Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malicious Website Blocked by Malwarebytes


  • This topic is locked This topic is locked
7 replies to this topic

#1 Vincenzo77

Vincenzo77

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 26 February 2015 - 06:30 AM

Hello,

 

every time that i surf through some websites Malwarebytes hurry me that a Malicious Web Site has been blocked.

 

Below some other information:

 

IP: 91.194.254.105

Type: outbound

Port: xxxx

Process: ..../svchost.exe 

 

 

Also some popup window, probably written in cirillic, are shown very often.

 

Please help me.

 

Sorry about my english but is not my mother language.

 

Thank you in advance.

 



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:19 AM

Posted 26 February 2015 - 12:02 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 Vincenzo77

Vincenzo77
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 27 February 2015 - 03:25 AM

Hello,

 

here logs:

 

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by Vincenzo (administrator) on FAMIGLIAMEDDA on 27-02-2015 09:19:54
Running from C:\Users\Vincenzo\Downloads
Loaded Profiles: Vincenzo (Available profiles: Vincenzo & Administrator)
Platform: Windows 8.1 (X64) OS Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
() C:\Windows\SysWOW64\AsHookDevice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.3.336.0\McCSPServiceHost.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSPanel.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-26] (Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-09] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1618754290-3034697088-3122458369-1003\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-08-19] (AMD)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.0.3.226\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1618754290-3034697088-3122458369-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
HKU\S-1-5-21-1618754290-3034697088-3122458369-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
 
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-02-24]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-12-09]
 
Chrome: 
=======
CHR StartupUrls: Default -> "https://www.google.com/"
CHR Profile: C:\Users\Vincenzo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Vincenzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-26]
CHR Extension: (Google Docs) - C:\Users\Vincenzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-26]
CHR Extension: (Google Drive) - C:\Users\Vincenzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-26]
CHR Extension: (YouTube) - C:\Users\Vincenzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-26]
CHR Extension: (Google Search) - C:\Users\Vincenzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-26]
CHR Extension: (Google Sheets) - C:\Users\Vincenzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-26]
CHR Extension: (SiteAdvisor) - C:\Users\Vincenzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-02-26]
CHR Extension: (Google Wallet) - C:\Users\Vincenzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-26]
CHR Extension: (Gmail) - C:\Users\Vincenzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-26]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-24]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-24]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-19] (Advanced Micro Devices, Inc.) [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [59392 2013-09-26] () [File not signed]
R2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-02-12] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-01-13] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-25] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2015-01-07] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-27] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation                           )
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-27 09:19 - 2015-02-27 09:20 - 00018928 _____ () C:\Users\Vincenzo\Downloads\FRST.txt
2015-02-27 09:19 - 2015-02-27 09:19 - 00000000 ____D () C:\FRST
2015-02-27 09:18 - 2015-02-27 09:18 - 02087936 _____ (Farbar) C:\Users\Vincenzo\Downloads\FRST64.exe
2015-02-27 09:16 - 2015-02-27 09:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-02-26 19:32 - 2015-02-26 19:32 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2015-02-26 19:32 - 2015-02-26 19:32 - 00000000 ____D () C:\WINDOWS\system32\vbox
2015-02-26 19:22 - 2015-02-26 19:23 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-26 19:21 - 2015-02-26 19:22 - 05006864 _____ (AVAST Software) C:\Users\Vincenzo\Downloads\avast_free_antivirus_setup_online (1).exe
2015-02-26 11:25 - 2015-02-26 11:25 - 00002239 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2015-02-26 11:25 - 2015-02-26 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-02-26 11:24 - 2015-02-26 11:24 - 00880208 _____ (Google Inc.) C:\Users\Vincenzo\Downloads\GoogleEarthSetup (3).exe
2015-02-26 11:10 - 2015-02-27 09:15 - 00001182 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-26 11:10 - 2015-02-27 09:13 - 00001178 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-26 11:10 - 2015-02-26 11:10 - 00004154 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-26 11:10 - 2015-02-26 11:10 - 00003918 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-26 11:10 - 2015-02-26 11:10 - 00002284 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-26 11:10 - 2015-02-26 11:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-26 11:09 - 2015-02-26 11:25 - 00000000 ____D () C:\Users\Vincenzo\AppData\Local\Google
2015-02-26 11:09 - 2015-02-26 11:25 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-26 11:08 - 2015-02-26 11:09 - 00000000 ____D () C:\Users\Vincenzo\AppData\Local\Deployment
2015-02-26 11:08 - 2015-02-26 11:08 - 00000000 ____D () C:\Users\Vincenzo\AppData\Local\Apps\2.0
2015-02-26 11:04 - 2015-02-26 11:04 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-02-25 20:53 - 2015-02-25 20:57 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-02-25 20:53 - 2015-02-25 20:53 - 00001414 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-02-25 20:53 - 2015-02-25 20:53 - 00001402 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-02-25 20:53 - 2015-02-25 20:53 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2015-02-25 20:53 - 2015-02-25 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-02-25 20:53 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-02-25 20:52 - 2015-02-25 20:55 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-02-25 20:51 - 2015-02-25 20:52 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Vincenzo\Downloads\spybot-2.4 (2).exe
2015-02-25 20:48 - 2015-02-25 20:52 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-02-25 20:31 - 2015-02-27 09:13 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-25 20:31 - 2015-02-25 20:31 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-25 20:31 - 2015-02-25 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-25 20:31 - 2015-02-25 20:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-25 20:31 - 2015-02-25 20:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-25 20:31 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-25 20:31 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-25 20:31 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-25 20:19 - 2015-02-25 20:19 - 00000000 ____D () C:\Users\Vincenzo\AppData\Roaming\Macromedia
2015-02-25 19:46 - 2015-02-25 19:47 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-25 19:46 - 2015-01-29 17:49 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-25 19:33 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2015-02-25 19:24 - 2013-12-11 08:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2015-02-25 19:24 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-02-25 19:24 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-02-25 19:24 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-02-25 19:24 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-02-25 19:24 - 2013-11-27 09:20 - 04106240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-02-25 19:24 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-02-25 19:24 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-02-25 19:24 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-02-25 19:24 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2015-02-25 19:24 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-02-25 19:24 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-02-25 19:24 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-02-25 19:24 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-02-25 19:23 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-02-24 23:15 - 2015-02-25 19:49 - 00000000 ____D () C:\Windows.old
2015-02-24 23:14 - 2015-02-24 23:14 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-02-24 22:58 - 2015-02-24 22:58 - 00000000 ____D () C:\$WINDOWS.~BT
2015-02-24 22:41 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2015-02-24 22:41 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2015-02-24 22:41 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-02-24 22:41 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-02-24 22:41 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2015-02-24 22:41 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2015-02-24 22:41 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2015-02-24 22:41 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-02-24 22:41 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2015-02-24 22:41 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2015-02-24 22:41 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-02-24 22:41 - 2013-11-25 02:45 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2015-02-24 22:41 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2015-02-24 22:41 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2015-02-24 22:41 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2015-02-24 22:41 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2015-02-24 22:41 - 2013-11-23 08:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2015-02-24 22:41 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2015-02-24 22:41 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-02-24 22:41 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-02-24 22:41 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-02-24 22:41 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-24 22:41 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-24 20:28 - 2013-10-23 12:13 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2015-02-24 20:28 - 2013-10-22 08:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-02-24 20:28 - 2013-10-22 07:03 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-02-24 20:28 - 2013-10-22 06:15 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2015-02-24 20:28 - 2013-10-22 04:44 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2015-02-24 20:28 - 2013-10-22 03:38 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-02-24 20:28 - 2013-10-22 02:53 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-02-24 20:28 - 2013-10-19 05:48 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-02-24 20:28 - 2013-10-19 05:03 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-02-24 20:28 - 2013-10-19 04:26 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-02-24 20:28 - 2013-10-19 04:14 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-02-24 20:28 - 2013-10-16 10:34 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-02-24 20:28 - 2013-10-16 10:33 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-02-24 20:28 - 2013-10-13 03:43 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2015-02-24 20:28 - 2013-10-10 12:53 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-02-24 20:28 - 2013-10-10 12:21 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-02-24 20:28 - 2013-10-08 11:28 - 00523096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-02-24 20:28 - 2013-10-08 06:50 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-02-24 20:28 - 2013-10-08 06:15 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-02-24 20:28 - 2013-10-08 06:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2015-02-24 20:28 - 2013-10-08 05:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2015-02-24 20:28 - 2013-10-07 03:13 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-02-24 20:28 - 2013-10-05 15:21 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2015-02-24 20:28 - 2013-10-05 13:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2015-02-24 20:28 - 2013-10-05 10:18 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2015-02-24 20:28 - 2013-10-05 09:56 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-02-24 20:28 - 2013-10-05 09:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2015-02-24 20:28 - 2013-10-05 09:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-02-24 20:28 - 2013-10-05 08:43 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-02-24 20:28 - 2013-10-05 08:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-02-24 20:28 - 2013-10-04 09:10 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2015-02-24 20:28 - 2013-09-17 10:06 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-02-24 20:28 - 2013-09-17 10:06 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-02-24 20:28 - 2013-09-17 08:01 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-02-24 20:28 - 2013-09-17 07:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-02-24 20:28 - 2013-09-14 15:07 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-02-24 20:28 - 2013-09-14 15:00 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2015-02-24 20:28 - 2013-09-14 13:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-02-24 20:28 - 2013-09-12 09:08 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-02-24 20:28 - 2013-09-12 08:44 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-02-24 20:27 - 2013-10-23 12:29 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2015-02-24 20:27 - 2013-10-23 12:21 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2015-02-24 20:27 - 2013-10-22 05:04 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2015-02-24 20:27 - 2013-10-22 04:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2015-02-24 20:27 - 2013-10-22 03:22 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-02-24 20:27 - 2013-10-22 03:13 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-02-24 20:27 - 2013-10-13 04:06 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-02-24 20:27 - 2013-10-10 17:26 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-02-24 20:27 - 2013-10-10 17:26 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-02-24 20:27 - 2013-10-10 15:53 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-02-24 20:27 - 2013-10-10 15:53 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-02-24 20:27 - 2013-10-10 12:38 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-02-24 20:27 - 2013-10-08 07:46 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2015-02-24 20:27 - 2013-10-08 06:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2015-02-24 20:27 - 2013-10-08 06:48 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-02-24 20:27 - 2013-10-08 05:50 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2015-02-24 20:27 - 2013-10-07 08:21 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-02-24 20:27 - 2013-10-05 16:25 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-02-24 20:27 - 2013-10-05 12:01 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2015-02-24 20:27 - 2013-10-05 12:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-02-24 20:27 - 2013-10-05 12:00 - 01200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-02-24 20:27 - 2013-10-05 10:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-02-24 20:27 - 2013-10-05 10:07 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2015-02-24 20:27 - 2013-10-05 09:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2015-02-24 20:27 - 2013-10-05 09:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll
2015-02-24 20:27 - 2013-10-05 09:15 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2015-02-24 20:27 - 2013-09-17 07:31 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-02-24 20:27 - 2013-09-17 05:37 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2015-02-24 20:27 - 2013-09-14 13:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2015-02-24 20:27 - 2013-09-14 11:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2015-02-24 20:27 - 2013-09-14 10:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2015-02-24 20:27 - 2013-09-13 09:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2015-02-24 20:27 - 2013-09-13 08:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe
2015-02-24 20:27 - 2013-09-12 09:45 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-02-24 20:27 - 2013-09-12 09:08 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2015-02-24 20:27 - 2013-09-12 09:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-02-24 20:27 - 2013-09-12 08:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-02-24 20:27 - 2013-09-12 08:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2015-02-24 20:27 - 2013-09-12 08:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-02-24 20:27 - 2013-09-12 08:16 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-02-24 20:27 - 2013-09-12 08:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-02-24 20:27 - 2013-09-10 05:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2015-02-24 20:26 - 2013-11-08 04:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-02-24 20:26 - 2013-11-04 11:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-02-24 20:26 - 2013-10-31 01:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-24 20:26 - 2013-10-10 12:26 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-24 20:26 - 2013-10-10 12:05 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-02-24 20:26 - 2013-10-10 11:34 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-02-24 20:26 - 2013-10-10 11:27 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-02-24 20:25 - 2013-11-11 03:48 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-02-24 20:25 - 2013-11-09 07:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2015-02-24 20:25 - 2013-11-09 06:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2015-02-24 20:25 - 2013-11-08 11:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-02-24 20:25 - 2013-11-08 05:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-02-24 20:25 - 2013-11-08 05:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-02-24 20:25 - 2013-11-08 05:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-02-24 20:25 - 2013-11-08 04:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-02-24 20:25 - 2013-11-05 15:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-02-24 20:25 - 2013-11-05 14:17 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-02-24 20:25 - 2013-11-04 14:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2015-02-24 20:25 - 2013-11-04 03:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2015-02-24 20:25 - 2013-11-01 12:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-02-24 20:25 - 2013-11-01 07:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2015-02-24 20:25 - 2013-11-01 06:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2015-02-24 20:25 - 2013-10-31 01:58 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2015-02-24 20:25 - 2013-10-31 01:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-02-24 20:25 - 2013-10-31 01:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-02-24 20:25 - 2013-10-26 02:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2015-02-24 20:25 - 2013-10-24 10:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2015-02-24 20:25 - 2013-10-24 10:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2015-02-24 20:25 - 2013-10-17 12:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-02-24 20:25 - 2013-10-17 11:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-02-24 20:24 - 2014-01-08 02:46 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-02-24 20:24 - 2014-01-08 02:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-02-24 20:24 - 2014-01-08 02:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-02-24 20:24 - 2014-01-04 16:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2015-02-24 20:24 - 2014-01-04 16:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2015-02-24 20:24 - 2014-01-04 15:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2015-02-24 20:24 - 2014-01-04 14:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2015-02-24 20:24 - 2014-01-03 00:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2015-02-24 20:24 - 2014-01-03 00:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2015-02-24 20:24 - 2014-01-01 02:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-24 20:24 - 2014-01-01 02:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-02-24 20:24 - 2014-01-01 01:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-24 20:24 - 2014-01-01 01:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-02-24 20:24 - 2014-01-01 00:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-02-24 20:24 - 2014-01-01 00:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-02-24 20:24 - 2014-01-01 00:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-02-24 20:24 - 2013-12-31 00:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2015-02-24 20:24 - 2013-12-31 00:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-02-24 20:24 - 2013-12-31 00:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2015-02-24 20:24 - 2013-12-31 00:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-02-24 20:24 - 2013-12-31 00:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-02-24 20:24 - 2013-12-27 16:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-02-24 20:24 - 2013-12-27 09:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2015-02-24 20:24 - 2013-12-27 09:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-02-24 20:24 - 2013-12-27 09:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2015-02-24 20:24 - 2013-12-27 08:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2015-02-24 20:24 - 2013-12-27 08:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-02-24 20:24 - 2013-12-27 07:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2015-02-24 20:24 - 2013-12-21 08:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2015-02-24 20:24 - 2013-12-17 08:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2015-02-24 20:24 - 2013-12-14 07:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-02-24 20:24 - 2013-12-14 07:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-02-24 20:24 - 2013-12-13 11:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2015-02-24 20:24 - 2013-12-13 07:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2015-02-24 20:24 - 2013-12-13 06:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2015-02-24 20:24 - 2013-11-04 12:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-02-24 20:24 - 2013-11-04 02:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-02-24 20:24 - 2013-10-05 15:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-02-24 20:24 - 2013-10-05 15:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-02-24 20:24 - 2013-10-05 13:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-02-24 20:24 - 2013-10-05 13:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-02-24 20:23 - 2014-05-08 08:14 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-24 20:23 - 2014-05-08 06:52 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-24 20:23 - 2014-05-08 05:57 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-24 20:23 - 2014-05-08 05:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-02-24 20:23 - 2014-01-31 17:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-02-24 20:23 - 2014-01-31 17:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-02-24 20:23 - 2014-01-31 14:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-02-24 20:23 - 2014-01-31 10:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2015-02-24 20:23 - 2014-01-29 09:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-02-24 20:23 - 2014-01-29 09:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-02-24 20:23 - 2014-01-29 09:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2015-02-24 20:23 - 2014-01-29 09:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-02-24 20:23 - 2014-01-29 08:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2015-02-24 20:23 - 2014-01-29 08:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-02-24 20:23 - 2014-01-29 08:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-02-24 20:23 - 2014-01-29 07:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2015-02-24 20:23 - 2014-01-29 01:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2015-02-24 20:23 - 2014-01-27 20:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-02-24 20:23 - 2014-01-27 19:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-02-24 20:23 - 2014-01-27 18:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-02-24 20:23 - 2014-01-27 18:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-02-24 20:23 - 2014-01-27 16:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-02-24 20:23 - 2014-01-27 16:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-02-24 20:23 - 2014-01-18 00:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-02-24 20:23 - 2014-01-17 22:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-02-24 20:23 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2015-02-24 20:23 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2015-02-24 20:23 - 2013-12-21 15:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2015-02-24 20:23 - 2013-12-20 11:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-02-24 20:23 - 2013-12-20 11:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-02-24 20:23 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-02-24 20:23 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2015-02-24 20:23 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2015-02-24 20:23 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-02-24 20:23 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2015-02-24 20:23 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-02-24 20:23 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-24 20:23 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-02-24 20:23 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-02-24 20:23 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-02-24 20:23 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2015-02-24 20:23 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2015-02-24 20:23 - 2013-10-19 09:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2015-02-24 20:23 - 2013-10-19 08:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2015-02-24 20:22 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-02-24 20:22 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-02-24 20:22 - 2014-04-19 12:15 - 21186352 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-02-24 20:22 - 2014-04-19 07:49 - 18644072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-02-24 20:22 - 2014-03-10 11:35 - 02008408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-02-24 20:22 - 2014-03-10 11:35 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-02-24 20:22 - 2014-03-06 10:19 - 01287576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2015-02-24 20:22 - 2014-03-06 10:02 - 01109424 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2015-02-24 20:22 - 2014-03-06 07:17 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2015-02-24 20:22 - 2014-03-06 07:10 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2015-02-24 20:22 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-24 20:22 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-24 20:22 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-24 20:22 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-24 20:22 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-24 20:22 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-24 20:22 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-24 20:22 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-24 20:22 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-24 20:22 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-24 20:22 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-24 20:22 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-24 20:22 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-24 20:22 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-24 20:22 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-24 20:22 - 2014-02-11 04:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-24 20:22 - 2014-02-11 03:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2015-02-24 20:22 - 2014-02-11 03:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2015-02-24 20:22 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2015-02-24 20:22 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-02-24 20:22 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2015-02-24 20:22 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-02-24 20:22 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-02-24 20:22 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2015-02-24 20:22 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-02-24 20:22 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2015-02-24 20:22 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-02-24 20:22 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2015-02-24 20:22 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2015-02-24 20:22 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-02-24 20:22 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2015-02-24 20:22 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-24 20:22 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2015-02-24 20:22 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-02-24 20:22 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-02-24 20:22 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-24 20:22 - 2014-01-31 17:15 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2015-02-24 20:22 - 2014-01-27 20:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2015-02-24 20:22 - 2014-01-27 20:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2015-02-24 20:22 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2015-02-24 20:22 - 2014-01-27 19:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2015-02-24 20:22 - 2014-01-27 19:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-02-24 20:22 - 2014-01-27 18:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-02-24 20:22 - 2014-01-27 12:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-24 20:22 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2015-02-24 20:22 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2015-02-24 20:22 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2015-02-24 20:22 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2015-02-24 20:22 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-02-24 20:22 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-02-24 20:22 - 2014-01-04 15:03 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-02-24 20:22 - 2014-01-04 14:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-02-24 20:22 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-02-24 20:22 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-02-24 20:22 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-02-24 20:22 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-02-24 20:22 - 2013-12-21 09:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-02-24 20:22 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2015-02-24 20:22 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2015-02-24 20:22 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-24 20:22 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-24 20:22 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2015-02-24 20:22 - 2013-11-23 05:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-02-24 20:22 - 2013-11-23 05:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-02-24 20:22 - 2013-11-09 07:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-02-24 20:22 - 2013-11-09 07:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-02-24 20:22 - 2013-11-09 06:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-02-24 20:22 - 2013-10-31 01:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-02-24 20:22 - 2013-10-31 01:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-02-24 20:22 - 2013-10-31 01:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-02-24 20:22 - 2013-10-23 12:01 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-02-24 20:22 - 2013-10-23 09:59 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-02-24 20:22 - 2013-10-16 16:58 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-02-24 20:22 - 2013-10-16 14:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-02-24 20:22 - 2013-10-15 09:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2015-02-24 20:22 - 2013-10-15 09:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2015-02-24 20:22 - 2013-10-13 03:48 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-02-24 20:22 - 2013-10-12 22:48 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-02-24 20:22 - 2013-10-12 22:34 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-02-24 20:22 - 2013-10-05 15:21 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-02-24 20:22 - 2013-10-05 09:39 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-02-24 19:45 - 2015-02-27 09:18 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1618754290-3034697088-3122458369-1003
2015-02-24 19:42 - 2015-02-24 19:42 - 00000000 ____D () C:\Users\Vincenzo\AppData\Roaming\WebStorage
2015-02-24 19:39 - 2015-02-24 19:39 - 00008292 _____ () C:\Users\Vincenzo\Desktop\Applicazioni rimosse.html
2015-02-24 19:39 - 2015-02-24 19:39 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-02-24 19:39 - 2015-02-24 19:39 - 00000000 ____D () C:\Users\Vincenzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-02-24 19:39 - 2015-02-24 19:39 - 00000000 ____D () C:\Users\Vincenzo\AppData\Roaming\ATI
2015-02-24 19:39 - 2015-02-24 19:39 - 00000000 ____D () C:\Users\Vincenzo\AppData\Local\ATI
2015-02-24 19:39 - 2015-02-24 19:39 - 00000000 ____D () C:\Users\Vincenzo\AppData\Local\AMD
2015-02-24 19:38 - 2015-02-27 09:13 - 00021270 _____ () C:\Users\Vincenzo\AppData\Local\BTServer.log
2015-02-24 19:38 - 2015-02-24 19:38 - 00001433 _____ () C:\Users\Vincenzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-24 19:38 - 2015-02-24 19:38 - 00000020 ___SH () C:\Users\Vincenzo\ntuser.ini
2015-02-24 19:38 - 2015-02-24 19:38 - 00000000 ____D () C:\Users\Vincenzo\AppData\Roaming\Adobe
2015-02-24 19:38 - 2015-02-24 19:38 - 00000000 ____D () C:\Users\Vincenzo\AppData\Local\VirtualStore
2015-02-24 19:38 - 2015-02-24 19:38 - 00000000 ____D () C:\Users\Vincenzo\AppData\Local\ASUS
2015-02-24 14:19 - 2015-02-24 14:19 - 00001234 _____ () C:\Users\Administrator\AppData\Local\Application.xml
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default\Risorse di stampa
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default\Risorse di rete
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default\Recenti
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default\Modelli
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default\Menu Avvio
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default\Impostazioni locali
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default\Documents\Video
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default\Documents\Musica
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default\Documents\Immagini
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default\Documenti
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default\Dati applicazioni
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Dati applicazioni
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Cronologia
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default User\Documents\Video
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default User\Documents\Musica
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default User\Documents\Immagini
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Dati applicazioni
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Cronologia
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\ProgramData\Modelli
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programmi
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\ProgramData\Menu Avvio
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\ProgramData\Documenti
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\ProgramData\Dati applicazioni
2015-02-24 14:19 - 2015-02-24 14:19 - 00000000 _SHDL () C:\Program Files\File comuni
2015-02-24 14:17 - 2015-02-24 19:39 - 00000000 ____D () C:\Users\Vincenzo
2015-02-24 14:17 - 2015-02-24 14:19 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2015-02-24 14:17 - 2015-02-24 14:19 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2015-02-24 14:17 - 2015-02-24 14:17 - 00000000 _SHDL () C:\Users\Vincenzo\Risorse di stampa
2015-02-24 14:17 - 2015-02-24 14:17 - 00000000 _SHDL () C:\Users\Vincenzo\Risorse di rete
2015-02-24 14:17 - 2015-02-24 14:17 - 00000000 _SHDL () C:\Users\Vincenzo\Recenti
2015-02-24 14:17 - 2015-02-24 14:17 - 00000000 _SHDL () C:\Users\Vincenzo\Modelli
2015-02-24 14:17 - 2015-02-24 14:17 - 00000000 _SHDL () C:\Users\Vincenzo\Menu Avvio
2015-02-24 14:17 - 2015-02-24 14:17 - 00000000 _SHDL () C:\Users\Vincenzo\Impostazioni locali
2015-02-24 14:17 - 2015-02-24 14:17 - 00000000 _SHDL () C:\Users\Vincenzo\Documents\Video
2015-02-24 14:17 - 2015-02-24 14:17 - 00000000 _SHDL () C:\Users\Vincenzo\Documents\Musica
2015-02-24 14:17 - 2015-02-24 14:17 - 00000000 _SHDL () C:\Users\Vincenzo\Documents\Immagini
2015-02-24 14:17 - 2015-02-24 14:17 - 00000000 _SHDL () C:\Users\Vincenzo\Documenti
2015-02-24 14:17 - 2015-02-24 14:17 - 00000000 _SHDL () C:\Users\Vincenzo\Dati applicazioni
2015-02-24 14:17 - 2015-02-24 14:17 - 00000000 _SHDL () C:\Users\Vincenzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2015-02-24 14:17 - 2015-02-24 14:17 - 00000000 _SHDL () C:\Users\Vincenzo\AppData\Local\Dati applicazioni
2015-02-24 14:17 - 2015-02-24 14:17 - 00000000 _SHDL () C:\Users\Vincenzo\AppData\Local\Cronologia
2015-02-24 14:17 - 2013-12-09 10:51 - 00002114 _____ () C:\Users\Vincenzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2015-02-24 14:17 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Vincenzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-24 14:17 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Vincenzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-24 14:17 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Vincenzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-24 14:17 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Vincenzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-24 13:33 - 2015-02-25 19:40 - 00000000 ___HD () C:\$SysReset
2015-02-22 18:07 - 2015-02-22 18:07 - 00001659 _____ () C:\Users\Vincenzo\Downloads\sitemap (3).xml
2015-02-22 18:07 - 2015-02-22 18:07 - 00001659 _____ () C:\Users\Vincenzo\Downloads\sitemap (2).xml
2015-02-22 17:48 - 2015-02-22 17:48 - 07965917 _____ () C:\Users\Vincenzo\Downloads\npp.6.7.4.Installer (1).exe
2015-02-22 09:59 - 2015-02-22 09:59 - 00002003 _____ () C:\Users\Vincenzo\Downloads\sitemap (1).xml
2015-02-22 09:37 - 2015-02-22 09:37 - 00000000 ____D () C:\Users\Vincenzo\Downloads\kompozer-0.7.10-win32
2015-02-22 09:36 - 2015-02-22 09:37 - 07949158 _____ () C:\Users\Vincenzo\Downloads\kompozer-0.7.10-win32.zip
2015-02-22 08:36 - 2015-02-22 08:36 - 00880208 _____ (Google Inc.) C:\Users\Vincenzo\Downloads\GoogleEarthSetup (2).exe
2015-02-19 08:06 - 2015-02-19 08:06 - 02126848 _____ () C:\Users\Vincenzo\Downloads\adwcleaner_4.111.exe
2015-02-17 12:43 - 2015-02-17 12:44 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Vincenzo\Downloads\spybot-2.4 (1).exe
2015-02-15 18:14 - 2015-02-15 18:15 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Vincenzo\Downloads\mbam-setup-2.0.4.1028 (3).exe
2015-02-15 17:59 - 2015-02-15 17:59 - 02112512 _____ () C:\Users\Vincenzo\Downloads\adwcleaner_4.110 (3).exe
2015-02-13 12:38 - 2015-02-13 12:38 - 01740880 _____ (BitTorrent Inc.) C:\Users\Vincenzo\Downloads\uTorrent (1).exe
2015-02-12 18:59 - 2015-02-12 19:01 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Vincenzo\Downloads\mbam-setup-2.0.4.1028 (2).exe
2015-02-11 19:42 - 2015-02-11 19:42 - 02112512 _____ () C:\Users\Vincenzo\Downloads\adwcleaner_4.110 (2).exe
2015-02-07 20:04 - 2015-02-21 16:29 - 10995632 _____ (SurfRight B.V.) C:\Users\Vincenzo\Downloads\HitmanPro_x64.exe
2015-02-07 19:25 - 2015-02-07 19:26 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Vincenzo\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-02-07 19:17 - 2015-02-07 19:17 - 02112512 _____ () C:\Users\Vincenzo\Downloads\adwcleaner_4.110 (1).exe
2015-02-07 10:17 - 2015-02-07 10:17 - 06520222 _____ (KompoZer ) C:\Users\Vincenzo\Downloads\kompozer-0.8b3.it.win32 (1).exe
2015-02-07 10:12 - 2015-02-07 10:13 - 02112512 _____ () C:\Users\Vincenzo\Downloads\adwcleaner_4.110.exe
2015-02-07 09:42 - 2015-02-07 09:43 - 06372800 _____ (Tim Kosse) C:\Users\Vincenzo\Downloads\filezillaclient_3.10.1.1.exe
2015-02-07 09:39 - 2015-02-07 09:39 - 00000053 _____ () C:\Users\Vincenzo\Downloads\google9c972fd17951fbae.html
2015-02-03 14:15 - 2015-02-03 14:15 - 00880784 _____ (Google Inc.) C:\Users\Vincenzo\Downloads\GoogleEarthSetup (1).exe
2015-02-03 14:06 - 2015-02-03 14:06 - 07965917 _____ () C:\Users\Vincenzo\Downloads\npp.6.7.4.Installer.exe
2015-02-03 13:47 - 2015-02-03 13:50 - 136279519 _____ () C:\Users\Vincenzo\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_it (1).exe
2015-02-02 21:04 - 2015-02-02 21:04 - 00000000 _SHDL () C:\Users\Public\Documents\Video
2015-02-02 21:04 - 2015-02-02 21:04 - 00000000 _SHDL () C:\Users\Public\Documents\Musica
2015-02-02 21:04 - 2015-02-02 21:04 - 00000000 _SHDL () C:\Users\Public\Documents\Immagini
2015-02-02 21:04 - 2015-02-02 21:04 - 00000000 _SHDL () C:\Programmi
2015-02-01 10:15 - 2015-02-01 11:22 - 00026624 _____ () C:\Users\Vincenzo\Downloads\file (1).xls
2015-01-31 05:49 - 2015-01-31 05:49 - 02194432 _____ () C:\Users\Vincenzo\Downloads\adwcleaner_4.109 (2).exe
2015-01-29 11:20 - 2015-01-29 11:20 - 02194432 _____ () C:\Users\Vincenzo\Downloads\adwcleaner_4.109 (1).exe
2015-01-29 11:03 - 2015-01-29 11:03 - 02194432 _____ () C:\Users\Vincenzo\Downloads\adwcleaner_4.109.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-27 09:19 - 2013-12-09 10:04 - 08436344 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-27 09:19 - 2013-09-13 22:24 - 00449674 _____ () C:\WINDOWS\system32\prfh0404.dat
2015-02-27 09:19 - 2013-09-13 22:24 - 00135332 _____ () C:\WINDOWS\system32\prfc0404.dat
2015-02-27 09:19 - 2013-09-13 22:15 - 00435308 _____ () C:\WINDOWS\system32\prfh0804.dat
2015-02-27 09:19 - 2013-09-13 22:15 - 00135332 _____ () C:\WINDOWS\system32\prfc0804.dat
2015-02-27 09:19 - 2013-09-13 22:07 - 00788558 _____ () C:\WINDOWS\system32\prfh0816.dat
2015-02-27 09:19 - 2013-09-13 22:07 - 00163630 _____ () C:\WINDOWS\system32\prfc0816.dat
2015-02-27 09:19 - 2013-09-13 21:59 - 00797214 _____ () C:\WINDOWS\system32\perfh013.dat
2015-02-27 09:19 - 2013-09-13 21:59 - 00161794 _____ () C:\WINDOWS\system32\perfc013.dat
2015-02-27 09:19 - 2013-09-13 21:52 - 00802322 _____ () C:\WINDOWS\system32\perfh010.dat
2015-02-27 09:19 - 2013-09-13 21:52 - 00160500 _____ () C:\WINDOWS\system32\perfc010.dat
2015-02-27 09:19 - 2013-09-13 21:45 - 00813410 _____ () C:\WINDOWS\system32\perfh00C.dat
2015-02-27 09:19 - 2013-09-13 21:45 - 00162666 _____ () C:\WINDOWS\system32\perfc00C.dat
2015-02-27 09:19 - 2013-09-13 21:38 - 00811836 _____ () C:\WINDOWS\system32\perfh00A.dat
2015-02-27 09:19 - 2013-09-13 21:38 - 00170032 _____ () C:\WINDOWS\system32\perfc00A.dat
2015-02-27 09:19 - 2013-09-13 21:28 - 00553808 _____ () C:\WINDOWS\system32\perfh008.dat
2015-02-27 09:19 - 2013-09-13 21:28 - 00092678 _____ () C:\WINDOWS\system32\perfc008.dat
2015-02-27 09:19 - 2013-09-13 21:22 - 00766264 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-27 09:19 - 2013-09-13 21:22 - 00162720 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-27 09:16 - 2014-07-09 12:28 - 01215423 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-27 09:13 - 2013-12-09 10:24 - 00000025 ___SH () C:\WINDOWS\SysWOW64\ReadTag.ini
2015-02-27 09:13 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-27 09:12 - 2013-12-09 09:51 - 00426390 _____ () C:\WINDOWS\PFRO.log
2015-02-27 09:12 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-27 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-26 20:23 - 2013-12-09 10:29 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-02-26 13:55 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-02-26 11:55 - 2013-08-22 16:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-26 11:04 - 2013-08-22 15:46 - 00028429 _____ () C:\WINDOWS\setupact.log
2015-02-25 22:48 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2015-02-25 22:48 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2015-02-25 22:47 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2015-02-25 21:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2015-02-25 21:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2015-02-25 21:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2015-02-25 21:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2015-02-25 21:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2015-02-25 21:21 - 2014-07-09 12:29 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-25 20:26 - 2015-01-16 09:19 - 00000000 ____D () C:\AdwCleaner
2015-02-25 20:19 - 2013-12-09 10:29 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-25 19:58 - 2013-08-22 15:44 - 00424040 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-25 19:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2015-02-25 19:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-25 19:54 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-02-25 19:54 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-25 19:54 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-25 19:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-02-25 19:54 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-25 19:54 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-25 19:46 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-25 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-25 19:32 - 2013-08-22 16:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-02-24 23:15 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-02-24 20:07 - 2013-12-09 10:29 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-02-24 19:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-24 19:38 - 2014-12-04 19:34 - 00000000 ____D () C:\Users\Vincenzo\AppData\Local\Packages
2015-02-24 14:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-24 14:19 - 2013-12-09 09:51 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-24 14:19 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-24 14:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-02-24 14:19 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-02-24 14:17 - 2013-12-09 09:57 - 00000000 ____D () C:\Users\Administrator
2015-02-03 20:31 - 2013-08-22 16:38 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2015-02-24 19:38 - 2015-02-27 09:13 - 0021270 _____ () C:\Users\Vincenzo\AppData\Local\BTServer.log
2013-12-09 10:10 - 2013-12-09 10:10 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some content of TEMP:
====================
C:\Users\Vincenzo\AppData\Local\Temp\Quarantine.exe
C:\Users\Vincenzo\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2013-12-09 09:52
 
==================== End Of Log ============================
 
ADDITION:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2015 01
Ran by Vincenzo at 2015-02-27 09:20:52
Running from C:\Users\Vincenzo\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Antivirus e antispyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: McAfee Antivirus e antispyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\InstallShield_{07CCA4AC-FCC6-4A0A-B87A-26F6F50A7E31}) (Version: 20.2.44.03548 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver  (x32 Version: 20.2.44.03548 - Alcor Micro Corp.) Hidden
AMD Catalyst Install Manager (HKLM\...\{641AA84B-59BE-D8EA-EE69-3D6697371E6E}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ASUS Launcher (HKLM-x32\...\{40376CD0-67E0-4190-86CA-8BD8CBAC331C}) (Version: 2.00.11 - ASUSTeK Computer Inc.)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.00.03 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.01.02 - ASUSTeK Computer Inc.)
ASUS Manager - Recovery (HKLM-x32\...\{CF4A14CB-C4CB-4241-B659-7C58517515CF}) (Version: 2.00.08 - ASUSTeK Computer Inc.)
ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.01.03 - ASUSTeK Computer Inc.)
ASUS Manager - USB Lock (HKLM-x32\...\{1931C916-6CB8-4E4D-8561-EA20C426AE19}) (Version: 2.00.10 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.05.04 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG)
ASUS Music Maker (Version: 18.0.4.1 - MAGIX AG) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5424.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5424.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4428 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.07 - ASUSTeK Computer Inc.)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Malwarebytes Anti-Malware versione 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1529 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.191 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.092613 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7035 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.0.3.226 - ASUS Cloud Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
25-02-2015 19:40:51 Windows Update
27-02-2015 09:05:55 avast! antivirus system restore point
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {1613C297-AA05-4037-B04A-1C9036BA8B5E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-26] (Google Inc.)
Task: {26ACC83B-DD6B-4E39-84A5-9EC627C70965} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2013-09-19] (ASUSTeK Computer Inc.)
Task: {31D15E89-8DD7-4160-8DE9-3F15E23326EF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {7A83CC9B-C308-44B5-B07A-C9A40F54DE05} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2013-08-09] ()
Task: {7ACC7FE9-2EAB-4E59-9B18-F439B14BFC9E} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [2013-09-06] (ASUSTeK)
Task: {BE5086E0-A1CE-4531-98C3-BFE5116F50EE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {C0327632-70FB-4564-B4B8-1EF7E585E466} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-24] ()
Task: {C54357D8-0CF9-44D9-A9A8-90F8E947B6BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-26] (Google Inc.)
Task: {E4073BC3-CD94-472A-879F-E807699EEFDE} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-10] ()
Task: {E935B496-3EFD-4135-B777-6378F8193C0D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-29] (Microsoft Corporation)
Task: {F6AF3ADA-DE60-4510-8877-34690419B43F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2013-08-19 22:47 - 2013-08-19 22:47 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-07-09 12:33 - 2013-09-26 19:15 - 00059392 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2013-12-09 10:23 - 2013-08-08 19:00 - 00207160 _____ () C:\Windows\SysWOW64\AsHookDevice.exe
2013-12-09 10:41 - 2012-04-24 11:43 - 00390632 ____R () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2013-12-09 10:22 - 2013-08-09 02:33 - 01114768 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
2013-12-09 10:22 - 2013-08-28 16:24 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2012-03-08 03:27 - 2012-03-08 03:27 - 00016384 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\ACVsWin.dll
2013-08-19 22:47 - 2013-08-19 22:47 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-02-25 20:53 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-02-25 20:53 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-02-25 20:53 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-02-25 20:53 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-02-25 20:53 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-08-19 22:34 - 2013-08-19 22:34 - 00094208 _____ () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraIta.dll
2013-12-09 10:22 - 2015-02-27 09:15 - 00026624 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-12-09 10:22 - 2010-06-29 03:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-02-26 11:10 - 2015-02-17 23:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-26 11:10 - 2015-02-17 23:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-26 11:10 - 2015-02-17 23:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2015-02-26 11:10 - 2015-02-17 23:44 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1618754290-3034697088-3122458369-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.43.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1618754290-3034697088-3122458369-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-1618754290-3034697088-3122458369-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1618754290-3034697088-3122458369-1007 - Limited - Enabled)
Vincenzo (S-1-5-21-1618754290-3034697088-3122458369-1003 - Administrator - Enabled) => C:\Users\Vincenzo
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/27/2015 09:17:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma chrome.exe versione 40.0.2214.115 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.
 
ID processo: 81c
 
Ora di avvio: 01d0526596b2c0f3
 
Ora di chiusura: 4294967295
 
Percorso applicazione: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
ID segnalazione: 0905287d-be59-11e4-825c-54271ed333d4
 
Nome completo pacchetto che ha generato l'errore: 
 
ID applicazione relativo al pacchetto che ha generato l'errore:
 
Error: (02/26/2015 07:47:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma chrome.exe versione 40.0.2214.115 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.
 
ID processo: 163c
 
Ora di avvio: 01d051f45a93e444
 
Ora di chiusura: 4294967295
 
Percorso applicazione: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
ID segnalazione: ef2363ba-bde7-11e4-825b-54271ed333d4
 
Nome completo pacchetto che ha generato l'errore: 
 
ID applicazione relativo al pacchetto che ha generato l'errore:
 
Error: (02/26/2015 01:02:31 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Errore irreversibile di Gestione finestre desktop (0x8898008d)
 
Error: (02/26/2015 00:04:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma chrome.exe versione 40.0.2214.115 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.
 
ID processo: 8e8
 
Ora di avvio: 01d051b2ecd1b0ed
 
Ora di chiusura: 4294967295
 
Percorso applicazione: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
ID segnalazione: 400c4371-bda7-11e4-825b-54271ed333d4
 
Nome completo pacchetto che ha generato l'errore: 
 
ID applicazione relativo al pacchetto che ha generato l'errore:
 
Error: (02/25/2015 07:49:18 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Impossibile ottimizzare il volume Windows (C:). Errore: Parametro non corretto. (0x80070057)
 
Error: (02/25/2015 07:33:06 PM) (Source: AVLogEvent) (EventID: 5006) (User: NT AUTHORITY)
Description: Content is corrupt.
Error Code:a7f42015
 
Error: (02/24/2015 07:50:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma McUICnt.exe versione 5.8.113.0 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.
 
ID processo: d8c
 
Ora di avvio: 01d05062aeb03ea5
 
Ora di chiusura: 15
 
Percorso applicazione: C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
 
ID segnalazione: 034aaa3e-bc56-11e4-8257-54271ed333d4
 
Nome completo pacchetto che ha generato l'errore: 
 
ID applicazione relativo al pacchetto che ha generato l'errore:
 
Error: (02/24/2015 07:36:36 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (02/24/2015 02:18:07 PM) (Source: AVLogEvent) (EventID: 5007) (User: NT AUTHORITY)
Description: Failed to load a dependant module.
Error Code:a7f42003
 
 
System errors:
=============
Error: (02/26/2015 08:23:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio McAfee Proxy Service non è stato avviato per il seguente errore: 
%%1053
 
Error: (02/26/2015 08:23:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della connessione del servizio McAfee Proxy Service.
 
Error: (02/26/2015 08:23:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio McAfee Personal Firewall Service non è stato avviato per il seguente errore: 
%%1053
 
Error: (02/26/2015 08:23:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della connessione del servizio McAfee Personal Firewall Service.
 
Error: (02/26/2015 08:22:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio McAfee Proxy Service non è stato avviato per il seguente errore: 
%%1053
 
Error: (02/26/2015 08:22:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della connessione del servizio McAfee Proxy Service.
 
Error: (02/26/2015 08:22:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio McAfee Personal Firewall Service non è stato avviato per il seguente errore: 
%%1053
 
Error: (02/26/2015 08:22:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della connessione del servizio McAfee Personal Firewall Service.
 
Error: (02/25/2015 10:47:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Errore di installazione. Non è stato possibile installare il seguente aggiornamento, errore 0x800f0922: Aggiornamento della sicurezza per Windows 8.1 per sistemi x64 (KB2961908) senza KB2919355.
 
Error: (02/25/2015 09:20:20 PM) (Source: DCOM) (EventID: 10010) (User: FamigliaMedda)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
 
Microsoft Office Sessions:
=========================
Error: (02/27/2015 09:17:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe40.0.2214.11581c01d0526596b2c0f34294967295C:\Program Files (x86)\Google\Chrome\Application\chrome.exe0905287d-be59-11e4-825c-54271ed333d4
 
Error: (02/26/2015 07:47:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe40.0.2214.115163c01d051f45a93e4444294967295C:\Program Files (x86)\Google\Chrome\Application\chrome.exeef2363ba-bde7-11e4-825b-54271ed333d4
 
Error: (02/26/2015 01:02:31 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
 
Error: (02/26/2015 00:04:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe40.0.2214.1158e801d051b2ecd1b0ed4294967295C:\Program Files (x86)\Google\Chrome\Application\chrome.exe400c4371-bda7-11e4-825b-54271ed333d4
 
Error: (02/25/2015 07:49:18 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Windows (C:)Parametro non corretto. (0x80070057)
 
Error: (02/25/2015 07:33:06 PM) (Source: AVLogEvent) (EventID: 5006) (User: NT AUTHORITY)
Description: a7f42015
 
Error: (02/24/2015 07:50:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: McUICnt.exe5.8.113.0d8c01d05062aeb03ea515C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe034aaa3e-bc56-11e4-8257-54271ed333d4
 
Error: (02/24/2015 07:36:36 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (02/24/2015 02:18:07 PM) (Source: AVLogEvent) (EventID: 5007) (User: NT AUTHORITY)
Description: a7f42003
 
 
==================== Memory info =========================== 
 
Processor: AMD A8-6500 APU with Radeon™ HD Graphics 
Percentage of memory in use: 27%
Total physical RAM: 8135.21 MB
Available physical RAM: 5887.63 MB
Total Pagefile: 10055.21 MB
Available Pagefile: 7430.04 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:150 GB) (Free:100.94 GB) NTFS
Drive d: (Data) (Fixed) (Total:764.65 GB) (Free:685.94 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F7EA4F38)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:19 AM

Posted 27 February 2015 - 04:49 AM

Hi,

Step 1

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.
Step 2


Scan with mbam.pngMalwarebytes Anti-Malware
  • Please open Malwarebytes Anti-Malware.
  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine All" [5]. Then click the button: Apply Actions. [6]
  • A window with an option to view the detailed log will appear.
    mbamlog.png
  • Click on "View detailed log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.
mbameng.gif


Step 3

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:
settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.
esetlog.png
Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 Vincenzo77

Vincenzo77
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 28 February 2015 - 02:55 AM

Hello,

here is my logs:

 

STEP 1
 
ADW CLEANER:
 
# AdwCleaner v4.109 - Rapporto creato 29/01/2015 in 11:06:54
# Aggiornato 24/01/2015 di Xplode
# Database : 2015-01-26.1 [Live]
# Sistema operativo : Windows 8.1  (64 bits)
# Nome utente : Vincenzo - FAMIGLIAMEDDA
# In esecuzione da : C:\Users\Vincenzo\Downloads\adwcleaner_4.109.exe
# Opzione : Pulisci
 
***** [ Servizi ] *****
 
 
***** [ File / Cartelle ] *****
 
Cartella Eliminato : C:\Users\Giovanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\poimdfnhgefmnkeefbjibbiemlimdnof
 
***** [ Compiti ] *****
 
 
***** [ Collegamenti ] *****
 
 
***** [ Registro ] *****
 
Chiave Eliminati : HKLM\SOFTWARE\Google\Chrome\Extensions\poimdfnhgefmnkeefbjibbiemlimdnof
 
***** [ Browser ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v40.0.2214.93
 
 
*************************
 
AdwCleaner[R0].txt - [3150 octets] - [16/01/2015 09:19:47]
AdwCleaner[R1].txt - [3210 octets] - [16/01/2015 09:25:12]
AdwCleaner[R2].txt - [1148 octets] - [29/01/2015 11:03:58]
AdwCleaner[S0].txt - [2770 octets] - [16/01/2015 09:29:52]
AdwCleaner[S1].txt - [1071 octets] - [29/01/2015 11:06:54]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1131 octets] ##########
# AdwCleaner v4.110 - Logfile created 11/02/2015 at 19:47:39
# Updated 05/02/2015 by Xplode
# Database : 2015-02-09.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Vincenzo - FAMIGLIAMEDDA
# Running from : C:\Users\Vincenzo\Downloads\adwcleaner_4.110 (2).exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Vincenzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17037
 
 
-\\ Google Chrome v40.0.2214.111
 
 
*************************
 
AdwCleaner[R0].txt - [4547 bytes] - [16/01/2015 09:19:47]
AdwCleaner[R1].txt - [4611 bytes] - [16/01/2015 09:25:12]
AdwCleaner[R2].txt - [2632 bytes] - [29/01/2015 11:03:58]
AdwCleaner[R3].txt - [1053 bytes] - [29/01/2015 11:21:07]
AdwCleaner[R4].txt - [1174 bytes] - [31/01/2015 05:50:00]
AdwCleaner[R5].txt - [1228 bytes] - [31/01/2015 05:59:24]
AdwCleaner[S0].txt - [4182 bytes] - [16/01/2015 09:29:52]
AdwCleaner[S1].txt - [2449 bytes] - [29/01/2015 11:06:54]
AdwCleaner[S2].txt - [1112 bytes] - [29/01/2015 11:29:08]
AdwCleaner[S3].txt - [1287 bytes] - [31/01/2015 06:01:46]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2626  bytes] ##########
# AdwCleaner v4.111 - Logfile created 27/02/2015 at 13:03:43
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Vincenzo - FAMIGLIAMEDDA
# Running from : C:\Users\Vincenzo\Downloads\adwcleaner_4.111 (1).exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Google Chrome v40.0.2214.115
 
 
*************************
 
AdwCleaner[R0].txt - [7131 bytes] - [16/01/2015 09:19:47]
AdwCleaner[R1].txt - [5945 bytes] - [16/01/2015 09:25:12]
AdwCleaner[R2].txt - [2632 bytes] - [29/01/2015 11:03:58]
AdwCleaner[R3].txt - [2322 bytes] - [29/01/2015 11:21:07]
AdwCleaner[R4].txt - [3439 bytes] - [31/01/2015 05:50:00]
AdwCleaner[R5].txt - [3489 bytes] - [31/01/2015 05:59:24]
AdwCleaner[S0].txt - [6780 bytes] - [16/01/2015 09:29:52]
AdwCleaner[S1].txt - [3731 bytes] - [29/01/2015 11:06:54]
AdwCleaner[S2].txt - [2388 bytes] - [29/01/2015 11:29:08]
AdwCleaner[S3].txt - [3569 bytes] - [31/01/2015 06:01:46]
AdwCleaner[S4].txt - [2337 bytes] - [19/02/2015 08:11:15]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3967  bytes] ##########
-------------------------------------------------------------------------------------------------------------------------------------------------------
STEP 2
 
MALWAREBYTES :
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 27/02/2015
Scan Time: 13:17:24
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.02.27.04
Rootkit Database: v2015.02.25.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Vincenzo
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 374620
Time Elapsed: 14 min, 4 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
-------------------------------------------------------------------------------------------------------------------------------------------------------
STEP 3
 
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=0020009f6522e145b3476106a9867a4d
# engine=22677
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-02-27 08:10:00
# local_time=2015-02-27 09:10:00 (+0100, ora solare Europa occidentale)
# country="Italy"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1='McAfee Anti-Virus and Anti-Spyware'
# compatibility_mode=5124 16777214 88 97 177119 52006458 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 177316 49949093 0 0
# scanned=548712
# found=6
# cleaned=0
# scan_time=26954
sh=EDB6E1477166B32FE95301005E15A4EEB8BCF137 ft=1 fh=d29cf5027c7fc6c4 vn="a variant of MSIL/Adware.PullUpdate.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Browser\prompt.exe.vir"
sh=03517F89D3F20D2D4E2B1A956F8248C9DA9FFC18 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Vincenzo\AppData\Local\BoBrowser\User Data\Default\Extensions\ebpeonjdeofpjegbdiibbdjlgfohngee\1.26.14_0\extensionData\plugins\91.js.vir"
sh=57F3CB477FB97D524288B00FF1864030B19C36C0 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Vincenzo\AppData\Local\BoBrowser\User Data\Default\Local Extension Settings\ebpeonjdeofpjegbdiibbdjlgfohngee\000003.log.vir"
sh=6A382B4EA36F2AF12AE9CE99618974EA754A8C0B ft=1 fh=3b2de6eaa3bfa022 vn="a variant of Win32/InstallCore.UE potentially unwanted application" ac=I fn="C:\Users\Vincenzo\Downloads\FileZilla_3.10.0.2_win32-setup.exe"
sh=8B77DCDC45F70CA36A73C8DAC5DBB1A7309E2DB8 ft=0 fh=0000000000000000 vn="HTML/Iframe.B.Gen virus" ac=I fn="C:\Windows.old\Users\Vincenzo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e2d"
sh=039E144B4F46BA84E22CB4503DC39D45715F0F59 ft=0 fh=0000000000000000 vn="HTML/Iframe.B.Gen virus" ac=I fn="C:\Windows.old\Users\Vincenzo\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e2e"
 
 
 


#6 Vincenzo77

Vincenzo77
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 28 February 2015 - 03:06 AM

deeprybka,

till now seems to be all ok.

 

What do you think looking at logs?



#7 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:19 AM

Posted 28 February 2015 - 07:24 AM

Looking good, ESET hasn't found any active malware.

Please observe the computer for a few days and let me know if any issues occur.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:19 AM

Posted 08 March 2015 - 01:32 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users