Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop up sheets in all browsers.


  • Please log in to reply
5 replies to this topic

#1 nicco1610

nicco1610

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:12 AM

Posted 01 September 2015 - 04:55 AM

Hello,

i've a problem when i open browsers (Firefox, Internet Explorer, Chrome). Randomly, after 1 or 5 or 10 minutes the browser open these pages:

http://2080.hit.buy-targeted-traffic.com/load/hit_1.php?source_id=2080&sub_id=&source_mk=1d0d9744

or

http://oziris.zerohorizon.net/

or

http://ptp24.com/promote.php?id=fb9a9b909e237b49be76aaa30d95d33a

I'm on Windows 10 Pro x64, i scanned with Roguekiller, Adwcleaner, Malwarebytes, ZHPCleaner, TDSS Killer, Hitman Pro, etc. (removing suspicious items) but nothing has changed.

Obviously i couldn't launch Combofix because it's incompatible. I also tried to reset all browsers, but the problem remained.

Can you help me to remove this annoying problem?

Thank in advance

 

Nicco


Edited by nicco1610, 01 September 2015 - 06:00 AM.


BC AdBot (Login to Remove)

 


#2 nicco1610

nicco1610
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:12 AM

Posted 01 September 2015 - 05:20 AM

I post the results:

 

 Results of screen317's Security Check version 1.008  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 60  
 Adobe Flash Player     18.0.0.232  
 Mozilla Firefox (40.0.3)
 Google Chrome (44.0.2403.130)
 Google Chrome (44.0.2403.157)
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

 

Farbar Service Scanner Version: 26-07-2015
Ran by NiccoloM (administrator) on 01-09-2015 at 12:00:14
Running from "C:\Users\ross03\Downloads"
Microsoft Windows 10 Pro  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

 

MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by NiccoloM (administrator) on 01-09-2015 at 12:01:47
Running from "C:\Users\ross03\Downloads"
Microsoft Windows 10 Pro  (X64)
Model: EP45-DS4 Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================
#       ::1             localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Connessione alla rete locale (LAN) (Connected)
Broadcom 802.11g Network Adapter = Connessione rete wireless (Media disconnected)
Realtek PCIe GBE Family Controller = Connessione alla rete locale (LAN) 2 (Media disconnected)


# ----------------------------------
# Configurazione IPv4
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Connessione alla rete locale (LAN)" nexthop=192.168.0.1 publish=S�
add address name="Connessione alla rete locale (LAN)" address=192.168.0.32 mask=255.255.255.0


popd
# Fine configurazione IPv4



Configurazione IP di Windows

   Nome host . . . . . . . . . . . . . . : PC400
   Suffisso DNS primario . . . . . . . . : metropolis.local
   Tipo nodo . . . . . . . . . . . . . . : Ibrido
   Routing IP abilitato. . . . . . . . . : No
   Proxy WINS abilitato . . . . . . . .  : No
   Elenco di ricerca suffissi DNS. . . . : metropolis.local

Scheda Ethernet Connessione alla rete locale (LAN) 2:

   Stato supporto. . . . . . . . . . . . : Supporto disconnesso
   Suffisso DNS specifico per connessione:
   Descrizione . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Indirizzo fisico. . . . . . . . . . . : 00-1D-7D-0C-D5-80
   DHCP abilitato. . . . . . . . . . . . : S�
   Configurazione automatica abilitata   : S�

Scheda LAN wireless Connessione rete wireless:

   Stato supporto. . . . . . . . . . . . : Supporto disconnesso
   Suffisso DNS specifico per connessione:
   Descrizione . . . . . . . . . . . . . : Broadcom 802.11g Network Adapter
   Indirizzo fisico. . . . . . . . . . . : 00-90-4B-92-CA-2E
   DHCP abilitato. . . . . . . . . . . . : S�
   Configurazione automatica abilitata   : S�

Scheda LAN wireless Connessione alla rete locale (LAN)* 3:

   Stato supporto. . . . . . . . . . . . : Supporto disconnesso
   Suffisso DNS specifico per connessione:
   Descrizione . . . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
   Indirizzo fisico. . . . . . . . . . . : 00-90-4B-92-CA-2E
   DHCP abilitato. . . . . . . . . . . . : S�
   Configurazione automatica abilitata   : S�

Scheda Ethernet Connessione alla rete locale (LAN):

   Suffisso DNS specifico per connessione:
   Descrizione . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Indirizzo fisico. . . . . . . . . . . : 00-1D-7D-0C-D5-82
   DHCP abilitato. . . . . . . . . . . . : No
   Configurazione automatica abilitata   : S�
   Indirizzo IPv4. . . . . . . . . . . . : 192.168.0.32(Preferenziale)
   Subnet mask . . . . . . . . . . . . . : 255.255.255.0
   Gateway predefinito . . . . . . . . . : 192.168.0.1
   Server DNS . . . . . . . . . . . . .  : 192.168.0.40
                                           8.8.8.8
   Server WINS primario . . . . . . . .  : 192.168.0.40
   NetBIOS su TCP/IP . . . . . . . . . . : Attivato

Scheda Tunnel isatap.{444BDA7B-6815-49D9-8842-66BCFC50B668}:

   Stato supporto. . . . . . . . . . . . : Supporto disconnesso
   Suffisso DNS specifico per connessione:
   Descrizione . . . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Indirizzo fisico. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP abilitato. . . . . . . . . . . . : No
   Configurazione automatica abilitata   : S�
Server:  server2k8.metropolis.local
Address:  192.168.0.40

Nome:    google.com
Addresses:  2a00:1450:4002:809::200e
      64.15.126.103
      64.15.126.89
      64.15.126.88
      64.15.126.108
      64.15.126.98
      64.15.126.93
      64.15.126.109
      64.15.126.94
      64.15.126.104
      64.15.126.119
      64.15.126.113
      64.15.126.99
      64.15.126.118
      64.15.126.114
      64.15.126.84
      64.15.126.123


Esecuzione di Ping google.com [64.15.126.113] con 32 byte di dati:
Risposta da 64.15.126.113: byte=32 durata=27ms TTL=58
Risposta da 64.15.126.113: byte=32 durata=28ms TTL=58

Statistiche Ping per 64.15.126.113:
    Pacchetti: Trasmessi = 2, Ricevuti = 2,
    Persi = 0 (0% persi),
Tempo approssimativo percorsi andata/ritorno in millisecondi:
    Minimo = 27ms, Massimo =  28ms, Medio =  27ms
Server:  server2k8.metropolis.local
Address:  192.168.0.40

Nome:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
      2001:4998:44:204::a7
      2001:4998:58:c02::a9
      98.138.253.109
      206.190.36.45
      98.139.183.24


Esecuzione di Ping yahoo.com [98.138.253.109] con 32 byte di dati:
Risposta da 98.138.253.109: byte=32 durata=182ms TTL=50
Risposta da 98.138.253.109: byte=32 durata=181ms TTL=50

Statistiche Ping per 98.138.253.109:
    Pacchetti: Trasmessi = 2, Ricevuti = 2,
    Persi = 0 (0% persi),
Tempo approssimativo percorsi andata/ritorno in millisecondi:
    Minimo = 181ms, Massimo =  182ms, Medio =  181ms

Esecuzione di Ping 127.0.0.1 con 32 byte di dati:
Risposta da 127.0.0.1: byte=32 durata<1ms TTL=128
Risposta da 127.0.0.1: byte=32 durata<1ms TTL=128

Statistiche Ping per 127.0.0.1:
    Pacchetti: Trasmessi = 2, Ricevuti = 2,
    Persi = 0 (0% persi),
Tempo approssimativo percorsi andata/ritorno in millisecondi:
    Minimo = 0ms, Massimo =  0ms, Medio =  0ms
===========================================================================
Elenco interfacce
  4...00 1d 7d 0c d5 80 ......Realtek PCIe GBE Family Controller
 24...00 90 4b 92 ca 2e ......Broadcom 802.11g Network Adapter
 10...00 90 4b 92 ca 2e ......Microsoft Hosted Network Virtual Adapter
  6...00 1d 7d 0c d5 82 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Tabella route
===========================================================================
Route attive:
     Indirizzo rete             Mask          Gateway     Interfaccia Metrica
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.32    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.32    266
     192.168.0.32  255.255.255.255         On-link      192.168.0.32    266
    192.168.0.255  255.255.255.255         On-link      192.168.0.32    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.32    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.32    266
===========================================================================
Route permanenti:
   Indirizzo rete             Mask   Indir. gateway Metrica
          0.0.0.0          0.0.0.0      192.168.0.1  Predefinito
===========================================================================

IPv6 Tabella route
===========================================================================
Route attive:
 Interf Metrica Rete Destinazione      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Route permanenti:
  Nessuna
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
x64-Catalog5 01 U:\Windows\System32\NLAapi.dll [File Not found] ()
x64-Catalog5 02 U:\Windows\System32\napinsp.dll [File Not found] ()
x64-Catalog5 03 U:\Windows\System32\pnrpnsp.dll [File Not found] ()
x64-Catalog5 04 U:\Windows\System32\pnrpnsp.dll [File Not found] ()
x64-Catalog5 05 U:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog5 06 U:\Windows\System32\winrnr.dll [File Not found] ()
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 U:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 02 U:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 03 U:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 04 U:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 05 U:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 06 U:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 07 U:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 08 U:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 09 U:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 10 U:\Windows\System32\mswsock.dll [File Not found] ()
x64-Catalog9 11 U:\Windows\System32\mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============
Error: (09/01/2015 11:37:27 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: impostazioni specifiche dell'applicazioneLocaleAttivazione{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSERVIZIO LOCALES-1-5-19LocalHost (tramite LRPC)Non disponibileNon disponibile

Error: (09/01/2015 11:26:51 AM) (Source: NETLOGON) (User: )
Description: Impossibile stabilire una sessione sicura con un controller
di dominio nel dominio METROPOLIS per la causa seguente:
%%1311

Ciò può provocare problemi di autenticazione. Verificare che
il computer sia connesso alla rete. Se il problema persiste,
rivolgersi all'amministratore del dominio.



INFORMAZIONI AGGIUNTIVE

Se il computer è un controller di dominio per il dominio specificato,
stabilirà la sessione sicura con l'emulatore del controller di dominio
primario nel dominio specificato. In caso contrario, il computer stabilisce
la sessione sicura con un controller di dominio qualsiasi nel dominio
specificato.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-08-31 13:02:47.687
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-29 18:08:02.687
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-29 18:08:02.623
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-29 18:08:02.339
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-29 18:08:02.276
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-29 17:44:35.136
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-29 17:44:35.126
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-29 17:44:34.858
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-29 17:44:34.573
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-08-28 12:02:30.870
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


=========================== Installed Programs ============================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
3D RealityMaps Viewer 1.6.9.0 (HKLM-x32\...\AlpenOnlineViewer_is1) (Version: 1.6.9.0 - 3D RealityMaps GmbH)
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
ACCA - CerTus PRO+FE  EDUCATIONAL v.100Se - IT - x86 - (16.0.1.2322) (HKLM-x32\...\ACCA software S.p.A. CerTus_EDUCATIONAL 16.0.1.2322) (Version: 16.0.1.2322 - ACCA software S.p.A.)
ACCA - PriMus-DCF v.100c - IT - x86 - (46.0.4.2167) (HKLM-x32\...\ACCA software S.p.A. PriMus-DCF 46.0.4.2167) (Version: 46.0.4.2167 - ACCA software S.p.A.)
ACCA Common - Fonts v.2.00a - x86 - (2.0.1.539) (HKLM-x32\...\ACCA software S.p.A. Fonts 2.0.1.539) (Version: 2.0.1.539 - ACCA software S.p.A.)
ACCA Common - SignTool v.2.00c - x86 - (2.0.4.1734) (HKLM-x32\...\ACCA software S.p.A. SignTool 2.0.4.1734) (Version: 2.0.4.1734 - ACCA software S.p.A.)
ACCA Common - TeighaX 3.4 v.2.00a - x86 - (2.0.1.544) (HKLM-x32\...\ACCA software S.p.A. TeighaX_3_4 2.0.1.544) (Version: 2.0.1.544 - ACCA software S.p.A.)
ACCA Common - Windows Installer 3.1 v.2.00a - x86 - (2.0.1.537) (HKLM-x32\...\ACCA software S.p.A. Windows_Installer_3_1 2.0.1.537) (Version: 2.0.1.537 - ACCA software S.p.A.)
Adobe Acrobat Reader DC - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Aermec - MC11300 v2 (HKLM-x32\...\{0928E262-DA82-4A2A-AB8C-F5CD0D865145}}_is1) (Version: 2.08 - Aermec S.p.A.)
ANT Drivers Installer x64 (HKLM\...\{085B298F-5986-4BE3-9424-F6C0E16D2E36}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{06A333EA-4E9D-4848-865F-FE5A1E12AB30}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AutoCAD 2016 - Italiano (Italian) (HKLM\...\{5783F2D7-F001-0410-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - Italiano (Italian) (HKLM\...\{5783F2D7-F001-0410-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk AutoCAD 2016 - Italiano (Italian) (HKLM\...\AutoCAD 2016 - Italiano (Italian)) (Version: 20.1.49.0 - Autodesk)
Bit Che (HKLM-x32\...\{D9DA5C41-964F-455F-B5E7-3664519440E8}_is1) (Version: 3.5 build 18 - Convivea Inc.)
Bit4id - CSP PKCS11 Oberthur (HKLM-x32\...\Bit4id - CSP PKCS11 Oberthur (o)) (Version: 1.3.2.3 - Bit4id)
Bit4id - Universal Middleware for Incard (HKLM-x32\...\Bit4id - Universal Middleware for Incard (i)) (Version: 1.3.0.0 - Bit4id)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5767 - CDBurnerXP)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dike 5.5.0 (HKLM-x32\...\{3163143A-EA7F-4CED-B7BD-AEA38B4E0B5D}) (Version: 5.5.0 - InfoCert S.p.A)
Docfa4 (HKLM-x32\...\A9D22611-32B5-40C2-88BF-6A39245A0C76) (Version: 4.00.2 - Sogei)
Edificius (HKLM-x32\...\{D72DB3F2-4959-4137-B837-B3217B0874A6}) (Version: 6.00 - ACCA) Hidden
Elevated Installer (HKLM-x32\...\{FBCC845B-0579-47B6-ABE5-28A79D67CC72}) (Version: 4.1.6.0 - Garmin Ltd or its subsidiaries) Hidden
File Uploader (HKLM-x32\...\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}) (Version: 1.2.5 - Nikon)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.5.624 - Foxit Corporation)
Garmin Express (HKLM-x32\...\{4C7A0D46-8E0B-47D5-860D-139167839C4B}) (Version: 4.1.6.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{cffd1b30-7ae1-4c96-9390-52ce612d6b7d}) (Version: 4.1.6.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{4E461005-BE53-4E80-8E46-25FC9C8A0780}) (Version: 4.1.6.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.13 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
Img2CAD 7.2 (HKLM-x32\...\Img2CAD_is1) (Version:  - Img2CAD, Inc.)
iTunes (HKLM\...\{5AC8E601-667F-4CA0-90D8-B25E1C4B3387}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Malwarebytes Anti-Malware versione 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678) (HKLM-x32\...\{90120000-0016-0410-0000-0000000FF1CE}_ENTERPRISE_{9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677) (HKLM-x32\...\{90120000-001A-0410-0000-0000000FF1CE}_ENTERPRISE_{2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}) (Version:  - Microsoft)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0410-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669) (HKLM-x32\...\{90120000-0018-0410-0000-0000000FF1CE}_ENTERPRISE_{C76C02F1-B07F-4974-876A-A18DEC9887C8}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help - Aggiornamento (KB963665) (HKLM-x32\...\{90120000-001B-0410-0000-0000000FF1CE}_ENTERPRISE_{E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{E75776B2-EAE5-42F9-A800-0A10763DEDF0}) (Version: 11.0.2318.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{9B3F0A88-790D-3AD9-9F96-B19CF2746452}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 it) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 it)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Mp3tag v2.71 (HKLM-x32\...\Mp3tag) (Version: v2.71 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nikon Message Center (HKLM-x32\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon)
NVIDIA Driver grafico 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.81 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Pacchetto driver Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Pacchetto driver Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Pannello di controllo NVIDIA 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 341.81 - NVIDIA Corporation) Hidden
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (HKLM-x32\...\{38BA288B-C4F4-4C62-9237-4BFAB374F966}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (HKLM-x32\...\{5183F03D-90FA-493B-A074-F0F78B8486AD}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (HKLM-x32\...\{EB24E9E7-4BC1-4FD7-BF86-BDE07A7A03D7}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Settings CC (HKLM-x32\...\{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Split And Merge Basic (HKLM\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.4 - Andrea Vacondio)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.0.2 - Nikon)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Songr (HKCU\...\Songr) (Version: 2.0.2392 - Xamasoft)
Spotify (HKCU\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
Spotydl 0.9.37.0 (HKLM-x32\...\Spotydl_is1) (Version: 0.9.37.0 - spotydl.com)
Supporto applicazioni Apple (32 bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TransMac version 10.4 (HKLM-x32\...\TransMac_is1) (Version: 10.4 - Acute Systems)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.10.3 - Nikon)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
WinRAR 5.20 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.3 - win.rar GmbH)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 4094.29 MB
Available physical RAM: 2458.04 MB
Total Virtual: 4734.29 MB
Available Virtual: 2892.52 MB

========================= Partitions: =====================================

1 Drive c: (WINDOWS) (Fixed) (Total:465.76 GB) (Free:391.62 GB) NTFS
3 Drive e: (Yosemite) (Fixed) (Total:464.96 GB) (Free:444.47 GB) HFS
4 Drive u: (DiscoSistema) (Network) (Total:1817.75 GB) (Free:992.57 GB) NTFS
5 Drive z: (DiscoSistema) (Network) (Total:1817.75 GB) (Free:992.57 GB) NTFS

========================= Users: ========================================

Account utente per \\PC400

Administrator            DefaultAccount           Guest                    
Nicco                    
Esecuzione comando riuscita.

========================= Restore Points ==================================


**** End of log ****



#3 nicco1610

nicco1610
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:12 AM

Posted 01 September 2015 - 08:10 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 10 Pro x64
Ran by NiccoloM on 01/09/2015 at 15:00:17,25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Chrome


[C:\Users\ross03\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\ross03\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\ross03\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\ross03\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/09/2015 at 15:03:48,64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#4 nicco1610

nicco1610
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:12 AM

Posted 01 September 2015 - 08:31 AM

RogueKiller V10.10.3.0 (x64) [Aug 31 2015] di Adlice Software
posta : http://www.adlice.com/contact/
Commenti : http://forum.adlice.com
Sito Web : http://www.adlice.com/softwares/roguekiller/
Discussione : http://www.adlice.com

Sistema Operativo : Windows 10 (10.0.10240) 64 bits version
Iniziato in : Modalità Normale
Utente : NiccoloM [Amministratore]
Iniziato da : C:\Users\ross03\Downloads\RogueKillerX64.exe
Modalità : Scansione -- Data : 09/01/2015 15:30:23

¤¤¤ Processi : 1 ¤¤¤
[Proc.RunPE] hasplms.exe(2320) -- C:\Windows\System32\hasplms.exe[7] -> Eliminato [TermProc]  (False positive)

¤¤¤ Registro : 4 ¤¤¤
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2582738892-3026693307-1698268836-1174\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Trovato
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2582738892-3026693307-1698268836-1174\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Trovato
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Trovato
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Trovato

¤¤¤ Attività : 0 ¤¤¤

¤¤¤ Archivi : 0 ¤¤¤

¤¤¤ Archivio Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Caricato) ¤¤¤

¤¤¤ Web Browser : 0 ¤¤¤

¤¤¤ Controllo MBR : ¤¤¤
+++++ PhysicalDrive0: STM3500418AS +++++
--- User ---
[MBR] a8f3f618dfeb6ee9d397603cde5bbe15
[BSP] 82cdeee2834cedba81469e1326bf318f : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476936 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: STM3500418AS +++++
--- User ---
[MBR] 87fb0ea9357ee41a4939ce75d3a8049a
[BSP] da2bd5ede784f48b529ce0eedcf07892 : Unknown|VT.Unknown MBR Code
Partition table:
0 - EFI System Partition | Offset (sectors): 40 | Size: 200 MB
1 - Yosemite | Offset (sectors): 409640 | Size: 476119 MB
2 - Recovery HD | Offset (sectors): 975501480 | Size: 619 MB
User = LL1 ... OK
User = LL2 ... OK


Edited by nicco1610, 01 September 2015 - 08:32 AM.


#5 nicco1610

nicco1610
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:12 AM

Posted 01 September 2015 - 09:13 AM

Zemana AntiMalware 2.17.2.116 (Installato)

-------------------------------------------------------
Risultato scansione        : Completato
Data scansione             : 2015/9/1
Sistema operativo          : Windows 10 64-bit
Processore                 : 2X Intel® Core™2 Duo CPU   E8500 @ 3.16GHz
Modalità BIOS              : Legacy
CUID                       : 003820A2BF276845B5C03F
Tipo di scansione          : Scansione completa
Durata                     : 25m 32s
Oggetti scansionati        : 194901
Oggetti rilevati           : 0
Oggetti esclusi            : 0
Livello lettura            : SCSI
Caricamento automatico     : Sì
Mostra tutte le estensioni : No
Scansione documenti        : No
Informazioni dominio       : METROPOLIS,1,3
Oggetti rilevati
-------------------------------------------------------

Risultati pulizia
-------------------------------------------------------
Puliti                : 0
Segnalati come sicuri : 0
Falliti               : 0
 



#6 nicco1610

nicco1610
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:12 AM

Posted 01 September 2015 - 01:04 PM

Can Someone Help me please?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users