luca007

Thank you very much Marius, you've been able to sort out what I tried to do for weeks. As a thank you for your help I will give you something, I know it is not much but I'm not an adult and I don't have a job so I can't afford more. Danke Luca

Results of screen317's Security Check version 0.99.85 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` JavaScript Tooling Java 7 Update 55 JavaScript Tooling Visual Studio Extensions for Windows Library for JavaScript Java version out of Date! Adobe Flash Player 13.0.0.214 Flash Player out of Date! Adobe Reader XI Google Chrome 35.0.1916.114 Google Chrome 35.0.1916.153 ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Windows Defender MpCmdRun.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````

This is the log of Junkware Romoval Tool: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 8.1 Pro x64 Ran by lucal_000 on 07/07/2014 at 15:24:49,36 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-311390209-566744454-1957549641-1001\Software\Microsoft\Internet Explorer\Main\\Start Page ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 07/07/2014 at 15:27:52,06 End of JRT log

I have 2 file log at of AdwCleaner: - AdwCleaner[R0].txt # AdwCleaner v3.214 - Rapporto creato 07/07/2014 in 15:15:50 # Aggiornato 29/06/2014 di Xplode # Sistema operativo : Windows 8.1 Pro (64 bits) # Nome utente : lucal_000 - TERROR4K # In esecuzione da : E:\Desktop\adwcleaner_3.214.exe # Opzione : Scansiona ***** [ Servizi ] ***** ***** [ File / Cartelle ] ***** Cartella Trovato : C:\ProgramData\apn Cartella Trovato : C:\ProgramData\Babylon Cartella Trovato : C:\ProgramData\DSearchLink ***** [ Collegamenti ] ***** ***** [ Registro ] ***** Chiave Trovati : HKCU\Software\APN PIP Chiave Trovati : [x64] HKCU\Software\APN PIP Chiave Trovati : HKLM\Software\AVG Nation toolbar Chiave Trovati : HKLM\Software\AVG Security Toolbar Chiave Trovati : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Chiave Trovati : HKLM\SOFTWARE\Classes\Prod.cap Chiave Trovati : HKLM\Software\PIP ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.17126 -\\ Google Chrome v35.0.1916.153 [ File : C:\Users\lucal_000\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1112 octets] - [07/07/2014 15:15:50] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1172 octets] ########## - AdwCleaner[s0].txt # AdwCleaner v3.214 - Rapporto creato 07/07/2014 in 15:19:36 # Aggiornato 29/06/2014 di Xplode # Sistema operativo : Windows 8.1 Pro (64 bits) # Nome utente : lucal_000 - TERROR4K # In esecuzione da : E:\Desktop\adwcleaner_3.214.exe # Opzione : Pulisci ***** [ Servizi ] ***** ***** [ File / Cartelle ] ***** Cartella Eliminato : C:\ProgramData\apn Cartella Eliminato : C:\ProgramData\Babylon Cartella Eliminato : C:\ProgramData\DSearchLink ***** [ Collegamenti ] ***** ***** [ Registro ] ***** Chiave Eliminati : HKLM\SOFTWARE\Classes\Prod.cap Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Chiave Eliminati : HKCU\Software\APN PIP Chiave Eliminati : HKLM\Software\AVG Nation toolbar Chiave Eliminati : HKLM\Software\AVG Security Toolbar Chiave Eliminati : HKLM\Software\PIP ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.17126 -\\ Google Chrome v35.0.1916.153 [ File : C:\Users\lucal_000\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1256 octets] - [07/07/2014 15:15:50] AdwCleaner[s0].txt - [1146 octets] - [07/07/2014 15:19:36] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1206 octets] ##########

Done! That was the problem?

Done! the log: C:\FRST\Quarantine\C\Windows\temp\svchost.exe.xBAD a variant of Win32/BitCoinMiner.BY potentially unsafe applicationC:\Users\lucal_000\AppData\Roaming\Origin\update.vbe VBS/CoinMiner.AD trojan

I successfully disabled CD emulations driver. Here is the fixlog: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-07-2014 01 Ran by lucal_000 at 2014-07-07 13:16:34 Run:1 Running from E:\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** Task: {244B022E-0794-4719-9C36-95FF9C58E371} - System32\Tasks\Origin => C:\Users\lucal_000\AppData\Roaming\Origin\update.vbe [2014-06-02] () <==== ATTENTION C:\windows\temp\svchost.exe ***************** 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{244B022E-0794-4719-9C36-95FF9C58E371}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{244B022E-0794-4719-9C36-95FF9C58E371}' => Key deleted successfully. C:\Windows\System32\Tasks\Origin => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Origin' => Key deleted successfully. C:\windows\temp\svchost.exe => Moved successfully. ==== End of Fixlog ==== Malwarebytes didn't need a restart and this is the log: Malwarebytes Anti-Malwarewww.malwarebytes.org Data scansione: 07/07/2014Ora scansione: 13:20:05File di log: malwarebytes.txtAmministratore: Si Versione: 2.00.2.1012Database malware: v2014.07.07.02Database rootkit: v2014.07.03.01Licenza: FreeProtezione da malware: DisattivataProtezione da siti web nocivi: DisattivataSelf-protection: Disattivata SO: Windows 8.1CPU: x64File system: NTFSUtente: lucal_000 Tipo di scansione: Scansione elementi nociviRisultati: CompletataElementi analizzati: 346532Tempo impiegato: 5 min, 58 sec Memoria: AttivataEsecuzioni automatiche: AttivataFile system: AttivataArchivi compressi: AttivataRootkit: DisattivataHeuristics: AttivataPUP: AvvisoPUM: Attivata Processi: 0(No malicious items detected) Moduli: 0(No malicious items detected) Chiavi di registro: 0(No malicious items detected) Valori di registro: 0(No malicious items detected) Dati di registro: 0(No malicious items detected) Cartelle: 0(No malicious items detected) File: 1Trojan.BitcoinMiner, C:\Windows\Temp\scrypt140121.cl, Spostato in quarantena, [e0ce2d6fa4d7cc6ae47a6d81ab589070], Settori fisici: 0(No malicious items detected)

And this is aswMBR.txt log: aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software Run date: 2014-07-07 12:15:25 ----------------------------- 12:15:25.081 OS Version: Windows x64 6.2.9200 12:15:25.081 Number of processors: 8 586 0x200 12:15:25.082 ComputerName: TERROR4K UserName: 12:15:25.291 Initialize success 12:15:25.306 VM: initialized successfully 12:15:25.315 VM: Amd CPU virtualization not supported 12:18:28.205 AVAST engine defs: 14070601 12:22:44.076 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000038 12:22:44.081 Disk 0 Vendor: Samsung_SSD_840_Series DXT07B0Q Size: 114473MB BusType: 11 12:22:44.087 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000039 12:22:44.093 Disk 1 Vendor: ST1000DM003-1CH162 CC47 Size: 953869MB BusType: 11 12:22:44.099 Disk 0 MBR read successfully 12:22:44.105 Disk 0 MBR scan 12:22:44.115 Disk 0 Windows 7 default MBR code 12:22:44.122 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 12:22:44.174 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 114371 MB offset 206848 12:22:44.238 Disk 0 scanning C:\WINDOWS\system32\drivers 12:22:50.922 Service scanning 12:23:06.767 Modules scanning 12:23:06.786 Disk 0 trace - called modules: 12:23:06.809 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xffffe0015efed2c0]<<sptd.sys storport.sys storahci.sys hal.dll 12:23:06.844 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe00160320060] 12:23:06.853 3 CLASSPNP.SYS[fffff8000351127b] -> nt!IofCallDriver -> \Device\00000038[0xffffe00160113060] 12:23:06.893 \Driver\storahci[0xffffe0016011b9a0] -> IRP_MJ_CREATE -> 0xffffe0015efed2c0 12:23:07.170 AVAST engine scan C:\WINDOWS 12:23:07.899 AVAST engine scan C:\WINDOWS\system32 12:25:38.894 AVAST engine scan C:\WINDOWS\system32\drivers 12:25:47.195 AVAST engine scan C:\Users\lucal_000 12:26:57.758 AVAST engine scan C:\ProgramData 12:27:25.904 Scan finished successfully 12:28:03.457 Disk 0 MBR has been saved successfully to "E:\Desktop\MBR.dat" 12:28:03.524 The log file has been saved successfully to "E:\Desktop\aswMBR.txt" I look forward to hearing from you Luca

Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01 Ran by lucal_000 at 2014-07-07 12:13:39Running from E:\DesktopBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Tools for .Net 3.5 - ITA Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) HiddenAdobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)Adobe Reader XI (11.0.07) - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)AMD Accelerated Video Transcoding (Version: 13.30.100.40620 - Advanced Micro Devices, Inc.) HiddenAMD Catalyst Control Center (x32 Version: 2014.0620.2260.39449 - Nome società) HiddenAMD Catalyst Install Manager (HKLM\...\{54091704-09BD-4BA7-3521-86738BA49BB7}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)AMD Fuel (Version: 2014.0620.2260.39449 - Nome società) HiddenAMD Wireless Display v3.0 (Version: 1.0.0.12 - Advanced Micro Devices, Inc.) HiddenApple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.50203.70 - Microsoft Corporation) HiddenBlend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) HiddenBlend for Visual Studio 2012 ITA resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) HiddenBlend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) HiddenBlend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) HiddenBlend for Visual Studio 2013 ITA resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) HiddenBlend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.30924.0 - Microsoft Corporation) HiddenBlend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) HiddenBonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Build Tools - amd64 (Version: 12.0.30203 - Microsoft Corporation) HiddenBuild Tools - x86 (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenBuild Tools Language Resources - amd64 (Version: 12.0.30203 - Microsoft Corporation) HiddenBuild Tools Language Resources - x86 (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenBurnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version: - Criterion Games)Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )Canon MP270 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series) (Version: - )Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center Graphics Previews Common (x32 Version: 2014.0620.2260.39449 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center InstallProxy (x32 Version: 2014.0620.2260.39449 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center Localization All (x32 Version: 2014.0620.2260.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Chinese Standard (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Chinese Traditional (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Czech (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Danish (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Dutch (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help English (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Finnish (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help French (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help German (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Greek (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Hungarian (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Italian (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Japanese (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Korean (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Norwegian (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Polish (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Portuguese (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Russian (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Spanish (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Swedish (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Thai (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) HiddenCCC Help Turkish (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hiddenccc-utility64 (Version: 2014.0620.2260.39449 - Advanced Micro Devices, Inc.) HiddenCCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)Componente aggiuntivo Microsoft Visual Studio 2012 per Windows Phone - ITA Language Pack (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenConfiguratore emulatore Windows Phone 8.0 - ita (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenCounter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version: - )D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDead Space (HKLM-x32\...\{39D77E30-2A0E-4E07-96D3-FD76B7E1B7E8}) (Version: 1.0.0.222 - Electronic Arts)Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version: - Microsoft)DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version: - Codemasters Racing Studio)EMCO MoveOnBoot 2.3 (HKLM\...\{8E29480A-0067-46B8-A830-960680D68A7E}) (Version: 2.3.4.3509 - EMCO Software)ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)Finalizzatore di strumenti di Windows Phone - ita (Version: 11.0.50727 - Microsoft Corporation) HiddenGarry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) HiddenGrand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version: - Valve)Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version: - IO Interactive)Hitman: Sniper Challenge (HKLM-x32\...\Steam App 205930) (Version: - IO Interactive)Immagini emulatore Windows Phone 8.0 - ita (x32 Version: 11.0.50727 - Microsoft Corporation) HiddeniTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) HiddenJavaScript Tooling (Version: 12.0.30203 - Microsoft Corporation) HiddenJavaScript Tooling (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenK-Lite Codec Pack 9.6.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.6.5 - )Language Pack dei componenti condivisi di Windows Azure per Microsoft Visual Studio 2013 (ITA) - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) HiddenLanguage Pack del Visualizzatore della Guida Microsoft 2.0 - ITA (HKLM-x32\...\Language Pack del Visualizzatore della Guida Microsoft 2.0 - ITA) (Version: 2.0.50727 - Microsoft Corporation)Language Pack del Visualizzatore della Guida Microsoft 2.0 - ITA (x32 Version: 2.0.50727 - Microsoft Corporation) HiddenLanguage Pack del Visualizzatore della Guida Microsoft 2.1 - ITA (HKLM-x32\...\Language Pack del Visualizzatore della Guida Microsoft 2.1 - ITA) (Version: 2.1.21005 - Microsoft Corporation)Language Pack del Visualizzatore della Guida Microsoft 2.1 - ITA (x32 Version: 2.1.21005 - Microsoft Corporation) HiddenLeague of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)League of Legends (x32 Version: 3.0.1 - Riot Games) HiddenLeft 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)LightScribe System Software 1.10.13.1 (x32 Version: 1.10.13.1 - http://www.lightscribe.com) Hidden LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) HiddenLocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) HiddenMalwarebytes Anti-Malware versione 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)Memory Profiler (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4.5 SDK - ITA Lang Pack (HKLM-x32\...\{CC85795B-9AB3-4AAE-8BEA-9041178DF6E9}) (Version: 4.5.50710 - Microsoft Corporation)Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (ENU) (x32 Version: 4.5.21005 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (x32 Version: 4.5.21005 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4.5.1 RC Multi-Targeting Pack per app di Windows Store (Italiano) (x32 Version: 4.5.21005 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 SDK (Italiano) (HKLM-x32\...\{46539A2C-DCEB-4BB1-BBBF-CAA06967E509}) (Version: 4.5.51641 - Microsoft Corporation)Microsoft Advertising SDK for Windows 8.1 - ENU (x32 Version: 8.1.30809.0 - Microsoft Corporation) HiddenMicrosoft Advertising SDK for Windows Phone - ENU (x32 Version: 6.2.960.0 - Microsoft Corporation) HiddenMicrosoft Advertising SDK for Windows Phone 8.1 XAML - ENU (x32 Version: 8.1.40116.0 - Microsoft Corporation) HiddenMicrosoft Advertising Service Extension for Visual Studio (x32 Version: 12.0.30809.0 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft C++ Azure Mobile SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) HiddenMicrosoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) HiddenMicrosoft Expression Blend SDK for Windows Phone 7 (x32 Version: 2.0.20901.0 - Microsoft Corporation) HiddenMicrosoft Expression Blend SDK for Windows Phone OS 7.1 (x32 Version: 2.0.30816.0 - Microsoft Corporation) HiddenMicrosoft Flight (HKLM-x32\...\GFWL_{4D5308D2-DC8E-4658-A37C-351000058100}) (Version: 1.0.0005.129 - Microsoft Studios)Microsoft Flight (x32 Version: 1.0.0005.129 - Microsoft Studios) HiddenMicrosoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) HiddenMicrosoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) HiddenMicrosoft NuGet - Visual Studio 2012 Express for Windows Phone (x32 Version: 2.0.30717.9005 - Microsoft Corporation) HiddenMicrosoft NuGet - Visual Studio Express 2013 for Windows (x32 Version: 2.7.41101.371 - Microsoft Corporation) HiddenMicrosoft Office Access MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Excel MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Groove MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office InfoPath MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office OneNote MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Outlook MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office PowerPoint MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Proofing (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Publisher MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared 64-bit MUI (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Shared MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Office Word MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) HiddenMicrosoft Portable Library Multi-Targeting Pack (x32 Version: 12.0.30203.02 - Microsoft Corporation) HiddenMicrosoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 12.0.30203.02 - Microsoft Corporation) HiddenMicrosoft Portable Library Multi-Targeting Pack Language Pack - ita (x32 Version: 11.0.50816.00 - Microsoft Corporation) HiddenMicrosoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)Microsoft Silverlight 4 SDK - Italiano (HKLM-x32\...\{A21FE4B1-2D55-477F-B22B-60E4733CAECA}) (Version: 4.0.60310.0 - Microsoft Corporation)Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)Microsoft SQL Server Compact 4.0 SP1 x64 ITA (HKLM\...\{E7BFD3A1-2152-4DE1-9F82-A478DD6097C9}) (Version: 4.0.8876.1 - Microsoft Corporation)Microsoft Team Foundation Server 2013 Update 2 Object Model (x64) (Version: 12.0.30203 - Microsoft Corporation) HiddenMicrosoft Team Foundation Server 2013 Update 2 Object Model Language Pack (x64) - ENU (Version: 12.0.30203 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Compilers - ITA Resources (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 Compilers For Windows Phone - ITA Resources (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 Compilers For Windows Phone (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 Core Libraries For Windows Phone (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{d20fc4cc-15ff-47e6-ac8b-6956f30dbe0a}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{abea410c-010f-4790-ac28-20f51b60f339}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2013 32bit Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2013 32bit Compilers - ITA Resources (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2013 Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2013 Compilers - ITA Resources (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2013 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2012 Add-in for Windows Phone (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2012 Express Prerequisites x64 - ITA (Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2013 Add-in for Windows Phone - ENU Language Pack (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2013 Add-in for Windows Phone (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2013 Express Prerequisites x64 - ENU (Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2013 Express Prerequisites x64 - ITA (Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2013 Preparation (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2013 Profiling Tools (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2013 Shell (Minimum) Resources (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2013 Team Explorer Language Pack - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2013 Team Explorer Language Pack - ITA (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2013 VsGraphics Helper Dependencies (Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual Studio Express 2012 for Windows Phone (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual Studio Express 2012 per Windows Phone - ITA (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual Studio Express 2013 for Windows - ENU (HKLM-x32\...\{78095723-ced1-49b3-b0ac-8598452ef0ec}) (Version: 12.0.21005.1 - Microsoft Corporation)Microsoft Visual Studio Express 2013 for Windows - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual Studio Express 2013 for Windows (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual Studio Express 2013 per Windows - ITA (HKLM-x32\...\{a13da72c-59b4-43f3-9d3f-b875a66c1a70}) (Version: 12.0.21005.1 - Microsoft Corporation)Microsoft Visual Studio Express 2013 per Windows - ITA (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ITA (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual Studio Ultimate 2012 XAML UI Designer ita Resources (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenMicrosoft Visual Studio Ultimate 2013 XAML UI Designer enu Resources (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenMicrosoft Visual Studio Ultimate 2013 XAML UI Designer ita Resources (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenMicrosoft Visual Studio Ultimate 2013 XAML UI Designer jpn Resources (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenMicrosoft XNA Game Studio 4.0 Refresh Language Pack (it-IT) (x32 Version: 4.0.40830.0 - Microsoft Corporation) HiddenModello a oggetti di Microsoft Team Foundation Server 2013 Language Pack (x64) - ITA (Version: 12.0.21005 - Microsoft Corporation) HiddenModello a oggetti di Microsoft Visual Studio Team Foundation Server 2012 Language Pack - ITA (Version: 11.0.50727 - Microsoft Corporation) HiddenMovie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenMSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) HiddenMSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) HiddenOpenAL (HKLM-x32\...\OpenAL) (Version: - )Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)Phone add-on Shared Core - ENU (GeneralBrandVersionReleaseLanguage) (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenPhone add-on Shared Core (GeneralBrandVersionRelease) (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenPhone add-on Windows Express Core - ENU (GeneralBrandVersionReleaseLanguage) (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenPhone add-on Windows Express Core (GeneralBrandVersionRelease) (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenPhoto Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenPreparazione di Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenQuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenRaptr (HKLM-x32\...\Raptr) (Version: - )Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)Risorse di Microsoft Visual Studio 2012 Shell (minime) (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenRisorse di Microsoft Visual Studio 2013 Shell (minime) (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenSamsung Windows Phone 8 IO USB Driver (HKLM-x32\...\{385D1D79-3585-4DA8-90C5-6EC6289F9A69}) (Version: 1.0.1 - Samsung Electronics Co., Ltd.)Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) HiddenSniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)Strumenti di Servizi Mobili di Windows Azure per Visual Studio 2013 Preview Language Pack - v1.0 (x32 Version: 1.0.60906.1602 - Microsoft Corporation) HiddenSupporto applicazioni Apple (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenTomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.6 - Nome società)TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{BC402055-F185-4D14-A664-12ED2EF8B5B6}) (Version: - Microsoft)Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{9FD4ABF7-0359-4953-BAC8-0F99C873797E}) (Version: - Microsoft)Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)Update for Microsoft Visual Studio 2013 (KB2932965) (HKLM-x32\...\{7dbba119-718a-4f68-b33e-454dc8aa5faf}) (Version: 12.0.30112 - Microsoft Corporation)Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)Visual Studio 2013 Update 1 (KB2829760) (HKLM-x32\...\{9e1e91ad-3ec8-4ed2-b7e2-c568c1c9d788}) (Version: 12.0.30203 - Microsoft Corporation)Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 2.1.30203.02 - Microsoft Corporation) HiddenVLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)VS Update core components (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenVs2012 Verification SDK (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenVs2012 Verification SDK Coreres (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenWindows 8 Development Essentials (x32 Version: 12.0.21005 - Microsoft Corporation) HiddenWindows App Certification Kit Native Components (Version: 8.100.26061 - Microsoft Corporation) HiddenWindows App Certification Kit x64 (x32 Version: 8.100.26120 - Microsoft Corporation) HiddenWindows Azure Mobile Services SDK (x32 Version: 1.0.10815.0 - Microsoft Corporation) HiddenWindows Azure Mobile Services Tools for Visual Studio 2013 Preview - v1.0 (x32 Version: 1.0.60906.1602 - Microsoft Corporation) HiddenWindows Azure Shared Components for Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) HiddenWindows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) HiddenWindows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) HiddenWindows Phone 8.0 Emulation Host (x32 Version: 11.0.60610 - Microsoft Corporation) HiddenWindows Phone 8.0 Emulation Images (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenWindows Phone 8.0 Managed SDK Profiler (ARM) (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenWindows Phone 8.0 Managed SDK Profiler (X86) (x32 Version: 11.0.50727 - Microsoft Corporation) HiddenWindows Phone 8.1 Emulators - ENU (HKLM-x32\...\{bd2a717f-b7d5-4e50-9f91-cb2db40d97bf}) (Version: 12.0.30203.2 - Microsoft Corporation)Windows Phone 8.1 SDK - ARM - Feature-Limited (x32 Version: 8.1.12298 - Microsoft Corporation) HiddenWindows Phone 8.1 SDK - Desktop - Feature-Limited (x32 Version: 8.1.12298 - Microsoft Corporation) HiddenWindows Phone 8.1 SDK - Feature-Limited Images (x32 Version: 8.1.12298 - Microsoft Corporation) HiddenWindows Phone 8.1 SDK - x64 (Version: 8.1.12298 - Microsoft Corporation) HiddenWindows Phone 8.1 SDK - x86 - Feature-Limited (x32 Version: 8.1.12298 - Microsoft Corporation) HiddenWindows Phone Emulator 8.0 Configurator (x32 Version: 11.0.60830 - Microsoft Corporation) HiddenWindows Phone Emulator x64 - ITA (Version: 10.1.40219 - Microsoft Corporation) HiddenWindows Phone Power Tools (HKCU\...\c916f7fc438a0efe) (Version: 2.55.0.54 - Oren Nachman)Windows Phone SDK 7.1 Assemblies - ita (x32 Version: 10.1.40219 - Microsoft Corporation) HiddenWindows Phone SDK 8.0 - ITA (HKLM-x32\...\{3c891973-21e2-458f-8722-1a686c035e81}) (Version: 11.0.50727.61 - Microsoft Corporation)Windows Phone SDK 8.0 Assemblies (x32 Version: 11.0.60610 - Microsoft Corporation) HiddenWindows Phone SDK 8.0 Assemblies (x32 Version: 12.0.30203 - Microsoft Corporation) HiddenWindows Phone SDK 8.0 Extensions for XNA Game Studio 4.0 (x32 Version: 4.0.40906.0 - Microsoft Corporation) HiddenWindows Runtime Intellisense Content - en-us (x32 Version: 8.100.25984 - Microsoft Corporation) HiddenWindows Runtime Intellisense Content - it-it (x32 Version: 8.100.25984 - Microsoft Corporation) HiddenWindows Software Development Kit for Windows Store Apps (x32 Version: 8.100.26120 - Microsoft Corporation) HiddenWindows Software Development Kit for Windows Store Apps (x32 Version: 8.59.29989 - Microsoft Corporation) HiddenWindows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.26120 - Microsoft Corporation) HiddenWindows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.26120 - Microsoft Corporation) HiddenWindows Software Development Kit Tools for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) HiddenWinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)Zune (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) HiddenZune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden ==================== Restore Points ========================= 17-06-2014 18:29:13 Installed Splashtop Streamer.05-07-2014 15:51:27 Removed Splashtop Streamer. ==================== Hosts content: ========================== 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTaskTask: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsListTask: {1FBD74BD-E53E-4061-966F-8FD7AAC7785A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauservTask: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTaskTask: {244B022E-0794-4719-9C36-95FF9C58E371} - System32\Tasks\Origin => C:\Users\lucal_000\AppData\Roaming\Origin\update.vbe [2014-06-02] () <==== ATTENTIONTask: {2BB71254-0D6C-4A4A-8AC0-4CBF7B56264C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulateTask: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalanceTask: {4BEDA433-97F0-4208-A7F6-935904AF43B4} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-ValidationTask: {54ADB915-4E75-41F8-849F-E39962BEF6B3} - System32\Tasks\AVG_SYS_TASK_DELETE => C:\ProgramData\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe [2013-09-17] ()Task: {5D072B4F-FBED-4EF9-9DC2-2C950AE8AA39} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUploadTask: {6082E6E2-3CB6-483E-BA61-66244182F23C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-12] (Microsoft Corporation)Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play CleanupTask: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance TaskTask: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTaskTask: {77190E31-3EE2-4042-9F43-22775118BBD9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryStateTask: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance TaskTask: {8780E423-4C13-45A1-9A52-E8C9C785256E} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTaskTask: {9787333F-71BB-4302-A8FD-3A8D5E6445FE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance WorkTask: {AB8D76E1-3DBD-41D5-87FC-91BFD01435AD} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackupTask: {AEF8CD39-7854-4048-A522-8BA5173BD790} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-01] (Google Inc.)Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTaskTask: {D6407117-63C7-44B3-93E2-6FCCDA15E8F6} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-ManagementTask: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensingTask: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon SynchronizationTask: {DB7D4D50-FC9C-4B89-96D9-A1D1C0961AB1} - System32\Tasks\Microsoft\Windows\DiskFootprint\DiagnosticsTask: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRETask: {F80E5CB0-2A3F-4B72-9652-3890ECBB5524} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-01] (Google Inc.)Task: {F9484C89-5441-4992-81B8-7D5B77FF92FB} - System32\Tasks\AVG_SYS_TASK => C:\ProgramData\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe [2013-09-17] ()Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\WINDOWS\Tasks\AVG_SYS_TASK.job => C:\ProgramData\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exeTask: C:\WINDOWS\Tasks\AVG_SYS_TASK_DELETE.job => C:\ProgramData\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF2014-07-07 09:28 - 2014-07-07 12:12 - 00451086 _____ () C:\Windows\Temp\svchost.exe2014-06-10 20:33 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll2014-06-10 20:33 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll2014-06-10 20:33 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll2014-06-10 20:33 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll2014-06-10 20:33 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll2014-07-05 16:59 - 2014-07-07 12:12 - 00148760 _____ () C:\Windows\Temp\libpdcurses.dll2014-06-03 13:54 - 2014-07-07 12:12 - 00279955 _____ () C:\Windows\Temp\libidn-11.dll2014-06-03 13:54 - 2014-07-07 12:12 - 00113166 _____ () C:\Windows\Temp\zlib1.dll2014-07-05 16:59 - 2014-07-07 12:12 - 00112142 _____ () C:\Windows\Temp\libgcc_s_dw2-1.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Windows:nlsPreferencesAlternateDataStreams: C:\Users\lucal_000\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= MSCONFIG\Services: AdobeARMservice => 2MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3MSCONFIG\Services: AMD External Events Utility => 2MSCONFIG\Services: AMD FUEL Service => 2MSCONFIG\Services: Apple Mobile Device => 2MSCONFIG\Services: BcmBtRSupport => 2MSCONFIG\Services: Bonjour Service => 2MSCONFIG\Services: DTSAudioService => 2MSCONFIG\Services: gupdate => 2MSCONFIG\Services: gupdatem => 3MSCONFIG\Services: IDriverT => 3MSCONFIG\Services: iPod Service => 3MSCONFIG\Services: LightScribeService => 2MSCONFIG\Services: MozillaMaintenance => 3MSCONFIG\Services: nlsX86cc => 2MSCONFIG\Services: Steam Client Service => 3MSCONFIG\Services: TomTomHOMEService => 2HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"HKLM\...\StartupApproved\Run: => "Zune Launcher"HKLM\...\StartupApproved\Run: => "StartCCC"HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"HKLM\...\StartupApproved\Run32: => "APSDaemon"HKLM\...\StartupApproved\Run32: => "iTunesHelper"HKLM\...\StartupApproved\Run32: => "QuickTime Task"HKLM\...\StartupApproved\Run32: => "Adobe ARM"HKLM\...\StartupApproved\Run32: => "StartCCC"HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"HKLM\...\StartupApproved\Run32: => "CanonSolutionMenu"HKCU\...\StartupApproved\Run: => "iCloud"HKCU\...\StartupApproved\Run: => "rundll32"HKCU\...\StartupApproved\Run: => "Raptr" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (07/07/2014 09:02:29 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: Impossibile ottimizzare il volume Riservato per il sistema. Errore: Parametro non corretto. (0x80070057) Error: (07/06/2014 06:00:49 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Nome dell'applicazione che ha generato l'errore: svchost.exe_stisvc, versione: 6.3.9600.16384, timestamp: 0x5215dfe3Nome del modulo che ha generato l'errore: unknown, versione: 0.0.0.0, timestamp: 0x00000000Codice eccezione: 0xc0000005Offset errore 0x0000000cfab402f8ID processo che ha generato l'errore: 0x7fcOra di avvio dell'applicazione che ha generato l'errore: 0xsvchost.exe_stisvc0Percorso dell'applicazione che ha generato l'errore: svchost.exe_stisvc1Percorso del modulo che ha generato l'errore: svchost.exe_stisvc2ID segnalazione: svchost.exe_stisvc3Nome completo pacchetto che ha generato l'errore: svchost.exe_stisvc4ID applicazione relativo al pacchetto che ha generato l'errore: svchost.exe_stisvc5 Error: (07/06/2014 05:57:42 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: Impossibile ottimizzare il volume Riservato per il sistema. Errore: Parametro non corretto. (0x80070057) Error: (07/06/2014 03:55:19 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Nome dell'applicazione che ha generato l'errore: procexp64.exe, versione: 16.2.0.0, timestamp: 0x5312b377Nome del modulo che ha generato l'errore: procexp64.exe, versione: 16.2.0.0, timestamp: 0x5312b377Codice eccezione: 0xc0000417Offset errore 0x00000000000e0304ID processo che ha generato l'errore: 0x1274Ora di avvio dell'applicazione che ha generato l'errore: 0xprocexp64.exe0Percorso dell'applicazione che ha generato l'errore: procexp64.exe1Percorso del modulo che ha generato l'errore: procexp64.exe2ID segnalazione: procexp64.exe3Nome completo pacchetto che ha generato l'errore: procexp64.exe4ID applicazione relativo al pacchetto che ha generato l'errore: procexp64.exe5 Error: (07/06/2014 03:22:29 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Nome dell'applicazione che ha generato l'errore: svchost.exe, versione: 0.0.0.0, timestamp: 0x52deced7Nome del modulo che ha generato l'errore: amdocl.dll, versione: 10.0.1526.3, timestamp: 0x53508bc0Codice eccezione: 0xc0000005Offset errore 0x001af139ID processo che ha generato l'errore: 0x12ecOra di avvio dell'applicazione che ha generato l'errore: 0xsvchost.exe0Percorso dell'applicazione che ha generato l'errore: svchost.exe1Percorso del modulo che ha generato l'errore: svchost.exe2ID segnalazione: svchost.exe3Nome completo pacchetto che ha generato l'errore: svchost.exe4ID applicazione relativo al pacchetto che ha generato l'errore: svchost.exe5 Error: (07/06/2014 00:47:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: Impossibile ottimizzare il volume Riservato per il sistema. Errore: Parametro non corretto. (0x80070057) Error: (07/06/2014 00:10:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: Impossibile ottimizzare il volume Riservato per il sistema. Errore: Parametro non corretto. (0x80070057) Error: (07/05/2014 11:05:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: Impossibile ottimizzare il volume Riservato per il sistema. Errore: Parametro non corretto. (0x80070057) Error: (07/05/2014 09:31:49 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: Impossibile ottimizzare il volume Riservato per il sistema. Errore: Parametro non corretto. (0x80070057) Error: (07/05/2014 08:19:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: Impossibile ottimizzare il volume Riservato per il sistema. Errore: Parametro non corretto. (0x80070057) System errors:=============Error: (07/07/2014 00:12:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: Il servizio AODDriver4.3 non è stato avviato per il seguente errore: %%2 Error: (07/07/2014 11:44:05 AM) (Source: DCOM) (EventID: 10010) (User: TERROR4K)Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/07/2014 11:43:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: Il servizio AODDriver4.3 non è stato avviato per il seguente errore: %%2 Error: (07/07/2014 09:29:10 AM) (Source: DCOM) (EventID: 10010) (User: TERROR4K)Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/07/2014 09:28:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: Il servizio AODDriver4.3 non è stato avviato per il seguente errore: %%2 Error: (07/07/2014 09:10:59 AM) (Source: DCOM) (EventID: 10010) (User: TERROR4K)Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/07/2014 09:05:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: Il servizio AODDriver4.3 non è stato avviato per il seguente errore: %%2 Error: (07/07/2014 09:03:01 AM) (Source: DCOM) (EventID: 10010) (User: TERROR4K)Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (07/07/2014 08:52:38 AM) (Source: DCOM) (EventID: 10010) (User: TERROR4K)Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (07/07/2014 08:47:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: Il servizio AODDriver4.3 non è stato avviato per il seguente errore: %%2 Microsoft Office Sessions:=========================Error: (07/07/2014 09:02:29 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: Riservato per il sistemaParametro non corretto. (0x80070057) Error: (07/06/2014 06:00:49 PM) (Source: Application Error) (EventID: 1000) (User: )Description: svchost.exe_stisvc6.3.9600.163845215dfe3unknown0.0.0.000000000c00000050000000cfab402f87fc01cf993373ae2992C:\WINDOWS\system32\svchost.exeunknownb21beac0-0526-11e4-81dc-60a44c2ffb9a Error: (07/06/2014 05:57:42 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: Riservato per il sistemaParametro non corretto. (0x80070057) Error: (07/06/2014 03:55:19 PM) (Source: Application Error) (EventID: 1000) (User: )Description: procexp64.exe16.2.0.05312b377procexp64.exe16.2.0.05312b377c000041700000000000e0304127401cf9921dd16b47bC:\Users\LUCAL_~1\AppData\Local\Temp\procexp64.exeC:\Users\LUCAL_~1\AppData\Local\Temp\procexp64.exe29d02b93-0515-11e4-81d4-60a44c2ffb9a Error: (07/06/2014 03:22:29 PM) (Source: Application Error) (EventID: 1000) (User: )Description: svchost.exe0.0.0.052deced7amdocl.dll10.0.1526.353508bc0c0000005001af13912ec01cf991d0ba4d2aeC:\Windows\Temp\svchost.exeC:\WINDOWS\SYSTEM32\amdocl.dll93935a32-0510-11e4-81d2-60a44c2ffb9a Error: (07/06/2014 00:47:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: Riservato per il sistemaParametro non corretto. (0x80070057) Error: (07/06/2014 00:10:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: Riservato per il sistemaParametro non corretto. (0x80070057) Error: (07/05/2014 11:05:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: Riservato per il sistemaParametro non corretto. (0x80070057) Error: (07/05/2014 09:31:49 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: Riservato per il sistemaParametro non corretto. (0x80070057) Error: (07/05/2014 08:19:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: Riservato per il sistemaParametro non corretto. (0x80070057) CodeIntegrity Errors:=================================== Date: 2014-07-07 09:02:34.091 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-06 17:57:49.436 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-06 13:09:52.094 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-06 13:09:52.027 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-06 13:09:51.796 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-06 13:09:51.711 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-06 13:09:51.524 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-06 13:09:51.438 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-06 13:08:50.717 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-06 13:08:50.654 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Percentage of memory in use: 18%Total physical RAM: 8092.39 MBAvailable physical RAM: 6634.89 MBTotal Pagefile: 9372.39 MBAvailable Pagefile: 7253.6 MBTotal Virtual: 131072 MBAvailable Virtual: 131071.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.69 GB) (Free:56.4 GB) NTFSDrive e: (Windows) (Fixed) (Total:931.51 GB) (Free:732.8 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 50C734EF)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS) ========================================================Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 9C5A3F0F)Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ==================== End Of Log ============================

Hi Marius, thanks for your support. These are the log files of Farbar's Recovery Scan Tool: FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01 Ran by lucal_000 (administrator) on TERROR4K on 07-07-2014 12:13:09Running from E:\DesktopPlatform: Windows 8.1 Pro (X64) OS Language: Italiano (Italia)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe(AMD) C:\Windows\System32\atieclxx.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Microsoft Corporation) C:\Windows\System32\vmms.exe(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe(Microsoft Corporation) C:\Windows\System32\schtasks.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17129_none_fa6387b99b0c7738\TiWorker.exe() C:\Windows\Temp\svchost.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-06] (Realtek Semiconductor)HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-06-21] (Advanced Micro Devices, Inc.)HKU\S-1-5-21-311390209-566744454-1957549641-1001\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-02-18] (Raptr, Inc)HKU\S-1-5-21-311390209-566744454-1957549641-1001\...\MountPoints2: {477b6bcb-3ef0-11e3-bf90-60a44c2ffb9a} - "D:\LGAutoRun.exe" HKU\S-1-5-21-311390209-566744454-1957549641-1001\...\MountPoints2: {58873bb0-e9d1-11e3-819c-60a44c2ffb9a} - "D:\setup.exe" HKU\S-1-5-21-311390209-566744454-1957549641-1001\...\MountPoints2: {97e07dc2-8ffe-11e3-8082-60a44c2ffb9a} - "F:\LG_PC_Programs.exe" HKU\S-1-5-21-311390209-566744454-1957549641-1001\...\MountPoints2: {ece11b16-f211-11e3-81b0-60a44c2ffb9a} - "F:\LG_PC_Programs.exe" ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.it.msn.com/HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it-IT,it;q=0.5HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1D9973E10099CF01BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1Tcpip\..\Interfaces\{DE356467-5E19-4BA3-BD65-6568119505A5}: [NameServer]8.8.8.8,8.8.4.4 FireFox:========FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) Chrome: =======CHR Extension: (AdBlock) - C:\Users\lucal_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-07]CHR Extension: (Allow Right-Click) - C:\Users\lucal_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hompjdfbfmmmgflfjdlnkohcplmboaeo [2014-05-14]CHR Extension: (Google Wallet) - C:\Users\lucal_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-01] ==================== Services (Whitelisted) ================= S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-06-20] (Advanced Micro Devices, Inc.) [File not signed]S4 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)S4 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2011-05-31] (DTS)S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-12-03] (Microsoft Corporation) [File not signed]S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [22768 2014-01-31] (Microsoft Corporation)S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]S4 TomTomHOMEService; E:\Programmi\TomTom\TomTom HOME 2\TomTomHOMEService.exe [93072 2013-07-02] (TomTom)R2 vmms; C:\Windows\system32\vmms.exe [13401600 2014-05-10] (Microsoft Corporation)S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc)R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-04-12] (Disc Soft Ltd)R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [68960 2013-11-05] (Microsoft Corporation)S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [19456 2013-11-05] (Microsoft Corporation)S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [22016 2013-11-05] (Microsoft Corporation)S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [27136 2013-11-05] (Microsoft Corporation)S3 RZMAELSTROMVADService; C:\Windows\system32\drivers\RzMaelstromVAD.sys [40696 2013-05-17] (Windows ® Win 7 DDK provider)R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-04-12] (Duplex Secure Ltd.)S3 sthid; C:\Windows\System32\drivers\sthid.sys [21216 2014-05-15] (Splashtop Inc.)S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [18944 2014-01-27] (Microsoft Corporation)R3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-03-04] (Microsoft Corporation)S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-03-04] (Microsoft Corporation)S3 VMSVSF; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-03-04] (Microsoft Corporation)S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-03-04] (Microsoft Corporation)R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]S3 TRIXX; \??\C:\Users\LUCAL_~1\AppData\Local\Temp\TRIXX.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-07 11:47 - 2014-07-07 12:13 - 00000000 ____D () C:\FRST2014-07-07 08:47 - 2014-07-07 12:12 - 00063070 _____ () C:\WINDOWS\WindowsUpdate.log2014-07-07 08:47 - 2014-07-07 09:05 - 00000834 _____ () C:\WINDOWS\PFRO.log2014-07-06 17:53 - 2014-07-06 18:58 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2014-07-06 15:23 - 2014-07-06 15:23 - 00000000 ____D () C:\Program Files (x86)\AMD AVT2014-07-06 15:22 - 2014-07-06 15:22 - 00067608 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407061522592994.log2014-07-06 15:22 - 2014-07-06 15:22 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp2014-07-06 15:22 - 2014-07-06 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center2014-07-06 15:22 - 2014-07-06 15:22 - 00000000 ____D () C:\Program Files\AMD2014-07-06 15:22 - 2014-02-16 18:23 - 00060640 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\usbfilter.sys2014-07-06 15:21 - 2014-07-06 15:22 - 00000000 ____D () C:\Program Files\ATI Technologies2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\Program Files\ATI2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies2014-07-06 15:16 - 2014-07-06 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EMCO2014-07-05 20:06 - 2014-07-07 09:14 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2014-07-05 20:06 - 2014-07-06 18:51 - 00092888 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2014-07-05 20:06 - 2014-07-05 20:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-07-05 20:06 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys2014-07-05 19:51 - 2014-07-05 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID2014-07-05 19:51 - 2014-07-05 19:51 - 00000000 ____D () C:\Program Files\CPUID2014-07-05 17:48 - 2014-07-05 17:48 - 00000000 ____D () C:\Users\lucal_000\.appwork2014-07-05 16:59 - 2014-07-05 16:59 - 00620988 _____ () C:\WINDOWS\SysWOW64\scrypt140121Bartsglg2tc4032w64l4.bin2014-06-21 07:26 - 2014-06-21 07:26 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll2014-06-21 07:26 - 2014-06-21 07:26 - 00117584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll2014-06-21 07:26 - 2014-06-21 07:26 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll2014-06-21 07:26 - 2014-06-21 07:26 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll2014-06-21 07:26 - 2014-06-21 07:26 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll2014-06-21 07:26 - 2014-06-21 07:26 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll2014-06-21 07:25 - 2014-06-21 07:25 - 09016760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll2014-06-21 07:25 - 2014-06-21 07:25 - 07892000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll2014-06-21 07:24 - 2014-06-21 07:24 - 08108312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll2014-06-21 07:16 - 2014-06-21 07:16 - 00276192 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys2014-06-21 07:08 - 2014-06-21 07:08 - 15950848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys2014-06-21 04:58 - 2014-06-21 04:58 - 00231424 _____ () C:\WINDOWS\system32\clinfo.exe2014-06-21 04:57 - 2014-06-21 04:57 - 32877056 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll2014-06-21 04:57 - 2014-06-21 04:57 - 00098816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll2014-06-21 04:57 - 2014-06-21 04:57 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll2014-06-21 04:57 - 2014-06-21 04:57 - 00083456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll2014-06-21 04:57 - 2014-06-21 04:57 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll2014-06-21 04:51 - 2014-06-21 04:51 - 00065024 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll2014-06-21 04:47 - 2014-06-21 04:47 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll2014-06-21 04:47 - 2014-06-21 04:47 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll2014-06-21 04:46 - 2014-06-21 04:46 - 05225472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll2014-06-21 04:41 - 2014-06-21 04:41 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll2014-06-21 04:41 - 2014-06-21 04:41 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll2014-06-21 04:39 - 2014-06-21 04:39 - 27529216 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll2014-06-21 04:38 - 2014-06-21 04:38 - 00418304 _____ () C:\WINDOWS\system32\amdmiracast.dll2014-06-21 04:30 - 2014-06-21 04:30 - 04180992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll2014-06-21 04:19 - 2014-06-21 04:19 - 23028224 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll2014-06-21 04:16 - 2014-06-21 04:16 - 00597320 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb2014-06-21 04:16 - 2014-06-21 04:16 - 00597320 _____ () C:\WINDOWS\system32\atiapfxx.blb2014-06-21 04:15 - 2014-06-21 04:15 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll2014-06-21 04:15 - 2014-06-21 04:15 - 00366592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe2014-06-21 04:15 - 2014-06-21 04:15 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll2014-06-21 04:15 - 2014-06-21 04:15 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll2014-06-21 04:15 - 2014-06-21 04:15 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll2014-06-21 04:15 - 2014-06-21 04:15 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll2014-06-21 04:15 - 2014-06-21 04:15 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll2014-06-21 04:15 - 2014-06-21 04:15 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll2014-06-21 04:11 - 2014-06-21 04:11 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll2014-06-21 03:58 - 2014-06-21 03:58 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll2014-06-21 03:58 - 2014-06-21 03:58 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll2014-06-21 03:57 - 2014-06-21 03:57 - 00588800 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe2014-06-21 03:57 - 2014-06-21 03:57 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe2014-06-21 03:56 - 2014-06-21 03:56 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll2014-06-21 03:54 - 2014-06-21 03:54 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll2014-06-21 03:53 - 2014-06-21 03:53 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll2014-06-21 03:49 - 2014-06-21 03:49 - 03437632 _____ () C:\WINDOWS\system32\atiumd6a.cap2014-06-21 03:39 - 2014-06-21 03:39 - 00826368 _____ (AMD) C:\WINDOWS\system32\coinst_14.20.dll2014-06-21 03:38 - 2014-06-21 03:38 - 03471376 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap2014-06-21 03:31 - 2014-06-21 03:31 - 01207296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll2014-06-21 03:31 - 2014-06-21 03:31 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll2014-06-21 03:31 - 2014-06-21 03:31 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll2014-06-21 03:31 - 2014-06-21 03:31 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll2014-06-21 03:31 - 2014-06-21 03:31 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll2014-06-21 03:30 - 2014-06-21 03:30 - 00557056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys2014-06-21 03:27 - 2014-06-21 03:27 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll2014-06-20 23:08 - 2014-06-20 23:08 - 00051200 _____ () C:\WINDOWS\system32\kdbsdk64.dll2014-06-20 23:03 - 2014-06-20 23:03 - 00038912 _____ () C:\WINDOWS\SysWOW64\kdbsdk32.dll2014-06-15 20:52 - 2014-06-15 20:52 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx2014-06-15 20:49 - 2014-06-15 20:49 - 00000000 ____D () C:\Users\lucal_000\AppData\Roaming\Curse2014-06-12 17:34 - 2014-06-12 17:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll2014-06-12 17:34 - 2014-06-12 17:34 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll2014-06-12 17:34 - 2014-06-12 17:34 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe2014-06-12 17:34 - 2014-06-12 17:34 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe2014-06-12 17:34 - 2014-06-12 17:34 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe2014-06-12 17:34 - 2014-06-12 17:34 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll2014-06-12 17:34 - 2014-06-12 17:34 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll2014-06-12 17:34 - 2014-06-12 17:34 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll2014-06-12 17:34 - 2014-06-12 17:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll2014-06-12 17:34 - 2014-06-12 17:34 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll2014-06-12 17:34 - 2014-06-12 17:34 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll2014-06-12 17:34 - 2014-06-12 17:34 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll2014-06-11 16:18 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2014-06-11 16:18 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll2014-06-11 16:18 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll2014-06-11 16:18 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll2014-06-11 16:18 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2014-06-11 16:18 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll2014-06-11 16:18 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll2014-06-11 16:18 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll2014-06-11 16:18 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll2014-06-11 16:18 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll2014-06-11 16:18 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll2014-06-11 16:18 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe2014-06-11 16:18 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll2014-06-11 16:18 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll2014-06-11 16:18 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl2014-06-11 16:18 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll2014-06-11 16:18 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll2014-06-11 16:18 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll2014-06-11 16:18 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll2014-06-11 16:18 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll2014-06-11 16:18 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll2014-06-11 16:18 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl2014-06-11 16:18 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll2014-06-11 16:18 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll2014-06-11 16:18 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll2014-06-11 16:18 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll2014-06-11 16:18 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll2014-06-11 16:18 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll2014-06-11 16:18 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll2014-06-11 16:17 - 2014-05-10 05:54 - 13401600 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmms.exe2014-06-11 16:17 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll2014-06-11 16:17 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll2014-06-11 16:17 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys2014-06-11 16:17 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll2014-06-11 16:17 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe2014-06-11 16:17 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll2014-06-11 16:17 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll2014-06-11 16:17 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll2014-06-11 16:17 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll2014-06-11 16:17 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll2014-06-11 16:17 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll2014-06-11 16:17 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll2014-06-11 16:17 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll2014-06-11 16:17 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll2014-06-11 16:17 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll2014-06-11 16:17 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll2014-06-11 16:17 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll2014-06-11 16:17 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll2014-06-11 16:17 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll2014-06-11 16:17 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll2014-06-11 16:17 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll2014-06-11 16:17 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll2014-06-11 16:17 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll2014-06-11 16:17 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll2014-06-11 16:17 - 2014-04-11 08:13 - 01200128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys2014-06-11 16:17 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll2014-06-11 16:17 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll2014-06-11 16:17 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll2014-06-11 16:17 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys2014-06-11 16:17 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll2014-06-11 16:17 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll2014-06-11 16:17 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll2014-06-11 16:17 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll2014-06-11 16:17 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys2014-06-11 16:17 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys2014-06-11 16:17 - 2014-04-06 18:34 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys2014-06-11 16:17 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll2014-06-11 16:17 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll2014-06-11 16:17 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll2014-06-11 16:17 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys2014-06-11 16:17 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll2014-06-11 16:17 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll2014-06-11 16:17 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll2014-06-11 16:17 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll2014-06-11 16:17 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll2014-06-11 16:17 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll2014-06-11 16:17 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll2014-06-11 16:17 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll2014-06-11 16:17 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll2014-06-11 16:17 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll2014-06-11 16:17 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe2014-06-11 16:17 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll2014-06-11 16:17 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe2014-06-11 16:17 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll2014-06-11 16:17 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll2014-06-11 16:17 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll2014-06-11 16:17 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll2014-06-11 16:17 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll2014-06-11 16:17 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll2014-06-11 16:17 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll2014-06-11 16:17 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll2014-06-11 16:17 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll2014-06-11 16:17 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll2014-06-11 16:17 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll2014-06-11 16:17 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll2014-06-11 16:17 - 2014-04-06 16:20 - 06172160 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwp.exe2014-06-11 16:17 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys2014-06-11 16:17 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll2014-06-11 16:17 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll2014-06-11 16:17 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe2014-06-11 16:17 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe2014-06-11 16:17 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll2014-06-11 16:17 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll2014-06-11 16:17 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll2014-06-11 16:17 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll2014-06-11 16:17 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll2014-06-11 16:17 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll2014-06-11 16:17 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll2014-06-11 16:17 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll2014-06-11 16:17 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll2014-06-11 16:17 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll2014-06-11 16:17 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll2014-06-11 16:17 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll2014-06-11 16:17 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll2014-06-11 16:17 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll2014-06-11 16:17 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll2014-06-11 16:17 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys2014-06-11 16:17 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS2014-06-11 16:17 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll2014-06-11 16:17 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll2014-06-11 16:17 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll2014-06-11 16:17 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll2014-06-11 16:17 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys2014-06-11 16:17 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll2014-06-11 16:17 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys2014-06-11 16:17 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys2014-06-11 16:17 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll2014-06-11 16:17 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll2014-06-11 16:17 - 2014-04-01 08:23 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys2014-06-11 16:17 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe2014-06-11 16:17 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll2014-06-11 16:17 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll2014-06-11 16:17 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll2014-06-11 16:17 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll2014-06-11 16:17 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll2014-06-11 16:17 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll2014-06-11 16:17 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll2014-06-11 16:17 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe2014-06-11 16:17 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe2014-06-11 16:17 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys2014-06-11 16:17 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll2014-06-11 16:17 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll2014-06-11 16:17 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll2014-06-11 16:17 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll2014-06-11 16:17 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll2014-06-11 16:17 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll2014-06-11 16:17 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe2014-06-11 16:17 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys2014-06-11 16:17 - 2014-03-21 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll2014-06-11 16:17 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe2014-06-11 16:17 - 2014-03-20 02:51 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll2014-06-11 16:17 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll2014-06-11 16:17 - 2014-03-20 01:38 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll2014-06-11 16:17 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll2014-06-11 16:17 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll2014-06-11 16:17 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys2014-06-11 16:17 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll2014-06-11 16:17 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll2014-06-11 16:17 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll2014-06-11 16:17 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll2014-06-11 16:17 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll2014-06-11 16:17 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll2014-06-11 16:17 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll2014-06-11 16:17 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll2014-06-11 16:17 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll2014-06-11 16:17 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll2014-06-11 16:17 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll2014-06-11 16:17 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll2014-06-11 16:17 - 2014-03-18 10:19 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys2014-06-11 16:17 - 2014-03-18 10:18 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xusb22.sys2014-06-11 16:17 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll2014-06-11 16:17 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll2014-06-11 16:17 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll2014-06-11 16:17 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll2014-06-11 16:17 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv2014-06-11 16:17 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll2014-06-11 16:17 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv2014-06-11 16:17 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll2014-06-11 16:17 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll2014-06-11 16:17 - 2014-03-06 14:42 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys2014-06-11 16:17 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll2014-06-11 16:16 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe2014-06-11 16:16 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe2014-06-11 16:16 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe2014-06-11 16:16 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe2014-06-11 16:16 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll2014-06-11 16:16 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll2014-06-11 16:16 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll2014-06-11 16:16 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll2014-06-11 16:16 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll2014-06-11 16:16 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll2014-06-11 16:16 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll2014-06-11 16:15 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys2014-06-11 13:47 - 2014-06-11 13:47 - 00000000 ____D () C:\ProgramData\ATI2014-06-11 13:46 - 2014-06-11 13:46 - 00061432 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201406111346027471.log2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\Program Files\iTunes2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\Program Files\iPod2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\Program Files (x86)\iTunes ==================== One Month Modified Files and Folders ======= 2014-07-07 12:13 - 2014-07-07 11:47 - 00000000 ____D () C:\FRST2014-07-07 12:13 - 2013-11-05 00:33 - 27590656 _____ () C:\WINDOWS\system32\vmguest.iso2014-07-07 12:12 - 2014-07-07 08:47 - 00063070 _____ () C:\WINDOWS\WindowsUpdate.log2014-07-07 12:12 - 2014-05-01 15:16 - 00001170 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2014-07-07 12:12 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT2014-07-07 12:06 - 2013-11-13 21:56 - 00000978 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job2014-07-07 12:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru2014-07-07 11:49 - 2013-09-30 06:14 - 01813012 _____ () C:\WINDOWS\system32\PerfStringBackup.INI2014-07-07 11:49 - 2013-09-30 05:58 - 00803914 _____ () C:\WINDOWS\system32\perfh010.dat2014-07-07 11:49 - 2013-09-30 05:58 - 00157052 _____ () C:\WINDOWS\system32\perfc010.dat2014-07-07 11:48 - 2013-06-26 13:46 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-311390209-566744454-1957549641-10012014-07-07 09:27 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI2014-07-07 09:14 - 2014-07-05 20:06 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2014-07-07 09:05 - 2014-07-07 08:47 - 00000834 _____ () C:\WINDOWS\PFRO.log2014-07-06 19:37 - 2014-05-01 15:16 - 00001174 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2014-07-06 19:05 - 2013-07-12 19:18 - 00000000 ____D () C:\Users\lucal_000\AppData\Roaming\Mozilla2014-07-06 18:58 - 2014-07-06 17:53 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2014-07-06 18:51 - 2014-07-05 20:06 - 00092888 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2014-07-06 18:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat2014-07-06 16:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera2014-07-06 15:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\schemas2014-07-06 15:23 - 2014-07-06 15:23 - 00000000 ____D () C:\Program Files (x86)\AMD AVT2014-07-06 15:23 - 2013-06-26 16:34 - 00000000 ____D () C:\ProgramData\AMD2014-07-06 15:22 - 2014-07-06 15:22 - 00067608 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407061522592994.log2014-07-06 15:22 - 2014-07-06 15:22 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp2014-07-06 15:22 - 2014-07-06 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center2014-07-06 15:22 - 2014-07-06 15:22 - 00000000 ____D () C:\Program Files\AMD2014-07-06 15:22 - 2014-07-06 15:21 - 00000000 ____D () C:\Program Files\ATI Technologies2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\Program Files\ATI2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies2014-07-06 15:20 - 2013-06-26 16:30 - 00000000 ____D () C:\AMD2014-07-06 15:16 - 2014-07-06 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EMCO2014-07-06 14:44 - 2013-06-26 16:45 - 00000000 ____D () C:\Users\lucal_000\AppData\Local\PMB Files2014-07-06 14:44 - 2013-06-26 16:45 - 00000000 ____D () C:\ProgramData\PMB Files2014-07-06 13:20 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness2014-07-06 12:13 - 2013-06-26 13:40 - 00000000 ____D () C:\Users\lucal_000\AppData\Local\Packages2014-07-05 21:25 - 2013-06-30 17:47 - 00000000 ____D () C:\Users\lucal_000\AppData\Roaming\vlc2014-07-05 20:12 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp2014-07-05 20:11 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM2014-07-05 20:06 - 2014-07-05 20:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-07-05 20:06 - 2013-09-28 18:06 - 00000000 ____D () C:\Users\lucal_000\AppData\Roaming\Malwarebytes2014-07-05 20:06 - 2013-09-28 18:06 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-07-05 19:57 - 2013-10-17 14:44 - 00000000 ____D () C:\Users\lucal_0002014-07-05 19:51 - 2014-07-05 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID2014-07-05 19:51 - 2014-07-05 19:51 - 00000000 ____D () C:\Program Files\CPUID2014-07-05 17:51 - 2013-10-17 14:42 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM2014-07-05 17:49 - 2013-06-26 18:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information2014-07-05 17:49 - 2013-06-26 13:40 - 00000000 ____D () C:\Users\lucal_000\AppData\Roaming\Adobe2014-07-05 17:48 - 2014-07-05 17:48 - 00000000 ____D () C:\Users\lucal_000\.appwork2014-07-05 17:48 - 2013-06-26 14:26 - 00000000 ____D () C:\Users\lucal_000\AppData\Local\Google2014-07-05 17:47 - 2013-09-08 18:42 - 00000000 __SHD () C:\WINDOWS\SysWOW64\AI_RecycleBin2014-07-05 17:46 - 2013-06-29 15:14 - 00000000 ____D () C:\Program Files\CCleaner2014-07-05 16:59 - 2014-07-05 16:59 - 00620988 _____ () C:\WINDOWS\SysWOW64\scrypt140121Bartsglg2tc4032w64l4.bin2014-06-29 17:32 - 2014-05-01 15:16 - 00004146 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA2014-06-29 17:32 - 2014-05-01 15:16 - 00003910 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore2014-06-21 13:42 - 2013-10-17 14:42 - 00018009 _____ () C:\WINDOWS\system32\lvcoinst.log2014-06-21 13:42 - 2013-10-17 14:42 - 00000000 ____D () C:\Program Files\Common Files\logishrd2014-06-21 07:26 - 2014-06-21 07:26 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll2014-06-21 07:26 - 2014-06-21 07:26 - 00117584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll2014-06-21 07:26 - 2014-06-21 07:26 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll2014-06-21 07:26 - 2014-06-21 07:26 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll2014-06-21 07:26 - 2014-06-21 07:26 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll2014-06-21 07:26 - 2014-06-21 07:26 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll2014-06-21 07:26 - 2014-03-12 18:10 - 01109456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll2014-06-21 07:26 - 2014-03-12 18:10 - 00099520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll2014-06-21 07:26 - 2013-07-31 19:53 - 01329376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll2014-06-21 07:26 - 2013-07-31 19:53 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll2014-06-21 07:25 - 2014-06-21 07:25 - 09016760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll2014-06-21 07:25 - 2014-06-21 07:25 - 07892000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll2014-06-21 07:25 - 2014-03-12 18:10 - 07102496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll2014-06-21 07:25 - 2014-03-12 18:10 - 06879016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll2014-06-21 07:25 - 2013-07-31 19:52 - 10519072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll2014-06-21 07:24 - 2014-06-21 07:24 - 08108312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll2014-06-21 07:16 - 2014-06-21 07:16 - 00276192 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys2014-06-21 07:08 - 2014-06-21 07:08 - 15950848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys2014-06-21 04:58 - 2014-06-21 04:58 - 00231424 _____ () C:\WINDOWS\system32\clinfo.exe2014-06-21 04:57 - 2014-06-21 04:57 - 32877056 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll2014-06-21 04:57 - 2014-06-21 04:57 - 00098816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll2014-06-21 04:57 - 2014-06-21 04:57 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll2014-06-21 04:57 - 2014-06-21 04:57 - 00083456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll2014-06-21 04:57 - 2014-06-21 04:57 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll2014-06-21 04:54 - 2014-04-18 04:19 - 27843072 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll2014-06-21 04:51 - 2014-06-21 04:51 - 00065024 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll2014-06-21 04:51 - 2014-04-18 04:17 - 00058880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll2014-06-21 04:47 - 2014-06-21 04:47 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll2014-06-21 04:47 - 2014-06-21 04:47 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll2014-06-21 04:46 - 2014-06-21 04:46 - 05225472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll2014-06-21 04:41 - 2014-06-21 04:41 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll2014-06-21 04:41 - 2014-06-21 04:41 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll2014-06-21 04:39 - 2014-06-21 04:39 - 27529216 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll2014-06-21 04:38 - 2014-06-21 04:38 - 00418304 _____ () C:\WINDOWS\system32\amdmiracast.dll2014-06-21 04:30 - 2014-06-21 04:30 - 04180992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll2014-06-21 04:19 - 2014-06-21 04:19 - 23028224 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll2014-06-21 04:16 - 2014-06-21 04:16 - 00597320 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb2014-06-21 04:16 - 2014-06-21 04:16 - 00597320 _____ () C:\WINDOWS\system32\atiapfxx.blb2014-06-21 04:15 - 2014-06-21 04:15 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll2014-06-21 04:15 - 2014-06-21 04:15 - 00366592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe2014-06-21 04:15 - 2014-06-21 04:15 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll2014-06-21 04:15 - 2014-06-21 04:15 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll2014-06-21 04:15 - 2014-06-21 04:15 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll2014-06-21 04:15 - 2014-06-21 04:15 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll2014-06-21 04:15 - 2014-06-21 04:15 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll2014-06-21 04:15 - 2014-06-21 04:15 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll2014-06-21 04:11 - 2014-06-21 04:11 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll2014-06-21 03:58 - 2014-06-21 03:58 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll2014-06-21 03:58 - 2014-06-21 03:58 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll2014-06-21 03:57 - 2014-06-21 03:57 - 00588800 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe2014-06-21 03:57 - 2014-06-21 03:57 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe2014-06-21 03:56 - 2014-06-21 03:56 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll2014-06-21 03:54 - 2014-06-21 03:54 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll2014-06-21 03:53 - 2014-06-21 03:53 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll2014-06-21 03:49 - 2014-06-21 03:49 - 03437632 _____ () C:\WINDOWS\system32\atiumd6a.cap2014-06-21 03:39 - 2014-06-21 03:39 - 00826368 _____ (AMD) C:\WINDOWS\system32\coinst_14.20.dll2014-06-21 03:38 - 2014-06-21 03:38 - 03471376 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap2014-06-21 03:31 - 2014-06-21 03:31 - 01207296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll2014-06-21 03:31 - 2014-06-21 03:31 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll2014-06-21 03:31 - 2014-06-21 03:31 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll2014-06-21 03:31 - 2014-06-21 03:31 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll2014-06-21 03:31 - 2014-06-21 03:31 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll2014-06-21 03:31 - 2014-04-18 03:09 - 00898560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll2014-06-21 03:31 - 2014-04-18 03:07 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll2014-06-21 03:30 - 2014-06-21 03:30 - 00557056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys2014-06-21 03:27 - 2014-06-21 03:27 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll2014-06-20 23:08 - 2014-06-20 23:08 - 00051200 _____ () C:\WINDOWS\system32\kdbsdk64.dll2014-06-20 23:03 - 2014-06-20 23:03 - 00038912 _____ () C:\WINDOWS\SysWOW64\kdbsdk32.dll2014-06-18 14:39 - 2013-09-28 17:52 - 00000000 ____D () C:\Users\lucal_000\AppData\Local\Battle.net2014-06-15 20:52 - 2014-06-15 20:52 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx2014-06-15 20:49 - 2014-06-15 20:49 - 00000000 ____D () C:\Users\lucal_000\AppData\Roaming\Curse2014-06-13 11:24 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache2014-06-13 11:03 - 2013-10-17 14:53 - 00000000 ___RD () C:\Users\lucal_000\SkyDrive2014-06-13 11:03 - 2013-08-22 16:44 - 00584752 _____ () C:\WINDOWS\system32\FNTCACHE.DAT2014-06-13 11:03 - 2013-06-26 14:59 - 00000000 ___RD () C:\Users\lucal_000\Podcasts2014-06-12 20:20 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData2014-06-12 20:20 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel2014-06-12 20:20 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore2014-06-12 20:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe2014-06-12 17:34 - 2014-06-12 17:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll2014-06-12 17:34 - 2014-06-12 17:34 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll2014-06-12 17:34 - 2014-06-12 17:34 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe2014-06-12 17:34 - 2014-06-12 17:34 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe2014-06-12 17:34 - 2014-06-12 17:34 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe2014-06-12 17:34 - 2014-06-12 17:34 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll2014-06-12 17:34 - 2014-06-12 17:34 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll2014-06-12 17:34 - 2014-06-12 17:34 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll2014-06-12 17:34 - 2014-06-12 17:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll2014-06-12 17:34 - 2014-06-12 17:34 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll2014-06-12 17:34 - 2014-06-12 17:34 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll2014-06-12 17:34 - 2014-06-12 17:34 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll2014-06-12 17:34 - 2013-06-26 13:55 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-06-12 17:33 - 2013-08-14 11:59 - 00000000 ____D () C:\WINDOWS\system32\MRT2014-06-12 17:32 - 2013-06-26 14:03 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe2014-06-11 13:47 - 2014-06-11 13:47 - 00000000 ____D () C:\ProgramData\ATI2014-06-11 13:46 - 2014-06-11 13:46 - 00061432 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201406111346027471.log2014-06-09 20:07 - 2013-06-26 16:07 - 00000000 ____D () C:\ProgramData\Origin2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\Program Files\iTunes2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\Program Files\iPod2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\Program Files (x86)\iTunes Files to move or delete:====================C:\Users\lucal_000\AppData\Roaming\Origin\update.vbe Some content of TEMP:====================C:\Users\lucal_000\AppData\Local\Temp\unins000.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-07 09:02 ==================== End Of Log ============================

Hello everyone, I want to apologize in advance for my english but it is not my native language and this forum is the only one where I've seen people able to help me . Recently I noticed my GPU working @99% all the time, so I found with Malwarebytes 3 virus in the folder C:/Windows/Temp : - Trojan.Agent.Gen (file) - Trojan.Agent.Gen (process) - Trojan.BitcoinMiner (file) I tried to remove them but they appeared again after restarting the pc. I'd like to know what to do. Thanks Luca

Hello, I have the same problem and I need help to resolve it. Can I use this thread? I want to apologize in advance for my english but it is not my native language and this forum is the only one where I've seen people able to help me . Like Allabonkaja, I found with Malwarebytes 3 virus in the folder C:/Windows/Temp : - Trojan.Agent.Gen (file) - Trojan.Agent.Gen (process) - Trojan.BitcoinMiner (file) I tried to remove them but they appeared again after restarting the pc. I'd like to know what to do. Thanks Luca