Jump to content

Help me please


Recommended Posts

Hello everyone,
I want to apologize in advance for my english but it is not my native language and this forum is the only one where I've seen people able to help me  :).
 
Recently I noticed my GPU working @99% all the time, so I found with Malwarebytes 3 virus in the folder C:/Windows/Temp :
- Trojan.Agent.Gen (file)
- Trojan.Agent.Gen (process)
- Trojan.BitcoinMiner (file)
 
I tried to remove them but they appeared again after restarting the pc. I'd like to know what to do.
Thanks
Luca

post-168412-0-10250100-1404717829_thumb.

Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.


 
 
 
 
 Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.

  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.


Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).

Link to post
Share on other sites

Hi Marius,

thanks for your support.

 

These are the log files of Farbar's Recovery Scan Tool:

 

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01

Ran by lucal_000 (administrator) on TERROR4K on 07-07-2014 12:13:09
Running from E:\Desktop
Platform: Windows 8.1 Pro (X64) OS Language: Italiano (Italia)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17129_none_fa6387b99b0c7738\TiWorker.exe
() C:\Windows\Temp\svchost.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-06-21] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-311390209-566744454-1957549641-1001\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-02-18] (Raptr, Inc)
HKU\S-1-5-21-311390209-566744454-1957549641-1001\...\MountPoints2: {477b6bcb-3ef0-11e3-bf90-60a44c2ffb9a} - "D:\LGAutoRun.exe" 
HKU\S-1-5-21-311390209-566744454-1957549641-1001\...\MountPoints2: {58873bb0-e9d1-11e3-819c-60a44c2ffb9a} - "D:\setup.exe" 
HKU\S-1-5-21-311390209-566744454-1957549641-1001\...\MountPoints2: {97e07dc2-8ffe-11e3-8082-60a44c2ffb9a} - "F:\LG_PC_Programs.exe" 
HKU\S-1-5-21-311390209-566744454-1957549641-1001\...\MountPoints2: {ece11b16-f211-11e3-81b0-60a44c2ffb9a} - "F:\LG_PC_Programs.exe" 
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.it.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it-IT,it;q=0.5
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1D9973E10099CF01
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DE356467-5E19-4BA3-BD65-6568119505A5}: [NameServer]8.8.8.8,8.8.4.4
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
Chrome: 
=======
CHR Extension: (AdBlock) - C:\Users\lucal_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-07]
CHR Extension: (Allow Right-Click) - C:\Users\lucal_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hompjdfbfmmmgflfjdlnkohcplmboaeo [2014-05-14]
CHR Extension: (Google Wallet) - C:\Users\lucal_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-01]
 
==================== Services (Whitelisted) =================
 
S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-06-20] (Advanced Micro Devices, Inc.) [File not signed]
S4 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
S4 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2011-05-31] (DTS)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-12-03] (Microsoft Corporation) [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [22768 2014-01-31] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S4 TomTomHOMEService; E:\Programmi\TomTom\TomTom HOME 2\TomTomHOMEService.exe [93072 2013-07-02] (TomTom)
R2 vmms; C:\Windows\system32\vmms.exe [13401600 2014-05-10] (Microsoft Corporation)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-04-12] (Disc Soft Ltd)
R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [68960 2013-11-05] (Microsoft Corporation)
S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [19456 2013-11-05] (Microsoft Corporation)
S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [22016 2013-11-05] (Microsoft Corporation)
S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [27136 2013-11-05] (Microsoft Corporation)
S3 RZMAELSTROMVADService; C:\Windows\system32\drivers\RzMaelstromVAD.sys [40696 2013-05-17] (Windows ® Win 7 DDK provider)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-04-12] (Duplex Secure Ltd.)
S3 sthid; C:\Windows\System32\drivers\sthid.sys [21216 2014-05-15] (Splashtop Inc.)
S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [18944 2014-01-27] (Microsoft Corporation)
R3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-03-04] (Microsoft Corporation)
S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-03-04] (Microsoft Corporation)
S3 VMSVSF; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-03-04] (Microsoft Corporation)
S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-03-04] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
S3 TRIXX; \??\C:\Users\LUCAL_~1\AppData\Local\Temp\TRIXX.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-07 11:47 - 2014-07-07 12:13 - 00000000 ____D () C:\FRST
2014-07-07 08:47 - 2014-07-07 12:12 - 00063070 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-07 08:47 - 2014-07-07 09:05 - 00000834 _____ () C:\WINDOWS\PFRO.log
2014-07-06 17:53 - 2014-07-06 18:58 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-06 15:23 - 2014-07-06 15:23 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-07-06 15:22 - 2014-07-06 15:22 - 00067608 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407061522592994.log
2014-07-06 15:22 - 2014-07-06 15:22 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-07-06 15:22 - 2014-07-06 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-07-06 15:22 - 2014-07-06 15:22 - 00000000 ____D () C:\Program Files\AMD
2014-07-06 15:22 - 2014-02-16 18:23 - 00060640 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\usbfilter.sys
2014-07-06 15:21 - 2014-07-06 15:22 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\Program Files\ATI
2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-07-06 15:16 - 2014-07-06 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EMCO
2014-07-05 20:06 - 2014-07-07 09:14 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 20:06 - 2014-07-06 18:51 - 00092888 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-05 20:06 - 2014-07-05 20:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-05 20:06 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-05 19:51 - 2014-07-05 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-07-05 19:51 - 2014-07-05 19:51 - 00000000 ____D () C:\Program Files\CPUID
2014-07-05 17:48 - 2014-07-05 17:48 - 00000000 ____D () C:\Users\lucal_000\.appwork
2014-07-05 16:59 - 2014-07-05 16:59 - 00620988 _____ () C:\WINDOWS\SysWOW64\scrypt140121Bartsglg2tc4032w64l4.bin
2014-06-21 07:26 - 2014-06-21 07:26 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2014-06-21 07:26 - 2014-06-21 07:26 - 00117584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2014-06-21 07:26 - 2014-06-21 07:26 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2014-06-21 07:26 - 2014-06-21 07:26 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2014-06-21 07:26 - 2014-06-21 07:26 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2014-06-21 07:26 - 2014-06-21 07:26 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2014-06-21 07:25 - 2014-06-21 07:25 - 09016760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2014-06-21 07:25 - 2014-06-21 07:25 - 07892000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2014-06-21 07:24 - 2014-06-21 07:24 - 08108312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2014-06-21 07:16 - 2014-06-21 07:16 - 00276192 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys
2014-06-21 07:08 - 2014-06-21 07:08 - 15950848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2014-06-21 04:58 - 2014-06-21 04:58 - 00231424 _____ () C:\WINDOWS\system32\clinfo.exe
2014-06-21 04:57 - 2014-06-21 04:57 - 32877056 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2014-06-21 04:57 - 2014-06-21 04:57 - 00098816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2014-06-21 04:57 - 2014-06-21 04:57 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2014-06-21 04:57 - 2014-06-21 04:57 - 00083456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2014-06-21 04:57 - 2014-06-21 04:57 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2014-06-21 04:51 - 2014-06-21 04:51 - 00065024 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-06-21 04:47 - 2014-06-21 04:47 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2014-06-21 04:47 - 2014-06-21 04:47 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2014-06-21 04:46 - 2014-06-21 04:46 - 05225472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2014-06-21 04:41 - 2014-06-21 04:41 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll
2014-06-21 04:41 - 2014-06-21 04:41 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll
2014-06-21 04:39 - 2014-06-21 04:39 - 27529216 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2014-06-21 04:38 - 2014-06-21 04:38 - 00418304 _____ () C:\WINDOWS\system32\amdmiracast.dll
2014-06-21 04:30 - 2014-06-21 04:30 - 04180992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2014-06-21 04:19 - 2014-06-21 04:19 - 23028224 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2014-06-21 04:16 - 2014-06-21 04:16 - 00597320 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb
2014-06-21 04:16 - 2014-06-21 04:16 - 00597320 _____ () C:\WINDOWS\system32\atiapfxx.blb
2014-06-21 04:15 - 2014-06-21 04:15 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2014-06-21 04:15 - 2014-06-21 04:15 - 00366592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2014-06-21 04:15 - 2014-06-21 04:15 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2014-06-21 04:15 - 2014-06-21 04:15 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2014-06-21 04:15 - 2014-06-21 04:15 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2014-06-21 04:15 - 2014-06-21 04:15 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2014-06-21 04:15 - 2014-06-21 04:15 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2014-06-21 04:15 - 2014-06-21 04:15 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2014-06-21 04:11 - 2014-06-21 04:11 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2014-06-21 03:58 - 2014-06-21 03:58 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2014-06-21 03:58 - 2014-06-21 03:58 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2014-06-21 03:57 - 2014-06-21 03:57 - 00588800 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2014-06-21 03:57 - 2014-06-21 03:57 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2014-06-21 03:56 - 2014-06-21 03:56 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2014-06-21 03:54 - 2014-06-21 03:54 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2014-06-21 03:53 - 2014-06-21 03:53 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2014-06-21 03:49 - 2014-06-21 03:49 - 03437632 _____ () C:\WINDOWS\system32\atiumd6a.cap
2014-06-21 03:39 - 2014-06-21 03:39 - 00826368 _____ (AMD) C:\WINDOWS\system32\coinst_14.20.dll
2014-06-21 03:38 - 2014-06-21 03:38 - 03471376 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap
2014-06-21 03:31 - 2014-06-21 03:31 - 01207296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2014-06-21 03:31 - 2014-06-21 03:31 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2014-06-21 03:31 - 2014-06-21 03:31 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2014-06-21 03:31 - 2014-06-21 03:31 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2014-06-21 03:31 - 2014-06-21 03:31 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2014-06-21 03:30 - 2014-06-21 03:30 - 00557056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2014-06-21 03:27 - 2014-06-21 03:27 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2014-06-20 23:08 - 2014-06-20 23:08 - 00051200 _____ () C:\WINDOWS\system32\kdbsdk64.dll
2014-06-20 23:03 - 2014-06-20 23:03 - 00038912 _____ () C:\WINDOWS\SysWOW64\kdbsdk32.dll
2014-06-15 20:52 - 2014-06-15 20:52 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-06-15 20:49 - 2014-06-15 20:49 - 00000000 ____D () C:\Users\lucal_000\AppData\Roaming\Curse
2014-06-12 17:34 - 2014-06-12 17:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-12 17:34 - 2014-06-12 17:34 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-12 17:34 - 2014-06-12 17:34 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-12 17:34 - 2014-06-12 17:34 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-12 17:34 - 2014-06-12 17:34 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-12 17:34 - 2014-06-12 17:34 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-12 17:34 - 2014-06-12 17:34 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-12 17:34 - 2014-06-12 17:34 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-12 17:34 - 2014-06-12 17:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-12 17:34 - 2014-06-12 17:34 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-12 17:34 - 2014-06-12 17:34 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-12 17:34 - 2014-06-12 17:34 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 16:18 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-11 16:18 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-11 16:18 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 16:18 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 16:18 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-11 16:18 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-11 16:18 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-11 16:18 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-11 16:18 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-11 16:18 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 16:18 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-11 16:18 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-11 16:18 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-11 16:18 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 16:18 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-11 16:18 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-11 16:18 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-11 16:18 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-11 16:18 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-11 16:18 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-11 16:18 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-11 16:18 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-11 16:18 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-11 16:18 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-11 16:18 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-11 16:18 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-11 16:18 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-11 16:18 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-11 16:18 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-11 16:17 - 2014-05-10 05:54 - 13401600 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmms.exe
2014-06-11 16:17 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-11 16:17 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-11 16:17 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 16:17 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 16:17 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-11 16:17 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 16:17 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 16:17 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-11 16:17 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-11 16:17 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 16:17 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 16:17 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-06-11 16:17 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-06-11 16:17 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-06-11 16:17 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-06-11 16:17 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-06-11 16:17 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-06-11 16:17 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-06-11 16:17 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-06-11 16:17 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-11 16:17 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-06-11 16:17 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-06-11 16:17 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-11 16:17 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-06-11 16:17 - 2014-04-11 08:13 - 01200128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-06-11 16:17 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-06-11 16:17 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-06-11 16:17 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-06-11 16:17 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-06-11 16:17 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-06-11 16:17 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-06-11 16:17 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-06-11 16:17 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-06-11 16:17 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-06-11 16:17 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-06-11 16:17 - 2014-04-06 18:34 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-06-11 16:17 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-06-11 16:17 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-06-11 16:17 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-11 16:17 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-06-11 16:17 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-06-11 16:17 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-06-11 16:17 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-06-11 16:17 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-06-11 16:17 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-11 16:17 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-06-11 16:17 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-06-11 16:17 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-06-11 16:17 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-06-11 16:17 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-11 16:17 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-06-11 16:17 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-06-11 16:17 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-06-11 16:17 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-06-11 16:17 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-06-11 16:17 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-06-11 16:17 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-06-11 16:17 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-06-11 16:17 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-06-11 16:17 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-06-11 16:17 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-06-11 16:17 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-06-11 16:17 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-06-11 16:17 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-06-11 16:17 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-06-11 16:17 - 2014-04-06 16:20 - 06172160 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwp.exe
2014-06-11 16:17 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-06-11 16:17 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-06-11 16:17 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-06-11 16:17 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-06-11 16:17 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-06-11 16:17 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-06-11 16:17 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-11 16:17 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-06-11 16:17 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-06-11 16:17 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-11 16:17 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-06-11 16:17 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-11 16:17 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-06-11 16:17 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-06-11 16:17 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-06-11 16:17 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-11 16:17 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-06-11 16:17 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-06-11 16:17 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-06-11 16:17 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-06-11 16:17 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 16:17 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-11 16:17 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-06-11 16:17 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-06-11 16:17 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-06-11 16:17 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-06-11 16:17 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-06-11 16:17 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-06-11 16:17 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-06-11 16:17 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-06-11 16:17 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-06-11 16:17 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-06-11 16:17 - 2014-04-01 08:23 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-06-11 16:17 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-06-11 16:17 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-06-11 16:17 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-11 16:17 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-11 16:17 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-06-11 16:17 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-06-11 16:17 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-06-11 16:17 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-11 16:17 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-06-11 16:17 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-06-11 16:17 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-06-11 16:17 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-06-11 16:17 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-06-11 16:17 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-06-11 16:17 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-06-11 16:17 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-06-11 16:17 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-06-11 16:17 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-06-11 16:17 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-06-11 16:17 - 2014-03-21 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2014-06-11 16:17 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-11 16:17 - 2014-03-20 02:51 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-06-11 16:17 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-06-11 16:17 - 2014-03-20 01:38 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2014-06-11 16:17 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-06-11 16:17 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-06-11 16:17 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-06-11 16:17 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-06-11 16:17 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-06-11 16:17 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-06-11 16:17 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-06-11 16:17 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-06-11 16:17 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-06-11 16:17 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-06-11 16:17 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-06-11 16:17 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-06-11 16:17 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-06-11 16:17 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-11 16:17 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-11 16:17 - 2014-03-18 10:19 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-06-11 16:17 - 2014-03-18 10:18 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xusb22.sys
2014-06-11 16:17 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-11 16:17 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-06-11 16:17 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-11 16:17 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-06-11 16:17 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-06-11 16:17 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-06-11 16:17 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-06-11 16:17 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-11 16:17 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-06-11 16:17 - 2014-03-06 14:42 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-06-11 16:17 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-06-11 16:16 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 16:16 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 16:16 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 16:16 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 16:16 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 16:16 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 16:16 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 16:16 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-11 16:16 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 16:16 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 16:16 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 16:15 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 13:47 - 2014-06-11 13:47 - 00000000 ____D () C:\ProgramData\ATI
2014-06-11 13:46 - 2014-06-11 13:46 - 00061432 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201406111346027471.log
2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\Program Files\iTunes
2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\Program Files\iPod
2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\Program Files (x86)\iTunes
 
==================== One Month Modified Files and Folders =======
 
2014-07-07 12:13 - 2014-07-07 11:47 - 00000000 ____D () C:\FRST
2014-07-07 12:13 - 2013-11-05 00:33 - 27590656 _____ () C:\WINDOWS\system32\vmguest.iso
2014-07-07 12:12 - 2014-07-07 08:47 - 00063070 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-07 12:12 - 2014-05-01 15:16 - 00001170 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-07 12:12 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-07 12:06 - 2013-11-13 21:56 - 00000978 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-07 12:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-07 11:49 - 2013-09-30 06:14 - 01813012 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-07 11:49 - 2013-09-30 05:58 - 00803914 _____ () C:\WINDOWS\system32\perfh010.dat
2014-07-07 11:49 - 2013-09-30 05:58 - 00157052 _____ () C:\WINDOWS\system32\perfc010.dat
2014-07-07 11:48 - 2013-06-26 13:46 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-311390209-566744454-1957549641-1001
2014-07-07 09:27 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-07 09:14 - 2014-07-05 20:06 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-07 09:05 - 2014-07-07 08:47 - 00000834 _____ () C:\WINDOWS\PFRO.log
2014-07-06 19:37 - 2014-05-01 15:16 - 00001174 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-06 19:05 - 2013-07-12 19:18 - 00000000 ____D () C:\Users\lucal_000\AppData\Roaming\Mozilla
2014-07-06 18:58 - 2014-07-06 17:53 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-06 18:51 - 2014-07-05 20:06 - 00092888 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-06 18:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2014-07-06 16:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-07-06 15:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\schemas
2014-07-06 15:23 - 2014-07-06 15:23 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-07-06 15:23 - 2013-06-26 16:34 - 00000000 ____D () C:\ProgramData\AMD
2014-07-06 15:22 - 2014-07-06 15:22 - 00067608 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407061522592994.log
2014-07-06 15:22 - 2014-07-06 15:22 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-07-06 15:22 - 2014-07-06 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-07-06 15:22 - 2014-07-06 15:22 - 00000000 ____D () C:\Program Files\AMD
2014-07-06 15:22 - 2014-07-06 15:21 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\Program Files\ATI
2014-07-06 15:21 - 2014-07-06 15:21 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-07-06 15:20 - 2013-06-26 16:30 - 00000000 ____D () C:\AMD
2014-07-06 15:16 - 2014-07-06 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EMCO
2014-07-06 14:44 - 2013-06-26 16:45 - 00000000 ____D () C:\Users\lucal_000\AppData\Local\PMB Files
2014-07-06 14:44 - 2013-06-26 16:45 - 00000000 ____D () C:\ProgramData\PMB Files
2014-07-06 13:20 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-06 12:13 - 2013-06-26 13:40 - 00000000 ____D () C:\Users\lucal_000\AppData\Local\Packages
2014-07-05 21:25 - 2013-06-30 17:47 - 00000000 ____D () C:\Users\lucal_000\AppData\Roaming\vlc
2014-07-05 20:12 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-05 20:11 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-05 20:06 - 2014-07-05 20:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-05 20:06 - 2013-09-28 18:06 - 00000000 ____D () C:\Users\lucal_000\AppData\Roaming\Malwarebytes
2014-07-05 20:06 - 2013-09-28 18:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-05 19:57 - 2013-10-17 14:44 - 00000000 ____D () C:\Users\lucal_000
2014-07-05 19:51 - 2014-07-05 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-07-05 19:51 - 2014-07-05 19:51 - 00000000 ____D () C:\Program Files\CPUID
2014-07-05 17:51 - 2013-10-17 14:42 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-07-05 17:49 - 2013-06-26 18:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-05 17:49 - 2013-06-26 13:40 - 00000000 ____D () C:\Users\lucal_000\AppData\Roaming\Adobe
2014-07-05 17:48 - 2014-07-05 17:48 - 00000000 ____D () C:\Users\lucal_000\.appwork
2014-07-05 17:48 - 2013-06-26 14:26 - 00000000 ____D () C:\Users\lucal_000\AppData\Local\Google
2014-07-05 17:47 - 2013-09-08 18:42 - 00000000 __SHD () C:\WINDOWS\SysWOW64\AI_RecycleBin
2014-07-05 17:46 - 2013-06-29 15:14 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-05 16:59 - 2014-07-05 16:59 - 00620988 _____ () C:\WINDOWS\SysWOW64\scrypt140121Bartsglg2tc4032w64l4.bin
2014-06-29 17:32 - 2014-05-01 15:16 - 00004146 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-29 17:32 - 2014-05-01 15:16 - 00003910 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-21 13:42 - 2013-10-17 14:42 - 00018009 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-06-21 13:42 - 2013-10-17 14:42 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-06-21 07:26 - 2014-06-21 07:26 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2014-06-21 07:26 - 2014-06-21 07:26 - 00117584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2014-06-21 07:26 - 2014-06-21 07:26 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2014-06-21 07:26 - 2014-06-21 07:26 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2014-06-21 07:26 - 2014-06-21 07:26 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2014-06-21 07:26 - 2014-06-21 07:26 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2014-06-21 07:26 - 2014-03-12 18:10 - 01109456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2014-06-21 07:26 - 2014-03-12 18:10 - 00099520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2014-06-21 07:26 - 2013-07-31 19:53 - 01329376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2014-06-21 07:26 - 2013-07-31 19:53 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2014-06-21 07:25 - 2014-06-21 07:25 - 09016760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2014-06-21 07:25 - 2014-06-21 07:25 - 07892000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2014-06-21 07:25 - 2014-03-12 18:10 - 07102496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2014-06-21 07:25 - 2014-03-12 18:10 - 06879016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2014-06-21 07:25 - 2013-07-31 19:52 - 10519072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2014-06-21 07:24 - 2014-06-21 07:24 - 08108312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2014-06-21 07:16 - 2014-06-21 07:16 - 00276192 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys
2014-06-21 07:08 - 2014-06-21 07:08 - 15950848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2014-06-21 04:58 - 2014-06-21 04:58 - 00231424 _____ () C:\WINDOWS\system32\clinfo.exe
2014-06-21 04:57 - 2014-06-21 04:57 - 32877056 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2014-06-21 04:57 - 2014-06-21 04:57 - 00098816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2014-06-21 04:57 - 2014-06-21 04:57 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2014-06-21 04:57 - 2014-06-21 04:57 - 00083456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2014-06-21 04:57 - 2014-06-21 04:57 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2014-06-21 04:54 - 2014-04-18 04:19 - 27843072 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2014-06-21 04:51 - 2014-06-21 04:51 - 00065024 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-06-21 04:51 - 2014-04-18 04:17 - 00058880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-06-21 04:47 - 2014-06-21 04:47 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2014-06-21 04:47 - 2014-06-21 04:47 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2014-06-21 04:46 - 2014-06-21 04:46 - 05225472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2014-06-21 04:41 - 2014-06-21 04:41 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll
2014-06-21 04:41 - 2014-06-21 04:41 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll
2014-06-21 04:39 - 2014-06-21 04:39 - 27529216 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2014-06-21 04:38 - 2014-06-21 04:38 - 00418304 _____ () C:\WINDOWS\system32\amdmiracast.dll
2014-06-21 04:30 - 2014-06-21 04:30 - 04180992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2014-06-21 04:19 - 2014-06-21 04:19 - 23028224 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2014-06-21 04:16 - 2014-06-21 04:16 - 00597320 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb
2014-06-21 04:16 - 2014-06-21 04:16 - 00597320 _____ () C:\WINDOWS\system32\atiapfxx.blb
2014-06-21 04:15 - 2014-06-21 04:15 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2014-06-21 04:15 - 2014-06-21 04:15 - 00366592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2014-06-21 04:15 - 2014-06-21 04:15 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2014-06-21 04:15 - 2014-06-21 04:15 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2014-06-21 04:15 - 2014-06-21 04:15 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2014-06-21 04:15 - 2014-06-21 04:15 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2014-06-21 04:15 - 2014-06-21 04:15 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2014-06-21 04:15 - 2014-06-21 04:15 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2014-06-21 04:11 - 2014-06-21 04:11 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2014-06-21 03:58 - 2014-06-21 03:58 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2014-06-21 03:58 - 2014-06-21 03:58 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2014-06-21 03:57 - 2014-06-21 03:57 - 00588800 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2014-06-21 03:57 - 2014-06-21 03:57 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2014-06-21 03:56 - 2014-06-21 03:56 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2014-06-21 03:54 - 2014-06-21 03:54 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2014-06-21 03:53 - 2014-06-21 03:53 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2014-06-21 03:49 - 2014-06-21 03:49 - 03437632 _____ () C:\WINDOWS\system32\atiumd6a.cap
2014-06-21 03:39 - 2014-06-21 03:39 - 00826368 _____ (AMD) C:\WINDOWS\system32\coinst_14.20.dll
2014-06-21 03:38 - 2014-06-21 03:38 - 03471376 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap
2014-06-21 03:31 - 2014-06-21 03:31 - 01207296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2014-06-21 03:31 - 2014-06-21 03:31 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2014-06-21 03:31 - 2014-06-21 03:31 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2014-06-21 03:31 - 2014-06-21 03:31 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2014-06-21 03:31 - 2014-06-21 03:31 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2014-06-21 03:31 - 2014-04-18 03:09 - 00898560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2014-06-21 03:31 - 2014-04-18 03:07 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2014-06-21 03:30 - 2014-06-21 03:30 - 00557056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2014-06-21 03:27 - 2014-06-21 03:27 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2014-06-20 23:08 - 2014-06-20 23:08 - 00051200 _____ () C:\WINDOWS\system32\kdbsdk64.dll
2014-06-20 23:03 - 2014-06-20 23:03 - 00038912 _____ () C:\WINDOWS\SysWOW64\kdbsdk32.dll
2014-06-18 14:39 - 2013-09-28 17:52 - 00000000 ____D () C:\Users\lucal_000\AppData\Local\Battle.net
2014-06-15 20:52 - 2014-06-15 20:52 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-06-15 20:49 - 2014-06-15 20:49 - 00000000 ____D () C:\Users\lucal_000\AppData\Roaming\Curse
2014-06-13 11:24 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-13 11:03 - 2013-10-17 14:53 - 00000000 ___RD () C:\Users\lucal_000\SkyDrive
2014-06-13 11:03 - 2013-08-22 16:44 - 00584752 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-06-13 11:03 - 2013-06-26 14:59 - 00000000 ___RD () C:\Users\lucal_000\Podcasts
2014-06-12 20:20 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-12 20:20 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-06-12 20:20 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-12 20:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-06-12 17:34 - 2014-06-12 17:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-12 17:34 - 2014-06-12 17:34 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-12 17:34 - 2014-06-12 17:34 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-12 17:34 - 2014-06-12 17:34 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-12 17:34 - 2014-06-12 17:34 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-12 17:34 - 2014-06-12 17:34 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-12 17:34 - 2014-06-12 17:34 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-12 17:34 - 2014-06-12 17:34 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-12 17:34 - 2014-06-12 17:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-12 17:34 - 2014-06-12 17:34 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-12 17:34 - 2014-06-12 17:34 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-12 17:34 - 2014-06-12 17:34 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-12 17:34 - 2013-06-26 13:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 17:33 - 2013-08-14 11:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-12 17:32 - 2013-06-26 14:03 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-11 13:47 - 2014-06-11 13:47 - 00000000 ____D () C:\ProgramData\ATI
2014-06-11 13:46 - 2014-06-11 13:46 - 00061432 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201406111346027471.log
2014-06-09 20:07 - 2013-06-26 16:07 - 00000000 ____D () C:\ProgramData\Origin
2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\Program Files\iTunes
2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\Program Files\iPod
2014-06-09 10:47 - 2014-06-09 10:47 - 00000000 ____D () C:\Program Files (x86)\iTunes
 
Files to move or delete:
====================
C:\Users\lucal_000\AppData\Roaming\Origin\update.vbe
 
 
Some content of TEMP:
====================
C:\Users\lucal_000\AppData\Local\Temp\unins000.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-07 09:02
 
==================== End Of Log ============================
Link to post
Share on other sites

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01

Ran by lucal_000 at 2014-07-07 12:13:39
Running from E:\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
 Tools for .Net 3.5 - ITA Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40620 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0620.2260.39449 - Nome società) Hidden
AMD Catalyst Install Manager (HKLM\...\{54091704-09BD-4BA7-3521-86738BA49BB7}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2014.0620.2260.39449 - Nome società) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.12 - Advanced Micro Devices, Inc.) Hidden
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.50203.70 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ITA resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ITA resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.30924.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.30203 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30203 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version:  - Criterion Games)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP270 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0620.2260.39449 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0620.2260.39449 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0620.2260.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0620.2259.39449 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0620.2260.39449 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Componente aggiuntivo Microsoft Visual Studio 2012 per Windows Phone - ITA Language Pack (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Configuratore emulatore Windows Phone 8.0 - ita (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Space (HKLM-x32\...\{39D77E30-2A0E-4E07-96D3-FD76B7E1B7E8}) (Version: 1.0.0.222 - Electronic Arts)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version:  - Codemasters Racing Studio)
EMCO MoveOnBoot 2.3 (HKLM\...\{8E29480A-0067-46B8-A830-960680D68A7E}) (Version: 2.3.4.3509 - EMCO Software)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Finalizzatore di strumenti di Windows Phone - ita (Version: 11.0.50727 - Microsoft Corporation) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version:  - IO Interactive)
Hitman: Sniper Challenge (HKLM-x32\...\Steam App 205930) (Version:  - IO Interactive)
Immagini emulatore Windows Phone 8.0 - ita (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaScript Tooling (Version: 12.0.30203 - Microsoft Corporation) Hidden
JavaScript Tooling (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.6.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.6.5 - )
Language Pack dei componenti condivisi di Windows Azure per Microsoft Visual Studio 2013 (ITA) - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
Language Pack del Visualizzatore della Guida Microsoft 2.0 - ITA (HKLM-x32\...\Language Pack del Visualizzatore della Guida Microsoft 2.0 - ITA) (Version: 2.0.50727 - Microsoft Corporation)
Language Pack del Visualizzatore della Guida Microsoft 2.0 - ITA (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Language Pack del Visualizzatore della Guida Microsoft 2.1 - ITA (HKLM-x32\...\Language Pack del Visualizzatore della Guida Microsoft 2.1 - ITA) (Version: 2.1.21005 - Microsoft Corporation)
Language Pack del Visualizzatore della Guida Microsoft 2.1 - ITA (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
LightScribe System Software  1.10.13.1 (x32 Version: 1.10.13.1 - http://www.lightscribe.com) Hidden
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) Hidden
Malwarebytes Anti-Malware versione 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Memory Profiler (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 SDK - ITA Lang Pack (HKLM-x32\...\{CC85795B-9AB3-4AAE-8BEA-9041178DF6E9}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (ENU) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack per app di Windows Store (Italiano) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Italiano) (HKLM-x32\...\{46539A2C-DCEB-4BB1-BBBF-CAA06967E509}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Advertising SDK for Windows 8.1 - ENU (x32 Version: 8.1.30809.0 - Microsoft Corporation) Hidden
Microsoft Advertising SDK for Windows Phone - ENU (x32 Version: 6.2.960.0 - Microsoft Corporation) Hidden
Microsoft Advertising SDK for Windows Phone 8.1 XAML - ENU (x32 Version: 8.1.40116.0 - Microsoft Corporation) Hidden
Microsoft Advertising Service Extension for Visual Studio (x32 Version: 12.0.30809.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft C++ Azure Mobile SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for Windows Phone 7 (x32 Version: 2.0.20901.0 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for Windows Phone OS 7.1 (x32 Version: 2.0.30816.0 - Microsoft Corporation) Hidden
Microsoft Flight (HKLM-x32\...\GFWL_{4D5308D2-DC8E-4658-A37C-351000058100}) (Version: 1.0.0005.129 - Microsoft Studios)
Microsoft Flight (x32 Version: 1.0.0005.129 - Microsoft Studios) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio 2012 Express for Windows Phone (x32 Version: 2.0.30717.9005 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2013 for Windows (x32 Version: 2.7.41101.371 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 12.0.30203.02 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 12.0.30203.02 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - ita (x32 Version: 11.0.50816.00 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Italiano (HKLM-x32\...\{A21FE4B1-2D55-477F-B22B-60E4733CAECA}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ITA (HKLM\...\{E7BFD3A1-2152-4DE1-9F82-A478DD6097C9}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Update 2 Object Model (x64) (Version: 12.0.30203 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013 Update 2 Object Model Language Pack (x64) - ENU (Version: 12.0.30203 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Compilers - ITA Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers For Windows Phone - ITA Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers For Windows Phone (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries For Windows Phone (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{d20fc4cc-15ff-47e6-ac8b-6956f30dbe0a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{abea410c-010f-4790-ac28-20f51b60f339}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - ITA Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers - ITA Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Add-in for Windows Phone (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Express Prerequisites x64 - ITA (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Add-in for Windows Phone - ENU Language Pack (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Add-in for Windows Phone (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Express Prerequisites x64 - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Express Prerequisites x64 - ITA (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Preparation (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Profiling Tools (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Language Pack - ITA (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 VsGraphics Helper Dependencies (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 for Windows Phone (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 per Windows Phone - ITA (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows - ENU (HKLM-x32\...\{78095723-ced1-49b3-b0ac-8598452ef0ec}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 per Windows - ITA (HKLM-x32\...\{a13da72c-59b4-43f3-9d3f-b875a66c1a70}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 per Windows - ITA (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ITA (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer ita Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer enu Resources (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer ita Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer jpn Resources (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 Refresh Language Pack (it-IT) (x32 Version: 4.0.40830.0 - Microsoft Corporation) Hidden
Modello a oggetti di Microsoft Team Foundation Server 2013 Language Pack (x64) - ITA (Version: 12.0.21005 - Microsoft Corporation) Hidden
Modello a oggetti di Microsoft Visual Studio Team Foundation Server 2012 Language Pack - ITA (Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Phone add-on Shared Core - ENU (GeneralBrandVersionReleaseLanguage) (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Phone add-on Shared Core (GeneralBrandVersionRelease) (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Phone add-on Windows Express Core - ENU (GeneralBrandVersionReleaseLanguage) (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Phone add-on Windows Express Core (GeneralBrandVersionRelease) (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Preparazione di Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Risorse di Microsoft Visual Studio 2012 Shell (minime) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Risorse di Microsoft Visual Studio 2013 Shell (minime) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Samsung Windows Phone 8 IO USB Driver (HKLM-x32\...\{385D1D79-3585-4DA8-90C5-6EC6289F9A69}) (Version: 1.0.1 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Strumenti di Servizi Mobili di Windows Azure per Visual Studio 2013 Preview Language Pack - v1.0 (x32 Version: 1.0.60906.1602 - Microsoft Corporation) Hidden
Supporto applicazioni Apple (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.6 - Nome società)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{BC402055-F185-4D14-A664-12ED2EF8B5B6}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{9FD4ABF7-0359-4953-BAC8-0F99C873797E}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)
Update for Microsoft Visual Studio 2013 (KB2932965) (HKLM-x32\...\{7dbba119-718a-4f68-b33e-454dc8aa5faf}) (Version: 12.0.30112 - Microsoft Corporation)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2013 Update 1 (KB2829760) (HKLM-x32\...\{9e1e91ad-3ec8-4ed2-b7e2-c568c1c9d788}) (Version: 12.0.30203 - Microsoft Corporation)
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 2.1.30203.02 - Microsoft Corporation) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VS Update core components (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Vs2012 Verification SDK (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Vs2012 Verification SDK Coreres (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Windows 8 Development Essentials (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Windows App Certification Kit Native Components (Version: 8.100.26061 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.100.26120 - Microsoft Corporation) Hidden
Windows Azure Mobile Services SDK (x32 Version: 1.0.10815.0 - Microsoft Corporation) Hidden
Windows Azure Mobile Services Tools for Visual Studio 2013 Preview - v1.0 (x32 Version: 1.0.60906.1602 - Microsoft Corporation) Hidden
Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Windows Phone 8.0 Emulation Host (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Windows Phone 8.0 Emulation Images (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Windows Phone 8.0 Managed SDK Profiler (ARM) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Windows Phone 8.0 Managed SDK Profiler (X86) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{bd2a717f-b7d5-4e50-9f91-cb2db40d97bf}) (Version: 12.0.30203.2 - Microsoft Corporation)
Windows Phone 8.1 SDK - ARM - Feature-Limited (x32 Version: 8.1.12298 - Microsoft Corporation) Hidden
Windows Phone 8.1 SDK - Desktop - Feature-Limited (x32 Version: 8.1.12298 - Microsoft Corporation) Hidden
Windows Phone 8.1 SDK - Feature-Limited Images (x32 Version: 8.1.12298 - Microsoft Corporation) Hidden
Windows Phone 8.1 SDK - x64 (Version: 8.1.12298 - Microsoft Corporation) Hidden
Windows Phone 8.1 SDK - x86 - Feature-Limited (x32 Version: 8.1.12298 - Microsoft Corporation) Hidden
Windows Phone Emulator 8.0 Configurator (x32 Version: 11.0.60830 - Microsoft Corporation) Hidden
Windows Phone Emulator x64 - ITA (Version: 10.1.40219 - Microsoft Corporation) Hidden
Windows Phone Power Tools (HKCU\...\c916f7fc438a0efe) (Version: 2.55.0.54 - Oren Nachman)
Windows Phone SDK 7.1 Assemblies - ita (x32 Version: 10.1.40219 - Microsoft Corporation) Hidden
Windows Phone SDK 8.0 - ITA (HKLM-x32\...\{3c891973-21e2-458f-8722-1a686c035e81}) (Version: 11.0.50727.61 - Microsoft Corporation)
Windows Phone SDK 8.0 Assemblies (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Windows Phone SDK 8.0 Assemblies (x32 Version: 12.0.30203 - Microsoft Corporation) Hidden
Windows Phone SDK 8.0 Extensions for XNA Game Studio 4.0 (x32 Version: 4.0.40906.0 - Microsoft Corporation) Hidden
Windows Runtime Intellisense Content - en-us (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Runtime Intellisense Content - it-it (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.26120 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.26120 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.26120 - Microsoft Corporation) Hidden
Windows Software Development Kit Tools for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
 
==================== Restore Points  =========================
 
17-06-2014 18:29:13 Installed Splashtop Streamer.
05-07-2014 15:51:27 Removed Splashtop Streamer.
 
==================== Hosts content: ==========================
 
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1FBD74BD-E53E-4061-966F-8FD7AAC7785A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {244B022E-0794-4719-9C36-95FF9C58E371} - System32\Tasks\Origin => C:\Users\lucal_000\AppData\Roaming\Origin\update.vbe [2014-06-02] () <==== ATTENTION
Task: {2BB71254-0D6C-4A4A-8AC0-4CBF7B56264C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4BEDA433-97F0-4208-A7F6-935904AF43B4} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {54ADB915-4E75-41F8-849F-E39962BEF6B3} - System32\Tasks\AVG_SYS_TASK_DELETE => C:\ProgramData\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe [2013-09-17] ()
Task: {5D072B4F-FBED-4EF9-9DC2-2C950AE8AA39} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {6082E6E2-3CB6-483E-BA61-66244182F23C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-12] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77190E31-3EE2-4042-9F43-22775118BBD9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8780E423-4C13-45A1-9A52-E8C9C785256E} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9787333F-71BB-4302-A8FD-3A8D5E6445FE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AB8D76E1-3DBD-41D5-87FC-91BFD01435AD} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AEF8CD39-7854-4048-A522-8BA5173BD790} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-01] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D6407117-63C7-44B3-93E2-6FCCDA15E8F6} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DB7D4D50-FC9C-4B89-96D9-A1D1C0961AB1} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F80E5CB0-2A3F-4B72-9652-3890ECBB5524} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-01] (Google Inc.)
Task: {F9484C89-5441-4992-81B8-7D5B77FF92FB} - System32\Tasks\AVG_SYS_TASK => C:\ProgramData\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe [2013-09-17] ()
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AVG_SYS_TASK.job => C:\ProgramData\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe
Task: C:\WINDOWS\Tasks\AVG_SYS_TASK_DELETE.job => C:\ProgramData\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-07-07 09:28 - 2014-07-07 12:12 - 00451086 _____ () C:\Windows\Temp\svchost.exe
2014-06-10 20:33 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-10 20:33 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-10 20:33 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-10 20:33 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-10 20:33 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-07-05 16:59 - 2014-07-07 12:12 - 00148760 _____ () C:\Windows\Temp\libpdcurses.dll
2014-06-03 13:54 - 2014-07-07 12:12 - 00279955 _____ () C:\Windows\Temp\libidn-11.dll
2014-06-03 13:54 - 2014-07-07 12:12 - 00113166 _____ () C:\Windows\Temp\zlib1.dll
2014-07-05 16:59 - 2014-07-07 12:12 - 00112142 _____ () C:\Windows\Temp\libgcc_s_dw2-1.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\lucal_000\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: BcmBtRSupport => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DTSAudioService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: nlsX86cc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TomTomHOMEService => 2
HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"
HKLM\...\StartupApproved\Run: => "Zune Launcher"
HKLM\...\StartupApproved\Run: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenu"
HKCU\...\StartupApproved\Run: => "iCloud"
HKCU\...\StartupApproved\Run: => "rundll32"
HKCU\...\StartupApproved\Run: => "Raptr"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/07/2014 09:02:29 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Impossibile ottimizzare il volume Riservato per il sistema. Errore: Parametro non corretto. (0x80070057)
 
Error: (07/06/2014 06:00:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: svchost.exe_stisvc, versione: 6.3.9600.16384, timestamp: 0x5215dfe3
Nome del modulo che ha generato l'errore: unknown, versione: 0.0.0.0, timestamp: 0x00000000
Codice eccezione: 0xc0000005
Offset errore 0x0000000cfab402f8
ID processo che ha generato l'errore: 0x7fc
Ora di avvio dell'applicazione che ha generato l'errore: 0xsvchost.exe_stisvc0
Percorso dell'applicazione che ha generato l'errore: svchost.exe_stisvc1
Percorso del modulo che ha generato l'errore: svchost.exe_stisvc2
ID segnalazione: svchost.exe_stisvc3
Nome completo pacchetto che ha generato l'errore: svchost.exe_stisvc4
ID applicazione relativo al pacchetto che ha generato l'errore: svchost.exe_stisvc5
 
Error: (07/06/2014 05:57:42 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Impossibile ottimizzare il volume Riservato per il sistema. Errore: Parametro non corretto. (0x80070057)
 
Error: (07/06/2014 03:55:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: procexp64.exe, versione: 16.2.0.0, timestamp: 0x5312b377
Nome del modulo che ha generato l'errore: procexp64.exe, versione: 16.2.0.0, timestamp: 0x5312b377
Codice eccezione: 0xc0000417
Offset errore 0x00000000000e0304
ID processo che ha generato l'errore: 0x1274
Ora di avvio dell'applicazione che ha generato l'errore: 0xprocexp64.exe0
Percorso dell'applicazione che ha generato l'errore: procexp64.exe1
Percorso del modulo che ha generato l'errore: procexp64.exe2
ID segnalazione: procexp64.exe3
Nome completo pacchetto che ha generato l'errore: procexp64.exe4
ID applicazione relativo al pacchetto che ha generato l'errore: procexp64.exe5
 
Error: (07/06/2014 03:22:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: svchost.exe, versione: 0.0.0.0, timestamp: 0x52deced7
Nome del modulo che ha generato l'errore: amdocl.dll, versione: 10.0.1526.3, timestamp: 0x53508bc0
Codice eccezione: 0xc0000005
Offset errore 0x001af139
ID processo che ha generato l'errore: 0x12ec
Ora di avvio dell'applicazione che ha generato l'errore: 0xsvchost.exe0
Percorso dell'applicazione che ha generato l'errore: svchost.exe1
Percorso del modulo che ha generato l'errore: svchost.exe2
ID segnalazione: svchost.exe3
Nome completo pacchetto che ha generato l'errore: svchost.exe4
ID applicazione relativo al pacchetto che ha generato l'errore: svchost.exe5
 
Error: (07/06/2014 00:47:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Impossibile ottimizzare il volume Riservato per il sistema. Errore: Parametro non corretto. (0x80070057)
 
Error: (07/06/2014 00:10:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Impossibile ottimizzare il volume Riservato per il sistema. Errore: Parametro non corretto. (0x80070057)
 
Error: (07/05/2014 11:05:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Impossibile ottimizzare il volume Riservato per il sistema. Errore: Parametro non corretto. (0x80070057)
 
Error: (07/05/2014 09:31:49 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Impossibile ottimizzare il volume Riservato per il sistema. Errore: Parametro non corretto. (0x80070057)
 
Error: (07/05/2014 08:19:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Impossibile ottimizzare il volume Riservato per il sistema. Errore: Parametro non corretto. (0x80070057)
 
 
System errors:
=============
Error: (07/07/2014 00:12:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio AODDriver4.3 non è stato avviato per il seguente errore: 
%%2
 
Error: (07/07/2014 11:44:05 AM) (Source: DCOM) (EventID: 10010) (User: TERROR4K)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (07/07/2014 11:43:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio AODDriver4.3 non è stato avviato per il seguente errore: 
%%2
 
Error: (07/07/2014 09:29:10 AM) (Source: DCOM) (EventID: 10010) (User: TERROR4K)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (07/07/2014 09:28:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio AODDriver4.3 non è stato avviato per il seguente errore: 
%%2
 
Error: (07/07/2014 09:10:59 AM) (Source: DCOM) (EventID: 10010) (User: TERROR4K)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (07/07/2014 09:05:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio AODDriver4.3 non è stato avviato per il seguente errore: 
%%2
 
Error: (07/07/2014 09:03:01 AM) (Source: DCOM) (EventID: 10010) (User: TERROR4K)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (07/07/2014 08:52:38 AM) (Source: DCOM) (EventID: 10010) (User: TERROR4K)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (07/07/2014 08:47:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio AODDriver4.3 non è stato avviato per il seguente errore: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (07/07/2014 09:02:29 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Riservato per il sistemaParametro non corretto. (0x80070057)
 
Error: (07/06/2014 06:00:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_stisvc6.3.9600.163845215dfe3unknown0.0.0.000000000c00000050000000cfab402f87fc01cf993373ae2992C:\WINDOWS\system32\svchost.exeunknownb21beac0-0526-11e4-81dc-60a44c2ffb9a
 
Error: (07/06/2014 05:57:42 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Riservato per il sistemaParametro non corretto. (0x80070057)
 
Error: (07/06/2014 03:55:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: procexp64.exe16.2.0.05312b377procexp64.exe16.2.0.05312b377c000041700000000000e0304127401cf9921dd16b47bC:\Users\LUCAL_~1\AppData\Local\Temp\procexp64.exeC:\Users\LUCAL_~1\AppData\Local\Temp\procexp64.exe29d02b93-0515-11e4-81d4-60a44c2ffb9a
 
Error: (07/06/2014 03:22:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe0.0.0.052deced7amdocl.dll10.0.1526.353508bc0c0000005001af13912ec01cf991d0ba4d2aeC:\Windows\Temp\svchost.exeC:\WINDOWS\SYSTEM32\amdocl.dll93935a32-0510-11e4-81d2-60a44c2ffb9a
 
Error: (07/06/2014 00:47:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Riservato per il sistemaParametro non corretto. (0x80070057)
 
Error: (07/06/2014 00:10:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Riservato per il sistemaParametro non corretto. (0x80070057)
 
Error: (07/05/2014 11:05:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Riservato per il sistemaParametro non corretto. (0x80070057)
 
Error: (07/05/2014 09:31:49 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Riservato per il sistemaParametro non corretto. (0x80070057)
 
Error: (07/05/2014 08:19:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Riservato per il sistemaParametro non corretto. (0x80070057)
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-07-07 09:02:34.091
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-06 17:57:49.436
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-06 13:09:52.094
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-06 13:09:52.027
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-06 13:09:51.796
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-06 13:09:51.711
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-06 13:09:51.524
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-06 13:09:51.438
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-06 13:08:50.717
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-06 13:08:50.654
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 18%
Total physical RAM: 8092.39 MB
Available physical RAM: 6634.89 MB
Total Pagefile: 9372.39 MB
Available Pagefile: 7253.6 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.69 GB) (Free:56.4 GB) NTFS
Drive e: (Windows) (Fixed) (Total:931.51 GB) (Free:732.8 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 50C734EF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 9C5A3F0F)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites

And this is aswMBR.txt log:

 

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software

Run date: 2014-07-07 12:15:25

-----------------------------

12:15:25.081    OS Version: Windows x64 6.2.9200 

12:15:25.081    Number of processors: 8 586 0x200

12:15:25.082    ComputerName: TERROR4K  UserName: 

12:15:25.291    Initialize success

12:15:25.306    VM: initialized successfully

12:15:25.315    VM: Amd CPU virtualization not supported 

12:18:28.205    AVAST engine defs: 14070601

12:22:44.076    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000038

12:22:44.081    Disk 0 Vendor: Samsung_SSD_840_Series DXT07B0Q Size: 114473MB BusType: 11

12:22:44.087    Disk 1  \Device\Harddisk1\DR1 -> \Device\00000039

12:22:44.093    Disk 1 Vendor: ST1000DM003-1CH162 CC47 Size: 953869MB BusType: 11

12:22:44.099    Disk 0 MBR read successfully

12:22:44.105    Disk 0 MBR scan

12:22:44.115    Disk 0 Windows 7 default MBR code

12:22:44.122    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048

12:22:44.174    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       114371 MB offset 206848

12:22:44.238    Disk 0 scanning C:\WINDOWS\system32\drivers

12:22:50.922    Service scanning

12:23:06.767    Modules scanning

12:23:06.786    Disk 0 trace - called modules:

12:23:06.809    ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xffffe0015efed2c0]<<sptd.sys storport.sys storahci.sys hal.dll 

12:23:06.844    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe00160320060]

12:23:06.853    3 CLASSPNP.SYS[fffff8000351127b] -> nt!IofCallDriver -> \Device\00000038[0xffffe00160113060]

12:23:06.893    \Driver\storahci[0xffffe0016011b9a0] -> IRP_MJ_CREATE -> 0xffffe0015efed2c0

12:23:07.170    AVAST engine scan C:\WINDOWS

12:23:07.899    AVAST engine scan C:\WINDOWS\system32

12:25:38.894    AVAST engine scan C:\WINDOWS\system32\drivers

12:25:47.195    AVAST engine scan C:\Users\lucal_000

12:26:57.758    AVAST engine scan C:\ProgramData

12:27:25.904    Scan finished successfully

12:28:03.457    Disk 0 MBR has been saved successfully to "E:\Desktop\MBR.dat"

12:28:03.524    The log file has been saved successfully to "E:\Desktop\aswMBR.txt"

 

 

I look forward to hearing from you

Luca

Link to post
Share on other sites

Disable CD Emulation with DeFogger

Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
 

  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers.
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

Do not re-enable these drivers until otherwise instructed.

 

 

 

 

 

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

Full System Scan with Malwarebytes Antimalware


  • If not existing, please download
Malwarebytes Anti-Malware to your desktop. Double-click the downloaded setup file and follow the prompts to install the program. At the end, be sure a checkmark is placed next to the following:

  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

[*]Click Finish.



If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

fixlist.txt

Link to post
Share on other sites

I successfully disabled CD emulations driver.
 
Here is the fixlog:
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-07-2014 01
Ran by lucal_000 at 2014-07-07 13:16:34 Run:1
Running from E:\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Task: {244B022E-0794-4719-9C36-95FF9C58E371} - System32\Tasks\Origin => C:\Users\lucal_000\AppData\Roaming\Origin\update.vbe [2014-06-02] () <==== ATTENTION
C:\windows\temp\svchost.exe
 
*****************
 
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{244B022E-0794-4719-9C36-95FF9C58E371}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{244B022E-0794-4719-9C36-95FF9C58E371}' => Key deleted successfully.
C:\Windows\System32\Tasks\Origin => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Origin' => Key deleted successfully.
C:\windows\temp\svchost.exe => Moved successfully.
 
==== End of Fixlog ====

 
Malwarebytes didn't need a restart and this is the log:

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Data scansione: 07/07/2014
Ora scansione: 13:20:05
File di log: malwarebytes.txt
Amministratore: Si
 
Versione: 2.00.2.1012
Database malware: v2014.07.07.02
Database rootkit: v2014.07.03.01
Licenza: Free
Protezione da malware: Disattivata
Protezione da siti web nocivi: Disattivata
Self-protection: Disattivata
 
SO: Windows 8.1
CPU: x64
File system: NTFS
Utente: lucal_000
 
Tipo di scansione: Scansione elementi nocivi
Risultati: Completata
Elementi analizzati: 346532
Tempo impiegato: 5 min, 58 sec
 
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Disattivata
Heuristics: Attivata
PUP: Avviso
PUM: Attivata
 
Processi: 0
(No malicious items detected)
 
Moduli: 0
(No malicious items detected)
 
Chiavi di registro: 0
(No malicious items detected)
 
Valori di registro: 0
(No malicious items detected)
 
Dati di registro: 0
(No malicious items detected)
 
Cartelle: 0
(No malicious items detected)
 
File: 1
Trojan.BitcoinMiner, C:\Windows\Temp\scrypt140121.cl, Spostato in quarantena, [e0ce2d6fa4d7cc6ae47a6d81ab589070], 
 
Settori fisici: 0
(No malicious items detected)
Link to post
Share on other sites

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

Link to post
Share on other sites

No, not at all. That was a small part of it.

I wanted to post additional steps but we have some problems with the forum today.

 

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[s1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.





SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

Link to post
Share on other sites

I have 2 file log at of AdwCleaner:

 

- AdwCleaner[R0].txt

 

# AdwCleaner v3.214 - Rapporto creato 07/07/2014 in 15:15:50

# Aggiornato 29/06/2014 di Xplode

# Sistema operativo : Windows 8.1 Pro  (64 bits)

# Nome utente : lucal_000 - TERROR4K

# In esecuzione da : E:\Desktop\adwcleaner_3.214.exe

# Opzione : Scansiona

 

***** [ Servizi ] *****

 

 

***** [ File / Cartelle ] *****

 

Cartella Trovato : C:\ProgramData\apn

Cartella Trovato : C:\ProgramData\Babylon

Cartella Trovato : C:\ProgramData\DSearchLink

 

***** [ Collegamenti ] *****

 

 

***** [ Registro ] *****

 

Chiave Trovati : HKCU\Software\APN PIP

Chiave Trovati : [x64] HKCU\Software\APN PIP

Chiave Trovati : HKLM\Software\AVG Nation toolbar

Chiave Trovati : HKLM\Software\AVG Security Toolbar

Chiave Trovati : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Chiave Trovati : HKLM\SOFTWARE\Classes\Prod.cap

Chiave Trovati : HKLM\Software\PIP

 

***** [ Browser ] *****

 

-\\ Internet Explorer v11.0.9600.17126

 

 

-\\ Google Chrome v35.0.1916.153

 

[ File : C:\Users\lucal_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [1112 octets] - [07/07/2014 15:15:50]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1172 octets] ##########

 

 

 

- AdwCleaner[s0].txt

 

# AdwCleaner v3.214 - Rapporto creato 07/07/2014 in 15:19:36

# Aggiornato 29/06/2014 di Xplode

# Sistema operativo : Windows 8.1 Pro  (64 bits)

# Nome utente : lucal_000 - TERROR4K

# In esecuzione da : E:\Desktop\adwcleaner_3.214.exe

# Opzione : Pulisci

 

***** [ Servizi ] *****

 

 

***** [ File / Cartelle ] *****

 

Cartella Eliminato : C:\ProgramData\apn

Cartella Eliminato : C:\ProgramData\Babylon

Cartella Eliminato : C:\ProgramData\DSearchLink

 

***** [ Collegamenti ] *****

 

 

***** [ Registro ] *****

 

Chiave Eliminati : HKLM\SOFTWARE\Classes\Prod.cap

Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Chiave Eliminati : HKCU\Software\APN PIP

Chiave Eliminati : HKLM\Software\AVG Nation toolbar

Chiave Eliminati : HKLM\Software\AVG Security Toolbar

Chiave Eliminati : HKLM\Software\PIP

 

***** [ Browser ] *****

 

-\\ Internet Explorer v11.0.9600.17126

 

 

-\\ Google Chrome v35.0.1916.153

 

[ File : C:\Users\lucal_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [1256 octets] - [07/07/2014 15:15:50]

AdwCleaner[s0].txt - [1146 octets] - [07/07/2014 15:19:36]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1206 octets] ##########

Link to post
Share on other sites

This is the log of Junkware Romoval Tool:

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 8.1 Pro x64

Ran by lucal_000 on 07/07/2014 at 15:24:49,36

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-311390209-566744454-1957549641-1001\Software\Microsoft\Internet Explorer\Main\\Start Page

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 07/07/2014 at 15:27:52,06

End of JRT log

Link to post
Share on other sites

Results of screen317's Security Check version 0.99.85 

   x64 (UAC is enabled) 

 Internet Explorer 11 

``````````````Antivirus/Firewall Check:``````````````

 Windows Security Center service is not running! This report may not be accurate!

Windows Defender  

 WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

 JavaScript Tooling   

 Java 7 Update 55 

 JavaScript Tooling   

 Visual Studio Extensions for Windows Library for JavaScript

 Java version out of Date!

  Adobe Flash Player      13.0.0.214 Flash Player out of Date! 

 Adobe Reader XI 

 Google Chrome 35.0.1916.114 

 Google Chrome 35.0.1916.153 

````````Process Check: objlist.exe by Laurent```````` 

 Windows Defender MSMpEng.exe

 Windows Defender MpCmdRun.exe   

`````````````````System Health check`````````````````

 Total Fragmentation on Drive C:  %

````````````````````End of Log``````````````````````

Link to post
Share on other sites

Your system is clean now! :)

 

 

Java runtime Environment out of date

Your Java runtime environment is outdated. We will fix this.

  • Get the actual JRE from here
  • Save jxpiinstall.exe to your desktop
  • Close all running programs, especially your browser(s)
  • Run jxpiinstall.exe. This will download the newest JRE installer and install the software
  • when finished, go to
    Start-->control panel-->add/remove programs and remove all older Java versions. (if existing)
  • When finished, reboot your computer.


After the reboot

  • Open control panel again and click the java symbol.
  • Click Settings under Temporary Internet Files.
    The Temporary Files Settings dialog box appears.
  • Click Delete Files.
    The Delete Temporary Files dialog box appears
  • Click OK on Delete Temporary Files window.
  • Click OK again.

 

 

 

Adobe Flash Player out of date

Your Adobe flash player is outdated. We will fix this.

  • Get the actual player from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
  • Click upon Start-->control panel-->add/remove programs.
  • Search for and remove any older reader versions.

 

 

 

Uninstall our tools using delfix

Please follow these steps in order:

  1. In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  2. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  3. In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process

[*] If there is still something left please delete it manualy.





Delete System Restore Points

To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one.

On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points.

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.


    [*]Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

    [*]Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.

    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.



Link to post
Share on other sites

Thank you very much Marius, you've been able to sort out what I tried to do for weeks.

As a thank you for your help I will give you something, I know it is not much but I'm not an adult and I don't have a job so I can't afford more.

Danke :)

Luca

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.