Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

connection drops repeatedly


  • This topic is locked This topic is locked
9 replies to this topic

#1 sweepsy

sweepsy

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Messina, Italy
  • Local time:02:51 PM

Posted 16 May 2016 - 07:05 AM

I couldn't resolve the issue. Sometimes it works fine but after the connection drops without apparent reason. I use Avira, CCleaner and Malwarebytes AntiMalware. I tried other programs to detect the problem but I'm still here.
 
In the section Am I infected they told me to post here following your preparation guide. So here there's the log and attached the addition file. 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-05-2016
Ran by sweepsy (administrator) on MARCOEVERO (16-05-2016 12:21:22)
Running from C:\Users\Veronica\Desktop
Loaded Profiles: UpdatusUser & sweepsy (Available Profiles: UpdatusUser & sweepsy)
Platform: Windows 10 Home Version 1511 (X64) Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
() C:\Program Files (x86)\Lenovo EasyCamera\Monitor.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6868.40731.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6868.40731.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-02-27] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-02-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [Lenovo EasyCamera_Monitor] => C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe [257224 2010-08-24] ()
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [MuteSync] => C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe [343040 2012-02-04] (Lenovo)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (CANON INC.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [75264 2016-04-07] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23745808 2016-05-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-04-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [807392 2016-02-22] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-492507503-50743368-3386583925-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-492507503-50743368-3386583925-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-492507503-50743368-3386583925-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-15] (Piriform Ltd)
HKU\S-1-5-21-492507503-50743368-3386583925-1002\...\MountPoints2: {88a5f045-b704-11e5-be87-089e01791a1d} - "I:\HTC_Sync_Manager_PC.exe" 
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{0229ffb7-27b9-4db1-afc4-8a166d7ee270}: [NameServer] 192.71.245.208,108.61.210.58
Tcpip\..\Interfaces\{0229ffb7-27b9-4db1-afc4-8a166d7ee270}: [DhcpNameServer] 61.13.0.99
Tcpip\..\Interfaces\{6d0257db-280d-47e4-ba66-83e66256fae0}: [NameServer] 192.71.245.208,108.61.210.58
Tcpip\..\Interfaces\{ea513b00-3a63-46bc-9cb3-3a2085b08fdb}: [NameServer] 208.67.222.222,208.67.220.220,192.168.1.1
Tcpip\..\Interfaces\{ea513b00-3a63-46bc-9cb3-3a2085b08fdb}: [DhcpNameServer] 208.67.222.222 208.67.220.220
 
Internet Explorer:
==================
HKU\S-1-5-21-492507503-50743368-3386583925-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-492507503-50743368-3386583925-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-492507503-50743368-3386583925-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
HKU\S-1-5-21-492507503-50743368-3386583925-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-492507503-50743368-3386583925-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/it-it/?pc=UE03&ocid=UE03DHP
SearchScopes: HKU\S-1-5-21-492507503-50743368-3386583925-1002 -> {3F0ED87E-268F-4D93-BC49-227A11851FC3} URL = hxxp://www.google.it/#hl=it&source=hp&q={searchTerms}&aq=f&aqi=g10&aql=&oq=&gs_rfai=&fp=9fca69c98b5d77d7
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Veronica\AppData\Roaming\Mozilla\Firefox\Profiles\k1evPKuj.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Veronica\AppData\Roaming\Mozilla\Firefox\Profiles\k1evPKuj.default\Extensions\abs@avira.com [2016-03-23]
FF Extension: Adblock Plus - C:\Users\Veronica\AppData\Roaming\Mozilla\Firefox\Profiles\k1evPKuj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-11]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.it/"
CHR Profile: C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Presentazioni Google) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-11]
CHR Extension: (Documenti Google) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-11]
CHR Extension: (Google Drive) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11]
CHR Extension: (YouTube) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-11]
CHR Extension: (Adblock Plus) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-08]
CHR Extension: (Google Search) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (Diagnostica della connettività Chrome) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\eemlkeanncmjljgehlbplemhmdmalhdc [2016-04-07]
CHR Extension: (Fogli Google) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-11]
CHR Extension: (Cloud SWF, Flash Player with Drive) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhhaadihgfcgmlefioblaahpnglnkbk [2016-05-09]
CHR Extension: (Sicurezza browser Avira) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-05-13]
CHR Extension: (Google Documenti offline) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2015-11-11]
CHR Extension: (Drumpfinator) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcimhbfpiofdihhdnofbdlhjcmjopilp [2016-03-09]
CHR Extension: (feedly) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2015-11-11]
CHR Extension: (anonymoX) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpklikeghomkemdellmmkoifgfbakio [2016-01-31]
CHR Extension: (Facebook Invite All) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2015-11-11]
CHR Extension: (Adblock per Facebook ™) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfjodonncabnangfknilmabjfofdikc [2016-03-05]
CHR Extension: (Twitter Hates <H - Militant™ edition) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgbjibfijkkkpcjopceopneodbnhofl [2016-03-22]
CHR Extension: (TweetDeck Launcher) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmjdnkpkpnjblbgbnkeedepgnomafojk [2015-11-29]
CHR Extension: (Google Avvisi email) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-11-11]
CHR Extension: (Pocket) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2015-12-30]
CHR Extension: (Save to Pocket) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2016-04-22]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Facebook GIF Button) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdfmeimafcmmefpiebpeodknddagimg [2015-12-22]
CHR Extension: (Gmail) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-11]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [955736 2016-02-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466504 2016-02-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466504 2016-02-22] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1424880 2016-02-22] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [280008 2016-04-25] (Avira Operations GmbH & Co. KG)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-29] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-29] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-11-19] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [741056 2015-11-29] (@ByELDI) [File not signed]
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-02-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137952 2016-02-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-02-22] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [68936 2016-02-22] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7585280 2015-10-30] (Broadcom Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-03-24] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-03-24] (Disc Soft Ltd)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [49584 2016-04-22] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-16 12:21 - 2016-05-16 12:22 - 00027997 _____ C:\Users\Veronica\Desktop\FRST.txt
2016-05-16 12:21 - 2016-05-16 12:21 - 00000000 ____D C:\FRST
2016-05-16 12:07 - 2016-05-16 12:07 - 02382336 _____ (Farbar) C:\Users\Veronica\Desktop\FRST64.exe
2016-05-16 12:06 - 2016-05-16 12:07 - 00000000 ____D C:\Users\Veronica\Downloads\G4M3.0F.7HR0N35.S06E04
2016-05-16 12:05 - 2016-05-16 12:05 - 00021401 _____ C:\Users\Veronica\Downloads\Game Of Thrones S06e04.torrent
2016-05-15 19:24 - 2016-05-15 19:29 - 398504858 _____ C:\Users\Veronica\Downloads\[AnimEngine] One Piece - 741.mp4
2016-05-13 18:51 - 2016-05-13 19:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-13 18:26 - 2016-05-13 19:28 - 1735758869 _____ C:\Users\Veronica\Downloads\Captain.America.Civil.War.2016.iTALiAN.MD.HDTC.XviD-GENiSYS.rar
2016-05-13 13:22 - 2016-05-13 13:22 - 01610816 _____ (Malwarebytes) C:\Users\Veronica\Downloads\JRT.exe
2016-05-13 13:20 - 2016-05-13 13:20 - 03640384 _____ C:\Users\Veronica\Downloads\AdwCleaner.exe
2016-05-13 11:23 - 2016-05-13 11:23 - 01826238 _____ C:\Users\Veronica\Downloads\NC3111269ENC_002.pdf
2016-05-13 10:09 - 2016-05-13 10:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\Veronica\Downloads\HijackThis.exe
2016-05-13 10:02 - 2016-05-10 16:28 - 00157360 _____ (Simplitec GmbH) C:\WINDOWS\RegDefragTask.exe
2016-05-12 22:38 - 2016-05-12 22:38 - 00000000 ____D C:\Users\Veronica\AppData\Roaming\MAGIX
2016-05-12 22:38 - 2016-05-12 22:38 - 00000000 ____D C:\ProgramData\MAGIX
2016-05-12 22:37 - 2016-03-11 20:15 - 00120200 _____ () C:\WINDOWS\SysWOW64\DLLDEV32i.dll
2016-05-12 07:54 - 2016-05-12 07:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-12 07:43 - 2016-05-12 07:43 - 00503549 _____ C:\Users\Veronica\Documents\disdetta sindacato.pdf
2016-05-11 16:38 - 2016-05-11 16:38 - 00449354 _____ C:\Users\Veronica\Documents\badge Marco Gitto.pdf
2016-05-11 13:07 - 2016-05-11 13:07 - 00029436 _____ C:\Users\Veronica\Downloads\parco Augusto.html
2016-05-11 13:07 - 2016-05-11 13:07 - 00000000 ____D C:\Users\Veronica\Downloads\parco Augusto_files
2016-05-11 09:59 - 2016-05-11 10:24 - 1237287952 ____R C:\Users\Veronica\Downloads\3 Doors Down[Discography - FLAC].rar
2016-05-11 09:42 - 2016-04-23 06:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 09:42 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-11 09:42 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-11 09:42 - 2016-04-23 06:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 09:42 - 2016-04-23 06:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 09:42 - 2016-04-23 06:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-11 09:42 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-11 09:42 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-11 09:42 - 2016-04-23 06:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-11 09:42 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-11 09:41 - 2016-04-30 08:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-11 09:41 - 2016-04-23 08:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-11 09:41 - 2016-04-23 08:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-11 09:41 - 2016-04-23 08:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-11 09:41 - 2016-04-23 08:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-11 09:41 - 2016-04-23 08:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 09:41 - 2016-04-23 08:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 09:41 - 2016-04-23 07:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-11 09:41 - 2016-04-23 07:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-11 09:41 - 2016-04-23 07:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 09:41 - 2016-04-23 07:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-11 09:41 - 2016-04-23 07:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-11 09:41 - 2016-04-23 07:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-11 09:41 - 2016-04-23 07:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-11 09:41 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-11 09:41 - 2016-04-23 07:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-11 09:41 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-11 09:41 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-11 09:41 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-11 09:41 - 2016-04-23 07:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-11 09:41 - 2016-04-23 07:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-11 09:41 - 2016-04-23 07:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-11 09:41 - 2016-04-23 07:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-11 09:41 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-11 09:41 - 2016-04-23 06:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 09:41 - 2016-04-23 06:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 09:41 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-11 09:41 - 2016-04-23 06:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-11 09:41 - 2016-04-23 06:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-11 09:41 - 2016-04-23 06:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 09:41 - 2016-04-23 06:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-11 09:41 - 2016-04-23 06:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-11 09:41 - 2016-04-23 06:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-11 09:41 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-11 09:41 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-11 09:41 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-11 09:41 - 2016-04-23 06:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 09:41 - 2016-04-23 06:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-11 09:41 - 2016-04-23 06:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-11 09:41 - 2016-04-23 06:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 09:41 - 2016-04-23 06:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-11 09:41 - 2016-04-23 06:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-11 09:41 - 2016-04-23 06:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 09:41 - 2016-04-23 06:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 09:41 - 2016-04-23 06:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-11 09:41 - 2016-04-23 06:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 09:41 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-11 09:41 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-11 09:41 - 2016-04-23 06:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 09:41 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-11 09:41 - 2016-04-23 06:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-11 09:41 - 2016-04-23 06:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 09:41 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-11 09:41 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-11 09:41 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-11 09:41 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-11 09:41 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-11 09:41 - 2016-04-23 06:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 09:41 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-11 09:41 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-11 09:41 - 2016-04-23 06:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 09:41 - 2016-04-23 06:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 09:41 - 2016-04-23 06:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-11 09:41 - 2016-04-23 06:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 09:41 - 2016-04-23 06:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 09:41 - 2016-04-23 06:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-11 09:41 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-11 09:41 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-11 09:41 - 2016-04-23 06:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-11 09:41 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-11 09:41 - 2016-04-23 06:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-11 09:41 - 2016-04-23 06:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-11 09:41 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-11 09:41 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-11 09:41 - 2016-04-23 06:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-11 09:41 - 2016-04-23 06:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 09:41 - 2016-04-23 06:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 09:40 - 2016-05-06 06:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-11 09:40 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-11 09:40 - 2016-05-06 06:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 09:40 - 2016-05-06 05:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 09:40 - 2016-05-06 05:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 09:40 - 2016-05-06 05:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 09:40 - 2016-05-06 05:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-11 09:40 - 2016-05-06 05:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 09:40 - 2016-04-30 08:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-11 09:40 - 2016-04-23 08:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-11 09:40 - 2016-04-23 08:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-11 09:40 - 2016-04-23 07:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-11 09:40 - 2016-04-23 07:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 09:40 - 2016-04-23 07:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-11 09:40 - 2016-04-23 07:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-11 09:40 - 2016-04-23 07:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-11 09:40 - 2016-04-23 07:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 09:40 - 2016-04-23 07:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-11 09:40 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-11 09:40 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-11 09:40 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-11 09:40 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-11 09:40 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-11 09:40 - 2016-04-23 07:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-11 09:40 - 2016-04-23 07:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 09:40 - 2016-04-23 07:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 09:40 - 2016-04-23 07:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-11 09:40 - 2016-04-23 07:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-11 09:40 - 2016-04-23 07:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 09:40 - 2016-04-23 07:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-11 09:40 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-11 09:40 - 2016-04-23 07:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 09:40 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-11 09:40 - 2016-04-23 07:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 09:40 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-11 09:40 - 2016-04-23 07:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-11 09:40 - 2016-04-23 07:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-11 09:40 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-11 09:40 - 2016-04-23 07:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-11 09:40 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-11 09:40 - 2016-04-23 07:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-11 09:40 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-11 09:40 - 2016-04-23 07:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 09:40 - 2016-04-23 07:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-11 09:40 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-11 09:40 - 2016-04-23 07:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-11 09:40 - 2016-04-23 07:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 09:40 - 2016-04-23 07:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 09:40 - 2016-04-23 07:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-11 09:40 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-11 09:40 - 2016-04-23 07:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-11 09:40 - 2016-04-23 07:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-11 09:40 - 2016-04-23 07:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-11 09:40 - 2016-04-23 07:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 09:40 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-11 09:40 - 2016-04-23 07:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-11 09:40 - 2016-04-23 06:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-11 09:40 - 2016-04-23 06:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 09:40 - 2016-04-23 06:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-11 09:40 - 2016-04-23 06:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-11 09:40 - 2016-04-23 06:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-11 09:40 - 2016-04-23 06:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 09:40 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-11 09:40 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-11 09:40 - 2016-04-23 06:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 09:40 - 2016-04-23 06:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 09:40 - 2016-04-23 06:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 09:40 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-11 09:40 - 2016-04-23 06:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-11 09:40 - 2016-04-23 06:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 09:40 - 2016-04-23 06:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-11 09:40 - 2016-04-23 06:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 09:40 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-11 09:40 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-11 09:40 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-11 09:40 - 2016-04-23 06:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 09:40 - 2016-04-23 06:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 09:40 - 2016-04-23 06:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 09:40 - 2016-04-23 06:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-11 09:40 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-11 09:40 - 2016-04-23 06:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-11 09:40 - 2016-04-23 06:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-11 09:40 - 2016-04-23 06:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 09:40 - 2016-04-23 06:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 09:40 - 2016-04-23 06:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-11 09:40 - 2016-04-23 06:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 09:40 - 2016-04-23 06:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 09:40 - 2016-04-23 06:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-11 09:40 - 2016-04-23 06:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-11 09:40 - 2016-04-23 06:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-11 09:40 - 2016-04-23 06:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-11 09:40 - 2016-04-23 06:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-11 09:40 - 2016-04-23 06:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 09:40 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-11 09:40 - 2016-04-23 06:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 09:40 - 2016-04-23 06:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-11 09:40 - 2016-04-23 06:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 09:40 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-11 09:40 - 2016-04-23 06:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 09:40 - 2016-04-23 06:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-11 09:40 - 2016-04-23 06:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 09:40 - 2016-04-23 06:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 09:40 - 2016-04-23 06:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 09:40 - 2016-04-23 06:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 09:40 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-11 09:40 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-11 09:40 - 2016-04-23 06:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-11 09:40 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-11 09:40 - 2016-04-23 06:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 09:40 - 2016-04-23 06:18 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-05-11 09:40 - 2016-04-23 06:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-11 09:40 - 2016-04-23 06:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-11 09:40 - 2016-04-23 06:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-11 09:40 - 2016-04-23 06:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 09:40 - 2016-04-23 06:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 09:40 - 2016-04-23 06:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 09:40 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-11 09:40 - 2016-04-23 06:18 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-05-11 09:40 - 2016-04-23 06:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-11 09:40 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-11 09:40 - 2016-04-23 06:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-11 09:40 - 2016-04-23 06:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-11 09:40 - 2016-04-23 06:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-11 09:40 - 2016-04-23 06:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 09:40 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-11 09:40 - 2016-04-23 06:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 09:40 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-11 09:40 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-11 09:40 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-11 09:40 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-11 09:40 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-11 09:40 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-11 09:40 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-11 09:40 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-11 09:40 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-11 09:40 - 2016-04-23 06:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-11 09:40 - 2016-04-23 06:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-11 09:40 - 2016-04-23 06:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 09:40 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-11 09:40 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-11 09:40 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-11 09:40 - 2016-04-23 06:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-11 09:40 - 2016-04-23 06:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 09:40 - 2016-04-23 05:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-11 09:40 - 2016-04-23 04:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-11 09:40 - 2016-04-23 04:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-11 09:40 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-11 09:12 - 2016-05-11 09:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-11 09:11 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-11 09:11 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-11 09:11 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-11 09:10 - 2016-05-11 09:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-11 09:08 - 2016-05-11 09:08 - 00095315 _____ C:\Users\Veronica\Downloads\3-doors-down-discografia-2000-2005-flac-nu-metal.torrent
2016-05-11 09:00 - 2016-05-11 09:00 - 00000194 _____ C:\Users\Veronica\Downloads\hosts-perm.bat
2016-05-10 20:45 - 2016-05-10 20:45 - 00000000 ____D C:\Users\Veronica\Downloads\11.22.63.S01E05
2016-05-10 20:44 - 2016-05-10 20:44 - 00011589 _____ C:\Users\Veronica\Downloads\f21bbde7d4fd00b4dd8580adc0016864b166648d.torrent
2016-05-09 19:58 - 2016-05-09 19:58 - 05776144 _____ (Adobe Systems Inc.) C:\Users\Veronica\Downloads\Shockwave_Installer_Slim.exe
2016-05-09 19:58 - 2016-05-09 19:58 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2016-05-09 08:27 - 2016-05-09 08:28 - 00000000 ____D C:\Users\Veronica\Downloads\G4M3.0F.7HR0N35.S06E03
2016-05-09 08:27 - 2016-05-09 08:27 - 00021413 _____ C:\Users\Veronica\Downloads\Game Of Thrones S06e03.torrent
2016-05-06 18:57 - 2016-05-06 18:57 - 00914508 _____ C:\Users\Veronica\Downloads\E+ KA3 YM - Infopack.pdf
2016-05-06 18:56 - 2016-05-06 18:56 - 00144050 _____ C:\Users\Veronica\Downloads\E+ KA3 YM - Summary EN.pdf
2016-05-06 10:08 - 2016-05-06 10:08 - 00250900 _____ C:\Users\Veronica\Downloads\10_00341115_03_16_CU.pdf
2016-05-04 10:54 - 2016-05-04 10:54 - 00751889 _____ C:\Users\Veronica\Downloads\fattura-1617990331.pdf
2016-05-03 17:52 - 2016-05-03 17:52 - 00011765 _____ C:\Users\Veronica\Downloads\7d35d2b8336574e04311ce822ecd7eb43ca7819f.torrent
2016-05-03 17:52 - 2016-05-03 17:52 - 00000000 ____D C:\Users\Veronica\Downloads\11.22.63.S01E04
2016-05-02 16:35 - 2016-05-02 16:35 - 06700370 _____ C:\Users\Veronica\Downloads\mbam-chameleon-3.1.30.0.zip
2016-05-02 16:23 - 2016-05-02 16:24 - 22851472 _____ (Malwarebytes ) C:\Users\Veronica\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-02 16:11 - 2016-05-02 16:11 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\Veronica\Downloads\rkill64.com
2016-05-02 15:35 - 2016-05-02 15:38 - 25693216 _____ (SUPERAntiSpyware) C:\Users\Veronica\Downloads\SAS_010380.EXE
2016-05-02 15:26 - 2016-05-02 15:26 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Veronica\Downloads\rkill.com
2016-05-02 15:25 - 2016-05-13 13:27 - 00000000 ____D C:\AdwCleaner
2016-05-02 15:25 - 2016-05-02 15:25 - 03615296 _____ C:\Users\Veronica\Downloads\adwcleaner_5.115.exe
2016-05-02 14:23 - 2016-05-02 14:24 - 00000000 ____D C:\Users\Veronica\Downloads\G4M3.0F.7HR0N35.S06E02
2016-05-02 14:22 - 2016-05-02 14:22 - 00012174 _____ C:\Users\Veronica\Downloads\Game Of Thrones S06e02.torrent
2016-05-02 14:02 - 2016-05-02 14:42 - 2857938049 ____R C:\Users\Veronica\Downloads\La.Mafia.Uccide.Solo.D.Estate.2013.BDrip 720p.H264.Ita Ac3[MTX Group]mutu_1980.mkv
2016-05-02 14:02 - 2016-05-02 14:02 - 00109541 _____ C:\Users\Veronica\Downloads\71aedf27cd63ef8f7e1dcdd1e1c51974c5030a8b (1).torrent
2016-05-02 09:55 - 2016-05-02 09:55 - 00109541 _____ C:\Users\Veronica\Downloads\71aedf27cd63ef8f7e1dcdd1e1c51974c5030a8b.torrent
2016-05-01 16:34 - 2016-05-01 17:55 - 1467572224 ____R C:\Users\Veronica\Downloads\Il cacciatore di giganti [XviD - Ita Ac3 5.1][TNT Village].avi
2016-05-01 16:33 - 2016-05-01 16:33 - 00112460 _____ C:\Users\Veronica\Downloads\bbc1d36c08331118dc2ab2c0166f6cb0cc0441f8.torrent
2016-04-30 18:02 - 2016-05-13 10:13 - 00002281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-30 18:02 - 2016-05-13 10:13 - 00002269 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-30 18:01 - 2016-05-13 19:45 - 00001180 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-30 18:01 - 2016-05-13 19:45 - 00001176 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-30 18:01 - 2016-05-13 18:49 - 00003752 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-30 18:01 - 2016-05-13 18:48 - 00003528 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-30 17:52 - 2016-04-30 17:52 - 00987728 _____ (Google Inc.) C:\Users\Veronica\Downloads\ChromeSetup.exe
2016-04-29 15:16 - 2016-04-29 15:16 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-29 15:14 - 2016-04-29 15:14 - 06882192 _____ (Piriform Ltd) C:\Users\Veronica\Downloads\ccsetup517.exe
2016-04-27 18:52 - 2016-04-27 19:01 - 00000000 ____D C:\Users\Veronica\Downloads\11.22.63.S01E03
2016-04-27 18:51 - 2016-04-27 18:51 - 00011681 _____ C:\Users\Veronica\Downloads\e252dce965888577cd7e306a69ee536d8c7d8ba2.torrent
2016-04-27 07:29 - 2016-04-27 07:29 - 00069546 _____ C:\Users\Veronica\Downloads\10_00341115_04_16.pdf
2016-04-25 15:16 - 2016-05-13 19:52 - 00002488 _____ C:\WINDOWS\System32\Tasks\{3BFA96F8-BE50-469A-99AC-FD4B590C3335}
2016-04-25 15:00 - 2005-08-25 22:10 - 00009804 _____ ( ) C:\WINDOWS\system\vdremote.dll
2016-04-25 15:00 - 2005-08-25 22:09 - 00007244 _____ ( ) C:\WINDOWS\system\vdsvrlnk.dll
2016-04-25 13:40 - 2016-04-25 13:40 - 00000000 ____D C:\Users\Veronica\Downloads\game.of_.thrones.s06e01.sub_.ita_.subsfactory
2016-04-25 13:32 - 2016-04-25 13:35 - 204785486 ____R C:\Users\Veronica\Downloads\Game of thrones S06E01 The Red Woman 720p HDTV x265 HEVC[Lucifer22].mkv
2016-04-25 13:32 - 2016-04-25 13:32 - 00029387 _____ C:\Users\Veronica\Downloads\game.of_.thrones.s06e01.sub_.ita_.subsfactory.zip
2016-04-25 13:31 - 2016-04-25 13:31 - 00016444 _____ C:\Users\Veronica\Downloads\game-of-thrones-s06-e01-the-red-woman-720p-h-d-t-v-x265-soft-subbe.torrent
2016-04-22 18:53 - 2016-04-22 18:53 - 00000000 ____D C:\Users\Veronica\AppData\Roaming\Avira
2016-04-22 18:51 - 2016-02-22 17:47 - 00137952 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-04-22 18:51 - 2016-02-22 17:47 - 00128664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-04-22 18:51 - 2016-02-22 17:47 - 00068936 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-04-22 18:51 - 2016-02-22 17:47 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-04-22 18:47 - 2016-05-12 22:37 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-22 18:47 - 2016-05-11 14:47 - 00001218 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-04-22 18:47 - 2016-05-11 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-04-22 18:47 - 2016-04-22 18:51 - 00000000 ____D C:\ProgramData\Avira
2016-04-22 18:47 - 2016-04-22 18:51 - 00000000 ____D C:\Program Files (x86)\Avira
2016-04-22 18:40 - 2016-04-22 18:40 - 04889864 _____ (Avira Operations GmbH & Co. KG) C:\Users\Veronica\Downloads\avira_it_av_571a4e5899b85__ws.exe
2016-04-22 18:34 - 2016-04-22 18:34 - 00003584 _____ C:\WINDOWS\SECOH-QAD.dll
2016-04-22 17:07 - 2016-04-22 17:07 - 00000000 ____D C:\ProgramData\Emsisoft
2016-04-22 16:54 - 2016-04-22 18:33 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-04-22 15:26 - 2016-04-22 15:26 - 00003062 _____ C:\WINDOWS\system32\.crusader
2016-04-22 15:16 - 2016-04-22 15:28 - 00049584 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2016-04-22 15:16 - 2016-04-22 15:26 - 00000000 ____D C:\ProgramData\HitmanPro
2016-04-22 15:11 - 2016-04-22 15:14 - 00089588 _____ C:\TDSSKiller.3.1.0.9_22.04.2016_15.11.20_log.txt
2016-04-22 15:09 - 2016-04-22 15:09 - 00816703 _____ C:\Users\Veronica\AppData\Local\census.cache
2016-04-22 15:07 - 2016-04-22 15:07 - 00224714 _____ C:\Users\Veronica\AppData\Local\ars.cache
2016-04-22 14:54 - 2016-04-22 14:54 - 00000010 _____ C:\Users\Veronica\AppData\Local\sponge.last.runtime.cache
2016-04-22 14:48 - 2016-04-22 14:48 - 00000000 ____D C:\ProgramData\Trend Micro
2016-04-22 14:38 - 2016-04-22 14:38 - 00000036 _____ C:\Users\Veronica\AppData\Local\housecall.guid.cache
2016-04-22 14:38 - 2015-12-24 15:03 - 00316168 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2016-04-22 08:33 - 2016-05-11 09:52 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-04-22 08:29 - 2016-04-22 08:30 - 00000000 ____D C:\Users\Veronica\Downloads\TMRBLog
2016-04-22 08:29 - 2016-04-22 08:29 - 00000000 ____D C:\Users\Veronica\Downloads\log
2016-04-22 08:19 - 2016-04-22 08:19 - 00000000 ____D C:\Users\Veronica\AppData\LocalLow\Adblock Plus for IE
2016-04-22 08:19 - 2016-04-22 08:19 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2016-04-22 08:02 - 2016-04-22 08:03 - 00000000 ____D C:\Users\Veronica\Downloads\backups
2016-04-22 07:21 - 2016-04-22 07:21 - 00002864 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-04-22 07:21 - 2016-04-22 07:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-04-22 07:20 - 2016-04-22 07:21 - 00000000 ____D C:\Program Files\CCleaner
2016-04-19 16:36 - 2016-04-19 16:44 - 00000000 ____D C:\Users\Veronica\Downloads\11.22.63.S01E02
2016-04-19 16:35 - 2016-04-19 16:35 - 00011765 _____ C:\Users\Veronica\Downloads\9acf887e7d1e931474273ae7f17e940aceb92773.torrent
2016-04-18 21:43 - 2016-04-18 21:43 - 00117199 _____ C:\Users\Veronica\Downloads\654055335.PDF
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-16 12:21 - 2015-11-12 00:16 - 00000000 ____D C:\Users\Veronica\AppData\Roaming\uTorrent
2016-05-16 11:34 - 2015-12-03 13:51 - 00000978 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-16 11:30 - 2015-11-12 19:36 - 00004178 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{52F24246-E945-429E-A696-D354924A5085}
2016-05-15 21:29 - 2015-11-15 13:18 - 00000000 ____D C:\Users\Veronica\AppData\Roaming\vlc
2016-05-14 19:13 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-14 10:59 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-13 19:54 - 2016-01-16 12:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-13 19:53 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-13 19:45 - 2016-03-29 11:47 - 00001132 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-05-13 19:45 - 2016-03-29 11:47 - 00001128 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-05-13 19:44 - 2016-01-16 12:28 - 00000000 ____D C:\Users\Veronica
2016-05-13 19:44 - 2015-11-30 16:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-13 18:50 - 2015-11-11 21:26 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-13 18:49 - 2016-04-13 10:47 - 00012526 _____ C:\WINDOWS\System32\Tasks\WinTOOL
2016-05-13 18:49 - 2015-11-11 21:31 - 00002496 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2016-05-13 18:48 - 2016-03-29 11:47 - 00003706 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-05-13 18:48 - 2016-03-29 11:47 - 00003482 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2016-05-13 17:14 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-13 16:59 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-13 13:35 - 2016-03-23 13:30 - 00000000 __SHD C:\ProgramData\484800
2016-05-13 13:29 - 2016-01-16 12:19 - 00438944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-13 13:22 - 2015-11-11 21:27 - 00000000 ____D C:\Users\Veronica\AppData\Roaming\Skype
2016-05-13 11:39 - 2016-03-29 11:51 - 00000000 ___RD C:\Users\Veronica\Dropbox
2016-05-13 09:54 - 2015-09-10 07:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-12 22:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-12 22:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-12 22:46 - 2015-10-30 20:22 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-12 22:46 - 2015-10-30 09:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-12 22:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-12 22:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-12 11:47 - 2016-03-29 11:47 - 00000000 ____D C:\Users\Veronica\AppData\Local\Dropbox
2016-05-12 07:55 - 2016-03-29 11:47 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-05-12 07:28 - 2015-11-11 19:47 - 00000000 ____D C:\Users\Veronica\AppData\Local\Packages
2016-05-11 21:57 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-11 21:57 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 09:44 - 2015-11-11 23:02 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-11 09:44 - 2015-11-11 23:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 09:16 - 2016-03-23 13:59 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-10 21:56 - 2015-11-11 21:23 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-05-10 21:56 - 2015-11-11 21:22 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-06 19:03 - 2015-11-11 21:26 - 00000000 ____D C:\ProgramData\Skype
2016-05-05 21:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-05-05 20:53 - 2015-11-12 18:58 - 00000000 ____D C:\Users\Veronica\AppData\Local\ElevatedDiagnostics
2016-04-30 18:02 - 2015-11-11 19:56 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-25 15:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\System
2016-04-25 13:38 - 2015-11-19 01:35 - 01832886 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-25 13:38 - 2015-10-30 20:19 - 00813240 _____ C:\WINDOWS\system32\perfh010.dat
2016-04-25 13:38 - 2015-10-30 20:19 - 00152000 _____ C:\WINDOWS\system32\perfc010.dat
2016-04-22 15:26 - 2013-02-27 14:05 - 00000000 ____D C:\Program Files (x86)\Amazon
2016-04-22 07:28 - 2015-11-11 19:47 - 00000000 ____D C:\Users\Veronica\AppData\Local\VirtualStore
2016-04-22 07:27 - 2016-03-24 20:38 - 00000000 ____D C:\Users\Veronica\AppData\Roaming\DAEMON Tools Lite
2016-04-22 07:26 - 2016-01-16 12:18 - 00000000 ___DC C:\WINDOWS\Panther
2016-04-20 20:16 - 2015-11-08 17:05 - 00000000 ____D C:\Users\Veronica\Desktop\Veronica
2016-04-20 20:08 - 2016-03-29 11:51 - 00001306 _____ C:\Users\Veronica\Desktop\Dropbox.lnk
2016-04-20 20:08 - 2016-03-24 21:05 - 00002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-04-20 20:08 - 2016-03-24 21:05 - 00002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-04-20 20:08 - 2016-03-24 21:05 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-04-20 20:08 - 2016-03-24 21:05 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-04-20 20:08 - 2016-03-24 21:05 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-04-20 20:08 - 2016-03-24 21:05 - 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-04-20 20:08 - 2016-03-24 21:05 - 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-04-20 20:08 - 2016-03-24 21:05 - 00002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-04-20 20:08 - 2016-03-24 21:05 - 00002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-04-20 20:08 - 2016-02-13 21:43 - 00001394 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2016-04-20 20:08 - 2016-02-08 20:54 - 00002701 _____ C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-04-20 20:08 - 2016-01-28 09:42 - 00000994 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-04-20 20:08 - 2016-01-16 12:34 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-20 20:08 - 2015-12-16 19:40 - 00001150 _____ C:\Users\Public\Desktop\OpenOffice 4.1.2.lnk
2016-04-20 20:08 - 2015-11-30 16:51 - 00001949 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-20 20:08 - 2015-11-19 01:44 - 00002437 _____ C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-20 20:08 - 2015-11-12 00:17 - 00002721 _____ C:\Users\Veronica\Desktop\µTorrent.lnk
2016-04-20 20:08 - 2015-11-11 21:26 - 00002634 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-20 20:08 - 2013-02-27 14:05 - 00002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.lnk
2016-04-20 20:08 - 2013-02-27 14:03 - 00001969 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Cloud Storage by SugarSync.lnk
2016-04-20 20:05 - 2015-10-30 20:19 - 00000000 ____D C:\WINDOWS\SKB
2016-04-16 11:13 - 2016-02-13 21:43 - 00000000 ____D C:\ProgramData\Freemake
2016-04-16 11:08 - 2016-02-13 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
 
==================== Files in the root of some directories =======
 
2016-03-23 13:28 - 2016-03-23 13:28 - 0004608 _____ () C:\Users\Veronica\AppData\Roaming\Microsoft\HexSys.dll
2016-03-23 13:28 - 2016-03-23 13:28 - 0000942 _____ () C:\Users\Veronica\AppData\Roaming\Microsoft\SysHex.exe.config
2016-03-23 13:28 - 2016-03-23 13:28 - 0513024 _____ () C:\Users\Veronica\AppData\Roaming\Microsoft\Youtube.txt
2016-04-22 15:07 - 2016-04-22 15:07 - 0224714 _____ () C:\Users\Veronica\AppData\Local\ars.cache
2016-04-22 15:09 - 2016-04-22 15:09 - 0816703 _____ () C:\Users\Veronica\AppData\Local\census.cache
2016-04-22 14:38 - 2016-04-22 14:38 - 0000036 _____ () C:\Users\Veronica\AppData\Local\housecall.guid.cache
2016-01-28 10:00 - 2016-01-28 10:00 - 0003881 _____ () C:\Users\Veronica\AppData\Local\recently-used.xbel
2016-04-22 14:54 - 2016-04-22 14:54 - 0000010 _____ () C:\Users\Veronica\AppData\Local\sponge.last.runtime.cache
2016-03-23 13:30 - 2016-03-23 13:30 - 0000006 __RSH () C:\ProgramData\7deb20d34559016bd60c2e57072d0de6dc6e9757
2013-02-27 13:53 - 2013-02-27 13:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Veronica\AppData\Local\Temp\avgnt.exe
C:\Users\Veronica\AppData\Local\Temp\libeay32.dll
C:\Users\Veronica\AppData\Local\Temp\msvcr120.dll
C:\Users\Veronica\AppData\Local\Temp\simpliclean_2.4.4.102.exe
C:\Users\Veronica\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-05-08 12:52
 
==================== End of FRST.txt ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,184 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:51 AM

Posted 17 May 2016 - 01:16 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start


CreateRestorePoint:
EmptyTemp:
CloseProcesses:
Hosts:

(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
Winlogon\Notify\igfxcui: igfxdev.dll [X]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [741056 2015-11-29] (@ByELDI) [File not signed]
C:\Program Files\KMSpico
Task: {0730BA3C-2C2E-4113-9F32-47349922D667} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0C0B35D1-71AE-4D04-BB56-240F81602591} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {15B40D60-3FB4-42DE-9D03-6D59E9401DE1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5398411D-B492-43AC-95BA-4C9750B294AE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8513FB45-33F0-4DBA-A100-381980C4CDE6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8C245F56-A4DC-4155-8BDF-BFB8751DB99D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {927CF813-E424-411E-A01F-245131590462} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9C7D5E2E-8C16-4816-A96C-559BEE723109} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B79AD1D8-1F46-4803-94E6-9286E77DC268} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-11-29] (@ByELDI)
Task: {DD5107BA-8568-4F51-820F-A2699D6F05D8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E92FD796-99FE-4D22-93ED-1F3CC895DFB2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F45EFC4E-863C-4A72-8704-8ABF76CE7EF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Clear your cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en

Restart Chrome

===

Please post the log and let me know if the problem persists.

#3 sweepsy

sweepsy
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Messina, Italy
  • Local time:02:51 PM

Posted 17 May 2016 - 02:41 PM

Thank you.

I followed the steps you suggested. Considering that sometimes connection seems to work properly I cannot immediately say for sure if it's ok. Passing time has the answer.

 

By the way,this is the log:

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:14-05-2016

Ran by sweepsy (2016-05-17 21:26:12) Run:1
Running from C:\Users\Veronica\Desktop
Loaded Profiles: UpdatusUser & sweepsy (Available Profiles: UpdatusUser & sweepsy)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
 
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
Hosts:
 
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
Winlogon\Notify\igfxcui: igfxdev.dll [X]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [741056 2015-11-29] (@ByELDI) [File not signed]
C:\Program Files\KMSpico
Task: {0730BA3C-2C2E-4113-9F32-47349922D667} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0C0B35D1-71AE-4D04-BB56-240F81602591} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {15B40D60-3FB4-42DE-9D03-6D59E9401DE1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5398411D-B492-43AC-95BA-4C9750B294AE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8513FB45-33F0-4DBA-A100-381980C4CDE6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8C245F56-A4DC-4155-8BDF-BFB8751DB99D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {927CF813-E424-411E-A01F-245131590462} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9C7D5E2E-8C16-4816-A96C-559BEE723109} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B79AD1D8-1F46-4803-94E6-9286E77DC268} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-11-29] (@ByELDI)
Task: {DD5107BA-8568-4F51-820F-A2699D6F05D8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E92FD796-99FE-4D22-93ED-1F3CC895DFB2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F45EFC4E-863C-4A72-8704-8ABF76CE7EF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not restore Hosts.
C:\Program Files\KMSpico\Service_KMS.exe => No running process found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui" => key removed successfully
"HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10" => key removed successfully
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value removed successfully
C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
Service KMSELDI => Service stopped successfully.
Service KMSELDI => service removed successfully
C:\Program Files\KMSpico => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0730BA3C-2C2E-4113-9F32-47349922D667}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0730BA3C-2C2E-4113-9F32-47349922D667}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C0B35D1-71AE-4D04-BB56-240F81602591}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C0B35D1-71AE-4D04-BB56-240F81602591}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15B40D60-3FB4-42DE-9D03-6D59E9401DE1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15B40D60-3FB4-42DE-9D03-6D59E9401DE1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5398411D-B492-43AC-95BA-4C9750B294AE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5398411D-B492-43AC-95BA-4C9750B294AE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8513FB45-33F0-4DBA-A100-381980C4CDE6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8513FB45-33F0-4DBA-A100-381980C4CDE6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C245F56-A4DC-4155-8BDF-BFB8751DB99D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C245F56-A4DC-4155-8BDF-BFB8751DB99D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{927CF813-E424-411E-A01F-245131590462}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{927CF813-E424-411E-A01F-245131590462}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C7D5E2E-8C16-4816-A96C-559BEE723109}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C7D5E2E-8C16-4816-A96C-559BEE723109}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B79AD1D8-1F46-4803-94E6-9286E77DC268}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B79AD1D8-1F46-4803-94E6-9286E77DC268}" => key removed successfully
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DD5107BA-8568-4F51-820F-A2699D6F05D8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD5107BA-8568-4F51-820F-A2699D6F05D8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E92FD796-99FE-4D22-93ED-1F3CC895DFB2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E92FD796-99FE-4D22-93ED-1F3CC895DFB2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F45EFC4E-863C-4A72-8704-8ABF76CE7EF1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F45EFC4E-863C-4A72-8704-8ABF76CE7EF1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
EmptyTemp: => 485.9 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 21:26:56 ====


#4 sweepsy

sweepsy
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Messina, Italy
  • Local time:02:51 PM

Posted 17 May 2016 - 02:55 PM

Ok, connection dropped again... 

I don't know if can be relevant but sometimes chrome says error "dns probe finished no internet" 

I use open DNS...



#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,184 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:51 AM

Posted 18 May 2016 - 07:58 AM

Execute the Solution No.1 listed on this page.

http://www.incrediblelab.com/fix-dns-probe-finished-no-internet-error-fixed/

===

If that fails to solve your problem check out Solution no. 2.
Check with your provider and make sure you have the correct settings.

Keep me posted.

#6 sweepsy

sweepsy
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Messina, Italy
  • Local time:02:51 PM

Posted 18 May 2016 - 08:08 AM

I already tried these solutions :(



#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,184 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:51 AM

Posted 18 May 2016 - 08:25 AM

Can you get your Internet provider check your router and modem.
One of them may be going bad. I have seen it.

#8 sweepsy

sweepsy
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Messina, Italy
  • Local time:02:51 PM

Posted 18 May 2016 - 09:04 AM

 

Test Internet surfing        Test xDSL Synchronization Pass      ATM OAM Segment Ping Pass      ATM OAM end to end Ping Pass      Test PPP Server connection Pass      Test authentication with ISP Pass      Test the assigned IP address Pass      Ping default gateway Pass      Ping primary Domain Name Server Pass      Test DNS Root Fail      Network Connection Status Inspect(NCSI) Pass   Diagnostics completes

 

 

 

 

 

br_8_35_1        Test xDSL Synchronization Pass      ATM OAM Segment Ping Pass      ATM OAM end to end Ping Pass   pppoe_8_35_2_d        Test xDSL Synchronization Pass      ATM OAM Segment Ping Pass      ATM OAM end to end Ping Pass      Test PPP Server connection Pass      Test authentication with ISP Pass      Test the assigned IP address Pass      Ping default gateway Pass   Diagnostics completes

Edited by sweepsy, 18 May 2016 - 09:26 AM.


#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,184 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:51 AM

Posted 19 May 2016 - 06:28 AM


The best topic I could find was this one.

http://forum.tp-link.com/showthread.php?2428-TD-W8980-Test-DNS-Root/page2&s=7fd075e2623d054df6016c28b21694e7

No solution as far as I can see.

I suggest you create a new topic in the Networking forum
http://www.bleepingcomputer.com/forums/f/21/networking/

Before you do please download and run this tool.

Please download MiniToolBox to Desktop and run it.

Check mark the following boxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List last 10 Event Viewer log
  • List content of Hosts
  • List IP Configuration
  • List Winsock Entries
  • Click Go and copy/paste the log (Result.txt) into your next post.
  • Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
Post the log in the new topic and explain your problem.
An expert should be able to help you. This is not my forte.

I will leave the topic open for 5 days if you need to return please do.

#10 sweepsy

sweepsy
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Messina, Italy
  • Local time:02:51 PM

Posted 19 May 2016 - 07:43 AM

Thank you, I posted there 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users