March 2014 - 01:00 PM

About a month ago probably I downloaded some programs which seemed completely harmless, but one of them problably contained a virus , that probably is a rootkit , THE WORST TROJAN I'VE EVER SEEN! 

It uninstalled my antivirus , disabled all the firewalls and took control of my PC. 

Every time that I turn on my pc a window appears and says:" do you want to run this software? C:\ProgramData\Microsoft.com "

and sometimes it  says also :" do you want to run this software? C:\Windows\System32\wservice.exe " and this probably is the process of the virus , wservice.exe..  Here there are some screen of this (I'm italian so these are in Italian) http://imageshack.com/a/img41/6794/jh4d.png

And whenever I try to "kill" that process it says "Acces denied" (as you can see here http://imageshack.com/a/img809/933/8unr.png )

And  when I try to install any kind of antivirus it says "File not found and the file path" like in this screenshot

I tried all: MalwareBytes , Regcleanpro , HitmanPro that doesn't work , and ComboFix that says this error and can't run : "Warning!! Do not run ComboFix in Compatibility Mode . Doing so may damage the machine." but I'm running Windows 7 Ultimate so it isn't in Compatibility Mode!!

I really don't know what to do anymore! 

I searched on google and the only one that had a problem similar is this http://www.bleepingcomputer.com/forums/t/525263/trojan-that-no-one-has-seen-before/  .

 Please help me! 

P.S:sorry for my bad english but I'm italian. 



BC AdBot (Login to Remove)

 


m

#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 PM

Posted 28 March 2014 - 09:05 AM

Ciao,

please run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 MainoneedsHelp

MainoneedsHelp
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:07 PM

Posted 28 March 2014 - 12:17 PM

Ciao,

please run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)

  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

 

This is the FRST.txt file:

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Nicolò (administrator) on NICOLÒ-PC on 28-03-2014 18:11:31
Running from C:\Users\Nicolò\Downloads\Programs
Windows 7 Ultimate (X64) OS Language: Italian Standard
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(Conduit) C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\system32\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\BringStar\updateBringStar.exe
() C:\ProgramData\Windows Services\wservice.exe
() C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\BringStar\bin\utilBringStar.exe
() C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\BringStar\bin\FilterApp_C64.exe
() C:\Program Files (x86)\BringStar\bin\XTLSApp.exe
(BitTorrent Inc.) C:\Users\Nicolò\AppData\Roaming\BitTorrent\BitTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [SearchProtectAll] - C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [3470624 2013-09-22] (Conduit)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [775872 2014-01-24] ()
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [815888 2014-02-18] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-2738393591-65253282-3242674100-1000\...\CurrentVersion\Windows: [Load] C:\ProgramData\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2738393591-65253282-3242674100-1000\...\MountPoints2: {33f3188c-fc4b-11e2-a57b-bc5ff4a3f707} - G:\Setup.exe
HKU\S-1-5-21-2738393591-65253282-3242674100-1000\...\MountPoints2: {5f64068a-19ff-11e3-8a0f-bc5ff4a3f707} - F:\setup.exe
HKU\S-1-5-21-2738393591-65253282-3242674100-1000\...\MountPoints2: {82ae4923-fc71-11e2-8fcb-806e6f6e6963} - E:\InstallNavi.exe
HKU\S-1-5-21-2738393591-65253282-3242674100-1000\...\Winlogon: [Shell] "C:\ProgramData\Windows Services\wservice.exe",explorer.exe,"C:\Users\Nicolò\Documents\Google.com" <==== ATTENTION 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = 
SearchScopes: HKLM - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = 
SearchScopes: HKLM - {F7C78C08-3CC7-416F-B827-7C1785ABBDA8} URL = 
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = 
SearchScopes: HKCU - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = 
SearchScopes: HKCU - {F7C78C08-3CC7-416F-B827-7C1785ABBDA8} URL = 
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: MediaPlayerEnhance - {11111111-1111-1111-1111-110411411150} -  No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: BringStar - {0ba6da2e-a2ee-4222-846f-79755e1d26f6} - C:\Program Files (x86)\BringStar\BringStarBHO.dll (BringStar)
BHO-x32: Bubble Dock SurfMatch - {23AF19F7-1D5B-442c-B14C-3D1081953C94} - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll (Nosibay)
BHO-x32: Mega Browse - {4e6cd411-ce62-4584-97ff-6afbcf6900af} - C:\Program Files (x86)\Mega Browse\MegaBrowsebho.dll (Mega Browse)
BHO-x32: BringStar - {6f0d3dec-9246-4b6f-a5e3-c1c169493eef} - C:\Program Files (x86)\BringStar\BringStarbho.dll (BringStar)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Media Player - {a615e327-b856-4f79-9b2e-fad2804eb9b9} -  No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Youtube\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 62.94.0.41 62.94.0.42
Tcpip\..\Interfaces\{33748396-64F9-4BC7-B139-D7093E56DF0F}: [NameServer]208.67.222.222,208.67.220.220
 
FireFox:
========
FF ProfilePath: C:\Users\Nicolò\AppData\Roaming\Mozilla\Firefox\Profiles\la4y1tmb.default
FF user.js: detected! => C:\Users\Nicolò\AppData\Roaming\Mozilla\Firefox\Profiles\la4y1tmb.default\user.js
FF NewTab: about:blank
FF DefaultSearchEngine: StartWeb
FF SelectedSearchEngine: StartWeb
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-it.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-it.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\hoepli.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-it.xml
FF Extension: iMacros for Firefox - C:\Users\Nicolò\AppData\Roaming\Mozilla\Firefox\Profiles\la4y1tmb.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-03-06]
FF Extension: Mega Browse - C:\Users\Nicolò\AppData\Roaming\Mozilla\Firefox\Profiles\la4y1tmb.default\Extensions\{29b136c9-938d-4d3d-8df8-d649d9b74d02}.xpi [2014-03-21]
FF Extension: BringStar - C:\Users\Nicolò\AppData\Roaming\Mozilla\Firefox\Profiles\la4y1tmb.default\Extensions\{3de9eb9c-a833-42cb-b66f-841b954aebef}.xpi [2014-03-22]
FF HKLM-x32\...\Firefox\Extensions: [bubbledock@nosibay.com] - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\FFSurfMatch
FF Extension: No Name - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\FFSurfMatch [2014-03-02]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Nicolò\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Nicolò\AppData\Roaming\IDM\idmmzcc5 [2014-03-26]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Nicolò\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Nicolò\AppData\Roaming\IDM\idmmzcc5 [2014-03-26]
 
==================== Services (Whitelisted) =================
 
S4 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137256 2013-05-23] ()
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-02-18] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-02-18] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [766736 2014-02-18] (BlueStack Systems, Inc.)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [220960 2013-09-22] (Conduit)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-03-27] (SurfRight B.V.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
S4 NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2009-09-06] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-12-23] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-12-23] ()
R2 Update BringStar; C:\Program Files (x86)\BringStar\updateBringStar.exe [348448 2014-03-26] ()
R2 Update Mega Browse; C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe [348448 2014-03-27] ()
R2 Util BringStar; C:\Program Files (x86)\BringStar\bin\utilBringStar.exe [348448 2014-03-26] ()
R2 Util Mega Browse; C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe [348448 2014-03-27] ()
S2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" [X]
S2 avgwd; "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" [X]
S2 savesenselive; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe /svc [X]
S3 savesenselivem; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe /medsvc [X]
S4 WinkHandler; C:\Program Files (x86)\Iminent\WinkHandler.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
R2 AODDriver4.2.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [58088 2013-05-23] (Advanced Micro Devices)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-08-30] (AVAST Software)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S4 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-12-20] (AVG Technologies)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122128 2014-02-18] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-09-10] (DT Soft Ltd)
R3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-03-28] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2009-09-28] ()
S3 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [7168 2009-09-28] ()
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-25] (StdLib)
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-28 18:11 - 2014-03-28 18:11 - 00000000 ____D () C:\FRST
2014-03-27 20:38 - 2014-03-27 20:38 - 00013741 _____ () C:\Users\Nicolò\Downloads\Nascar 14.torrent
2014-03-27 17:01 - 2014-03-27 17:23 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-03-27 17:01 - 2014-03-27 17:04 - 00000000 ____D () C:\Program Files (x86)\ciacco
2014-03-27 16:55 - 2014-03-27 16:57 - 02365840 _____ () C:\Users\Nicolò\Desktop\ciacco.exe
2014-03-27 16:53 - 2014-03-27 16:55 - 02365840 _____ () C:\Users\Nicolò\Desktop\SecurityTaskManager_Setup.exe.part
2014-03-27 16:23 - 2014-03-28 13:42 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-03-27 16:23 - 2014-03-27 16:23 - 00001201 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-03-27 16:23 - 2014-03-27 16:23 - 00000000 ____D () C:\ProgramData\Systweak
2014-03-27 16:23 - 2014-03-27 16:23 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-03-27 16:23 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe
2014-03-27 16:22 - 2014-03-28 15:01 - 00000278 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-03-27 16:22 - 2014-03-27 16:42 - 00000286 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-03-27 16:22 - 2014-03-27 16:23 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\systweak
2014-03-27 16:22 - 2014-03-27 16:22 - 00003032 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2014-03-27 16:22 - 2014-03-27 16:22 - 00002876 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2014-03-27 16:22 - 2014-03-27 16:22 - 00001368 _____ () C:\Users\Nicolò\Desktop\Ripulisci gratuitamente il registro di sistema!.lnk
2014-03-27 16:22 - 2014-03-27 16:22 - 00001050 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-03-27 16:22 - 2014-03-27 16:22 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-03-27 16:22 - 2014-01-03 13:16 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-03-27 16:01 - 2014-03-27 16:10 - 00000000 ____D () C:\Users\Nicolò\Desktop\mbar
2014-03-27 16:01 - 2014-03-27 16:01 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 16:01 - 2014-03-27 16:01 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-27 15:51 - 2014-03-27 15:51 - 00001234 _____ () C:\Users\Nicolò\Desktop\DriverMax.lnk
2014-03-27 15:51 - 2014-03-27 15:51 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\Innovative Solutions
2014-03-27 15:51 - 2014-03-27 15:51 - 00000000 ____D () C:\Program Files (x86)\Innovative Solutions
2014-03-27 15:37 - 2014-03-28 13:44 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-03-27 15:37 - 2014-03-27 15:37 - 00001907 _____ () C:\Users\Public\Desktop\ciacco.lnk
2014-03-27 15:37 - 2014-03-27 15:37 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-27 15:37 - 2014-03-27 15:37 - 00000000 ____D () C:\Program Files\HitmanPro
2014-03-26 14:23 - 2014-03-27 23:30 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\DMCache
2014-03-26 14:23 - 2014-03-27 15:07 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\IDM
2014-03-26 14:23 - 2014-03-26 14:45 - 00000000 ____D () C:\Users\Nicolò\Downloads\Video
2014-03-26 14:23 - 2014-03-26 14:24 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2014-03-26 14:23 - 2014-03-26 14:23 - 05892544 _____ (Tonec Inc.) C:\Users\Nicolò\Downloads\idman619build3.exe
2014-03-26 14:23 - 2014-03-26 14:23 - 00001009 _____ () C:\Users\Nicolò\Desktop\Internet Download Manager.lnk
2014-03-26 14:23 - 2014-03-26 14:23 - 00000000 ____D () C:\Users\Nicolò\Downloads\Compressed
2014-03-26 14:23 - 2014-03-26 14:23 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-03-26 14:23 - 2014-03-26 14:23 - 00000000 ____D () C:\ProgramData\IDM
2014-03-26 13:51 - 2014-03-26 19:11 - 00000000 ___HD () C:\Users\Nicolò\Desktop\Nuova cartella
2014-03-26 13:50 - 2014-03-26 13:50 - 01889904 _____ () C:\Users\Nicolò\Downloads\wrar501it.exe
2014-03-26 07:22 - 2014-03-26 07:22 - 00407560 _____ () C:\Users\Nicolò\Downloads\Java.exe
2014-03-25 20:47 - 2014-03-25 20:47 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-24 13:12 - 2014-03-24 18:41 - 00000000 ____D () C:\Program Files (x86)\Mega Browse
2014-03-24 13:12 - 2014-03-24 13:12 - 00001030 _____ () C:\Users\Public\Desktop\Pivot Animator.lnk
2014-03-24 13:12 - 2014-03-24 13:12 - 00000000 ____D () C:\ProgramData\Pivot Animator
2014-03-24 13:12 - 2014-03-24 13:12 - 00000000 ____D () C:\Program Files (x86)\Pivot Animator
2014-03-24 13:11 - 2014-03-24 13:11 - 00614088 _____ () C:\Users\Nicolò\Downloads\Pivot_dnld_s_v2.0.exe
2014-03-22 19:42 - 2014-03-22 19:43 - 01627219 _____ () C:\Users\Nicolò\Downloads\FUT14 Autobuyer.zip
2014-03-22 06:30 - 2014-03-22 06:30 - 04435768 _____ (AVG Technologies) C:\Users\Nicolò\Downloads\avg_avct_stb_all_2014_4259_cm10 (1).exe
2014-03-22 06:26 - 2014-03-22 06:26 - 00002214 _____ () C:\Windows\PFRO.log
2014-03-21 21:04 - 2014-03-21 21:04 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\Malwarebytes
2014-03-21 21:02 - 2014-03-21 21:04 - 00001039 _____ () C:\Users\Public\Desktop\vaacacaremaino.lnk
2014-03-21 21:02 - 2014-03-21 21:03 - 00000000 ____D () C:\Program Files (x86)\vaacacare
2014-03-21 21:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-21 21:00 - 2014-03-21 21:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Nicolò\Desktop\popaiz.exe
2014-03-21 20:57 - 2014-03-21 20:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Nicolò\Downloads\seh.crdownload
2014-03-21 20:55 - 2014-03-21 20:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Nicolò\Downloads\ciaccooo.crdownload
2014-03-21 19:21 - 2014-03-21 19:21 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\Skype
2014-03-20 13:20 - 2013-11-28 01:24 - 00175480 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2014-03-19 22:51 - 2014-03-21 20:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-19 22:48 - 2014-03-19 22:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-16 15:48 - 2014-03-18 23:52 - 00000000 ____D () C:\Windows\SysWOW64\dfrg
2014-03-16 15:47 - 2014-03-18 23:52 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\14423
2014-03-16 15:35 - 2014-03-16 15:36 - 00375012 _____ () C:\Users\Nicolò\Downloads\Clash of Clans Hack(5).rar
2014-03-16 15:35 - 2014-03-16 15:35 - 00375012 _____ () C:\Users\Nicolò\Downloads\Clash of Clans Hack(4).rar
2014-03-16 15:35 - 2014-03-16 15:35 - 00375012 _____ () C:\Users\Nicolò\Downloads\Clash of Clans Hack(3).rar
2014-03-16 15:35 - 2014-03-16 15:35 - 00375012 _____ () C:\Users\Nicolò\Downloads\Clash of Clans Hack(2).rar
2014-03-16 15:35 - 2014-03-16 15:35 - 00375012 _____ () C:\Users\Nicolò\Downloads\Clash of Clans Hack(1).rar
2014-03-12 16:44 - 2014-03-20 13:36 - 00000000 ____D () C:\Program Files (x86)\ScanTack
2014-03-11 16:50 - 2014-03-11 16:50 - 02204843 _____ () C:\Users\Nicolò\Downloads\Clash Of Clans Hack.rar
2014-03-11 16:50 - 2014-03-11 16:50 - 02204843 _____ () C:\Users\Nicolò\Downloads\Clash Of Clans Hack (1).rar
2014-03-11 16:39 - 2014-03-18 16:45 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\QuickScan
2014-03-11 16:37 - 2014-03-21 20:45 - 00000000 ____D () C:\ProgramData\LightsOff
2014-03-11 16:37 - 2014-03-21 20:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-11 16:37 - 2014-03-11 16:37 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\LightsOff
2014-03-11 16:35 - 2014-03-11 16:35 - 00617819 _____ () C:\Users\Nicolò\Downloads\Castle Clash Gem Adder v3.1.zip
2014-03-10 09:10 - 2014-03-10 09:05 - 495863717 _____ () C:\Users\Nicolò\Desktop\Thief Update 1.1 + DLC.rar
2014-03-10 08:54 - 2014-03-10 09:05 - 495863717 _____ () C:\Users\Nicolò\Downloads\Thief Update 1.1 + DLC.rar
2014-03-10 08:51 - 2014-03-10 08:51 - 00000000 ____D () C:\Users\Nicolò\Documents\Thief
2014-03-10 08:24 - 2014-03-10 08:24 - 00000000 ____D () C:\Users\Nicolò\Desktop\ThiefGame
2014-03-10 08:24 - 2014-03-10 08:24 - 00000000 ____D () C:\Users\Nicolò\Desktop\Binaries
2014-03-10 07:50 - 2014-02-24 17:58 - 3965251584 _____ () C:\Users\Nicolò\Desktop\rld-thief.iso
2014-03-09 22:40 - 2014-03-10 08:35 - 00000000 ____D () C:\Program Files (x86)\Thief
2014-03-09 19:19 - 2014-03-09 19:19 - 00001809 _____ () C:\Users\Nicolò\Desktop\South Park - The Stick of Truth - collegamento.lnk
2014-03-09 19:11 - 2014-03-10 07:45 - 00000000 ____D () C:\Program Files (x86)\Southpark Stick of Truth
2014-03-09 13:55 - 2014-03-09 13:55 - 00001507 _____ () C:\Users\Nicolò\Desktop\Bandicam Launcher - collegamento.lnk
2014-03-09 13:41 - 2014-03-09 13:41 - 00006077 _____ () C:\Users\Nicolò\Downloads\South Park Il Bastone della Verità.torrent
2014-03-09 10:44 - 2014-03-09 10:44 - 00001174 _____ () C:\Users\Public\Desktop\Imperivm - Le Grandi Battaglie di Roma.lnk
2014-03-09 10:43 - 2014-03-09 10:46 - 00000000 ____D () C:\Program Files (x86)\MVM 2005 - Imperivm - Le Grandi Battaglie di Roma
2014-03-09 09:28 - 2014-03-09 09:28 - 00062989 _____ () C:\Users\Nicolò\Downloads\Imperivm - Le grandi battaglie di roma.torrent
2014-03-09 09:25 - 2014-03-09 09:25 - 00308447 _____ () C:\Users\Nicolò\Downloads\Imperium Civitas 2 e 3.rar
2014-03-09 09:04 - 2014-03-28 13:40 - 00005507 _____ () C:\Windows\setupact.log
2014-03-09 09:04 - 2014-03-09 09:04 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-08 20:58 - 2014-03-08 20:59 - 00022568 _____ () C:\Users\Nicolò\Desktop\Lol.bat
2014-03-08 20:09 - 2014-03-21 20:46 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\BANDISOFT
2014-03-08 20:09 - 2014-03-08 20:09 - 00000000 ____D () C:\Users\Nicolò\Documents\Bandicam
2014-03-08 20:08 - 2014-03-08 20:09 - 00000000 ____D () C:\Program Files (x86)\Bandicam
2014-03-08 20:08 - 2014-03-08 20:08 - 00000000 ____D () C:\Users\Nicolò\Desktop\Crack 16-11-2013
2014-03-08 20:08 - 2014-03-08 20:08 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1
2014-03-08 20:06 - 2014-03-08 20:06 - 07317605 _____ () C:\Users\Nicolò\Downloads\Bandicam aggiornato 29-01-2014.zip
2014-03-08 20:04 - 2014-03-08 20:05 - 11098216 _____ () C:\Users\Nicolò\Downloads\ScnRec.msi
2014-03-08 19:53 - 2014-03-08 19:53 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\OBS
2014-03-08 19:53 - 2014-03-08 19:53 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-03-08 19:53 - 2014-03-08 19:53 - 00000000 ____D () C:\Program Files\OBS
2014-03-08 19:53 - 2014-03-08 19:53 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-03-08 19:51 - 2014-03-08 19:52 - 07888419 _____ () C:\Users\Nicolò\Downloads\OBS_0_613b_Installer.exe
2014-03-08 14:13 - 2014-03-08 14:13 - 00001147 _____ () C:\Users\Nicolò\Desktop\matrix.bat
2014-03-08 14:09 - 2014-03-08 14:12 - 00000166 _____ () C:\Users\Nicolò\Desktop\LOL.vbs
2014-03-07 21:18 - 2014-03-07 21:18 - 00029031 _____ () C:\Users\Nicolò\Desktop\Lettonia.pptx
2014-03-07 21:17 - 2014-03-07 21:17 - 00003152 _____ () C:\Windows\System32\Tasks\{B6D4EB32-D55D-47C0-92C8-D741F86B9841}
2014-03-07 20:26 - 2014-03-07 20:26 - 00000000 ____D () C:\Program Files (x86)\The Game Creators
2014-03-07 20:21 - 2014-03-07 20:21 - 00401760 _____ (Softonic ) C:\Users\Nicolò\Downloads\SoftonicDownloader_per_fps-creator.exe
2014-03-07 13:55 - 2014-03-07 13:55 - 00408288 _____ () C:\Users\Nicolò\Downloads\Thief.torrent
2014-03-04 21:29 - 2014-03-04 21:29 - 00002002 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-03-04 21:29 - 2014-03-04 21:29 - 00001992 _____ () C:\Users\Public\Desktop\Samsung Kies.lnk
2014-03-04 21:29 - 2013-08-21 05:31 - 00204568 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-03-04 21:29 - 2013-08-21 05:31 - 00103576 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-03-04 21:28 - 2014-03-21 20:45 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-03-04 19:55 - 2014-03-04 19:59 - 70015304 _____ (Samsung Electronics Co., Ltd. ) C:\Users\Nicolò\Downloads\KiesSetup (1).exe
2014-03-04 19:29 - 2014-03-04 19:29 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-03-04 19:29 - 2014-03-04 19:29 - 00001780 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-03-04 19:29 - 2014-03-04 19:29 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-03-04 19:29 - 2014-03-04 19:29 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-03-04 19:28 - 2014-03-04 19:33 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-03-04 19:28 - 2014-03-04 19:28 - 10071168 _____ (BlueStack Systems Inc.) C:\Users\Nicolò\Downloads\BlueStacks-SplitInstaller_native.exe
2014-03-04 19:28 - 2014-03-04 19:28 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\Bluestacks
2014-03-04 18:17 - 2014-03-04 18:18 - 14637238 _____ () C:\Users\Nicolò\Downloads\Clash_of_Clans_Hack_October_2013.zip
2014-03-03 19:38 - 2014-03-03 19:39 - 18220264 _____ () C:\Users\Nicolò\Downloads\COD MW2 ESP-Aimbot(April).zip
2014-03-03 17:12 - 2014-03-21 20:45 - 00000000 __SHD () C:\Program Files (x86)\Windows Services
2014-03-03 17:10 - 2014-03-21 20:46 - 00000000 __SHD () C:\ProgramData\Windows Services
2014-03-03 17:10 - 2014-03-03 17:10 - 00268800 __RSH () C:\Users\Nicolò\Documents\Google.com
2014-03-03 17:10 - 2014-03-03 17:10 - 00268800 __RSH () C:\ProgramData\Microsoft.com
2014-03-03 17:10 - 2014-03-03 17:10 - 00183605 _____ () C:\Users\Nicolò\Downloads\MW2AimEsp-Hack.zip
2014-03-03 16:22 - 2014-03-03 16:22 - 05718872 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\vcredist_x64 (4).exe
2014-03-03 16:22 - 2014-03-03 16:22 - 05073240 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\vcredist_x86 (3).exe
2014-03-03 16:22 - 2014-03-03 16:22 - 00887896 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\dotNetFx40_Client_setup.exe
2014-03-03 16:21 - 2014-03-03 16:21 - 05718872 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\vcredist_x64 (3).exe
2014-03-03 16:16 - 2014-02-04 19:09 - 85946576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe
2014-03-03 16:14 - 2014-03-03 16:15 - 24793312 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\Windows-KB890830-V5.9.exe
2014-03-03 16:14 - 2014-03-03 16:15 - 18681648 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\IE9-Windows7-x86-ita.exe
2014-03-03 16:14 - 2014-03-03 16:14 - 00292184 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\dxwebsetup (1).exe
2014-03-03 16:14 - 2014-03-03 16:14 - 00003148 _____ () C:\Windows\System32\Tasks\{754E0BA2-BB5D-4209-BAD3-78E11B73F58C}
2014-03-03 16:11 - 2014-03-03 16:11 - 06555392 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\vcredist_x86 (2).exe
2014-03-03 16:11 - 2014-03-03 16:11 - 01454792 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\vcredist_arm.exe
2014-03-03 16:10 - 2014-03-03 16:11 - 07187792 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\vcredist_x64 (2).exe
2014-03-03 15:46 - 2014-03-03 15:46 - 00087175 _____ () C:\Users\Nicolò\Downloads\Extreme-Injector.rar
2014-03-02 20:47 - 2014-03-02 20:49 - 01634815 _____ () C:\Users\Nicolò\Downloads\MW2_Liberation 1.06.zip
2014-03-02 18:49 - 2014-03-08 20:59 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-02 18:49 - 2014-03-02 18:49 - 00000963 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-03-02 18:48 - 2014-03-02 18:48 - 01141680 _____ () C:\Users\Nicolò\Downloads\SteamSetup.exe
2014-03-02 18:37 - 2014-03-02 18:37 - 00227638 _____ () C:\Users\Nicolò\Downloads\Mossyv9Edit.zip
2014-03-02 18:37 - 2014-03-02 18:37 - 00019807 _____ () C:\Users\Nicolò\Downloads\_destructible_types_dlc2.gsc
2014-03-02 18:37 - 2014-03-02 18:37 - 00003607 _____ () C:\Users\Nicolò\Downloads\_destructible_types_dlc.gsc
2014-03-02 18:36 - 2014-03-02 18:36 - 00007148 _____ () C:\Users\Nicolò\Downloads\_destructible_dlc2.gsc
2014-03-02 18:36 - 2014-03-02 18:36 - 00007141 _____ () C:\Users\Nicolò\Downloads\_destructible_dlc.gsc
2014-03-02 14:47 - 2014-03-21 20:46 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\VOPackage
2014-03-02 14:47 - 2014-03-21 20:45 - 00000000 ____D () C:\Program Files (x86)\Nosibay
2014-03-02 14:46 - 2014-03-21 20:46 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\Nosibay
2014-03-02 14:46 - 2014-03-21 20:46 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Dock
2014-03-02 14:43 - 2014-03-21 21:09 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\Mobogenie
2014-03-02 14:43 - 2014-03-21 20:46 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\SearchProtect
2014-03-02 14:43 - 2014-03-21 20:46 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2014-03-02 14:43 - 2014-03-21 20:45 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-03-02 14:43 - 2014-03-21 20:45 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-03-02 14:42 - 2014-03-02 14:42 - 00630762 _____ (Setup (Hack,Code;key;cheats and Generator )) C:\Users\Nicolò\Downloads\Setup (Hack,Code;key;cheats and Generator ).exe
2014-03-02 14:32 - 2014-03-02 14:32 - 00575576 _____ () C:\Users\Nicolò\Downloads\MOD MENU.rar
2014-03-02 13:53 - 2014-03-02 13:53 - 00189358 _____ () C:\Users\Nicolò\Downloads\Dedi Updater.rar
2014-03-02 13:52 - 2014-03-02 13:52 - 00216349 _____ () C:\Users\Nicolò\Downloads\new.rar
2014-03-02 13:48 - 2014-03-02 13:50 - 68836262 _____ () C:\Users\Nicolò\Downloads\RepZClient.rar
2014-03-01 19:58 - 2014-03-01 19:58 - 00081722 _____ () C:\Users\Nicolò\Downloads\players.rar
2014-03-01 19:58 - 2014-03-01 19:58 - 00070958 _____ () C:\Users\Nicolò\Downloads\MW2_LaunchComponent.rar
2014-03-01 19:57 - 2014-03-01 19:57 - 00189609 _____ () C:\Users\Nicolò\Downloads\Game Updater.rar
2014-03-01 19:57 - 2014-03-01 19:57 - 00034985 _____ () C:\Users\Nicolò\Downloads\Modern Warfare 2 Multiplayer files by ManGun 2014.torrent
2014-03-01 16:41 - 2014-03-01 16:42 - 00268146 _____ () C:\Users\Nicolò\Downloads\buttons_default.cfg
2014-03-01 16:41 - 2014-03-01 16:41 - 00000602 _____ () C:\Users\Nicolò\Downloads\Real 1.14 Aimbot.zip
2014-02-27 13:09 - 2014-02-27 13:09 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-26 18:14 - 2014-02-26 18:16 - 17400733 _____ () C:\Users\Nicolò\Downloads\amj.rar
 
==================== One Month Modified Files and Folders =======
 
2014-03-28 18:11 - 2014-03-28 18:11 - 00000000 ____D () C:\FRST
2014-03-28 18:11 - 2013-08-08 20:35 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\Skype
2014-03-28 18:09 - 2013-08-16 13:19 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\BitTorrent
2014-03-28 17:25 - 2013-08-09 13:46 - 00000978 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-28 17:22 - 2013-08-08 19:54 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-28 16:30 - 2014-02-15 16:30 - 00002394 _____ () C:\Windows\Tasks\Plus-HD-7.5-validator.job
2014-03-28 15:37 - 2013-12-23 23:03 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8229CE19-F6AB-4E24-8EF8-66A4CC63B1A1}
2014-03-28 15:01 - 2014-03-27 16:22 - 00000278 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-03-28 14:22 - 2013-08-08 19:54 - 00001146 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-28 13:49 - 2009-07-14 05:45 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-28 13:49 - 2009-07-14 05:45 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-28 13:45 - 2013-08-03 14:37 - 01484817 _____ () C:\Windows\WindowsUpdate.log
2014-03-28 13:44 - 2014-03-27 15:37 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-03-28 13:44 - 2013-09-10 19:06 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\CrashDumps
2014-03-28 13:44 - 2009-07-14 03:34 - 00000580 _____ () C:\Windows\win.ini
2014-03-28 13:42 - 2014-03-27 16:23 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-03-28 13:42 - 2013-08-22 12:13 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\LogMeIn Hamachi
2014-03-28 13:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-03-28 13:40 - 2014-03-09 09:04 - 00005507 _____ () C:\Windows\setupact.log
2014-03-28 13:40 - 2013-10-14 20:38 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-03-28 13:40 - 2013-08-03 14:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-28 13:40 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-27 23:30 - 2014-03-26 14:23 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\DMCache
2014-03-27 20:39 - 2013-08-27 18:04 - 00000000 ____D () C:\Users\Nicolò\Desktop\Games
2014-03-27 20:38 - 2014-03-27 20:38 - 00013741 _____ () C:\Users\Nicolò\Downloads\Nascar 14.torrent
2014-03-27 17:23 - 2014-03-27 17:01 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-03-27 17:04 - 2014-03-27 17:01 - 00000000 ____D () C:\Program Files (x86)\ciacco
2014-03-27 16:57 - 2014-03-27 16:55 - 02365840 _____ () C:\Users\Nicolò\Desktop\ciacco.exe
2014-03-27 16:55 - 2014-03-27 16:53 - 02365840 _____ () C:\Users\Nicolò\Desktop\SecurityTaskManager_Setup.exe.part
2014-03-27 16:48 - 2013-12-16 16:49 - 00000000 ___SD () C:\32788R22FWJFW
2014-03-27 16:42 - 2014-03-27 16:22 - 00000286 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-03-27 16:41 - 2013-08-25 17:54 - 00000000 ____D () C:\ProgramData\Origin
2014-03-27 16:32 - 2013-08-08 17:14 - 00000000 ____D () C:\Users\Nicolò\Desktop\Niko
2014-03-27 16:23 - 2014-03-27 16:23 - 00001201 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-03-27 16:23 - 2014-03-27 16:23 - 00000000 ____D () C:\ProgramData\Systweak
2014-03-27 16:23 - 2014-03-27 16:23 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-03-27 16:23 - 2014-03-27 16:22 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\systweak
2014-03-27 16:22 - 2014-03-27 16:22 - 00003032 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2014-03-27 16:22 - 2014-03-27 16:22 - 00002876 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2014-03-27 16:22 - 2014-03-27 16:22 - 00001368 _____ () C:\Users\Nicolò\Desktop\Ripulisci gratuitamente il registro di sistema!.lnk
2014-03-27 16:22 - 2014-03-27 16:22 - 00001050 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-03-27 16:22 - 2014-03-27 16:22 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-03-27 16:15 - 2013-08-25 17:54 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-03-27 16:11 - 2013-08-09 17:15 - 00000000 ____D () C:\Windows\CheckSur
2014-03-27 16:10 - 2014-03-27 16:01 - 00000000 ____D () C:\Users\Nicolò\Desktop\mbar
2014-03-27 16:01 - 2014-03-27 16:01 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 16:01 - 2014-03-27 16:01 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-27 15:51 - 2014-03-27 15:51 - 00001234 _____ () C:\Users\Nicolò\Desktop\DriverMax.lnk
2014-03-27 15:51 - 2014-03-27 15:51 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\Innovative Solutions
2014-03-27 15:51 - 2014-03-27 15:51 - 00000000 ____D () C:\Program Files (x86)\Innovative Solutions
2014-03-27 15:37 - 2014-03-27 15:37 - 00001907 _____ () C:\Users\Public\Desktop\ciacco.lnk
2014-03-27 15:37 - 2014-03-27 15:37 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-27 15:37 - 2014-03-27 15:37 - 00000000 ____D () C:\Program Files\HitmanPro
2014-03-27 15:08 - 2013-12-16 15:31 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-03-27 15:07 - 2014-03-26 14:23 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\IDM
2014-03-26 19:11 - 2014-03-26 13:51 - 00000000 ___HD () C:\Users\Nicolò\Desktop\Nuova cartella
2014-03-26 15:47 - 2013-08-03 15:40 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-03-26 14:45 - 2014-03-26 14:23 - 00000000 ____D () C:\Users\Nicolò\Downloads\Video
2014-03-26 14:24 - 2014-03-26 14:23 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2014-03-26 14:23 - 2014-03-26 14:23 - 05892544 _____ (Tonec Inc.) C:\Users\Nicolò\Downloads\idman619build3.exe
2014-03-26 14:23 - 2014-03-26 14:23 - 00001009 _____ () C:\Users\Nicolò\Desktop\Internet Download Manager.lnk
2014-03-26 14:23 - 2014-03-26 14:23 - 00000000 ____D () C:\Users\Nicolò\Downloads\Compressed
2014-03-26 14:23 - 2014-03-26 14:23 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-03-26 14:23 - 2014-03-26 14:23 - 00000000 ____D () C:\ProgramData\IDM
2014-03-26 14:17 - 2013-08-08 19:54 - 00004146 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-26 14:17 - 2013-08-08 19:54 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-26 13:51 - 2013-08-03 15:41 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\WinRAR
2014-03-26 13:51 - 2013-08-03 15:40 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-03-26 13:50 - 2014-03-26 13:50 - 01889904 _____ () C:\Users\Nicolò\Downloads\wrar501it.exe
2014-03-26 07:22 - 2014-03-26 07:22 - 00407560 _____ () C:\Users\Nicolò\Downloads\Java.exe
2014-03-26 07:17 - 2009-07-19 10:07 - 00739108 _____ () C:\Windows\system32\perfh010.dat
2014-03-26 07:17 - 2009-07-19 10:07 - 00146180 _____ () C:\Windows\system32\perfc010.dat
2014-03-26 07:17 - 2009-07-14 06:13 - 01654134 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-25 20:47 - 2014-03-25 20:47 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-03-24 18:41 - 2014-03-24 13:12 - 00000000 ____D () C:\Program Files (x86)\Mega Browse
2014-03-24 13:12 - 2014-03-24 13:12 - 00001030 _____ () C:\Users\Public\Desktop\Pivot Animator.lnk
2014-03-24 13:12 - 2014-03-24 13:12 - 00000000 ____D () C:\ProgramData\Pivot Animator
2014-03-24 13:12 - 2014-03-24 13:12 - 00000000 ____D () C:\Program Files (x86)\Pivot Animator
2014-03-24 13:11 - 2014-03-24 13:11 - 00614088 _____ () C:\Users\Nicolò\Downloads\Pivot_dnld_s_v2.0.exe
2014-03-23 21:49 - 2013-09-24 20:08 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\PokerStars.IT
2014-03-22 19:43 - 2014-03-22 19:42 - 01627219 _____ () C:\Users\Nicolò\Downloads\FUT14 Autobuyer.zip
2014-03-22 15:02 - 2013-08-03 14:35 - 00000000 ___RD () C:\Users\Nicolò\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-22 06:30 - 2014-03-22 06:30 - 04435768 _____ (AVG Technologies) C:\Users\Nicolò\Downloads\avg_avct_stb_all_2014_4259_cm10 (1).exe
2014-03-22 06:26 - 2014-03-22 06:26 - 00002214 _____ () C:\Windows\PFRO.log
2014-03-21 21:09 - 2014-03-02 14:43 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\Mobogenie
2014-03-21 21:04 - 2014-03-21 21:04 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\Malwarebytes
2014-03-21 21:04 - 2014-03-21 21:02 - 00001039 _____ () C:\Users\Public\Desktop\vaacacaremaino.lnk
2014-03-21 21:03 - 2014-03-21 21:02 - 00000000 ____D () C:\Program Files (x86)\vaacacare
2014-03-21 21:00 - 2014-03-21 21:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Nicolò\Desktop\popaiz.exe
2014-03-21 20:59 - 2014-03-21 20:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Nicolò\Downloads\seh.crdownload
2014-03-21 20:57 - 2014-03-21 20:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Nicolò\Downloads\ciaccooo.crdownload
2014-03-21 20:47 - 2013-08-03 14:35 - 00000000 ____D () C:\Users\Nicolò
2014-03-21 20:46 - 2014-03-08 20:09 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\BANDISOFT
2014-03-21 20:46 - 2014-03-03 17:10 - 00000000 __SHD () C:\ProgramData\Windows Services
2014-03-21 20:46 - 2014-03-02 14:47 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\VOPackage
2014-03-21 20:46 - 2014-03-02 14:46 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\Nosibay
2014-03-21 20:46 - 2014-03-02 14:46 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Dock
2014-03-21 20:46 - 2014-03-02 14:43 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\SearchProtect
2014-03-21 20:46 - 2014-03-02 14:43 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2014-03-21 20:46 - 2014-02-02 21:30 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\RegistryDR
2014-03-21 20:46 - 2013-12-16 16:49 - 00000000 ____D () C:\Windows\erdnt
2014-03-21 20:46 - 2013-11-04 15:11 - 00000000 ____D () C:\Windows\pss
2014-03-21 20:46 - 2013-09-05 08:48 - 00000000 ____D () C:\Youtube
2014-03-21 20:46 - 2013-08-03 15:53 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\DAEMON Tools Lite
2014-03-21 20:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-03-21 20:45 - 2014-03-19 22:51 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-21 20:45 - 2014-03-11 16:37 - 00000000 ____D () C:\ProgramData\LightsOff
2014-03-21 20:45 - 2014-03-11 16:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-21 20:45 - 2014-03-04 21:28 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-03-21 20:45 - 2014-03-03 17:12 - 00000000 __SHD () C:\Program Files (x86)\Windows Services
2014-03-21 20:45 - 2014-03-02 14:47 - 00000000 ____D () C:\Program Files (x86)\Nosibay
2014-03-21 20:45 - 2014-03-02 14:43 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-03-21 20:45 - 2014-03-02 14:43 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-03-21 20:45 - 2014-02-16 10:39 - 00000000 ____D () C:\Program Files (x86)\BringStar
2014-03-21 20:45 - 2014-02-02 21:25 - 00000000 ____D () C:\Program Files (x86)\Registry Dr
2014-03-21 20:45 - 2013-08-08 20:35 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-21 20:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-03-21 20:44 - 2013-08-08 20:34 - 00000000 ____D () C:\ProgramData\Skype
2014-03-21 20:43 - 2013-12-16 16:15 - 00000000 ____D () C:\AdwCleaner
2014-03-21 20:43 - 2013-08-03 15:57 - 00000000 __RHD () C:\MSOCache
2014-03-21 19:21 - 2014-03-21 19:21 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\Skype
2014-03-20 13:36 - 2014-03-12 16:44 - 00000000 ____D () C:\Program Files (x86)\ScanTack
2014-03-19 22:48 - 2014-03-19 22:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-18 23:52 - 2014-03-16 15:48 - 00000000 ____D () C:\Windows\SysWOW64\dfrg
2014-03-18 23:52 - 2014-03-16 15:47 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\14423
2014-03-18 16:45 - 2014-03-11 16:39 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\QuickScan
2014-03-16 15:36 - 2014-03-16 15:35 - 00375012 _____ () C:\Users\Nicolò\Downloads\Clash of Clans Hack(5).rar
2014-03-16 15:35 - 2014-03-16 15:35 - 00375012 _____ () C:\Users\Nicolò\Downloads\Clash of Clans Hack(4).rar
2014-03-16 15:35 - 2014-03-16 15:35 - 00375012 _____ () C:\Users\Nicolò\Downloads\Clash of Clans Hack(3).rar
2014-03-16 15:35 - 2014-03-16 15:35 - 00375012 _____ () C:\Users\Nicolò\Downloads\Clash of Clans Hack(2).rar
2014-03-16 15:35 - 2014-03-16 15:35 - 00375012 _____ () C:\Users\Nicolò\Downloads\Clash of Clans Hack(1).rar
2014-03-12 16:57 - 2013-08-04 12:04 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\Adobe
2014-03-11 16:50 - 2014-03-11 16:50 - 02204843 _____ () C:\Users\Nicolò\Downloads\Clash Of Clans Hack.rar
2014-03-11 16:50 - 2014-03-11 16:50 - 02204843 _____ () C:\Users\Nicolò\Downloads\Clash Of Clans Hack (1).rar
2014-03-11 16:37 - 2014-03-11 16:37 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\LightsOff
2014-03-11 16:35 - 2014-03-11 16:35 - 00617819 _____ () C:\Users\Nicolò\Downloads\Castle Clash Gem Adder v3.1.zip
2014-03-10 09:05 - 2014-03-10 09:10 - 495863717 _____ () C:\Users\Nicolò\Desktop\Thief Update 1.1 + DLC.rar
2014-03-10 09:05 - 2014-03-10 08:54 - 495863717 _____ () C:\Users\Nicolò\Downloads\Thief Update 1.1 + DLC.rar
2014-03-10 08:51 - 2014-03-10 08:51 - 00000000 ____D () C:\Users\Nicolò\Documents\Thief
2014-03-10 08:35 - 2014-03-09 22:40 - 00000000 ____D () C:\Program Files (x86)\Thief
2014-03-10 08:24 - 2014-03-10 08:24 - 00000000 ____D () C:\Users\Nicolò\Desktop\ThiefGame
2014-03-10 08:24 - 2014-03-10 08:24 - 00000000 ____D () C:\Users\Nicolò\Desktop\Binaries
2014-03-10 07:45 - 2014-03-09 19:11 - 00000000 ____D () C:\Program Files (x86)\Southpark Stick of Truth
2014-03-09 19:19 - 2014-03-09 19:19 - 00001809 _____ () C:\Users\Nicolò\Desktop\South Park - The Stick of Truth - collegamento.lnk
2014-03-09 19:18 - 2013-09-13 12:53 - 00000000 ____D () C:\Users\Nicolò\Documents\My Games
2014-03-09 13:55 - 2014-03-09 13:55 - 00001507 _____ () C:\Users\Nicolò\Desktop\Bandicam Launcher - collegamento.lnk
2014-03-09 13:41 - 2014-03-09 13:41 - 00006077 _____ () C:\Users\Nicolò\Downloads\South Park Il Bastone della Verità.torrent
2014-03-09 10:46 - 2014-03-09 10:43 - 00000000 ____D () C:\Program Files (x86)\MVM 2005 - Imperivm - Le Grandi Battaglie di Roma
2014-03-09 10:44 - 2014-03-09 10:44 - 00001174 _____ () C:\Users\Public\Desktop\Imperivm - Le Grandi Battaglie di Roma.lnk
2014-03-09 10:43 - 2010-01-22 23:04 - 00000605 _____ () C:\Windows\m3jpeg.ini
2014-03-09 09:28 - 2014-03-09 09:28 - 00062989 _____ () C:\Users\Nicolò\Downloads\Imperivm - Le grandi battaglie di roma.torrent
2014-03-09 09:25 - 2014-03-09 09:25 - 00308447 _____ () C:\Users\Nicolò\Downloads\Imperium Civitas 2 e 3.rar
2014-03-09 09:04 - 2014-03-09 09:04 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-08 20:59 - 2014-03-08 20:58 - 00022568 _____ () C:\Users\Nicolò\Desktop\Lol.bat
2014-03-08 20:59 - 2014-03-02 18:49 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-08 20:58 - 2013-09-05 20:51 - 00000000 ____D () C:\Windows\Minidump
2014-03-08 20:09 - 2014-03-08 20:09 - 00000000 ____D () C:\Users\Nicolò\Documents\Bandicam
2014-03-08 20:09 - 2014-03-08 20:08 - 00000000 ____D () C:\Program Files (x86)\Bandicam
2014-03-08 20:08 - 2014-03-08 20:08 - 00000000 ____D () C:\Users\Nicolò\Desktop\Crack 16-11-2013
2014-03-08 20:08 - 2014-03-08 20:08 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1
2014-03-08 20:08 - 2011-10-23 18:00 - 05542320 _____ (Bandisoft) C:\Users\Nicolò\Desktop\Bandicam aggiornato 16-11-2013.exe
2014-03-08 20:06 - 2014-03-08 20:06 - 07317605 _____ () C:\Users\Nicolò\Downloads\Bandicam aggiornato 29-01-2014.zip
2014-03-08 20:05 - 2014-03-08 20:04 - 11098216 _____ () C:\Users\Nicolò\Downloads\ScnRec.msi
2014-03-08 19:53 - 2014-03-08 19:53 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\OBS
2014-03-08 19:53 - 2014-03-08 19:53 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-03-08 19:53 - 2014-03-08 19:53 - 00000000 ____D () C:\Program Files\OBS
2014-03-08 19:53 - 2014-03-08 19:53 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-03-08 19:52 - 2014-03-08 19:51 - 07888419 _____ () C:\Users\Nicolò\Downloads\OBS_0_613b_Installer.exe
2014-03-08 14:13 - 2014-03-08 14:13 - 00001147 _____ () C:\Users\Nicolò\Desktop\matrix.bat
2014-03-08 14:12 - 2014-03-08 14:09 - 00000166 _____ () C:\Users\Nicolò\Desktop\LOL.vbs
2014-03-07 21:18 - 2014-03-07 21:18 - 00029031 _____ () C:\Users\Nicolò\Desktop\Lettonia.pptx
2014-03-07 21:17 - 2014-03-07 21:17 - 00003152 _____ () C:\Windows\System32\Tasks\{B6D4EB32-D55D-47C0-92C8-D741F86B9841}
2014-03-07 20:26 - 2014-03-07 20:26 - 00000000 ____D () C:\Program Files (x86)\The Game Creators
2014-03-07 20:26 - 2013-08-03 14:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-07 20:21 - 2014-03-07 20:21 - 00401760 _____ (Softonic ) C:\Users\Nicolò\Downloads\SoftonicDownloader_per_fps-creator.exe
2014-03-07 13:55 - 2014-03-07 13:55 - 00408288 _____ () C:\Users\Nicolò\Downloads\Thief.torrent
2014-03-04 21:29 - 2014-03-04 21:29 - 00002002 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-03-04 21:29 - 2014-03-04 21:29 - 00001992 _____ () C:\Users\Public\Desktop\Samsung Kies.lnk
2014-03-04 21:29 - 2013-09-15 19:11 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\Samsung
2014-03-04 21:29 - 2013-09-15 19:11 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\Samsung
2014-03-04 20:02 - 2013-09-15 19:06 - 00000000 ____D () C:\ProgramData\Samsung
2014-03-04 20:00 - 2013-08-05 13:21 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\Downloaded Installations
2014-03-04 19:59 - 2014-03-04 19:55 - 70015304 _____ (Samsung Electronics Co., Ltd. ) C:\Users\Nicolò\Downloads\KiesSetup (1).exe
2014-03-04 19:33 - 2014-03-04 19:28 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-03-04 19:29 - 2014-03-04 19:29 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-03-04 19:29 - 2014-03-04 19:29 - 00001780 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-03-04 19:29 - 2014-03-04 19:29 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-03-04 19:29 - 2014-03-04 19:29 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-03-04 19:29 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-04 19:28 - 2014-03-04 19:28 - 10071168 _____ (BlueStack Systems Inc.) C:\Users\Nicolò\Downloads\BlueStacks-SplitInstaller_native.exe
2014-03-04 19:28 - 2014-03-04 19:28 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\Bluestacks
2014-03-04 18:18 - 2014-03-04 18:17 - 14637238 _____ () C:\Users\Nicolò\Downloads\Clash_of_Clans_Hack_October_2013.zip
2014-03-04 13:38 - 2014-02-06 17:39 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\Dropbox
2014-03-04 13:37 - 2014-02-06 17:40 - 00000000 ___RD () C:\Users\Nicolò\Dropbox
2014-03-03 19:39 - 2014-03-03 19:38 - 18220264 _____ () C:\Users\Nicolò\Downloads\COD MW2 ESP-Aimbot(April).zip
2014-03-03 17:10 - 2014-03-03 17:10 - 00268800 __RSH () C:\Users\Nicolò\Documents\Google.com
2014-03-03 17:10 - 2014-03-03 17:10 - 00268800 __RSH () C:\ProgramData\Microsoft.com
2014-03-03 17:10 - 2014-03-03 17:10 - 00183605 _____ () C:\Users\Nicolò\Downloads\MW2AimEsp-Hack.zip
2014-03-03 17:10 - 2014-02-09 20:57 - 00268800 __RSH () C:\Windows\SysWOW64\Microsoft.com
2014-03-03 16:22 - 2014-03-03 16:22 - 05718872 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\vcredist_x64 (4).exe
2014-03-03 16:22 - 2014-03-03 16:22 - 05073240 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\vcredist_x86 (3).exe
2014-03-03 16:22 - 2014-03-03 16:22 - 00887896 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\dotNetFx40_Client_setup.exe
2014-03-03 16:21 - 2014-03-03 16:21 - 05718872 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\vcredist_x64 (3).exe
2014-03-03 16:15 - 2014-03-03 16:14 - 24793312 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\Windows-KB890830-V5.9.exe
2014-03-03 16:15 - 2014-03-03 16:14 - 18681648 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\IE9-Windows7-x86-ita.exe
2014-03-03 16:14 - 2014-03-03 16:14 - 00292184 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\dxwebsetup (1).exe
2014-03-03 16:14 - 2014-03-03 16:14 - 00003148 _____ () C:\Windows\System32\Tasks\{754E0BA2-BB5D-4209-BAD3-78E11B73F58C}
2014-03-03 16:14 - 2013-08-20 15:08 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-03-03 16:14 - 2013-08-20 15:08 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-03-03 16:12 - 2013-10-07 19:43 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-03 16:11 - 2014-03-03 16:11 - 06555392 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\vcredist_x86 (2).exe
2014-03-03 16:11 - 2014-03-03 16:11 - 01454792 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\vcredist_arm.exe
2014-03-03 16:11 - 2014-03-03 16:10 - 07187792 _____ (Microsoft Corporation) C:\Users\Nicolò\Downloads\vcredist_x64 (2).exe
2014-03-03 15:46 - 2014-03-03 15:46 - 00087175 _____ () C:\Users\Nicolò\Downloads\Extreme-Injector.rar
2014-03-03 13:14 - 2013-12-16 15:44 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-03 13:08 - 2014-02-02 21:27 - 00000000 ____D () C:\Users\Nicolò\AppData\Local\cache
2014-03-03 13:07 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-03-02 20:49 - 2014-03-02 20:47 - 01634815 _____ () C:\Users\Nicolò\Downloads\MW2_Liberation 1.06.zip
2014-03-02 18:49 - 2014-03-02 18:49 - 00000963 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-03-02 18:48 - 2014-03-02 18:48 - 01141680 _____ () C:\Users\Nicolò\Downloads\SteamSetup.exe
2014-03-02 18:37 - 2014-03-02 18:37 - 00227638 _____ () C:\Users\Nicolò\Downloads\Mossyv9Edit.zip
2014-03-02 18:37 - 2014-03-02 18:37 - 00019807 _____ () C:\Users\Nicolò\Downloads\_destructible_types_dlc2.gsc
2014-03-02 18:37 - 2014-03-02 18:37 - 00003607 _____ () C:\Users\Nicolò\Downloads\_destructible_types_dlc.gsc
2014-03-02 18:36 - 2014-03-02 18:36 - 00007148 _____ () C:\Users\Nicolò\Downloads\_destructible_dlc2.gsc
2014-03-02 18:36 - 2014-03-02 18:36 - 00007141 _____ () C:\Users\Nicolò\Downloads\_destructible_dlc.gsc
2014-03-02 14:47 - 2013-08-09 21:57 - 00041986 _____ () C:\Users\Nicolò\AppData\Roaming\Bubble Dock.installation.log
2014-03-02 14:47 - 2013-08-09 21:57 - 00003852 _____ () C:\Users\Nicolò\AppData\Roaming\Bubble Dock.boostrap.log
2014-03-02 14:42 - 2014-03-02 14:42 - 00630762 _____ (Setup (Hack,Code;key;cheats and Generator )) C:\Users\Nicolò\Downloads\Setup (Hack,Code;key;cheats and Generator ).exe
2014-03-02 14:32 - 2014-03-02 14:32 - 00575576 _____ () C:\Users\Nicolò\Downloads\MOD MENU.rar
2014-03-02 13:53 - 2014-03-02 13:53 - 00189358 _____ () C:\Users\Nicolò\Downloads\Dedi Updater.rar
2014-03-02 13:52 - 2014-03-02 13:52 - 00216349 _____ () C:\Users\Nicolò\Downloads\new.rar
2014-03-02 13:50 - 2014-03-02 13:48 - 68836262 _____ () C:\Users\Nicolò\Downloads\RepZClient.rar
2014-03-01 20:09 - 2013-12-13 21:10 - 00000000 ____D () C:\Users\Nicolò\AppData\Roaming\Awesomium
2014-03-01 19:58 - 2014-03-01 19:58 - 00081722 _____ () C:\Users\Nicolò\Downloads\players.rar
2014-03-01 19:58 - 2014-03-01 19:58 - 00070958 _____ () C:\Users\Nicolò\Downloads\MW2_LaunchComponent.rar
2014-03-01 19:57 - 2014-03-01 19:57 - 00189609 _____ () C:\Users\Nicolò\Downloads\Game Updater.rar
2014-03-01 19:57 - 2014-03-01 19:57 - 00034985 _____ () C:\Users\Nicolò\Downloads\Modern Warfare 2 Multiplayer files by ManGun 2014.torrent
2014-03-01 16:42 - 2014-03-01 16:41 - 00268146 _____ () C:\Users\Nicolò\Downloads\buttons_default.cfg
2014-03-01 16:41 - 2014-03-01 16:41 - 00000602 _____ () C:\Users\Nicolò\Downloads\Real 1.14 Aimbot.zip
2014-02-28 18:51 - 2013-12-23 10:53 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-02-28 18:17 - 2013-10-07 15:09 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-02-27 13:09 - 2014-02-27 13:09 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-26 19:59 - 2013-08-08 17:38 - 00000000 ____D () C:\Users\Nicolò\minecraft
2014-02-26 18:16 - 2014-02-26 18:14 - 17400733 _____ () C:\Users\Nicolò\Downloads\amj.rar
 
Some content of TEMP:
====================
C:\Users\Nicolò\AppData\Local\Temp\bdfilters.dll
C:\Users\Nicolò\AppData\Local\Temp\sonarinst.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-21 07:34
 
==================== End Of Log ============================
 
 
 
 
 
 
And this is the Addition.txt file:
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Nicolò at 2014-03-28 18:12:10
Running from C:\Users\Nicolò\Downloads\Programs
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.2 - Futuremark Corporation)
7-Zip 9.21 (HKLM-x32\...\{23170F69-40C1-2701-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.16.3 - Mirillis)
Adobe After Effects CS4 (HKLM-x32\...\Adobe_3dcb365ab9e01871fb8c6f27b0ea079) (Version: 9 - Adobe Systems Incorporated)
Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Presets (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.1.0.5790 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles AE CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.05) - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.6.147 - Adobe Systems, Inc.)
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.12594 - Systweak Software) <==== ATTENTION
Aggiornamenti NVIDIA 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
AMD OverDrive Beta (HKLM-x32\...\{5ED97A27-2666-42CD-B964-C0A368724ACC}) (Version: 4.2.6.0659 - Advanced Micro Devices, Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.5187 - DsNET Corp)
Auto Blurum Light 2.3.1 (HKLM-x32\...\Auto Blurum Light 2.3.1) (Version: 2.3.1 - Justsofts)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4259 - AVG Technologies)
AVG 2014 (Version: 14.0.3705 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version:  - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.1.0.1 - Electronic Arts)
Battlefield 4™ Beta (HKLM-x32\...\{CFAB3721-549D-4827-A4E8-7F90192114AB}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Bit Che (HKLM-x32\...\{D9DA5C41-964F-455F-B5E7-3664519440E8}_is1) (Version: 2.0 build 60 - Convivea Inc.)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.8.2.30489 - BitTorrent Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.6.3059 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{62763BAD-53A8-4C9F-B4CF-7CCABFEFD725}) (Version: 0.8.6.3059 - BlueStack Systems, Inc.)
BringStar (HKLM\...\BringStar) (Version: 2014.02.14.172742 - BringStar)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.3 - Broadcom Corporation)
Bubble Dock (remove only) (HKCU\...\Bubble Dock) (Version:  - Nosibay)
Burnout™ Paradise: The Ultimate Box (HKLM-x32\...\{1CDC8E7D-CDFC-4C2B-A080-23D943354625}) (Version: 1.1.0.0 - Electronic Arts)
Burnout™ Paradise: The Ultimate Box (HKLM-x32\...\{9A996B6A-846E-4A89-B9C4-17546B7BE49F}) (Version: 1.1.0.0 - Electronic Arts)
Camtasia Studio 7 (HKLM-x32\...\{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}) (Version: 7.0.0 - TechSmith Corporation)
Camtasia Studio 8 (HKLM-x32\...\{BFA04EE0-8240-4667-8D53-45496A901C33}) (Version: 8.1.2.1327 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.2.7.1801 - CDBurnerXP)
Chiavetta Internet (HKLM-x32\...\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}) (Version: 1.0.0.1 - )
CINEMA 4D R14 (HKLM-x32\...\CINEMA 4D R14) (Version:  - )
Clash of Clans Ultimate Hack Tool 2.3 (HKLM-x32\...\Clash of Clans Ultimate Hack Tool 2.3) (Version: 2.3 - Clash of Clans)
Cling Clang (HKLM\...\Cling Clang) (Version: 2014.02.14.172742 - Cling Clang) <==== ATTENTION
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
Command & Conquer™ Red Alert™ 3 Uprising (HKLM-x32\...\{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}) (Version: 1.0.1.0 - Electronic Arts)
CPUID HWMonitor 1.23 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version:  - ) <==== ATTENTION
DriverMax 7 (HKLM-x32\...\DMX5_is1) (Version: 7.23.0.188 - Innovative Solutions)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}) (Version: 2.40.0009 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX130 Series Printer Uninstall (HKLM\...\EPSON SX130 Series) (Version:  - SEIKO EPSON Corporation)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.105 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.105 - Etron Technology) Hidden
Football Manager 2013 versione 13.3.3 (HKLM-x32\...\{04BDADD5-B981-49DB-90F0-DE11F19C50B4}_is1) (Version: 13.3.3 - SEGA)
FPS Creator Demo (HKLM-x32\...\{E70E9721-A42A-4D7A-8087-AA69614328A0}) (Version:  - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
fst_it_55 (HKLM-x32\...\fst_it_55_is1) (Version:  - FREESOFTTODAY) <==== ATTENTION
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Guida utente EPSON SX130 Series (HKLM-x32\...\EPSON SX130 Series Useg) (Version:  - )
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.214 - SurfRight B.V.)
HyperCam 3 (HKLM-x32\...\HyperCam 3 3.5.1211.29) (Version: 3.5.1211.29 - Solveig Multimedia)
Iminent (x32 Version: 6.46.1.0 - Iminent) Hidden <==== ATTENTION
Imperivm - Le Grandi Bataglie di Roma (HKLM-x32\...\Imperivm - Le Grandi Bataglie di Roma) (Version:  - FX Interactive)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 7 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417040FF}) (Version: 7.0.400 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
K-Lite Codec Pack 9.9.9 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.9.9 - )
LEGO MARVEL Super Heroes (HKLM-x32\...\LEGO MARVEL Super Heroes_is1) (Version:  - Warner Bros. Games)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware versione 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Medal of Honor ™ (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Media Player (HKLM-x32\...\MediaPlayerV1alpha205) (Version: 1.1 - Media Player)
Mega Browse (HKLM\...\Mega Browse) (Version: 2014.03.21.000003 - Mega Browse)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office Access MUI (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Italian) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{F03CB3EF-DC16-35CE-B3C1-C68EA09E5E97}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d61ab584-9b0a-404e-8a23-76032e6744c0}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{db012557-340e-4a46-adae-81a6b0f6a1e9}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{5b6b8fa4-b54c-4388-ba7f-1f8b39b1abea}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{e6edaf4d-f9a1-4023-be00-d6189343feb9}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Windows Debugging Symbols (HKLM-x32\...\{46EA439E-2D16-49B6-AA80-00DE992FE7CE}) (Version: 7601 - Microsoft)
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
Mirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.1.0 - Electronic Arts)
Mobogenie (HKLM-x32\...\Mobogenie) (Version:  - Mobogenie.com) <==== ATTENTION
Morgan M-JPEG codec V3 (HKLM-x32\...\m3jpegV3) (Version:  - )
MotioninJoy DS3 driver version 0.6.0005 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.0005 - www.motioninjoy.com)
Mozilla Firefox 27.0.1 (x86 it) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 it)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MP3 Skype Recorder (HKLM-x32\...\{CB606F47-7D0E-40DF-95BB-0E5413A1295F}) (Version: 3.1.3 - Alexander Nikiforov)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
NVIDIA Driver 3D Vision 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Driver audio HD 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Driver del controller 3D Vision 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Driver grafico 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3182 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Pannello di controllo NVIDIA 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Pivot Animator version 4.1.10 (HKLM-x32\...\Pivot Animator_is1) (Version: 4.1.10 - Motus Software Ltd)
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Poker Snai (HKCU\...\pokersnai_real) (Version:  - )
PokerStars.it (HKLM-x32\...\PokerStars.it) (Version:  - PokerStars.it)
Populous (HKLM-x32\...\{476CD9DE-C45F-4443-BFA7-E51C58B7E455}) (Version: 1.0.0.0 - Electronic Arts)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6378 - Realtek Semiconductor Corp.)
RegClean Pro (HKLM-x32\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Scribblenauts Unmasked A DC Comics Adventure (HKLM-x32\...\Scribblenauts Unmasked A DC Comics Adventure_is1) (Version:  - )
Search Protect by conduit (HKLM-x32\...\SearchProtect) (Version: 1.7.0.72 - Conduit) <==== ATTENTION
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Southpark Stick of Truth (HKLM-x32\...\U291dGhwYXJrU3RpY2tvZlRydXRo_is1) (Version: 1 - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Supporto applicazioni Apple (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
theHunter Launcher (HKLM-x32\...\FBDFBE7F-2DB8-47E2-B88E-32F4A2A74AA8_is1) (Version: 622 - Expansive Worlds)
Thief (HKLM-x32\...\VGhpZWY=_is1) (Version: 1 - )
U2bviews Software (HKLM-x32\...\{FEAF4197-BC22-467A-994A-B72E74DF57E2}) (Version: 2.0.0 - U2bviews)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Vegas Pro 12.0 (64-bit) (HKLM\...\{EE45F85E-ED91-11E2-9CD7-F04DA23A5C58}) (Version: 12.0.670 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - )
webbsavE (HKLM-x32\...\{476D78C4-1DB0-2D88-7FCC-AA6559F59A8D}) (Version: 4.2.0.1591 - websavee) <==== ATTENTION
WinDS PRO 2014.5 (HKLM\...\{4237FF56-4BD0-481E-BD44-C1A8DDA9C753}_is1) (Version: 2014.50.00.0 - WinDS PRO Central)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Xfire (HKLM-x32\...\Xfire) (Version:  - )
XSplit Broadcaster (HKLM-x32\...\{F8A47958-47CC-4B57-AE7D-7DDC0A86BEF5}) (Version: 1.3.1311.1201 - SplitMediaLabs)
YTD Video Downloader 3.9.6 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 3.9.6 - GreenTree Applications SRL)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.16 - ZTE Corporation)
 
==================== Restore Points  =========================
 
12-03-2014 17:45:19 Uniblue SpeedUpMyPC installation
21-03-2014 06:41:44 Punto di controllo pianificato
21-03-2014 19:39:19 Operazione di ripristino
27-03-2014 15:10:32 Malwarebytes Anti-Rootkit Restore Point
27-03-2014 15:31:53 RegClean Pro gio, mar 27, 14  16:31
 
==================== Hosts content: ==========================
 
2013-11-19 21:56 - 2013-09-03 17:19 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {2F53F0B4-2570-44E5-9EF0-DB992533BE80} - \Plus-HD-7.5-enabler No Task File
Task: {397ADF21-0B83-40AF-A337-617515E4C33E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-18] (Adobe Systems Incorporated)
Task: {3C452D79-3DF6-49FF-B1E7-F803B9D2EF77} - \AmiUpdXp No Task File
Task: {44D0237E-65E2-4920-A60E-3B878C96C002} - \MediaPlayerEnhance-updater No Task File
Task: {45835675-8DFE-4697-AB6C-2FC668C87149} - System32\Tasks\RegistryDr_Start => C:\Program Files (x86)\Registry Dr\RegistryDr.exe <==== ATTENTION
Task: {468977AF-C85C-4905-A540-353772A5E527} - \Plus-HD-7.5-codedownloader No Task File
Task: {55CCDE24-B102-4BAC-BB6E-6DC6916FD70D} - System32\Tasks\RegistryDr_Popup => C:\Program Files (x86)\Registry Dr\Splash.exe <==== ATTENTION
Task: {5A7BD1B1-AE5C-41ED-AE55-D55059E8109E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08] (Google Inc.)
Task: {5AA7AC30-EE6A-4E67-8901-310104120295} - \SaveSense No Task File
Task: {5AC181B2-ADE4-4038-A3AC-AEC6A799FD4C} - \Plus-HD-7.5-updater No Task File
Task: {5E1B10BC-61CD-41A4-8C1E-FE65ACF880BC} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2014-02-28] (Systweak) <==== ATTENTION
Task: {6BEA6827-C196-4F01-8940-DD7ADF9F51D7} - \Plus-HD-7.5-firefoxinstaller No Task File
Task: {78337CEA-1530-4C6F-B2D5-2F0E51BC4872} - \Desk 365 RunAsStdUser No Task File
Task: {7F274CE6-80E2-4D9D-9EF0-C247B5132DB5} - System32\Tasks\Plus-HD-7.5-validator => C:\Program Files (x86)\Plus-HD-7.5\Plus-HD-7.5-validator.exe <==== ATTENTION
Task: {825D3368-1332-4D40-B7A5-EC4EC657FA93} - \MediaPlayerEnhance-chromeinstaller No Task File
Task: {8E1920BB-41ED-4962-98DE-619C7E68C694} - \MediaPlayerEnhance-enabler No Task File
Task: {8E337490-E9DF-46CC-9C6B-7881BE6339BD} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-01-03] (Systweak Inc) <==== ATTENTION
Task: {B4A2DEEF-2D2A-4CF8-9900-67ADB1271708} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-01-03] (Systweak Inc) <==== ATTENTION
Task: {C3149A5B-4E3E-4083-B695-39035ED3C7DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-08] (Google Inc.)
Task: {CD7E79BD-E122-43EF-B3F4-0B97155142F0} - \MediaPlayerEnhance-codedownloader No Task File
Task: {D4AE4D0B-1354-4D33-9B71-B442095379CE} - \MediaPlayerEnhance-firefoxinstaller No Task File
Task: {E0E61FB8-6B5B-409A-AD87-641BD517EE7C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {E962E401-0851-4F52-8423-7F12CA372447} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: {FF624676-A07D-4614-B942-1CC900333C92} - \Omiga Plus RunAsStdUser No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-7.5-validator.job => C:\Program Files (x86)\Plus-HD-7.5\Plus-HD-7.5-validator.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2013-08-03 14:54 - 2013-11-11 16:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-01-30 01:40 - 2010-01-30 01:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-10-05 19:03 - 2013-12-23 10:55 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe
2014-02-14 18:27 - 2014-03-26 13:53 - 00348448 _____ () C:\Program Files (x86)\BringStar\updateBringStar.exe
2014-02-09 20:57 - 2014-03-03 17:10 - 00268800 _____ () C:\ProgramData\Windows Services\wservice.exe
2014-03-21 01:00 - 2014-03-27 13:39 - 00348448 _____ () C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe
2014-02-16 11:40 - 2014-03-26 07:14 - 00348448 _____ () C:\Program Files (x86)\BringStar\bin\utilBringStar.exe
2014-03-24 14:12 - 2014-03-27 13:09 - 00348448 _____ () C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe
2014-03-02 14:43 - 2014-01-24 15:04 - 00775872 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2014-03-25 20:47 - 2014-03-25 20:47 - 00287008 _____ () C:\Program Files (x86)\BringStar\bin\FilterApp_C64.exe
2014-03-22 06:59 - 2014-03-25 22:41 - 00078624 _____ () C:\Program Files (x86)\BringStar\bin\XTLSApp.exe
2014-03-27 16:23 - 2012-07-25 12:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll
2014-03-27 16:23 - 2014-02-28 18:29 - 01730928 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll
2014-03-27 16:23 - 2012-07-25 12:03 - 00168448 _____ () C:\Program Files (x86)\Advanced System Protector\UNRAR.DLL
2014-03-02 14:43 - 2014-01-24 14:55 - 00061440 _____ () C:\Program Files (x86)\Mobogenie\Device.dll
2014-03-02 14:43 - 2014-03-03 13:08 - 00471040 _____ () C:\Program Files (x86)\Mobogenie\DCR.dll
2010-01-30 01:41 - 2010-01-30 01:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-03-22 02:18 - 2014-03-15 01:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-22 06:59 - 2014-03-25 22:41 - 00179488 _____ () C:\Program Files (x86)\BringStar\bin\xtlsapp.dll
2014-03-22 02:18 - 2014-03-15 01:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-22 02:18 - 2014-03-15 01:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-22 02:18 - 2014-03-15 01:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-22 02:18 - 2014-03-15 01:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-22 02:18 - 2014-03-15 01:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-22 02:18 - 2014-03-15 01:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AODService => 2
MSCONFIG\Services: APNMCP => 2
MSCONFIG\Services: desksvc => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NMSAccessU => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: PnkBstrA => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SProtection => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: WajamUpdater => 2
MSCONFIG\Services: WsysSvc => 2
MSCONFIG\startupfolder: C:^Users^Nicolò^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft SharePoint Workspace.lnk => C:\Windows\pss\Microsoft SharePoint Workspace.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nicolò^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ritaglio schermata e avvio di OneNote 2010.lnk => C:\Windows\pss\Ritaglio schermata e avvio di OneNote 2010.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Desk 365 => "C:\Program Files (x86)\Desk 365\desk365.exe" /autorun
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Nicolò\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Iminent => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: MMTray => "C:\Program Files (x86)\Morgan\m3jpegV3\MMTray.exe"
MSCONFIG\startupreg: MP3 Skype Recorder => C:\Youtube\MP3 Skype Recorder.exe
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: se => "C:\Users\Nicolò\AppData\Roaming\SkypEmoticons\SE.exe"  /minimized 
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Scheda Microsoft Teredo Tunneling
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/28/2014 02:17:08 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Errore nel file manifesto o dei criteri "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2", alla riga C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
 
Error: (03/28/2014 02:17:07 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Impossibile trovare l'assembly dipendente Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Utilizzare sxstrace.exe per ottenere una diagnosi dettagliata.
 
Error: (03/28/2014 02:16:58 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "assemblyIdentity1". Errore nel file manifesto o dei criteri "assemblyIdentity2", riga assemblyIdentity3.
Il valore "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" dell'attributo "version" nell'elemento "assemblyIdentity" non è valido.
 
Error: (03/28/2014 01:44:19 PM) (Source: Application Error) (User: )
Description: Impossibile accedere al file  per uno dei motivi seguenti: 
Si è verificato un problema relativo alla connessione di rete, al disco in cui è archiviato il file o ai driver
di archiviazione installati nel computer oppure il disco è assente.
Il programma HitmanPro 3.7 è stato chiuso a causa dell'errore.
 
Programma: HitmanPro 3.7
File: 
 
Il valore dell'errore è indicato nella sezione Dati aggiuntivi.
Azione utente
1. Aprire nuovamente il file.
Potrebbe trattarsi di un problema temporaneo che si risolverà automaticamente rieseguendo il programma.
2.
Se il file risulta comunque non accessibile e:
- Si trova in rete,
è necessario che l'amministratore della rete verifichi la presenza di eventuali problemi di rete e che sia possibile contattare il server.
- Si trova in un disco rimovibile, ad esempio un disco floppy o un CD, verificare che il disco sia inserito correttamente nel computer.
3. Controllare e ripristinare il file system eseguendo CHKDSK. Per eseguire CHKDSK, fare clic sul pulsante Start, scegliere Esegui, digitare CMD, quindi scegliere OK. Al prompt dei comandi, digitare CHKDSK /F, quindi premere INVIO.
4. Se il problema persiste, ripristinare il file da una copia di backup.
5. Determinare se è possibile aprire altri file nello stesso disco. Se non è possibile, il disco potrebbe essere danneggiato. Se si tratta di un disco rigido, contattare l'amministratore o il fornitore dell'hardware
del computer per ottenere assistenza.
 
Dati aggiuntivi
Valore errore: 00000000
Tipo disco: 0
 
Error: (03/28/2014 01:44:19 PM) (Source: Application Error) (User: )
Description: Nome dell'applicazione che ha generato l'errore: HitmanPro.exe, versione: 3.7.9.214, timestamp: 0x53314522
Nome del modulo che ha generato l'errore: HitmanPro.exe, versione: 3.7.9.214, timestamp: 0x53314522
Codice eccezione: 0xc000001d
Offset errore 0x00000000002b2191
ID processo che ha generato l'errore: 0x6c0
Ora di avvio dell'applicazione che ha generato l'errore: 0xHitmanPro.exe0
Percorso dell'applicazione che ha generato l'errore: HitmanPro.exe1
Percorso del modulo che ha generato l'errore: HitmanPro.exe2
ID segnalazione: HitmanPro.exe3
 
Error: (03/28/2014 01:41:05 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (03/28/2014 01:41:05 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (03/28/2014 01:40:40 PM) (Source: CltMngSvc) (User: )
Description: CltMngSvcServiceMain Version 2. (Error: 87)
 
Error: (03/27/2014 07:15:40 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Errore nel file manifesto o dei criteri "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2", alla riga C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
 
Error: (03/27/2014 07:15:40 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Impossibile trovare l'assembly dipendente Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0".
Utilizzare sxstrace.exe per ottenere una diagnosi dettagliata.
 
 
System errors:
=============
Error: (03/28/2014 01:43:56 PM) (Source: Service Control Manager) (User: )
Description: Il servizio SaveSenseLive Service (savesenselive) non è stato avviato per il seguente errore: 
%%2
 
Error: (03/28/2014 01:40:37 PM) (Source: Service Control Manager) (User: )
Description: Il servizio AVG WatchDog non è stato avviato per il seguente errore: 
%%5
 
Error: (03/28/2014 01:40:37 PM) (Source: Service Control Manager) (User: )
Description: Il servizio AVGIDSAgent non è stato avviato per il seguente errore: 
%%5
 
Error: (03/27/2014 04:45:14 PM) (Source: Service Control Manager) (User: )
Description: Il servizio SaveSenseLive Service (savesenselive) non è stato avviato per il seguente errore: 
%%2
 
Error: (03/27/2014 04:42:46 PM) (Source: Service Control Manager) (User: )
Description: Il servizio AVG WatchDog non è stato avviato per il seguente errore: 
%%5
 
Error: (03/27/2014 04:42:46 PM) (Source: Service Control Manager) (User: )
Description: Il servizio AVGIDSAgent non è stato avviato per il seguente errore: 
%%5
 
Error: (03/27/2014 04:14:28 PM) (Source: Service Control Manager) (User: )
Description: Il servizio SaveSenseLive Service (savesenselive) non è stato avviato per il seguente errore: 
%%2
 
Error: (03/27/2014 04:12:10 PM) (Source: Service Control Manager) (User: )
Description: Il servizio AVG WatchDog non è stato avviato per il seguente errore: 
%%5
 
Error: (03/27/2014 04:12:10 PM) (Source: Service Control Manager) (User: )
Description: Il servizio AVGIDSAgent non è stato avviato per il seguente errore: 
%%5
 
Error: (03/27/2014 01:08:42 PM) (Source: Service Control Manager) (User: )
Description: Il servizio SaveSenseLive Service (savesenselive) non è stato avviato per il seguente errore: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (03/28/2014 02:17:08 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\program files (x86)\thehunter\launcher\launcher.exe
 
Error: (03/28/2014 02:17:07 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files (x86)\innovative solutions\drivermax\DPInst\ia64\dpinst.exe
 
Error: (03/28/2014 02:16:58 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
Error: (03/28/2014 01:44:19 PM) (Source: Application Error)(User: )
Description: HitmanPro 3.7000000000
 
Error: (03/28/2014 01:44:19 PM) (Source: Application Error)(User: )
Description: HitmanPro.exe3.7.9.21453314522HitmanPro.exe3.7.9.21453314522c000001d00000000002b21916c001cf4a82ec0bc69aC:\Program Files\HitmanPro\HitmanPro.exeC:\Program Files\HitmanPro\HitmanPro.exead42e164-b676-11e3-b0f9-bc5ff4a3f707
 
Error: (03/28/2014 01:41:05 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (03/28/2014 01:41:05 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (03/28/2014 01:40:40 PM) (Source: CltMngSvc)(User: )
Description: CltMngSvcServiceMain Version 2. (Error: 87)
 
Error: (03/27/2014 07:15:40 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\program files (x86)\thehunter\launcher\launcher.exe
 
Error: (03/27/2014 07:15:40 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files (x86)\innovative solutions\drivermax\DPInst\ia64\dpinst.exe
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-03-21 21:55:39.777
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\8de53a0cf677c55b9a9beade4806\1ded797112f2a6d481d621674f18\9e5b20a3185303e241bb8547fcf2f4\x86_microsoft-windows-userenv_31bf3856ad364e35_7.1.7601.17514_none_83b850a4346b9b7c\userenv.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-03-21 21:55:39.725
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\8de53a0cf677c55b9a9beade4806\1ded797112f2a6d481d621674f18\9e5b20a3185303e241bb8547fcf2f4\x86_microsoft-windows-userenv_31bf3856ad364e35_7.1.7601.17514_none_83b850a4346b9b7c\userenv.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-03-21 21:55:39.673
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\8de53a0cf677c55b9a9beade4806\1ded797112f2a6d481d621674f18\9e5b20a3185303e241bb8547fcf2f4\x86_microsoft-windows-userenv_31bf3856ad364e35_7.1.7601.17514_none_83b850a4346b9b7c\userenv.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-03-21 21:55:39.585
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\8de53a0cf677c55b9a9beade4806\1ded797112f2a6d481d621674f18\9e5b20a3185303e241bb8547fcf2f4\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-03-21 21:55:39.531
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\8de53a0cf677c55b9a9beade4806\1ded797112f2a6d481d621674f18\9e5b20a3185303e241bb8547fcf2f4\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-03-21 21:55:39.479
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\8de53a0cf677c55b9a9beade4806\1ded797112f2a6d481d621674f18\9e5b20a3185303e241bb8547fcf2f4\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-03-21 21:55:15.993
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\8de53a0cf677c55b9a9beade4806\1ded797112f2a6d481d621674f18\9e5b20a3185303e241bb8547fcf2f4\x86_microsoft-windows-rpc-remote_31bf3856ad364e35_6.1.7601.17514_none_c2a09d30916321d9\rpcrtremote.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-03-21 21:55:15.939
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\8de53a0cf677c55b9a9beade4806\1ded797112f2a6d481d621674f18\9e5b20a3185303e241bb8547fcf2f4\x86_microsoft-windows-rpc-remote_31bf3856ad364e35_6.1.7601.17514_none_c2a09d30916321d9\rpcrtremote.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-03-21 21:55:15.885
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\8de53a0cf677c55b9a9beade4806\1ded797112f2a6d481d621674f18\9e5b20a3185303e241bb8547fcf2f4\x86_microsoft-windows-rpc-remote_31bf3856ad364e35_6.1.7601.17514_none_c2a09d30916321d9\rpcrtremote.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-03-21 21:50:22.966
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\8de53a0cf677c55b9a9beade4806\1ded797112f2a6d481d621674f18\9e5b20a3185303e241bb8547fcf2f4\amd64_microsoft-windows-userenv_31bf3856ad364e35_7.1.7601.17514_none_dfd6ec27ecc90cb2\userenv.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 37%
Total physical RAM: 8149.63 MB
Available physical RAM: 5054.67 MB
Total Pagefile: 16297.39 MB
Available Pagefile: 12729.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:911.88 GB) (Free:510.94 GB) NTFS
Drive d: () (Fixed) (Total:19.53 GB) (Free:18.62 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 40D3E714)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=912 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
 


#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 PM

Posted 28 March 2014 - 04:41 PM

Cominciamo:


Step 1

Please download this attached Attached File  fixlist.txt   744bytes   12 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button. Allow a reboot if requested.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


Step 2

Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.


#5 MainoneedsHelp

MainoneedsHelp
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:07 PM

Posted 05 April 2014 - 11:34 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Nicolò at 2014-04-05 18:20:28 Run:1
Running from C:\Users\Nicolò\Downloads\Programs
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
() C:\ProgramData\Windows Services\wservice.exe
HKU\S-1-5-21-2738393591-65253282-3242674100-1000\...\CurrentVersion\Windows: [Load] C:\ProgramData\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2738393591-65253282-3242674100-1000\...\Winlogon: [Shell] "C:\ProgramData\Windows Services\wservice.exe",explorer.exe,"C:\Users\Nicolò\Documents\Google.com" <==== ATTENTION
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
2014-03-03 17:10 - 2014-02-09 20:57 - 00268800 __RSH () C:\Windows\SysWOW64\Microsoft.com
2014-03-03 17:10 - 2014-03-03 17:10 - 00268800 __RSH () C:\Users\Nicolò\Documents\Google.com
2014-03-03 17:10 - 2014-03-03 17:10 - 00268800 __RSH () C:\ProgramData\Microsoft.com
C:\ProgramData\Windows Services
Reboot:
*****************

C:\ProgramData\Windows Services\wservice.exe => No running process found
HKU\S-1-5-21-2738393591-65253282-3242674100-1000\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Load => Value was restored successfully.
HKU\S-1-5-21-2738393591-65253282-3242674100-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Unable to delete value
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Windows\SysWOW64\Microsoft.com => Moved successfully.
C:\Users\Nicolò\Documents\Google.com => Moved successfully.
Could not move "C:\ProgramData\Microsoft.com" => Scheduled to move on reboot.

"C:\ProgramData\Windows Services" directory move:

C:\ProgramData\Windows Services\3818273 => Moved successfully.
Could not move "C:\ProgramData\Windows Services\wservice.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\Windows Services" directory. => Scheduled to move on reboot.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-05 18:22:40)<=

C:\ProgramData\Microsoft.com => Is moved successfully.
C:\ProgramData\Windows Services\wservice.exe => Is moved successfully.
C:\ProgramData\Windows Services => Moved successfully.

==== End of Fixlog ====

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Nicolò (administrator) on NICOLÒ-PC on 05-04-2014 18:32:01
Running from C:\Users\Nicolò\Downloads\Programs
Windows 7 Ultimate (X64) OS Language: Italian Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

 

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL =
SearchScopes: HKLM - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL =
SearchScopes: HKLM - {F7C78C08-3CC7-416F-B827-7C1785ABBDA8} URL =
SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = http://search.iminent.com/?appId=4A5C34F5-525A-4D80-8F73-83AF3EFEE7F6&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL =
SearchScopes: HKCU - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL =
SearchScopes: HKCU - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = http://search.iminent.com/?appId=4A5C34F5-525A-4D80-8F73-83AF3EFEE7F6&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - {F7C78C08-3CC7-416F-B827-7C1785ABBDA8} URL =
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: MediaPlayerEnhance - {11111111-1111-1111-1111-110411411150} -  No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: BringStar - {0ba6da2e-a2ee-4222-846f-79755e1d26f6} - C:\Program Files (x86)\BringStar\BringStarBHO.dll (BringStar)
BHO-x32: Bubble Dock SurfMatch - {23AF19F7-1D5B-442c-B14C-3D1081953C94} - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll (Nosibay)
BHO-x32: Mega Browse - {4e6cd411-ce62-4584-97ff-6afbcf6900af} - C:\Program Files (x86)\Mega Browse\MegaBrowsebho.dll (Mega Browse)
BHO-x32: BringStar - {6f0d3dec-9246-4b6f-a5e3-c1c169493eef} - C:\Program Files (x86)\BringStar\BringStarbho.dll (BringStar)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -  No File
BHO-x32: Media Player - {a615e327-b856-4f79-9b2e-fad2804eb9b9} -  No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 62.94.0.41 62.94.0.42
Tcpip\..\Interfaces\{33748396-64F9-4BC7-B139-D7093E56DF0F}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\Nicolò\AppData\Roaming\Mozilla\Firefox\Profiles\la4y1tmb.default
FF user.js: detected! => C:\Users\Nicolò\AppData\Roaming\Mozilla\Firefox\Profiles\la4y1tmb.default\user.js
FF NewTab: about:blank
FF DefaultSearchEngine: StartWeb
FF SelectedSearchEngine: StartWeb
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-it.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-it.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\hoepli.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-it.xml
FF Extension: iMacros for Firefox - C:\Users\Nicolò\AppData\Roaming\Mozilla\Firefox\Profiles\la4y1tmb.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-03-06]
FF Extension: No Name - C:\Users\Nicolò\AppData\Roaming\Mozilla\Firefox\Profiles\la4y1tmb.default\Extensions\{29b136c9-938d-4d3d-8df8-d649d9b74d02}.xpi [2014-03-21]
FF Extension: No Name - C:\Users\Nicolò\AppData\Roaming\Mozilla\Firefox\Profiles\la4y1tmb.default\Extensions\{3de9eb9c-a833-42cb-b66f-841b954aebef}.xpi [2014-03-22]
FF HKLM-x32\...\Firefox\Extensions: [bubbledock@nosibay.com] - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\FFSurfMatch
FF Extension: No Name - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\FFSurfMatch [2014-03-02]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Nicolò\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Nicolò\AppData\Roaming\IDM\idmmzcc5 [2014-03-26]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Nicolò\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Nicolò\AppData\Roaming\IDM\idmmzcc5 [2014-03-26]

==================== NetSvcs (Whitelisted) ===================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-03-30 14:52

==================== End Of Log ============================

 

Thanks for all



#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 PM

Posted 05 April 2014 - 11:43 AM

Hi,

the fresh FRST log from step 2 looks incomplete. Have you edited out some parts or is this really the log you've got?

#7 MainoneedsHelp

MainoneedsHelp
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:07 PM

Posted 11 April 2014 - 02:28 PM

Hi,

the fresh FRST log from step 2 looks incomplete. Have you edited out some parts or is this really the log you've got?

this is the FRST.txt file

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 29 days old and could be outdated)
Ran by Nicolò (administrator) on NICOLÒ-PC on 11-04-2014 21:18:43
Running from C:\Users\Nicolò\Downloads\Programs
Windows 7 Ultimate (X64) OS Language: Italian Standard
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
 
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = 
SearchScopes: HKLM - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = 
SearchScopes: HKLM - {F7C78C08-3CC7-416F-B827-7C1785ABBDA8} URL = 
SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = http://search.iminent.com/?appId=4A5C34F5-525A-4D80-8F73-83AF3EFEE7F6&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = 
SearchScopes: HKCU - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = 
SearchScopes: HKCU - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = http://search.iminent.com/?appId=4A5C34F5-525A-4D80-8F73-83AF3EFEE7F6&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - {F7C78C08-3CC7-416F-B827-7C1785ABBDA8} URL = 
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: MediaPlayerEnhance - {11111111-1111-1111-1111-110411411150} -  No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: BringStar - {0ba6da2e-a2ee-4222-846f-79755e1d26f6} - C:\Program Files (x86)\BringStar\BringStarBHO.dll (BringStar)
BHO-x32: Bubble Dock SurfMatch - {23AF19F7-1D5B-442c-B14C-3D1081953C94} - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll (Nosibay)
BHO-x32: Mega Browse - {4e6cd411-ce62-4584-97ff-6afbcf6900af} - C:\Program Files (x86)\Mega Browse\MegaBrowsebho.dll (Mega Browse)
BHO-x32: BringStar - {6f0d3dec-9246-4b6f-a5e3-c1c169493eef} - C:\Program Files (x86)\BringStar\BringStarbho.dll (BringStar)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -  No File
BHO-x32: Media Player - {a615e327-b856-4f79-9b2e-fad2804eb9b9} -  No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 62.94.0.41 62.94.0.42
Tcpip\..\Interfaces\{33748396-64F9-4BC7-B139-D7093E56DF0F}: [NameServer]8.8.8.8,8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\Nicolò\AppData\Roaming\Mozilla\Firefox\Profiles\la4y1tmb.default
FF user.js: detected! => C:\Users\Nicolò\AppData\Roaming\Mozilla\Firefox\Profiles\la4y1tmb.default\user.js
FF NewTab: about:blank
FF DefaultSearchEngine: StartWeb
FF SelectedSearchEngine: StartWeb
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-it.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-it.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\hoepli.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-it.xml
FF Extension: iMacros for Firefox - C:\Users\Nicolò\AppData\Roaming\Mozilla\Firefox\Profiles\la4y1tmb.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-03-06]
FF Extension: No Name - C:\Users\Nicolò\AppData\Roaming\Mozilla\Firefox\Profiles\la4y1tmb.default\Extensions\{29b136c9-938d-4d3d-8df8-d649d9b74d02}.xpi [2014-03-21]
FF Extension: No Name - C:\Users\Nicolò\AppData\Roaming\Mozilla\Firefox\Profiles\la4y1tmb.default\Extensions\{3de9eb9c-a833-42cb-b66f-841b954aebef}.xpi [2014-03-22]
FF HKLM-x32\...\Firefox\Extensions: [bubbledock@nosibay.com] - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\FFSurfMatch
FF Extension: No Name - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\FFSurfMatch [2014-03-02]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Nicolò\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Nicolò\AppData\Roaming\IDM\idmmzcc5 [2014-03-26]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Nicolò\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Nicolò\AppData\Roaming\IDM\idmmzcc5 [2014-03-26]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-04-10 12:02
 
==================== End Of Log ============================
 
 
 
 
and this is the Addition.txt file
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Nicolò at 2014-04-11 21:19:30
Running from C:\Users\Nicolò\Downloads\Programs
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
 
==================== Restore Points  =========================
 
27-03-2014 15:10:32 Malwarebytes Anti-Rootkit Restore Point
27-03-2014 15:31:53 RegClean Pro gio, mar 27, 14  16:31
03-04-2014 18:57:06 Punto di controllo pianificato
11-04-2014 09:41:16 Punto di controllo pianificato
 
==================== Hosts content: ==========================
 
2013-11-19 22:56 - 2013-09-03 18:19 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-7.5-validator.job => C:\Program Files (x86)\Plus-HD-7.5\Plus-HD-7.5-validator.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AODService => 2
MSCONFIG\Services: APNMCP => 2
MSCONFIG\Services: desksvc => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NMSAccessU => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: PnkBstrA => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SProtection => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: WajamUpdater => 2
MSCONFIG\Services: WsysSvc => 2
MSCONFIG\startupfolder: C:^Users^Nicolò^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft SharePoint Workspace.lnk => C:\Windows\pss\Microsoft SharePoint Workspace.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nicolò^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ritaglio schermata e avvio di OneNote 2010.lnk => C:\Windows\pss\Ritaglio schermata e avvio di OneNote 2010.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Desk 365 => "C:\Program Files (x86)\Desk 365\desk365.exe" /autorun
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Nicolò\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Iminent => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: MMTray => "C:\Program Files (x86)\Morgan\m3jpegV3\MMTray.exe"
MSCONFIG\startupreg: MP3 Skype Recorder => C:\Youtube\MP3 Skype Recorder.exe
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: se => "C:\Users\Nicolò\AppData\Roaming\SkypEmoticons\SE.exe"  /minimized 
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Scheda Microsoft Teredo Tunneling
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/11/2014 08:58:22 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
 
Error: (04/11/2014 08:53:44 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
 
Error: (04/11/2014 08:52:30 PM) (Source: MsiInstaller) (User: Nicolò-PC)
Description: Product: Steam -- Error 1711. An error occurred while writing installation information to disk.  Check to make sure enough disk space is available and click Retry, or click Cancel to end the install.
 
Error: (04/11/2014 08:52:26 PM) (Source: MsiInstaller) (User: Nicolò-PC)
Description: Product: Steam -- Error 1711. An error occurred while writing installation information to disk.  Check to make sure enough disk space is available and click Retry, or click Cancel to end the install.
 
Error: (04/11/2014 08:52:26 PM) (Source: MsiInstaller) (User: Nicolò-PC)
Description: Product: Steam -- Error 1711. An error occurred while writing installation information to disk.  Check to make sure enough disk space is available and click Retry, or click Cancel to end the install.
 
Error: (04/11/2014 08:52:25 PM) (Source: MsiInstaller) (User: Nicolò-PC)
Description: Product: Steam -- Error 1711. An error occurred while writing installation information to disk.  Check to make sure enough disk space is available and click Retry, or click Cancel to end the install.
 
Error: (04/11/2014 08:51:16 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Errore nel file manifesto o dei criteri "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2", alla riga C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
 
Error: (04/11/2014 08:51:14 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Errore nel file manifesto o dei criteri "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2", alla riga C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
 
Error: (04/11/2014 08:51:12 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Errore nel file manifesto o dei criteri "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2", alla riga C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
 
Error: (04/11/2014 08:48:41 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
 
 
System errors:
=============
Error: (04/11/2014 08:58:22 PM) (Source: Service Control Manager) (User: )
Description: Il servizio Steam Client Service non è stato avviato per il seguente errore: 
%%1053
 
Error: (04/11/2014 08:58:22 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della connessione del servizio Steam Client Service.
 
Error: (04/11/2014 09:52:05 AM) (Source: Service Control Manager) (User: )
Description: Il servizio SaveSenseLive Service (savesenselive) non è stato avviato per il seguente errore: 
%%2
 
Error: (04/11/2014 09:48:46 AM) (Source: Service Control Manager) (User: )
Description: Il servizio AVG WatchDog non è stato avviato per il seguente errore: 
%%5
 
Error: (04/11/2014 09:48:46 AM) (Source: Service Control Manager) (User: )
Description: Il servizio AVGIDSAgent non è stato avviato per il seguente errore: 
%%5
 
Error: (04/10/2014 07:21:44 PM) (Source: Service Control Manager) (User: )
Description: Il servizio SaveSenseLive Service (savesenselive) non è stato avviato per il seguente errore: 
%%2
 
Error: (04/10/2014 07:19:23 PM) (Source: Service Control Manager) (User: )
Description: Il servizio AVG WatchDog non è stato avviato per il seguente errore: 
%%5
 
Error: (04/10/2014 07:19:23 PM) (Source: Service Control Manager) (User: )
Description: Il servizio AVGIDSAgent non è stato avviato per il seguente errore: 
%%5
 
Error: (04/10/2014 02:57:40 PM) (Source: Service Control Manager) (User: )
Description: Il servizio SaveSenseLive Service (savesenselive) non è stato avviato per il seguente errore: 
%%2
 
Error: (04/10/2014 02:55:21 PM) (Source: Service Control Manager) (User: )
Description: Il servizio AVG WatchDog non è stato avviato per il seguente errore: 
%%5
 
 
Microsoft Office Sessions:
=========================
Error: (04/11/2014 08:58:22 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
 
Error: (04/11/2014 08:53:44 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
 
Error: (04/11/2014 08:52:30 PM) (Source: MsiInstaller)(User: Nicolò-PC)
Description: Product: Steam -- Error 1711. An error occurred while writing installation information to disk.  Check to make sure enough disk space is available and click Retry, or click Cancel to end the install.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/11/2014 08:52:26 PM) (Source: MsiInstaller)(User: Nicolò-PC)
Description: Product: Steam -- Error 1711. An error occurred while writing installation information to disk.  Check to make sure enough disk space is available and click Retry, or click Cancel to end the install.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/11/2014 08:52:26 PM) (Source: MsiInstaller)(User: Nicolò-PC)
Description: Product: Steam -- Error 1711. An error occurred while writing installation information to disk.  Check to make sure enough disk space is available and click Retry, or click Cancel to end the install.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/11/2014 08:52:25 PM) (Source: MsiInstaller)(User: Nicolò-PC)
Description: Product: Steam -- Error 1711. An error occurred while writing installation information to disk.  Check to make sure enough disk space is available and click Retry, or click Cancel to end the install.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (04/11/2014 08:51:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Nicolò\Downloads\Programs\SoftonicDownloader_per_steam.exe
 
Error: (04/11/2014 08:51:14 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Nicolò\Downloads\Programs\SoftonicDownloader_per_steam.exe
 
Error: (04/11/2014 08:51:12 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Nicolò\Downloads\Programs\SoftonicDownloader_per_steam.exe
 
Error: (04/11/2014 08:48:41 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 55%
Total physical RAM: 8149.63 MB
Available physical RAM: 3654.48 MB
Total Pagefile: 16297.39 MB
Available Pagefile: 11076.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:911.88 GB) (Free:495.44 GB) NTFS
Drive d: () (Fixed) (Total:19.53 GB) (Free:18.62 GB) NTFS
 
==================== End Of Log ============================
 
thank you





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users