SecurityHijack is back for 3rd times !

Beeeno · May 11, 2013

Hi there ! I've tried to reinstall win8 but it's back ! Please help ! Last two times I've been helped by Gringo !!!

Beeeno · May 12, 2013

Any help ?

Maurice Naggar · May 12, 2013

Hello Beeno,

Let me suggest, if you're an MBAM PRO customer, you contact the consumer help desk here.

If you are in an organization or a corporate customer, contact Corporate Support for assistance.

Otherwise, Please print out, read and follow the directions here, skipping any steps you are unable to complete.

You should copy > paste contents of the MBAM scan log, and DDS.txt and Attach.txt

Be very explicit in the steps you had followed for the Windows 8 "re-install" ......including if you have the Windows 8 operating system DVD and what make / model of computer if Windows 8 was pre-installed on it when it was new. or tell us if you had "upgraded" from another version to Windows 8.

Beeeno · May 12, 2013

First of all thanks for help ! I use the PC to play games on line such as Red Orchestra2, Men of War an so on .. My PC is an assebled one and I've bought Win8 by digital download and I've saved it on DVD support. Since my first experience o securityhijack I didn't use any p2p software and I do not dowload pirate software. Then I've to say this is my third time I experience Securityhijack First time Gringo helped me to fix it but after some days it reappered unluckily. Then Gringo helped me for second time but yesterday I rediscovered SHJ once again and I decided to reinstall win8 but without formatting system disk. After installing software I run MBAM and it was here once more and I cleaned it by MBAM. Now I've run MBAM once more and the system seems clean. But I'm sure tomorrow it will reappear once more. This has happened before that I cleaned SHJ with MBAM and after one or three days it reappered. Gonna try your procedure and let you know!

Beeeno · May 12, 2013

Here are logs:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 8 Pro

Boot Device: \Device\HarddiskVolume1

Install Date: 11/05/2013 09.50.23

System Uptime: 12/05/2013 15.00.24 (9 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P5Q-PRO

Processor: Intel® Core2 Duo CPU E8400 @ 3.00GHz | LGA 775 | 3600/400mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 107 GiB total, 45,971 GiB free.

D: is FIXED (NTFS) - 342 GiB total, 312,985 GiB free.

E: is FIXED (NTFS) - 932 GiB total, 412,218 GiB free.

F: is FIXED (NTFS) - 0 GiB total, 0,081 GiB free.

G: is FIXED (NTFS) - 357 GiB total, 351,916 GiB free.

H: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

AMD Accelerated Video Transcoding

AMD Catalyst Install Manager

Arma 2: Operation Arrowhead

Bubble Dock (remove only)

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Driver Genius Professional Edition

Empire: Total War

G Data TotalProtection 2013

German Soldiers Mod Fields of Honor IX

Google Chrome

Google Update Helper

Intel® Rapid Storage Technology

Killing Floor

Left 4 Dead 2

Malwarebytes Anti-Malware versione 1.75.0.1300

Men of War: Assault Squad

Microsoft Chart Controls for Microsoft .NET Framework 3.5

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

OpenOffice.org 3.4.1

PunkBuster Services

Red Orchestra 2: Heroes of Stalingrad

Samsung Magician

Steam

TeamSpeak 3 Client

TuneUp Utilities 2013

TuneUp Utilities Language Pack (it-IT)

WinRAR 4.20 (32-bit)

.

==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16537

Run by Barbara at 0:25:50 on 2013-05-13

Microsoft Windows 8 Pro 6.2.9200.0.1252.39.1040.18.4095.2207 [GMT 2:00]

.

AV: G Data TotalProtection 2013 *Enabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: G Data TotalProtection 2013 *Enabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: G Data Personal Firewall *Enabled* {018C0191-29AD-04E8-101F-264FDF37B3ED}

.

============== Running Processes ===============

.

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe

C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe

C:\Windows\system32\dwm.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe

C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe

C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe

C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe

C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\taskhostex.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\dashost.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe

C:\Windows\System32\RuntimeBroker.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe

C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Windows\system32\taskhost.exe

C:\Windows\SysWOW64\PnkBstrB.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\wwahost.exe

C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe\LiveComm.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\msiexec.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe,

BHO: G Data BankGuard: {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll

uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

uRun: [bubble Dock] "C:\Users\Barbara\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup

mRun: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe

mRun: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60

StartupFolder: C:\Users\Barbara\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SAMSUN~1.LNK - C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{4F26A0E8-41C0-49E6-9670-69ECD9E52163} : DHCPNameServer = 192.168.1.1

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

IFEO: iastorui.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe

x64-SSODL: WebCheck - <orphaned>

x64-IFEO: iastorui.exe - "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

.

============= SERVICES / DRIVERS ===============

.

R0 GDBehave;GDBehave;C:\Windows\System32\Drivers\GDBehave.sys [2013-5-11 54136]

R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2013-5-11 652344]

R0 TS4NT;TS4nt driver;C:\Windows\System32\Drivers\TS4nt.sys [2013-5-11 98760]

R1 GDMnIcpt;GDMnIcpt;C:\Windows\System32\Drivers\MiniIcpt.sys [2013-5-11 122744]

R1 gdwfpcd;G Data WFP CD;C:\Windows\System32\Drivers\gdwfpcd64.sys [2013-5-11 65912]

R1 GRD;G Data Rootkit Detector Driver;C:\Windows\System32\Drivers\GRD.sys [2013-5-11 106648]

R1 HookCentre;HookCentre;C:\Windows\System32\Drivers\HookCentre.sys [2013-5-11 64376]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-29 241152]

R2 AVKProxy;Proxy G Data AntiVirus;C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2012-2-2 1524728]

R2 AVKService;G Data Scheduler;C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe [2012-1-27 468472]

R2 AVKWCtl;Guardiano del file system G Data;C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe [2012-1-27 2006872]

R2 GDBackupSvc;G Data Backup Service;C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [2012-3-13 1609208]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-5-11 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-5-11 701512]

R2 TSNxGService;Servizio Cassaforte dati G Data;C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe [2012-3-15 306184]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2013-1-31 2402080]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2013-2-14 94208]

R3 GDFwSvc;G Data Personal Firewall;C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe [2012-1-27 1765352]

R3 GDPkIcpt;GDPkIcpt;C:\Windows\System32\Drivers\PktIcpt.sys [2013-5-11 59768]

R3 GDScan;Scanner G Data;C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2012-1-27 471048]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-5-11 25928]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-11-16 11880]

S3 amdkmafd;AMD Audio Bus Lower Filter;C:\Windows\System32\Drivers\amdkmafd.sys [2013-3-29 21600]

S3 GDTunerSvc;G Data Tuner Service;C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [2012-3-8 1218040]

S3 vmbusr;Provider Bus macchina virtuale;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-26 117248]

S4 IAStorDataMgrSvc;Tecnologia Intel® Rapid Storage;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-5-11 14904]

.

=============== File Associations ===============

.

FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]

.

=============== Created Last 30 ================

.

2013-05-12 20:18:06 -------- d-----w- C:\Users\Barbara\AppData\Roaming\Nosibay

2013-05-12 18:02:00 -------- d-----w- C:\Users\Barbara\AppData\Roaming\TS3Client

2013-05-12 18:01:25 -------- d-----w- C:\Program Files\TeamSpeak 3 Client

2013-05-11 22:16:28 1071364 ----a-w- C:\Windows\SysWow64\sig.bin

2013-05-11 17:47:27 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls

2013-05-11 17:15:06 -------- d-----w- C:\Users\Barbara\AppData\Roaming\Malwarebytes

2013-05-11 17:15:04 -------- d-----w- C:\ProgramData\Malwarebytes

2013-05-11 17:15:03 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-05-11 17:15:03 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-05-11 16:33:11 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2013-05-11 16:33:06 -------- d-----w- C:\Users\Barbara\AppData\Local\PunkBuster

2013-05-11 16:32:57 -------- d-----w- C:\Users\Barbara\AppData\Local\CrashRpt

2013-05-11 16:32:09 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2013-05-11 16:32:09 280792 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2013-05-11 16:32:07 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2013-05-11 16:31:42 -------- d-----w- C:\Windows\SysWow64\XPSViewer

2013-05-11 16:30:10 778856 ----a-w- C:\Windows\SysWow64\PresentationNative_v0300.dll

2013-05-11 16:30:10 35400 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe

2013-05-11 16:30:10 35400 ----a-w- C:\Windows\System32\TsWpfWrp.exe

2013-05-11 16:30:10 124040 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll

2013-05-11 16:30:10 1166440 ----a-w- C:\Windows\System32\PresentationNative_v0300.dll

2013-05-11 16:30:10 102528 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll

2013-05-11 16:19:58 519000 ----a-w- C:\Windows\System32\d3dx10_40.dll

2013-05-11 16:14:25 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation

2013-05-11 16:13:52 -------- d-----w- C:\Users\Barbara\AppData\Roaming\Intel Corporation

2013-05-11 16:09:43 -------- d-----w- C:\Intel

2013-05-11 16:09:42 652344 ----a-w- C:\Windows\System32\drivers\iaStorA.sys

2013-05-11 09:57:51 106648 ----a-w- C:\Windows\System32\drivers\GRD.sys

2013-05-11 09:45:52 -------- d-----w- C:\Users\Barbara\Intel

2013-05-11 09:31:52 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3

2013-05-11 09:16:49 -------- d-----w- C:\Program Files (x86)\Common Files\Steam

2013-05-11 09:16:48 -------- d-----w- C:\Program Files (x86)\Steam

2013-05-11 08:59:40 -------- d-----w- C:\Users\Barbara\AppData\Local\ATI

2013-05-11 08:52:54 35104 ----a-w- C:\Windows\System32\TURegOpt.exe

2013-05-11 08:52:54 26400 ----a-w- C:\Windows\System32\authuitu.dll

2013-05-11 08:52:54 21792 ----a-w- C:\Windows\SysWow64\authuitu.dll

2013-05-11 08:52:52 -------- d-----w- C:\Users\Barbara\AppData\Roaming\TuneUp Software

2013-05-11 08:52:51 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2013

2013-05-11 08:52:46 -------- d-----w- C:\ProgramData\TuneUp Software

2013-05-11 08:49:43 -------- d-----w- C:\ProgramData\Samsung

2013-05-11 08:49:43 -------- d-----w- C:\Program Files (x86)\Samsung Magician

2013-05-11 08:49:15 -------- d-----w- C:\Users\Barbara\AppData\Local\Programs

2013-05-11 08:44:36 -------- d-----w- C:\Windows\Panther

2013-05-11 08:38:07 -------- d-----w- C:\Windows.old.000

2013-05-11 08:36:50 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll

2013-05-11 08:35:36 -------- d-----w- C:\ProgramData\AMD

2013-05-11 08:35:35 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies

2013-05-11 08:35:35 -------- d-----w- C:\Program Files (x86)\AMD AVT

2013-05-11 08:35:24 -------- d-----w- C:\Program Files\Common Files\ATI Technologies

2013-05-11 08:34:59 -------- d-----w- C:\Program Files (x86)\ATI Technologies

2013-05-11 08:34:46 -------- d-----w- C:\Program Files\ATI Technologies

2013-05-11 08:34:44 -------- d-----w- C:\Program Files\ATI

2013-05-11 08:29:14 -------- d-----w- C:\ProgramData\DriverGenius

2013-05-11 08:29:00 -------- d-----w- C:\Program Files (x86)\Driver-Soft

2013-05-11 08:25:57 11459584 ----a-w- C:\Windows\System32\glcndFilter.dll

2013-05-11 08:24:59 757248 ----a-w- C:\Windows\System32\uDWM.dll

2013-05-11 08:20:43 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

2013-05-11 08:20:43 -------- d--h--w- C:\ProgramData\Common Files

2013-05-11 08:14:07 -------- d-----r- C:\Windows\BrowserChoice

2013-05-11 08:11:09 16114176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-05-11 08:11:09 15541248 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-05-11 08:09:21 -------- d-----w- C:\Users\Barbara\AppData\Local\Google

2013-05-11 08:06:59 -------- d-----w- C:\Windows\SysWow64\BioAPIFFDB

2013-05-11 08:06:56 98760 ----a-w- C:\Windows\System32\drivers\TS4nt.sys

2013-05-11 08:06:51 59768 ----a-w- C:\Windows\System32\drivers\PktIcpt.sys

2013-05-11 08:06:43 64376 ----a-w- C:\Windows\System32\drivers\HookCentre.sys

2013-05-11 08:06:43 54136 ----a-w- C:\Windows\System32\drivers\GDBehave.sys

2013-05-11 08:06:43 122744 ----a-w- C:\Windows\System32\drivers\MiniIcpt.sys

2013-05-11 08:06:41 65912 ----a-w- C:\Windows\System32\drivers\gdwfpcd64.sys

2013-05-11 08:06:27 -------- d-----w- C:\ProgramData\G DATA Software

2013-05-11 08:06:23 -------- d-----w- C:\ProgramData\G DATA

2013-05-11 08:06:23 -------- d-----w- C:\Program Files (x86)\G Data

2013-05-11 08:06:23 -------- d-----w- C:\Program Files (x86)\Common Files\G Data

2013-05-11 08:05:28 -------- d-----w- C:\Users\Barbara\AppData\Local\Downloaded Installations

2013-05-11 08:04:55 9317456 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8BB6D2E6-E46A-40C5-84C5-F6ACFCCC5A67}\mpengine.dll

2013-05-11 08:04:36 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-05-11 08:04:03 17888 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll

2013-05-11 08:01:28 2094592 ----a-w- C:\Windows\System32\mmc.exe

2013-05-11 08:00:57 94208 ----a-w- C:\Windows\System32\synceng.dll

2013-05-11 07:59:44 96256 ----a-w- C:\Windows\System32\fontsub.dll

2013-05-11 07:55:56 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin

2013-05-11 07:55:49 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin

2013-05-11 07:48:45 -------- d-sh--we C:\ProgramData\Modelli

2013-05-11 07:48:45 -------- d-sh--we C:\ProgramData\Menu Avvio

2013-05-11 07:48:45 -------- d-sh--we C:\ProgramData\Documenti

2013-05-11 07:48:45 -------- d-sh--we C:\ProgramData\Dati applicazioni

2013-05-11 07:48:45 -------- d-sh--we C:\Program Files\File comuni

2013-05-11 07:45:59 0 ----a-w- C:\Windows\ativpsrm.bin

.

==================== Find3M ====================

.

2013-04-02 22:08:01 78176 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-04-02 22:08:01 692576 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-03-29 02:37:10 78432 ----a-w- C:\Windows\System32\atimpc64.dll

2013-03-29 02:37:10 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll

2013-03-29 02:37:08 78432 ----a-w- C:\Windows\System32\amdpcom64.dll

2013-03-29 02:37:06 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll

2013-03-29 02:37:06 139696 ----a-w- C:\Windows\System32\atiuxp64.dll

2013-03-29 02:37:04 92304 ----a-w- C:\Windows\SysWow64\atiu9pag.dll

2013-03-29 02:37:04 118584 ----a-w- C:\Windows\SysWow64\atiuxpag.dll

2013-03-29 02:37:04 112440 ----a-w- C:\Windows\System32\atiu9p64.dll

2013-03-29 02:37:02 1155264 ----a-w- C:\Windows\System32\aticfx64.dll

2013-03-29 02:37:00 970912 ----a-w- C:\Windows\SysWow64\aticfx32.dll

2013-03-29 02:36:56 8272136 ----a-w- C:\Windows\System32\atidxx64.dll

2013-03-29 02:36:54 7233336 ----a-w- C:\Windows\SysWow64\atidxx32.dll

2013-03-29 02:36:50 4450264 ----a-w- C:\Windows\SysWow64\atiumdva.dll

2013-03-29 02:36:44 5944264 ----a-w- C:\Windows\SysWow64\atiumdag.dll

2013-03-29 02:36:40 5000320 ----a-w- C:\Windows\System32\atiumd6a.dll

2013-03-29 02:36:38 6985624 ----a-w- C:\Windows\System32\atiumd64.dll

2013-03-29 02:35:28 21600 ----a-w- C:\Windows\System32\drivers\amdkmafd.sys

2013-03-29 02:35:02 11658752 ----a-w- C:\Windows\System32\drivers\atikmdag.sys

2013-03-29 02:13:28 222720 ----a-w- C:\Windows\System32\clinfo.exe

2013-03-29 02:13:14 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe

2013-03-29 02:13:14 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe

2013-03-29 02:13:14 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe

2013-03-29 02:13:12 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe

2013-03-29 02:13:08 76288 ----a-w- C:\Windows\System32\OpenVideo64.dll

2013-03-29 02:13:04 65536 ----a-w- C:\Windows\SysWow64\OpenVideo.dll

2013-03-29 02:13:00 64000 ----a-w- C:\Windows\System32\OVDecode64.dll

2013-03-29 02:12:56 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll

2013-03-29 02:12:48 29150720 ----a-w- C:\Windows\System32\amdocl64.dll

2013-03-29 02:10:52 23810560 ----a-w- C:\Windows\SysWow64\amdocl.dll

2013-03-29 02:09:04 54784 ----a-w- C:\Windows\System32\OpenCL.dll

2013-03-29 02:09:00 50176 ----a-w- C:\Windows\SysWow64\OpenCL.dll

2013-03-29 02:04:42 24229376 ----a-w- C:\Windows\System32\atio6axx.dll

2013-03-29 02:00:54 76800 ----a-w- C:\Windows\System32\coinst_12.104.dll

2013-03-29 01:57:54 163840 ----a-w- C:\Windows\System32\atiapfxx.exe

2013-03-29 01:55:36 51200 ----a-w- C:\Windows\System32\aticalrt64.dll

2013-03-29 01:55:34 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll

2013-03-29 01:55:28 44544 ----a-w- C:\Windows\System32\aticalcl64.dll

2013-03-29 01:55:28 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll

2013-03-29 01:55:16 16082944 ----a-w- C:\Windows\System32\aticaldd64.dll

2013-03-29 01:51:04 13703168 ----a-w- C:\Windows\SysWow64\aticaldd.dll

2013-03-29 01:48:26 19870720 ----a-w- C:\Windows\SysWow64\atioglxx.dll

2013-03-29 01:35:14 442368 ----a-w- C:\Windows\System32\atidemgy.dll

2013-03-29 01:35:06 562688 ----a-w- C:\Windows\System32\atieclxx.exe

2013-03-29 01:34:18 241152 ----a-w- C:\Windows\System32\atiesrxx.exe

2013-03-29 01:33:00 120320 ----a-w- C:\Windows\System32\atitmm64.dll

2013-03-29 01:32:46 26112 ----a-w- C:\Windows\System32\atimuixx.dll

2013-03-29 01:32:42 59392 ----a-w- C:\Windows\System32\atiedu64.dll

2013-03-29 01:32:36 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll

2013-03-29 01:10:30 636416 ----a-w- C:\Windows\System32\atiadlxx.dll

2013-03-29 01:10:20 430080 ----a-w- C:\Windows\SysWow64\atiadlxy.dll

2013-03-29 01:10:08 17920 ----a-w- C:\Windows\System32\atig6pxx.dll

2013-03-29 01:10:04 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll

2013-03-29 01:10:04 14848 ----a-w- C:\Windows\System32\atiglpxx.dll

2013-03-29 01:10:00 44032 ----a-w- C:\Windows\System32\atig6txx.dll

2013-03-29 01:09:52 34816 ----a-w- C:\Windows\SysWow64\atigktxx.dll

2013-03-29 01:09:44 581120 ----a-w- C:\Windows\System32\drivers\atikmpag.sys

2013-03-29 01:07:52 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll

2013-03-19 22:19:24 4041728 ----a-w- C:\Windows\System32\win32k.sys

2013-03-07 06:50:56 6991592 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-03-02 10:57:48 337128 ----a-w- C:\Windows\System32\drivers\USBXHCI.SYS

2013-03-02 10:57:46 77544 ----a-w- C:\Windows\System32\drivers\storahci.sys

2013-03-02 10:57:46 332520 ----a-w- C:\Windows\System32\drivers\storport.sys

2013-03-02 10:57:46 283880 ----a-w- C:\Windows\System32\drivers\spaceport.sys

2013-03-02 10:45:20 148712 ----a-w- C:\Windows\System32\drivers\tpm.sys

2013-03-02 10:45:19 194792 ----a-w- C:\Windows\System32\drivers\sdbus.sys

2013-03-02 10:45:10 125160 ----a-w- C:\Windows\System32\drivers\dumpsd.sys

2013-03-02 10:39:39 495336 ----a-w- C:\Windows\System32\drivers\vhdmp.sys

2013-03-02 10:39:38 69864 ----a-w- C:\Windows\System32\drivers\pdc.sys

2013-03-02 10:39:32 327912 ----a-w- C:\Windows\System32\drivers\Classpnp.sys

2013-03-02 09:59:37 2231528 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-03-02 09:59:36 411880 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS

2013-03-02 08:24:08 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe

2013-03-02 08:23:43 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll

2013-03-02 08:23:43 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll

2013-03-02 08:23:30 893952 ----a-w- C:\Windows\SysWow64\winmde.dll

2013-03-02 08:23:30 1338880 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll

2013-03-02 08:23:28 601088 ----a-w- C:\Windows\SysWow64\Windows.Globalization.dll

2013-03-02 08:23:28 504320 ----a-w- C:\Windows\SysWow64\Windows.Security.Authentication.OnlineId.dll

2013-03-02 08:23:19 8857088 ----a-w- C:\Windows\SysWow64\twinui.dll

2013-03-02 08:23:19 246784 ----a-w- C:\Windows\SysWow64\ubpm.dll

2013-03-02 08:23:04 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll

2013-03-02 08:23:04 100864 ----a-w- C:\Windows\SysWow64\SettingSyncInfo.dll

2013-03-02 08:23:00 375808 ----a-w- C:\Windows\SysWow64\ReAgent.dll

2013-03-02 08:22:36 357888 ----a-w- C:\Windows\SysWow64\netcfgx.dll

2013-03-02 08:22:32 5091840 ----a-w- C:\Windows\SysWow64\mstscax.dll

2013-03-02 08:22:18 361984 ----a-w- C:\Windows\SysWow64\MFMediaEngine.dll

2013-03-02 08:22:17 850944 ----a-w- C:\Windows\SysWow64\mfasfsrcsnk.dll

2013-03-02 08:21:56 550912 ----a-w- C:\Windows\SysWow64\drvstore.dll

2013-03-02 08:21:52 36352 ----a-w- C:\Windows\SysWow64\DevDispItemProvider.dll

2013-03-02 08:21:40 309760 ----a-w- C:\Windows\SysWow64\BCP47Langs.dll

2013-03-02 08:21:39 2033664 ----a-w- C:\Windows\SysWow64\authui.dll

2013-03-02 08:21:32 145408 ----a-w- C:\Windows\SysWow64\powercfg.cpl

2013-03-02 02:44:59 448512 ----a-w- C:\Windows\System32\SettingSync.dll

2013-03-02 02:44:59 128512 ----a-w- C:\Windows\System32\SettingSyncInfo.dll

2013-03-02 02:44:56 1011200 ----a-w- C:\Windows\System32\reseteng.dll

2013-03-02 02:44:41 455168 ----a-w- C:\Windows\System32\netcfgx.dll

2013-03-02 02:44:41 117248 ----a-w- C:\Windows\System32\NdisImPlatform.dll

2013-03-02 02:44:38 5978624 ----a-w- C:\Windows\System32\mstscax.dll

.

============= FINISH: 0.26.28,61 ===============

Malwarebytes Anti-Malware (Prova) 1.75.0.1300

www.malwarebytes.org

Versione database: v2013.05.12.03

Windows 8 x64 NTFS

Internet Explorer 10.0.9200.16540

Barbara :: BARNEYPC [amministratore]

Protezione: Attivata

13/05/2013 00.28.45

mbam-log-2013-05-13 (00-28-45).txt

Tipo di scansione: Scansione veloce

Opzioni di scansione disattivate: P2P

Elementi esaminati: 209372

Tempo impiegato: 3 minuti, 34 secondi

Processi rilevati in memoria: 0