Jump to content

Need help to remove PUP.Optional.Astromenda.A

Capstan

By Capstan
in Resolved Malware Removal Logs

 Share

Recommended Posts

Capstan

Capstan

Posted
Posted

Hello,

for some reason I downloaded Astromeda software and now I can't remove it from Google Chrome on a Windows 7 PC.

Every time I delete PUP.Optional.Astromenda.A using Malwarebytes this PUP comes back again after I reboot my PC.

I'm not really a tech guy so I please ask you for some help, thank you so much.

 

ps: I'm not native english, sorry if I made any mistakes.

 

 

 

Link to post
Share on other sites
Naathim

Naathim

Posted
Posted

Minion%20Welcome.jpg


My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

  • Analysis and research take some time, also sometimes real life gets in the way, please be patient.
  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Paste the logs in your posts, attachments make my work harder and more complicated.
  • Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.

I can't foresee everything, so if anything unexpected happens, please stop and inform me!
There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight! :)



warning.gif Rules and policies

We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.





51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please download and install Malwarebytes Anti-Malware, or re-run it if you already have it installed.
  • First of all select update.
  • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.



FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.
There will be two versions to download: 32-bit and 64-bit. Please download the one that is designed for your system. If you don't know which one should it be, download both of them and try each other out. Only one will run - this is the right one. Please leave it and delete the other.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > XP users click run after receipt of Windows Security Warning - Open File.
    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content in your next reply.

Link to post
Share on other sites
Capstan

Capstan

Posted
  • Author
Posted

Hi Naathim,

thank you so much.

I did what you told me and this is the result.

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 27/08/2014
Scan Time: 13:13:01
Logfile: malwarebytes_log.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.08.27.02
Rootkit Database: v2014.08.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Marco
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 342669
Time Elapsed: 15 min, 45 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 03
Ran by Marco (administrator) on MARCO-PC on 27-08-2014 13:31:51
Running from C:\Users\Marco\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Italiano (Italia)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
(Spotify Ltd) C:\Users\Marco\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Spotify Ltd) C:\Users\Marco\AppData\Roaming\Spotify\spotify.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Users\Marco\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Cristi) C:\Program Files (x86)\Dual Monitor\DualMonitor.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Dropbox, Inc.) C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(ASUS) C:\Windows\AsScrPro.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Users\Marco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Marco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Marco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Marco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Marco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [stopDefragment] => Install\StopDefragment.exe
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [ADSMTray] => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [spotify Web Helper] => C:\Users\Marco\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-22] (Spotify Ltd)
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [spotify] => C:\Users\Marco\AppData\Roaming\Spotify\spotify.exe [6621752 2014-08-22] (Spotify Ltd)
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [skyDrive] => C:\Users\Marco\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-08-06] (Microsoft Corporation)
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [dualmonitor] => C:\Program Files (x86)\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi)
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [appnhost] => C:\Users\Marco\AppData\Local\Mixesoft\AppNHost\appnhost.exe
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\MountPoints2: {a7d58018-0549-11e4-9f4f-806e6f6e6963} - E:\InstAll.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk
ShortcutTarget: EvernoteTray.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Live Mail.lnk
ShortcutTarget: Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0356993D5F99CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Guida per l'accesso all'account Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\ld67j1vw.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-it.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-it.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\hoepli.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-it.xml
FF Extension: Adblock Plus - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\ld67j1vw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-06]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
 
Chrome: 
=======
CHR HomePage: 
CHR Extension: (Documenti Google) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-25]
CHR Extension: (Google Drive) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-25]
CHR Extension: (YouTube) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-25]
CHR Extension: (Ricerca Google) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-25]
CHR Extension: (Google+) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2014-08-25]
CHR Extension: (Google Calendar) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-08-25]
CHR Extension: (Click&Clean) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2014-08-25]
CHR Extension: (AdBlock) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-25]
CHR Extension: (Skype Click to Call) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-25]
CHR Extension: (Google Maps) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-08-25]
CHR Extension: (Google Wallet) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-25]
CHR Extension: (Gmail) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AFBAgent; C:\Windows\system32\FBAgent.exe [377264 2010-09-30] (ASUSTeK Computer Inc.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R3 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
R2 UNS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 assd; C:\Windows\System32\Drivers\assd.sys [27264 2010-04-28] (ASUS Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-08] (Disc Soft Ltd)
R3 ffusb2audio; C:\Windows\System32\DRIVERS\ffusb2audio.sys [127280 2013-09-25] (Focusrite Audio Engineering Limited.)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-03] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-27] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [25504 2013-10-21] (Resplendence Software Projects Sp.)
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-07-08] (Duplex Secure Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-27 13:31 - 2014-08-27 13:31 - 00022331 _____ () C:\Users\Marco\Desktop\FRST.txt
2014-08-27 01:25 - 2014-08-27 01:25 - 00092440 _____ () C:\Users\Marco\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-27 01:24 - 2014-08-27 13:06 - 00000224 _____ () C:\Windows\setupact.log
2014-08-27 01:24 - 2014-08-27 01:24 - 00355584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 01:24 - 2014-08-27 01:24 - 00000310 _____ () C:\Windows\PFRO.log
2014-08-27 01:24 - 2014-08-27 01:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-27 01:23 - 2014-08-27 01:23 - 00000000 _____ () C:\Windows\SysWOW64\sho54F3.tmp
2014-08-27 01:20 - 2014-08-27 01:20 - 00282624 _____ () C:\Users\Marco\Downloads\appnhost (1).msi
2014-08-26 00:43 - 2014-08-26 00:43 - 00058258 _____ () C:\Users\Marco\Downloads\Shortcut.txt
2014-08-25 22:31 - 2014-08-25 22:31 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-25 22:26 - 2014-08-26 00:43 - 00052062 _____ () C:\Users\Marco\Downloads\Addition.txt
2014-08-25 22:23 - 2014-08-26 00:43 - 00081767 _____ () C:\Users\Marco\Downloads\FRST.txt
2014-08-25 22:16 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-25 22:07 - 2014-08-25 22:07 - 00000000 ____D () C:\Users\Marco\AppData\Local\Mixesoft
2014-08-25 22:06 - 2014-08-25 22:06 - 00282624 _____ () C:\Users\Marco\Downloads\appnhost.msi
2014-08-25 22:04 - 2014-08-27 13:32 - 00000000 ____D () C:\FRST
2014-08-25 22:02 - 2014-08-25 22:03 - 02103296 _____ (Farbar) C:\Users\Marco\Desktop\FRST64.exe
2014-08-25 22:01 - 2014-08-27 01:22 - 00000000 ____D () C:\AdwCleaner
2014-08-25 22:01 - 2014-08-25 22:02 - 01095168 _____ (Farbar) C:\Users\Marco\Downloads\FRST.exe
2014-08-25 21:58 - 2014-08-25 21:59 - 01364531 _____ () C:\Users\Marco\Desktop\AdwCleaner.exe
2014-08-25 20:29 - 2014-08-25 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-25 19:42 - 2008-11-04 13:12 - 00023096 _____ (Samsung Electronics, Inc. ) C:\Windows\system32\Drivers\MTiCtwl.sys
2014-08-25 19:40 - 2014-08-25 19:41 - 19166188 _____ () C:\Users\Marco\Downloads\magictune409.zip
2014-08-25 19:38 - 2014-08-25 19:39 - 20984571 _____ () C:\Users\Marco\Downloads\MagicTunePremium_1.0.121.zip
2014-08-25 19:36 - 2004-10-01 18:37 - 00036864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi9x.dll
2014-08-25 19:36 - 2004-09-28 18:05 - 00040960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvgpio.dll
2014-08-25 19:36 - 1998-06-17 18:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfc42loc.dll
2014-08-25 19:32 - 2014-08-25 19:34 - 26904740 _____ () C:\Users\Marco\Downloads\MT2.5_RAFF_31.zip
2014-08-25 18:56 - 2014-08-25 18:56 - 00000112 _____ () C:\Windows\wininit.ini
2014-08-25 17:06 - 2014-08-25 17:06 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-25 17:06 - 2014-08-25 17:06 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-08-25 17:06 - 2014-08-25 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-25 17:05 - 2014-08-27 00:13 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-25 17:05 - 2014-08-25 17:12 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-25 17:05 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-08-25 16:37 - 2014-08-25 16:41 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Marco\Downloads\spybot-2.4.exe
2014-08-25 16:36 - 2012-01-10 21:55 - 07988224 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-08-25 16:36 - 2011-07-26 16:28 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2462.dll
2014-08-25 16:36 - 2010-10-15 01:28 - 00317440 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-08-25 16:36 - 2010-10-15 01:27 - 00014848 _____ (Intel® Corporation) C:\Windows\system32\IntcDAuC.dll
2014-08-25 16:35 - 2014-08-25 16:36 - 00000000 ____D () C:\Users\Marco\Downloads\Nuova cartella
2014-08-24 03:26 - 2014-08-24 03:26 - 00000000 _____ () C:\Windows\SysWOW64\sho4079.tmp
2014-08-23 23:07 - 2014-08-23 23:07 - 00000000 ____D () C:\Users\Marco\AppData\Local\Adobe
2014-08-22 18:26 - 2014-08-22 18:35 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\FileZilla
2014-08-22 18:26 - 2014-08-22 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-08-22 18:26 - 2014-08-22 18:26 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-08-21 14:40 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-21 14:40 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-21 14:40 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-21 14:40 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-21 14:39 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-21 14:39 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-21 14:39 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-21 14:39 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-21 14:39 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-21 14:39 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-21 14:39 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-21 14:39 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-21 14:39 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-21 14:39 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-15 03:24 - 2014-08-15 03:24 - 00000000 _____ () C:\Windows\SysWOW64\shoE110.tmp
2014-08-14 22:33 - 2014-08-14 22:33 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-08-14 22:33 - 2014-08-14 22:33 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-08-14 22:21 - 2014-08-14 22:22 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2013
2014-08-14 22:21 - 2014-08-14 22:22 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2013
2014-08-14 22:13 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 22:13 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 22:13 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 22:13 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 22:13 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 22:13 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 22:13 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 22:13 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 22:11 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 22:11 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 22:10 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 22:10 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 22:10 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 22:10 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 22:10 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 22:10 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 22:10 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 22:10 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 22:10 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 22:10 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 22:10 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 22:10 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 22:10 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 22:10 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 22:10 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 22:10 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 22:10 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 22:10 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 22:10 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 22:10 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 22:10 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 22:10 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 22:10 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 22:10 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 22:10 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 22:10 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 22:10 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 22:10 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 22:10 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 22:10 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 22:10 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 22:10 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 22:10 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 22:10 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 22:10 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 22:10 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 22:10 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 22:10 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 22:10 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 22:10 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 22:10 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 22:10 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 22:10 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 22:10 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 22:10 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 22:10 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 22:10 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 22:10 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 22:10 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 22:10 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 22:10 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 22:10 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 22:10 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 22:10 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 22:10 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 22:10 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 22:10 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 22:10 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 22:10 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-14 22:10 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 22:10 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 22:10 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 22:10 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 22:10 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 22:10 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 22:10 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 22:10 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 22:10 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 22:10 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 22:10 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 22:10 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 22:10 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 22:10 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 22:10 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 22:10 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 22:10 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 22:10 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 22:10 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 22:10 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 22:10 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 22:10 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 22:07 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 22:07 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 22:07 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 22:07 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-14 14:21 - 2014-08-14 14:22 - 00000000 ____D () C:\Users\Marco\Documents\Corona Projects
2014-08-14 14:21 - 2014-08-14 14:21 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Corona Labs
2014-08-12 01:37 - 2014-08-12 01:37 - 00000000 ____D () C:\ProgramData\DualMonitor
2014-08-12 00:29 - 2014-08-12 00:29 - 00000000 ____D () C:\Users\Marco\AppData\Local\Macromedia
2014-08-12 00:27 - 2014-08-27 04:34 - 00000978 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-12 00:27 - 2014-08-21 00:59 - 00003916 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-12 00:27 - 2014-08-21 00:58 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-12 00:27 - 2014-08-21 00:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-12 00:27 - 2014-08-12 00:27 - 00000000 ____D () C:\Windows\system32\Macromed
2014-08-11 19:47 - 2014-08-11 19:47 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Dual Monitor
2014-08-11 19:46 - 2014-08-11 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dual Monitor
2014-08-11 19:46 - 2014-08-11 19:46 - 00000000 ____D () C:\Program Files (x86)\Dual Monitor
2014-08-10 21:05 - 2014-08-10 21:05 - 00000000 ____D () C:\Users\Default\AppData\Local\Pinnacle
2014-08-10 21:05 - 2014-08-10 21:05 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pinnacle
2014-08-10 15:45 - 2014-08-10 20:40 - 00000000 ____D () C:\Users\Marco\AppData\Local\EvernoteNW
2014-08-09 01:17 - 2014-08-09 01:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-08-07 23:14 - 2014-08-07 23:14 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\NuGet
2014-08-07 23:08 - 2014-08-18 22:07 - 00000000 ____D () C:\Users\Marco\Documents\Visual Studio 2013
2014-08-07 23:06 - 2014-08-07 23:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-08-07 22:56 - 2014-08-07 22:56 - 00000000 ____D () C:\ProgramData\NuGet
2014-08-07 22:56 - 2014-08-07 22:56 - 00000000 ____D () C:\Program Files (x86)\NuGet
2014-08-07 22:47 - 2014-08-07 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-08-07 22:46 - 2014-08-07 22:47 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-08-07 22:44 - 2014-08-07 22:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer
2014-08-07 22:43 - 2014-08-07 23:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-08-07 22:43 - 2014-08-07 22:43 - 00000000 ____D () C:\Windows\SysWOW64\1040
2014-08-07 22:43 - 2014-08-07 22:43 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-08-07 22:43 - 2014-08-07 22:43 - 00000000 ____D () C:\Windows\system32\1040
2014-08-07 22:43 - 2014-08-07 22:43 - 00000000 ____D () C:\Windows\system32\1033
2014-08-07 22:42 - 2014-08-07 22:55 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-08-07 22:42 - 2014-08-07 22:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-08-07 22:41 - 2014-08-07 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2014-08-07 22:41 - 2014-08-07 22:41 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-08-07 22:39 - 2014-08-07 23:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0
2014-08-07 22:36 - 2014-08-14 22:21 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-07 22:22 - 2014-08-07 22:22 - 00000000 ___HD () C:\OneDriveTemp
2014-08-06 17:26 - 2014-08-06 17:26 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Mozilla
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\Users\Marco\AppData\Local\Mozilla
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-06 10:30 - 2014-08-06 10:30 - 00000000 ____D () C:\Users\Marco\AppData\Local\Apple Computer
2014-08-06 10:10 - 2014-08-06 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-06 10:09 - 2014-08-06 10:09 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-08-06 10:08 - 2014-08-06 10:08 - 00000000 ____D () C:\Program Files\Bonjour
2014-08-06 10:08 - 2014-08-06 10:08 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-08-06 10:07 - 2014-08-27 13:08 - 00000000 ___RD () C:\Users\Marco\Google Drive
2014-08-06 10:06 - 2014-08-14 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-04 17:56 - 2014-08-04 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2014-08-04 17:56 - 2014-08-04 17:56 - 00000000 ____D () C:\Program Files (x86)\Windows Phone
2014-08-04 17:54 - 2014-08-04 17:54 - 00000000 ____D () C:\ProgramData\Applications
2014-08-04 01:59 - 2014-08-04 01:59 - 00000000 ____D () C:\Users\Marco\Documents\My Weblog Posts
2014-08-02 03:05 - 2014-08-02 03:05 - 00000000 _____ () C:\Windows\SysWOW64\shoE942.tmp
2014-07-28 18:54 - 2014-07-28 18:54 - 00000000 ____D () C:\Users\Marco\AppData\Local\Evernote
2014-07-28 18:52 - 2014-07-28 18:52 - 00000000 ____D () C:\Program Files (x86)\Evernote
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-27 13:32 - 2014-08-27 13:31 - 00022331 _____ () C:\Users\Marco\Desktop\FRST.txt
2014-08-27 13:32 - 2014-08-25 22:04 - 00000000 ____D () C:\FRST
2014-08-27 13:32 - 2014-07-12 14:27 - 00001148 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-27 13:29 - 2014-07-06 22:14 - 01405883 _____ () C:\Windows\WindowsUpdate.log
2014-08-27 13:15 - 2009-07-14 06:45 - 00031888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-27 13:15 - 2009-07-14 06:45 - 00031888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-27 13:13 - 2014-07-07 23:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-27 13:08 - 2014-08-06 10:07 - 00000000 ___RD () C:\Users\Marco\Google Drive
2014-08-27 13:08 - 2014-07-07 14:07 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Spotify
2014-08-27 13:08 - 2014-07-07 00:38 - 00000000 ___RD () C:\Users\Marco\Dropbox
2014-08-27 13:08 - 2014-07-07 00:26 - 00000000 ___RD () C:\Users\Marco\OneDrive
2014-08-27 13:08 - 2014-07-07 00:23 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Dropbox
2014-08-27 13:07 - 2014-07-12 14:27 - 00001144 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-27 13:06 - 2014-08-27 01:24 - 00000224 _____ () C:\Windows\setupact.log
2014-08-27 13:06 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-27 04:34 - 2014-08-12 00:27 - 00000978 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-27 03:13 - 2014-07-07 12:04 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Skype
2014-08-27 01:25 - 2014-08-27 01:25 - 00092440 _____ () C:\Users\Marco\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-27 01:24 - 2014-08-27 01:24 - 00355584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 01:24 - 2014-08-27 01:24 - 00000310 _____ () C:\Windows\PFRO.log
2014-08-27 01:24 - 2014-08-27 01:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-27 01:23 - 2014-08-27 01:23 - 00000000 _____ () C:\Windows\SysWOW64\sho54F3.tmp
2014-08-27 01:22 - 2014-08-25 22:01 - 00000000 ____D () C:\AdwCleaner
2014-08-27 01:20 - 2014-08-27 01:20 - 00282624 _____ () C:\Users\Marco\Downloads\appnhost (1).msi
2014-08-27 00:13 - 2014-08-25 17:05 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-26 13:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-26 10:01 - 2014-07-06 23:11 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-08-26 00:43 - 2014-08-26 00:43 - 00058258 _____ () C:\Users\Marco\Downloads\Shortcut.txt
2014-08-26 00:43 - 2014-08-25 22:26 - 00052062 _____ () C:\Users\Marco\Downloads\Addition.txt
2014-08-26 00:43 - 2014-08-25 22:23 - 00081767 _____ () C:\Users\Marco\Downloads\FRST.txt
2014-08-25 22:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-25 22:31 - 2014-08-25 22:31 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-25 22:20 - 2014-07-06 22:55 - 00001950 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-08-25 22:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-08-25 22:07 - 2014-08-25 22:07 - 00000000 ____D () C:\Users\Marco\AppData\Local\Mixesoft
2014-08-25 22:06 - 2014-08-25 22:06 - 00282624 _____ () C:\Users\Marco\Downloads\appnhost.msi
2014-08-25 22:03 - 2014-08-25 22:02 - 02103296 _____ (Farbar) C:\Users\Marco\Desktop\FRST64.exe
2014-08-25 22:02 - 2014-08-25 22:01 - 01095168 _____ (Farbar) C:\Users\Marco\Downloads\FRST.exe
2014-08-25 21:59 - 2014-08-25 21:58 - 01364531 _____ () C:\Users\Marco\Desktop\AdwCleaner.exe
2014-08-25 20:29 - 2014-08-25 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-25 20:29 - 2014-07-06 23:32 - 00000000 ____D () C:\Users\Marco\AppData\Local\Google
2014-08-25 20:29 - 2014-07-06 23:32 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-25 19:48 - 2014-07-06 22:55 - 00001149 _____ () C:\Windows\system32\ServiceFilter.ini
2014-08-25 19:42 - 2014-07-06 22:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-25 19:41 - 2014-08-25 19:40 - 19166188 _____ () C:\Users\Marco\Downloads\magictune409.zip
2014-08-25 19:39 - 2014-08-25 19:38 - 20984571 _____ () C:\Users\Marco\Downloads\MagicTunePremium_1.0.121.zip
2014-08-25 19:34 - 2014-08-25 19:32 - 26904740 _____ () C:\Users\Marco\Downloads\MT2.5_RAFF_31.zip
2014-08-25 18:56 - 2014-08-25 18:56 - 00000112 _____ () C:\Windows\wininit.ini
2014-08-25 17:12 - 2014-08-25 17:05 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-25 17:06 - 2014-08-25 17:06 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-25 17:06 - 2014-08-25 17:06 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-08-25 17:06 - 2014-08-25 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-25 16:44 - 2014-07-06 22:47 - 00016302 _____ () C:\Windows\system32\results.xml
2014-08-25 16:41 - 2014-08-25 16:37 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Marco\Downloads\spybot-2.4.exe
2014-08-25 16:36 - 2014-08-25 16:35 - 00000000 ____D () C:\Users\Marco\Downloads\Nuova cartella
2014-08-25 14:54 - 2014-07-07 14:14 - 00000000 ____D () C:\Users\Marco\AppData\Local\Spotify
2014-08-24 17:58 - 2014-07-11 16:22 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\SoftGrid Client
2014-08-24 03:26 - 2014-08-24 03:26 - 00000000 _____ () C:\Windows\SysWOW64\sho4079.tmp
2014-08-23 23:07 - 2014-08-23 23:07 - 00000000 ____D () C:\Users\Marco\AppData\Local\Adobe
2014-08-23 02:23 - 2014-07-09 23:19 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-22 21:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SchCache
2014-08-22 18:35 - 2014-08-22 18:26 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\FileZilla
2014-08-22 18:26 - 2014-08-22 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-08-22 18:26 - 2014-08-22 18:26 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-08-22 13:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-21 15:05 - 2014-07-09 19:02 - 00000032 _____ () C:\Users\Marco\AppData\Roaming\msregsvv.dll
2014-08-21 15:05 - 2014-07-09 19:02 - 00000032 _____ () C:\ProgramData\autobk.inc
2014-08-21 00:59 - 2014-08-12 00:27 - 00003916 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-21 00:58 - 2014-08-12 00:27 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-21 00:58 - 2014-08-12 00:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-18 22:07 - 2014-08-07 23:08 - 00000000 ____D () C:\Users\Marco\Documents\Visual Studio 2013
2014-08-17 23:07 - 2014-07-21 12:17 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\vlc
2014-08-17 22:59 - 2011-04-12 12:49 - 00741528 _____ () C:\Windows\system32\perfh010.dat
2014-08-17 22:59 - 2011-04-12 12:49 - 00147292 _____ () C:\Windows\system32\perfc010.dat
2014-08-17 22:59 - 2009-07-14 07:13 - 01660444 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-17 14:04 - 2009-07-14 07:08 - 00032512 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-16 21:53 - 2014-07-07 00:24 - 00000000 ____D () C:\Users\Marco\AppData\Local\Windows Live
2014-08-16 20:33 - 2014-07-07 13:27 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\uTorrent
2014-08-15 03:24 - 2014-08-15 03:24 - 00000000 _____ () C:\Windows\SysWOW64\shoE110.tmp
2014-08-14 22:51 - 2014-07-07 00:36 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-14 22:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 22:34 - 2014-08-06 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-14 22:33 - 2014-08-14 22:33 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-08-14 22:33 - 2014-08-14 22:33 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-08-14 22:22 - 2014-08-14 22:21 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2013
2014-08-14 22:22 - 2014-08-14 22:21 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2013
2014-08-14 22:21 - 2014-08-07 22:36 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 22:21 - 2014-07-07 14:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 22:18 - 2014-07-07 14:14 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 22:12 - 2014-07-07 02:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 14:22 - 2014-08-14 14:21 - 00000000 ____D () C:\Users\Marco\Documents\Corona Projects
2014-08-14 14:21 - 2014-08-14 14:21 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Corona Labs
2014-08-12 01:37 - 2014-08-12 01:37 - 00000000 ____D () C:\ProgramData\DualMonitor
2014-08-12 00:29 - 2014-08-12 00:29 - 00000000 ____D () C:\Users\Marco\AppData\Local\Macromedia
2014-08-12 00:27 - 2014-08-12 00:27 - 00000000 ____D () C:\Windows\system32\Macromed
2014-08-11 19:47 - 2014-08-11 19:47 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Dual Monitor
2014-08-11 19:46 - 2014-08-11 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dual Monitor
2014-08-11 19:46 - 2014-08-11 19:46 - 00000000 ____D () C:\Program Files (x86)\Dual Monitor
2014-08-10 21:05 - 2014-08-10 21:05 - 00000000 ____D () C:\Users\Default\AppData\Local\Pinnacle
2014-08-10 21:05 - 2014-08-10 21:05 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pinnacle
2014-08-10 21:05 - 2014-07-15 10:45 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2014-08-10 20:43 - 2014-07-15 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 14
2014-08-10 20:40 - 2014-08-10 15:45 - 00000000 ____D () C:\Users\Marco\AppData\Local\EvernoteNW
2014-08-09 01:17 - 2014-08-09 01:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-08-08 19:42 - 2014-07-08 12:47 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\DAEMON Tools Lite
2014-08-08 00:44 - 2014-07-07 12:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-07 23:14 - 2014-08-07 23:14 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\NuGet
2014-08-07 23:08 - 2014-07-06 22:49 - 00092440 _____ () C:\Users\Default\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-07 23:08 - 2014-07-06 22:49 - 00092440 _____ () C:\Users\Default User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-07 23:07 - 2014-08-07 22:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0
2014-08-07 23:06 - 2014-08-07 23:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-08-07 23:03 - 2014-08-07 22:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-08-07 23:02 - 2014-08-07 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2014-08-07 22:56 - 2014-08-07 22:56 - 00000000 ____D () C:\ProgramData\NuGet
2014-08-07 22:56 - 2014-08-07 22:56 - 00000000 ____D () C:\Program Files (x86)\NuGet
2014-08-07 22:55 - 2014-08-07 22:42 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-08-07 22:55 - 2014-08-07 22:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-08-07 22:47 - 2014-08-07 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-08-07 22:47 - 2014-08-07 22:46 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-08-07 22:44 - 2014-08-07 22:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer
2014-08-07 22:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-08-07 22:43 - 2014-08-07 22:43 - 00000000 ____D () C:\Windows\SysWOW64\1040
2014-08-07 22:43 - 2014-08-07 22:43 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-08-07 22:43 - 2014-08-07 22:43 - 00000000 ____D () C:\Windows\system32\1040
2014-08-07 22:43 - 2014-08-07 22:43 - 00000000 ____D () C:\Windows\system32\1033
2014-08-07 22:41 - 2014-08-07 22:41 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-08-07 22:41 - 2014-07-07 15:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-08-07 22:22 - 2014-08-07 22:22 - 00000000 ___HD () C:\OneDriveTemp
2014-08-07 04:06 - 2014-08-14 22:07 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-14 22:07 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 17:26 - 2014-08-06 17:26 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Mozilla
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\Users\Marco\AppData\Local\Mozilla
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-06 15:48 - 2014-07-07 00:39 - 00000000 ____D () C:\ProgramData\Skype
2014-08-06 10:30 - 2014-08-06 10:30 - 00000000 ____D () C:\Users\Marco\AppData\Local\Apple Computer
2014-08-06 10:30 - 2014-07-10 21:14 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Apple Computer
2014-08-06 10:10 - 2014-08-06 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-06 10:09 - 2014-08-06 10:09 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-08-06 10:08 - 2014-08-06 10:08 - 00000000 ____D () C:\Program Files\Bonjour
2014-08-06 10:08 - 2014-08-06 10:08 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-08-06 10:07 - 2014-07-06 22:21 - 00000000 ____D () C:\Users\Marco
2014-08-06 09:55 - 2014-07-07 00:26 - 00002186 _____ () C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-08-04 17:56 - 2014-08-04 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2014-08-04 17:56 - 2014-08-04 17:56 - 00000000 ____D () C:\Program Files (x86)\Windows Phone
2014-08-04 17:54 - 2014-08-04 17:54 - 00000000 ____D () C:\ProgramData\Applications
2014-08-04 01:59 - 2014-08-04 01:59 - 00000000 ____D () C:\Users\Marco\Documents\My Weblog Posts
2014-08-04 01:59 - 2014-07-07 15:51 - 00000000 ____D () C:\Users\Marco\AppData\Local\Windows Live Writer
2014-08-02 03:05 - 2014-08-02 03:05 - 00000000 _____ () C:\Windows\SysWOW64\shoE942.tmp
2014-08-01 01:41 - 2014-08-14 22:10 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-14 22:10 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-29 09:55 - 2014-07-07 00:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-28 18:54 - 2014-07-28 18:54 - 00000000 ____D () C:\Users\Marco\AppData\Local\Evernote
2014-07-28 18:52 - 2014-07-28 18:52 - 00000000 ____D () C:\Program Files (x86)\Evernote
 
Some content of TEMP:
====================
C:\Users\Marco\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprztcll.dll
C:\Users\Marco\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-17 01:08
 
==================== End Of Log ============================
Link to post
Share on other sites
Capstan

Capstan

Posted
  • Author
Posted

Sorry.

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-08-2014 03
Ran by Marco at 2014-08-27 14:27:52
Running from C:\Users\Marco\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
Ableton Live 9 Lite (HKLM-x32\...\{28498E69-5368-44D9-9AD6-591239450A65}) (Version: 9.0.0.0 - Ableton)
Acrobat.com (HKLM-x32\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader 9.0.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90100000001}) (Version: 9.0.1 - Adobe Systems Incorporated)
AmpegSVX (HKLM-x32\...\{CF1D7323-8A0A-49C7-83B0-088DB90721E2}) (Version: 1.1.0 - IK Multimedia)
AmpliTube 3 version 3.8.0 (HKLM\...\{DA5202AC-12BF-4330-B8EA-BC77F991FA1C}_is1) (Version: 3.8.0 - IK Multimedia)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 - Michael Tippach)
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.10 - ASUS)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.21 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0021 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.41 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0006 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0009 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.20 - asus)
Asus_PSeries_Screensaver (HKLM-x32\...\Asus_PSeries_Screensaver) (Version: 1.0.0001 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0007 - ASUS)
Bass Station 2.0 (HKLM-x32\...\{ABAF1232-6213-4062-9D52-04E04A730CEA}_is1) (Version: 2.0 - Novation)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.127.0.61 - Conexant)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.9 - ASUS)
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.6.1622 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.6.1622 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Driver Pinnacle Video (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
Dual Monitor 1.22 (HKLM-x32\...\{64AA3F94-ED4A-4A4B-B72C-B7A1481ED5D8}_is1) (Version: 1.22.021813 - Cristi Diaconu)
Entity Framework 6.1.1 Tools  for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
ETDWare PS/2-x64 7.0.5.16_WHQL (HKLM\...\Elantech) (Version: 7.0.5.16 - ELAN Microelectronics Corp.)
Evernote v. 5.5.3 (HKLM-x32\...\{B1A0F908-1448-11E4-8684-00163E98E7D0}) (Version: 5.5.3.4236 - Evernote Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.7 - ASUS)
FileZilla Client 3.9.0.3 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.3 - Tim Kosse)
Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.)
Framework applicazione livello dati Microsoft SQL Server 2012 (HKLM-x32\...\{6EEAE8E0-4899-4657-870B-EEDF36FC3369}) (Version: 11.1.2902.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version:  - Arobas Music)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IK Multimedia Authorization Manager version 1.0.5 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.5 - IK Multimedia)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2462 - Intel Corporation)
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.27.6 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Knoll Light Factory EZ Studio (HKLM-x32\...\Knoll Light Factory EZ Studio) (Version:  - )
Language Pack del Visualizzatore della Guida Microsoft 2.1 - ITA (HKLM-x32\...\Language Pack del Visualizzatore della Guida Microsoft 2.1 - ITA) (Version: 2.1.21005 - Microsoft Corporation)
Language Pack del Visualizzatore della Guida Microsoft 2.1 - ITA (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Magic Bullet Looks Studio (HKLM-x32\...\Magic Bullet Looks Studio) (Version:  - )
Malwarebytes Anti-Malware versione 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - ITA Lang Pack (HKLM-x32\...\{CC85795B-9AB3-4AAE-8BEA-9041178DF6E9}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (ITA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (Italiano) (HKLM-x32\...\{079CDB66-D3E9-31C8-A597-93382A9A7402}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Italiano) (HKLM-x32\...\{46539A2C-DCEB-4BB1-BBBF-CAA06967E509}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Azure Shared Components for Visual Studio 2013 - v1.2 (x32 Version: 1.2.20710.1601 - Microsoft Corporation) Hidden
Microsoft Azure Shared Components for Visual Studio 2013 Language Pack (ENU) - v1.2 (x32 Version: 1.2.20710.1601 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop (x32 Version: 2.8.50313.46 - Microsoft Corporation) Hidden
Microsoft Office a portata di clic 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office a portata di clic 2010 (Version: 14.0.6122.5000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Italiano (HKLM-x32\...\{90140011-0066-0410-0000-0000000FF1CE}) (Version: 14.0.7122.5000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On for Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{61AB8577-B46C-492A-882E-C0F7AA6F49FB}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{35467A25-F30D-43AB-BDF1-77869DBC6F39}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{16A550C4-1D4A-4AAF-9D26-3FA37E49D3AF}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{99F9DB22-1D83-4A41-BB6E-8DD58EFC9E8E}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{407F5EC7-B580-4C69-A233-D853C926869D}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{E672485C-E457-4E07-A813-9C78584076CB}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 System CLR Types (HKLM-x32\...\{6E1B40C0-130A-4D3E-90D2-B7AD107A1575}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft SQL Server 2012 System CLR Types (x64) (HKLM\...\{035A5DBB-6799-412B-AD1A-AE1D50ECD5D0}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{EFCB3339-A7BA-4CB4-B4D8-97BCA0FC2AC5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ITA (HKLM\...\{E7BFD3A1-2152-4DE1-9F82-A478DD6097C9}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - ITA (12.0.30919.1) (HKLM-x32\...\{10EBF1CD-4D7C-4961-8AA9-D7D2EC4E5413}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - ITA (12.0.30919.1) (HKLM-x32\...\{F5675659-3A73-4F35-8673-0D39EB84F093}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Update 3 Object Model (x64) (Version: 12.0.30723 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 32bit Compilers - ITA Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Diagnostic Tools - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Diagnostic Tools - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Express Prerequisites x64 - ITA (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Language Pack - ITA (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 XAML UI Designer (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows Desktop (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 per Windows Desktop - ITA (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 per Windows Desktop - ITA con Update 3 (HKLM-x32\...\{8da5b17b-e0ef-463e-ad74-548bc738c465}) (Version: 12.0.30723.0 - Microsoft Corporation)
Modello a oggetti di Microsoft Team Foundation Server 2013 Update 3 Language Pack (x64) - ITA (Version: 12.0.30723 - Microsoft Corporation) Hidden
Modello di reindirizzamento di Python Tools (x32 Version: 1.0 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 it) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 it)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NB Probe (HKLM-x32\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version:  - )
Pacchetto driver Windows - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1) (HKLM\...\CF1FC201D237269A9CD51A3A6B14ADBF67175C32) (Version: 09/25/2013 2.5.128.1 - Focusrite)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems)
Pinnacle Studio Ultimate Collection Plugins (HKLM-x32\...\{F5C372A1-40F3-49DA-A049-F75CDE9177DC}) (Version: 14.0.0.7255 - Pinnacle Systems)
Preparazione di Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Prerequisiti per SSDT (HKLM-x32\...\{038D0EF0-B10C-4ED3-8E0E-A9513B6E86F2}) (Version: 11.1.3000.0 - Microsoft Corporation)
Progettazione interfaccia utente XAML di Microsoft Visual Studio 2013 - ITA (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Red Giant ToonIt Studio (HKLM-x32\...\Red Giant ToonIt Studio) (Version:  - )
Risorse di Microsoft Visual Studio 2013 Shell (minime) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Scarlett Plug-in Suite 1.6 (HKLM-x32\...\{D7F912D4-C237-4079-966A-5044A5025CBF}}_is1) (Version: 1.6 - Focusrite)
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.6 - ASUS)
Servizio linguaggio T-SQL Microsoft SQL Server 2012 (HKLM-x32\...\{EB7B7148-F739-4AD8-8FE2-6347034E518B}) (Version: 11.1.3000.0 - Microsoft Corporation)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
SureThing Express Labeler (HKLM-x32\...\stax-Pinnacle_is1) (Version:  - MicroVision Development, Inc.)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Trapcode 3DStroke Studio (HKLM-x32\...\Trapcode 3DStroke Studio) (Version:  - )
Trapcode Particular Studio (HKLM-x32\...\Trapcode Particular Studio) (Version:  - )
Trapcode Shine Studio (HKLM-x32\...\Trapcode Shine Studio) (Version:  - )
TypeScript Power Tool (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Microsoft Visual Studio 2013 (KB2932965) (HKLM-x32\...\{7dbba119-718a-4f68-b33e-454dc8aa5faf}) (Version: 12.0.30112 - Microsoft Corporation)
USB 2.0 VGA UVC WebCam (HKLM\...\USB 2.0 VGA UVC WebCam) (Version:  - )
Visual Studio 2013 Update 3 (KB2829760) (HKLM-x32\...\{86438e3d-7f83-4dd2-94aa-047e7c3974cb}) (Version: 12.0.30723 - Microsoft Corporation)
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 2.1.30723.00 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VS Update core components (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Phone app for desktop (HKLM-x32\...\{CFF220E2-642C-4B41-87FA-9A634C6E01CF}) (Version: 1.1.2726.0 - Microsoft Corporation)
Windows Software Development Kit (x32 Version: 8.100.26831 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.26831 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.26831 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.26831 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.3 - ASUS)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Marco\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Marco\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Marco\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Marco\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Marco\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
25-08-2014 15:55:02 Windows Update
25-08-2014 15:58:30 Windows Update
25-08-2014 16:02:12 Windows Update
25-08-2014 17:00:05 Windows Update
25-08-2014 17:11:36 Windows Update
25-08-2014 17:15:54 Windows Update
25-08-2014 17:35:35 Installato MT2.5_RAFF
25-08-2014 17:37:55 Rimosso MT2.5_RAFF
25-08-2014 17:40:08 Installato MagicTune Premium
25-08-2014 17:52:05 Rimosso MagicTunePremium
25-08-2014 17:58:49 Windows Update
25-08-2014 18:02:38 Rimosso MagicTune Premium
25-08-2014 18:22:24 Removed Java 7 Update 67
25-08-2014 18:23:58 Removed System Requirements Lab CYRI
25-08-2014 20:06:33 Installed AppNHost 1.0.5.1
25-08-2014 20:46:12 Removed AppNHost 1.0.5.1
26-08-2014 11:02:24 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0245AB5A-8C40-4BE8-8DD9-5B103BE25DC3} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {1B7D582C-2CD4-4599-9189-1AFF8DBC7165} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-09-30] (asus)
Task: {1B888982-1EC2-4BA6-BB40-C765D185A4D0} - System32\Tasks\{7E40E74E-E471-47BF-8B21-5EEC97DBCAE2} => Chrome.exe http://ui.skype.com/ui/0/6.16.60.105/it/go/help.faq.installer?LastError=1618
Task: {396B9E9A-A959-483B-AD28-C1F18C37713F} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {4C8D5A1F-D9AB-4898-B61D-5D87B52075E4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {51B5F507-BCC4-4FF1-A368-591C65B60A2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-12] (Google Inc.)
Task: {5BC2A120-6414-4C64-B23E-3F448E7BD803} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {68583C10-369F-4F70-9019-08EC179C17A0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {8E4001BF-9C2C-40F2-BAD5-F069D3B9A48B} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {920FE926-238B-4DBA-AE6E-90097EDD48B3} - System32\Tasks\Net4Switch => C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe
Task: {981C53C9-F2E3-4991-83D0-A8933C6BC6A1} - System32\Tasks\ASUS Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2010-05-11] ()
Task: {A30BE9E2-28B5-44F3-B36C-5651BCB0216C} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS)
Task: {A7A59928-8EDA-4C1A-8D42-05AF80F49470} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {D3478010-1115-4DC6-8053-25FBD0D9C074} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-10-15] (ASUS)
Task: {DDEE23CC-6B9A-4417-8F72-19342E8F7E17} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {E9831478-6A1C-4B95-B41C-9A46CE439CFA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {FA4E5C84-B657-4137-B58A-FB255757D0E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-12] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-08-11 19:46 - 2013-02-18 08:23 - 00695808 _____ () C:\Program Files (x86)\Dual Monitor\ExplorerHook64.dll
2010-04-02 19:21 - 2008-09-30 23:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2014-07-06 22:56 - 2007-11-30 11:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2010-07-14 16:11 - 2010-07-14 16:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2010-05-11 17:35 - 2010-05-11 17:35 - 00489392 _____ () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-07-06 23:04 - 2007-08-03 12:24 - 00125496 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
2010-09-23 16:53 - 2010-09-23 16:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2014-07-07 14:10 - 2014-08-22 15:31 - 00610872 _____ () C:\Users\Marco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-08-25 17:05 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-25 17:05 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-25 17:05 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-08-25 17:05 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-25 17:05 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-07-06 23:04 - 2007-09-14 10:00 - 00147456 _____ () C:\Program Files\ASUS\NB Probe\SPM\spdiskex.dll
2014-07-06 23:04 - 2003-11-28 02:11 - 00135168 _____ () C:\Program Files\ASUS\NB Probe\SPM\spos.dll
2014-07-06 23:04 - 2005-08-29 15:24 - 00081920 _____ () C:\Program Files\ASUS\NB Probe\SPM\spnbacpi.dll
2014-07-06 23:04 - 2003-09-09 16:08 - 00049152 _____ () C:\Program Files\ASUS\NB Probe\SPM\spdmi.dll
2014-07-06 23:04 - 2006-04-04 10:24 - 00036864 _____ () C:\Program Files\ASUS\NB Probe\SPM\ghadmi.dll
2014-07-06 23:04 - 2005-04-07 19:25 - 00077824 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmemory.dll
2014-07-07 14:10 - 2014-08-22 15:31 - 36966968 _____ () C:\Users\Marco\AppData\Roaming\Spotify\Data\libcef.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-08-27 13:07 - 2014-08-27 13:07 - 00098816 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\win32api.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00110080 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\pywintypes27.dll
2014-08-27 13:07 - 2014-08-27 13:07 - 00364544 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\pythoncom27.dll
2014-08-27 13:07 - 2014-08-27 13:07 - 00045568 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\_socket.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 01160704 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\_ssl.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00320512 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\win32com.shell.shell.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00713216 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\_hashlib.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 01175040 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\wx._core_.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00805888 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\wx._gdi_.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00811008 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\wx._windows_.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 01062400 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\wx._controls_.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00735232 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\wx._misc_.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00128512 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\_elementtree.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00127488 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\pyexpat.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00557056 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\pysqlite2._sqlite.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00007168 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\hashobjs_ext.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00087552 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\_ctypes.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00119808 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\win32file.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00108544 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\win32security.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00018432 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\win32event.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00038912 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\win32inet.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00070656 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\wx._html2.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00167936 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\win32gui.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00011264 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\win32crypt.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00027136 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\_multiprocessing.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00686080 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\unicodedata.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00122368 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\wx._wizard.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00010240 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\select.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00024064 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\win32pipe.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00025600 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\win32pdh.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00525640 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\windows._lib_cacheinvalidation.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00035840 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\win32process.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00017408 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\win32profile.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00022528 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\win32ts.pyd
2014-08-27 13:07 - 2014-08-27 13:07 - 00078336 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI32602\wx._animate.pyd
2014-08-27 13:08 - 2014-08-27 13:08 - 00043008 _____ () c:\users\marco\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprztcll.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Marco\AppData\Roaming\Dropbox\bin\libcef.dll
2014-07-25 16:22 - 2014-07-25 16:22 - 00436576 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-07-25 16:22 - 2014-07-25 16:22 - 00318304 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2014-07-25 16:22 - 2014-07-25 16:22 - 21118304 _____ () C:\Program Files (x86)\Evernote\Evernote\libcef.dll
2014-07-25 16:22 - 2014-07-25 16:22 - 00985968 _____ () C:\Program Files (x86)\Evernote\Evernote\avcodec-54.dll
2014-07-25 16:22 - 2014-07-25 16:22 - 00136048 _____ () C:\Program Files (x86)\Evernote\Evernote\avutil-51.dll
2014-07-25 16:22 - 2014-07-25 16:22 - 00192368 _____ () C:\Program Files (x86)\Evernote\Evernote\avformat-54.dll
2014-07-07 19:01 - 2014-08-22 15:31 - 00867896 _____ () C:\Users\Marco\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-07-07 14:10 - 2014-08-22 15:31 - 00886840 _____ () C:\Users\Marco\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-07-07 14:10 - 2014-08-22 15:31 - 00108600 _____ () C:\Users\Marco\AppData\Roaming\Spotify\Data\libegl.dll
2010-09-30 15:13 - 2010-09-30 15:13 - 00041472 _____ () C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll
2010-09-30 15:13 - 2010-09-30 15:13 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
2010-09-30 15:14 - 2010-09-30 15:14 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
2010-09-30 15:13 - 2010-09-30 15:13 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
2014-03-31 21:35 - 2014-03-31 21:35 - 00035008 _____ () C:\Program Files (x86)\Windows Live\Shared\it\uxctlloc.dll.mui
2014-03-31 21:35 - 2014-03-31 21:35 - 00278208 _____ () C:\Program Files (x86)\Windows Live\Writer\it\WindowsLive.Writer.Localization.resources.dll
2014-08-06 17:26 - 2014-07-17 07:42 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-21 00:58 - 2014-08-21 00:58 - 17048240 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll
2010-07-01 11:21 - 2010-07-01 11:21 - 00204800 _____ () C:\Program Files (x86)\asus\VirtualCamera\virtualCamera.ax
2014-08-13 16:09 - 2014-08-13 16:09 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-08-25 20:29 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-25 20:29 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-25 20:29 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-25 20:29 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-25 20:29 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/27/2014 02:15:14 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generazione del contesto di attivazione non riuscita per "assemblyIdentity1". Errore nel file manifesto o dei criteri "assemblyIdentity2", riga assemblyIdentity3.
Il valore "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" dell'attributo "version" nell'elemento "assemblyIdentity" non è valido.
 
Error: (08/27/2014 01:06:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/27/2014 02:09:30 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma Skype.exe versione 6.18.0.106 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.
 
ID processo: 1808
 
Ora di avvio: 01cfc18ab1a47e68
 
Ora di chiusura: 15
 
Percorso applicazione: C:\Program Files (x86)\Skype\Phone\Skype.exe
 
ID segnalazione: 64557e04-2d7e-11e4-90c4-bcaec54e2c2d
 
Error: (08/27/2014 01:25:48 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Impossibile inizializzare l'indice.
 
Dettagli:
Il catalogo dell'indice del contenuto è danneggiato.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (08/27/2014 01:25:48 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Impossibile inizializzare l'applicazione.
 
Contesto: applicazione Windows
 
Dettagli:
Il catalogo dell'indice del contenuto è danneggiato.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (08/27/2014 01:25:48 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Impossibile inizializzare l'oggetto Gatherer.
 
Contesto: applicazione Windows, catalogo SystemIndex
 
Dettagli:
Il catalogo dell'indice del contenuto è danneggiato.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (08/27/2014 01:25:48 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Impossibile inizializzare il plug-in <Search.TripoliIndexer>.
 
Contesto: applicazione Windows, catalogo SystemIndex
 
Dettagli:
Impossibile trovare elemento.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (08/27/2014 01:25:46 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Impossibile inizializzare il plug-in <Search.JetPropStore>.
 
Contesto: applicazione Windows, catalogo SystemIndex
 
Dettagli:
Il catalogo dell'indice del contenuto è danneggiato.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (08/27/2014 01:25:45 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Impossibile caricare le informazioni dell'archivio di proprietà.
 
Contesto: applicazione Windows, catalogo SystemIndex
 
Dettagli:
Il database dell'indice del contenuto è danneggiato.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (08/27/2014 01:25:45 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: È in corso l'interruzione del servizio Windows Search. Problema dell'indicizzatore, The catalog is corrupt.
 
Dettagli:
Il catalogo dell'indice del contenuto è danneggiato.  (HRESULT : 0xc0041801) (0xc0041801)
 
 
System errors:
=============
Error: (08/27/2014 01:06:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: All'avvio non è stato possibile caricare i seguenti driver: 
sptd
 
Error: (08/27/2014 01:05:55 PM) (Source: sptd) (EventID: 4) (User: )
Description: Il driver ha rilevato un errore interno nelle strutture dati per .
 
Error: (08/27/2014 04:54:38 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (08/27/2014 01:25:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Windows Search è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 30000 millisecondi: Riavvia il servizio.
 
Error: (08/27/2014 01:25:48 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Servizio Windows Search terminato. Errore specifico del servizio %%-1073473535.
 
Error: (08/27/2014 01:25:08 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: All'avvio non è stato possibile caricare i seguenti driver: 
sptd
 
Error: (08/27/2014 01:24:12 AM) (Source: sptd) (EventID: 4) (User: )
Description: Il driver ha rilevato un errore interno nelle strutture dati per .
 
Error: (08/26/2014 10:01:32 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: All'avvio non è stato possibile caricare i seguenti driver: 
sptd
 
Error: (08/26/2014 10:00:37 AM) (Source: sptd) (EventID: 4) (User: )
Description: Il driver ha rilevato un errore interno nelle strutture dati per .
 
Error: (08/26/2014 01:05:09 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: All'avvio non è stato possibile caricare i seguenti driver: 
sptd
 
 
Microsoft Office Sessions:
=========================
Error: (08/27/2014 02:15:14 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
 
Error: (08/27/2014 01:06:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/27/2014 02:09:30 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe6.18.0.106180801cfc18ab1a47e6815C:\Program Files (x86)\Skype\Phone\Skype.exe64557e04-2d7e-11e4-90c4-bcaec54e2c2d
 
Error: (08/27/2014 01:25:48 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Dettagli:
Il catalogo dell'indice del contenuto è danneggiato.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (08/27/2014 01:25:48 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Contesto: applicazione Windows
 
Dettagli:
Il catalogo dell'indice del contenuto è danneggiato.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (08/27/2014 01:25:48 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Contesto: applicazione Windows, catalogo SystemIndex
 
Dettagli:
Il catalogo dell'indice del contenuto è danneggiato.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (08/27/2014 01:25:48 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Contesto: applicazione Windows, catalogo SystemIndex
 
Dettagli:
Impossibile trovare elemento.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
 
Error: (08/27/2014 01:25:46 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Contesto: applicazione Windows, catalogo SystemIndex
 
Dettagli:
Il catalogo dell'indice del contenuto è danneggiato.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
 
Error: (08/27/2014 01:25:45 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Contesto: applicazione Windows, catalogo SystemIndex
 
Dettagli:
Il database dell'indice del contenuto è danneggiato.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (08/27/2014 01:25:45 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Dettagli:
Il catalogo dell'indice del contenuto è danneggiato.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 73%
Total physical RAM: 3884.3 MB
Available physical RAM: 1016.38 MB
Total Pagefile: 7766.77 MB
Available Pagefile: 3640.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:116.44 GB) (Free:60.07 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:327.83 GB) (Free:327.09 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E0C5913D)
Partition 1: (Active) - (Size=116.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=327.8 GB) - (Type=OF Extended)
 
==================== End Of Log ============================
Link to post
Share on other sites
Naathim

Naathim

Posted
Posted

warning.gif SpyBot S&D Warning

MVPS.org is no longer recommending SpyBot S&D due to very poor testing results (scroll down and read under Freeware Antispyware Products).

My advice is to get rid of this program. To do so:

  • Press the WindowsKey.png + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for SpyBot, right-click the entry and click Uninstall.

This is optional, but please consider it. At least until we are clean, cause SpyBot is able to hinder the removal process.

JRTbythisisu.png Fix with Junkware Removal Tool

Please download JRT by Thisisu and save the file to your desktop.

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.

Please include the contents of that file in your reply.

Do not forget to re-enable your previously switched off protection software!

Please also manually reboot your machine after this procedure.

FRST.gif Fix with Farbar Recovery Scan Tool

 

 This fix was created for this user for use on that particular machine.

Running it on another one may cause damage and render the system unstable. 

Press the WindowsKey.png + R on your keyboard at the same time. Type Notepad and click OK.

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    > XP users click run after receipt of Windows Security Warning - Open File.

    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.

  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please include it in your reply.

Link to post
Share on other sites
Capstan

Capstan

Posted
  • Author
Posted
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Professional x64

Ran by Marco on 27/08/2014 at 15:28:35,34

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 27/08/2014 at 15:35:48,43

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Farbar stop working every single time.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-08-2014 03

Ran by Marco at 2014-08-27 15:44:10 Run:3

Running from C:\Users\Marco\Desktop

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

start

HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\MountPoints2: {a7d58018-0549-11e4-9f4f-806e6f6e6963} - E:\InstAll.exe

SearchScopes: HKCU - {5F5875CA-23E8-4DE5-8110-9DBA6D535544} URL = http://astromenda.co...r=151360333&ir=

C:\Windows\SysWOW64\sho54F3.tmp

C:\Users\Marco\Downloads\Shortcut.txt

C:\AdwCleaner

C:\Windows\SysWOW64\sho4079.tmp

C:\Windows\SysWOW64\shoE110.tmp

C:\Windows\SysWOW64\shoE942.tmp

C:\Windows\SysWOW64\sho54F3.tmp

EmptyTemp:

end

*****************

 

"HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7d58018-0549-11e4-9f4f-806e6f6e6963}" => Key not found.

"HKCR\CLSID\{a7d58018-0549-11e4-9f4f-806e6f6e6963}" => Key not found.

"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5F5875CA-23E8-4DE5-8110-9DBA6D535544}" => Key not found.

"HKCR\CLSID\{5F5875CA-23E8-4DE5-8110-9DBA6D535544}" => Key not found.

"C:\Windows\SysWOW64\sho54F3.tmp" => File/Directory not found.

"C:\Users\Marco\Downloads\Shortcut.txt" => File/Directory not found.

"C:\AdwCleaner" => File/Directory not found.

"C:\Windows\SysWOW64\sho4079.tmp" => File/Directory not found.

"C:\Windows\SysWOW64\shoE110.tmp" => File/Directory not found.

"C:\Windows\SysWOW64\shoE942.tmp" => File/Directory not found.

"C:\Windows\SysWOW64\sho54F3.tmp" => File/Directory not found.
Link to post
Share on other sites
Naathim

Naathim

Posted
Posted

The scripts are for one-use only. 

I told you in my first post:

I can't foresee everything, so if anything unexpected happens, please stop and inform me!

Please re-run FRST, make sure that Addition box is checked and press Scan. Two logs should appear - post them.

Link to post
Share on other sites
Capstan

Capstan

Posted
  • Author
Posted

Sorry again.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 03
Ran by Marco (administrator) on MARCO-PC on 27-08-2014 16:12:23
Running from C:\Users\Marco\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Italiano (Italia)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Spotify Ltd) C:\Users\Marco\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Spotify Ltd) C:\Users\Marco\AppData\Roaming\Spotify\spotify.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Users\Marco\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Dropbox, Inc.) C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Users\Marco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Marco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Marco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Marco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Marco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [stopDefragment] => Install\StopDefragment.exe
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [ADSMTray] => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [spotify Web Helper] => C:\Users\Marco\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-22] (Spotify Ltd)
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [spotify] => C:\Users\Marco\AppData\Roaming\Spotify\spotify.exe [6621752 2014-08-22] (Spotify Ltd)
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [skyDrive] => C:\Users\Marco\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-08-06] (Microsoft Corporation)
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [dualmonitor] => C:\Program Files (x86)\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi)
HKU\S-1-5-21-3116869577-2081627223-1196300069-1000\...\Run: [appnhost] => C:\Users\Marco\AppData\Local\Mixesoft\AppNHost\appnhost.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk
ShortcutTarget: EvernoteTray.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Live Mail.lnk
ShortcutTarget: Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0356993D5F99CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Guida per l'accesso all'account Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\ld67j1vw.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-it.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-it.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\hoepli.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-it.xml
FF Extension: Adblock Plus - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\ld67j1vw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-06]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
 
Chrome: 
=======
CHR HomePage: 
CHR Extension: (Documenti Google) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-25]
CHR Extension: (Google Drive) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-25]
CHR Extension: (YouTube) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-25]
CHR Extension: (Ricerca Google) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-25]
CHR Extension: (Google+) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2014-08-25]
CHR Extension: (Google Calendar) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-08-25]
CHR Extension: (Click&Clean) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2014-08-25]
CHR Extension: (AdBlock) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-25]
CHR Extension: (Skype Click to Call) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-25]
CHR Extension: (Google Maps) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-08-25]
CHR Extension: (Google Wallet) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-25]
CHR Extension: (Gmail) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AFBAgent; C:\Windows\system32\FBAgent.exe [377264 2010-09-30] (ASUSTeK Computer Inc.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R3 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
R2 UNS; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 assd; C:\Windows\System32\Drivers\assd.sys [27264 2010-04-28] (ASUS Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-08] (Disc Soft Ltd)
R3 ffusb2audio; C:\Windows\System32\DRIVERS\ffusb2audio.sys [127280 2013-09-25] (Focusrite Audio Engineering Limited.)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-03] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [25504 2013-10-21] (Resplendence Software Projects Sp.)
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-07-08] (Duplex Secure Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-27 15:41 - 2014-08-27 15:41 - 00000473 _____ () C:\Users\Marco\Desktop\fixlist.txt
2014-08-27 15:35 - 2014-08-27 15:35 - 00000625 _____ () C:\Users\Marco\Desktop\JRT.txt
2014-08-27 15:26 - 2014-07-07 13:42 - 00001124 _____ () C:\Users\Marco\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-27 15:13 - 2014-08-27 15:13 - 00000000 ____D () C:\Windows\ERUNT
2014-08-27 15:11 - 2014-08-27 15:12 - 01016261 _____ (Thisisu) C:\Users\Marco\Desktop\JRT.exe
2014-08-27 14:27 - 2014-08-27 14:29 - 00054041 _____ () C:\Users\Marco\Desktop\Addition.txt
2014-08-27 13:31 - 2014-08-27 16:12 - 00020171 _____ () C:\Users\Marco\Desktop\FRST.txt
2014-08-27 01:25 - 2014-08-27 01:25 - 00092440 _____ () C:\Users\Marco\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-27 01:24 - 2014-08-27 15:37 - 00355584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 01:24 - 2014-08-27 15:37 - 00000392 _____ () C:\Windows\setupact.log
2014-08-27 01:24 - 2014-08-27 15:05 - 00003406 _____ () C:\Windows\PFRO.log
2014-08-27 01:24 - 2014-08-27 01:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-27 01:20 - 2014-08-27 01:20 - 00282624 _____ () C:\Users\Marco\Downloads\appnhost (1).msi
2014-08-25 22:31 - 2014-08-25 22:31 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-25 22:26 - 2014-08-26 00:43 - 00052062 _____ () C:\Users\Marco\Downloads\Addition.txt
2014-08-25 22:23 - 2014-08-26 00:43 - 00081767 _____ () C:\Users\Marco\Downloads\FRST.txt
2014-08-25 22:16 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-25 22:07 - 2014-08-25 22:07 - 00000000 ____D () C:\Users\Marco\AppData\Local\Mixesoft
2014-08-25 22:06 - 2014-08-25 22:06 - 00282624 _____ () C:\Users\Marco\Downloads\appnhost.msi
2014-08-25 22:04 - 2014-08-27 16:12 - 00000000 ____D () C:\FRST
2014-08-25 22:02 - 2014-08-25 22:03 - 02103296 _____ (Farbar) C:\Users\Marco\Desktop\FRST64.exe
2014-08-25 22:01 - 2014-08-25 22:02 - 01095168 _____ (Farbar) C:\Users\Marco\Downloads\FRST.exe
2014-08-25 21:58 - 2014-08-25 21:59 - 01364531 _____ () C:\Users\Marco\Desktop\AdwCleaner.exe
2014-08-25 20:29 - 2014-08-25 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-25 19:42 - 2008-11-04 13:12 - 00023096 _____ (Samsung Electronics, Inc. ) C:\Windows\system32\Drivers\MTiCtwl.sys
2014-08-25 19:40 - 2014-08-25 19:41 - 19166188 _____ () C:\Users\Marco\Downloads\magictune409.zip
2014-08-25 19:38 - 2014-08-25 19:39 - 20984571 _____ () C:\Users\Marco\Downloads\MagicTunePremium_1.0.121.zip
2014-08-25 19:36 - 2004-10-01 18:37 - 00036864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi9x.dll
2014-08-25 19:36 - 2004-09-28 18:05 - 00040960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvgpio.dll
2014-08-25 19:36 - 1998-06-17 18:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfc42loc.dll
2014-08-25 19:32 - 2014-08-25 19:34 - 26904740 _____ () C:\Users\Marco\Downloads\MT2.5_RAFF_31.zip
2014-08-25 18:56 - 2014-08-27 15:03 - 00000162 _____ () C:\Windows\wininit.ini
2014-08-25 17:06 - 2014-08-25 17:06 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-08-25 17:05 - 2014-08-27 15:05 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-25 17:05 - 2014-08-27 15:03 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-25 16:37 - 2014-08-25 16:41 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Marco\Downloads\spybot-2.4.exe
2014-08-25 16:36 - 2012-01-10 21:55 - 07988224 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-08-25 16:36 - 2011-07-26 16:28 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2462.dll
2014-08-25 16:36 - 2010-10-15 01:28 - 00317440 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-08-25 16:36 - 2010-10-15 01:27 - 00014848 _____ (Intel® Corporation) C:\Windows\system32\IntcDAuC.dll
2014-08-25 16:35 - 2014-08-25 16:36 - 00000000 ____D () C:\Users\Marco\Downloads\Nuova cartella
2014-08-23 23:07 - 2014-08-23 23:07 - 00000000 ____D () C:\Users\Marco\AppData\Local\Adobe
2014-08-22 18:26 - 2014-08-22 18:35 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\FileZilla
2014-08-22 18:26 - 2014-08-22 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-08-22 18:26 - 2014-08-22 18:26 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-08-21 14:40 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-21 14:40 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-21 14:40 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-21 14:40 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-21 14:39 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-21 14:39 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-21 14:39 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-21 14:39 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-21 14:39 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-21 14:39 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-21 14:39 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-21 14:39 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-21 14:39 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-21 14:39 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-14 22:33 - 2014-08-14 22:33 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-08-14 22:33 - 2014-08-14 22:33 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-08-14 22:21 - 2014-08-14 22:22 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2013
2014-08-14 22:21 - 2014-08-14 22:22 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2013
2014-08-14 22:13 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 22:13 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 22:13 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 22:13 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 22:13 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 22:13 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 22:13 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 22:13 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 22:11 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 22:11 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 22:10 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 22:10 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 22:10 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 22:10 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 22:10 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 22:10 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 22:10 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 22:10 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 22:10 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 22:10 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 22:10 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 22:10 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 22:10 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 22:10 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 22:10 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 22:10 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 22:10 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 22:10 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 22:10 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 22:10 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 22:10 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 22:10 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 22:10 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 22:10 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 22:10 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 22:10 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 22:10 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 22:10 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 22:10 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 22:10 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 22:10 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 22:10 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 22:10 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 22:10 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 22:10 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 22:10 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 22:10 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 22:10 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 22:10 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 22:10 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 22:10 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 22:10 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 22:10 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 22:10 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 22:10 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 22:10 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 22:10 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 22:10 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 22:10 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 22:10 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 22:10 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 22:10 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 22:10 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 22:10 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 22:10 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 22:10 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 22:10 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 22:10 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 22:10 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-14 22:10 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 22:10 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 22:10 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 22:10 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 22:10 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 22:10 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 22:10 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 22:10 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 22:10 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 22:10 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 22:10 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 22:10 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 22:10 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 22:10 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 22:10 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 22:10 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 22:10 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 22:10 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 22:10 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 22:10 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 22:10 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 22:10 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 22:07 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 22:07 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 22:07 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 22:07 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-14 14:21 - 2014-08-14 14:22 - 00000000 ____D () C:\Users\Marco\Documents\Corona Projects
2014-08-14 14:21 - 2014-08-14 14:21 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Corona Labs
2014-08-12 01:37 - 2014-08-12 01:37 - 00000000 ____D () C:\ProgramData\DualMonitor
2014-08-12 00:29 - 2014-08-12 00:29 - 00000000 ____D () C:\Users\Marco\AppData\Local\Macromedia
2014-08-12 00:27 - 2014-08-27 15:34 - 00000978 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-12 00:27 - 2014-08-21 00:59 - 00003916 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-12 00:27 - 2014-08-21 00:58 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-12 00:27 - 2014-08-21 00:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-12 00:27 - 2014-08-12 00:27 - 00000000 ____D () C:\Windows\system32\Macromed
2014-08-11 19:47 - 2014-08-11 19:47 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Dual Monitor
2014-08-11 19:46 - 2014-08-11 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dual Monitor
2014-08-11 19:46 - 2014-08-11 19:46 - 00000000 ____D () C:\Program Files (x86)\Dual Monitor
2014-08-10 21:05 - 2014-08-10 21:05 - 00000000 ____D () C:\Users\Default\AppData\Local\Pinnacle
2014-08-10 21:05 - 2014-08-10 21:05 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pinnacle
2014-08-10 15:45 - 2014-08-10 20:40 - 00000000 ____D () C:\Users\Marco\AppData\Local\EvernoteNW
2014-08-09 01:17 - 2014-08-09 01:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-08-07 23:14 - 2014-08-07 23:14 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\NuGet
2014-08-07 23:08 - 2014-08-18 22:07 - 00000000 ____D () C:\Users\Marco\Documents\Visual Studio 2013
2014-08-07 23:06 - 2014-08-07 23:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-08-07 22:56 - 2014-08-07 22:56 - 00000000 ____D () C:\ProgramData\NuGet
2014-08-07 22:56 - 2014-08-07 22:56 - 00000000 ____D () C:\Program Files (x86)\NuGet
2014-08-07 22:47 - 2014-08-07 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-08-07 22:46 - 2014-08-07 22:47 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-08-07 22:44 - 2014-08-07 22:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer
2014-08-07 22:43 - 2014-08-07 23:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-08-07 22:43 - 2014-08-07 22:43 - 00000000 ____D () C:\Windows\SysWOW64\1040
2014-08-07 22:43 - 2014-08-07 22:43 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-08-07 22:43 - 2014-08-07 22:43 - 00000000 ____D () C:\Windows\system32\1040
2014-08-07 22:43 - 2014-08-07 22:43 - 00000000 ____D () C:\Windows\system32\1033
2014-08-07 22:42 - 2014-08-07 22:55 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-08-07 22:42 - 2014-08-07 22:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-08-07 22:41 - 2014-08-07 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2014-08-07 22:41 - 2014-08-07 22:41 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-08-07 22:39 - 2014-08-07 23:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0
2014-08-07 22:36 - 2014-08-14 22:21 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-07 22:22 - 2014-08-07 22:22 - 00000000 ___HD () C:\OneDriveTemp
2014-08-06 17:26 - 2014-08-06 17:26 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Mozilla
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\Users\Marco\AppData\Local\Mozilla
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-06 10:30 - 2014-08-06 10:30 - 00000000 ____D () C:\Users\Marco\AppData\Local\Apple Computer
2014-08-06 10:10 - 2014-08-06 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-06 10:09 - 2014-08-06 10:09 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-08-06 10:08 - 2014-08-06 10:08 - 00000000 ____D () C:\Program Files\Bonjour
2014-08-06 10:08 - 2014-08-06 10:08 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-08-06 10:07 - 2014-08-27 15:39 - 00000000 ___RD () C:\Users\Marco\Google Drive
2014-08-06 10:06 - 2014-08-14 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-04 17:56 - 2014-08-04 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2014-08-04 17:56 - 2014-08-04 17:56 - 00000000 ____D () C:\Program Files (x86)\Windows Phone
2014-08-04 17:54 - 2014-08-04 17:54 - 00000000 ____D () C:\ProgramData\Applications
2014-08-04 01:59 - 2014-08-04 01:59 - 00000000 ____D () C:\Users\Marco\Documents\My Weblog Posts
2014-07-28 18:54 - 2014-07-28 18:54 - 00000000 ____D () C:\Users\Marco\AppData\Local\Evernote
2014-07-28 18:52 - 2014-07-28 18:52 - 00000000 ____D () C:\Program Files (x86)\Evernote
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-27 16:12 - 2014-08-27 13:31 - 00020171 _____ () C:\Users\Marco\Desktop\FRST.txt
2014-08-27 16:12 - 2014-08-25 22:04 - 00000000 ____D () C:\FRST
2014-08-27 16:11 - 2014-07-07 12:04 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Skype
2014-08-27 15:51 - 2014-07-07 14:07 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Spotify
2014-08-27 15:45 - 2009-07-14 06:45 - 00031888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-27 15:45 - 2009-07-14 06:45 - 00031888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-27 15:41 - 2014-08-27 15:41 - 00000473 _____ () C:\Users\Marco\Desktop\fixlist.txt
2014-08-27 15:40 - 2014-07-06 22:14 - 01420505 _____ () C:\Windows\WindowsUpdate.log
2014-08-27 15:39 - 2014-08-06 10:07 - 00000000 ___RD () C:\Users\Marco\Google Drive
2014-08-27 15:38 - 2014-07-07 00:38 - 00000000 ___RD () C:\Users\Marco\Dropbox
2014-08-27 15:38 - 2014-07-07 00:26 - 00000000 ___RD () C:\Users\Marco\OneDrive
2014-08-27 15:38 - 2014-07-07 00:23 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Dropbox
2014-08-27 15:37 - 2014-08-27 01:24 - 00355584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 15:37 - 2014-08-27 01:24 - 00000392 _____ () C:\Windows\setupact.log
2014-08-27 15:37 - 2014-07-12 14:27 - 00001144 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-27 15:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-27 15:35 - 2014-08-27 15:35 - 00000625 _____ () C:\Users\Marco\Desktop\JRT.txt
2014-08-27 15:34 - 2014-08-12 00:27 - 00000978 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-27 15:32 - 2014-07-12 14:27 - 00001148 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-27 15:13 - 2014-08-27 15:13 - 00000000 ____D () C:\Windows\ERUNT
2014-08-27 15:12 - 2014-08-27 15:11 - 01016261 _____ (Thisisu) C:\Users\Marco\Desktop\JRT.exe
2014-08-27 15:06 - 2014-07-06 23:11 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-08-27 15:05 - 2014-08-27 01:24 - 00003406 _____ () C:\Windows\PFRO.log
2014-08-27 15:05 - 2014-08-25 17:05 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-27 15:03 - 2014-08-25 18:56 - 00000162 _____ () C:\Windows\wininit.ini
2014-08-27 15:03 - 2014-08-25 17:05 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-27 14:29 - 2014-08-27 14:27 - 00054041 _____ () C:\Users\Marco\Desktop\Addition.txt
2014-08-27 13:13 - 2014-07-07 23:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-27 01:25 - 2014-08-27 01:25 - 00092440 _____ () C:\Users\Marco\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-27 01:24 - 2014-08-27 01:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-27 01:20 - 2014-08-27 01:20 - 00282624 _____ () C:\Users\Marco\Downloads\appnhost (1).msi
2014-08-26 13:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-26 00:43 - 2014-08-25 22:26 - 00052062 _____ () C:\Users\Marco\Downloads\Addition.txt
2014-08-26 00:43 - 2014-08-25 22:23 - 00081767 _____ () C:\Users\Marco\Downloads\FRST.txt
2014-08-25 22:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-25 22:31 - 2014-08-25 22:31 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-25 22:20 - 2014-07-06 22:55 - 00001950 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-08-25 22:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-08-25 22:07 - 2014-08-25 22:07 - 00000000 ____D () C:\Users\Marco\AppData\Local\Mixesoft
2014-08-25 22:06 - 2014-08-25 22:06 - 00282624 _____ () C:\Users\Marco\Downloads\appnhost.msi
2014-08-25 22:03 - 2014-08-25 22:02 - 02103296 _____ (Farbar) C:\Users\Marco\Desktop\FRST64.exe
2014-08-25 22:02 - 2014-08-25 22:01 - 01095168 _____ (Farbar) C:\Users\Marco\Downloads\FRST.exe
2014-08-25 21:59 - 2014-08-25 21:58 - 01364531 _____ () C:\Users\Marco\Desktop\AdwCleaner.exe
2014-08-25 20:29 - 2014-08-25 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-25 20:29 - 2014-07-06 23:32 - 00000000 ____D () C:\Users\Marco\AppData\Local\Google
2014-08-25 20:29 - 2014-07-06 23:32 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-25 19:48 - 2014-07-06 22:55 - 00001149 _____ () C:\Windows\system32\ServiceFilter.ini
2014-08-25 19:42 - 2014-07-06 22:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-25 19:41 - 2014-08-25 19:40 - 19166188 _____ () C:\Users\Marco\Downloads\magictune409.zip
2014-08-25 19:39 - 2014-08-25 19:38 - 20984571 _____ () C:\Users\Marco\Downloads\MagicTunePremium_1.0.121.zip
2014-08-25 19:34 - 2014-08-25 19:32 - 26904740 _____ () C:\Users\Marco\Downloads\MT2.5_RAFF_31.zip
2014-08-25 17:06 - 2014-08-25 17:06 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-08-25 16:44 - 2014-07-06 22:47 - 00016302 _____ () C:\Windows\system32\results.xml
2014-08-25 16:41 - 2014-08-25 16:37 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Marco\Downloads\spybot-2.4.exe
2014-08-25 16:36 - 2014-08-25 16:35 - 00000000 ____D () C:\Users\Marco\Downloads\Nuova cartella
2014-08-25 14:54 - 2014-07-07 14:14 - 00000000 ____D () C:\Users\Marco\AppData\Local\Spotify
2014-08-24 17:58 - 2014-07-11 16:22 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\SoftGrid Client
2014-08-23 23:07 - 2014-08-23 23:07 - 00000000 ____D () C:\Users\Marco\AppData\Local\Adobe
2014-08-23 02:23 - 2014-07-09 23:19 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-22 21:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SchCache
2014-08-22 18:35 - 2014-08-22 18:26 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\FileZilla
2014-08-22 18:26 - 2014-08-22 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-08-22 18:26 - 2014-08-22 18:26 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-08-22 13:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-21 15:05 - 2014-07-09 19:02 - 00000032 _____ () C:\Users\Marco\AppData\Roaming\msregsvv.dll
2014-08-21 15:05 - 2014-07-09 19:02 - 00000032 _____ () C:\ProgramData\autobk.inc
2014-08-21 00:59 - 2014-08-12 00:27 - 00003916 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-21 00:58 - 2014-08-12 00:27 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-21 00:58 - 2014-08-12 00:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-18 22:07 - 2014-08-07 23:08 - 00000000 ____D () C:\Users\Marco\Documents\Visual Studio 2013
2014-08-17 23:07 - 2014-07-21 12:17 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\vlc
2014-08-17 22:59 - 2011-04-12 12:49 - 00741528 _____ () C:\Windows\system32\perfh010.dat
2014-08-17 22:59 - 2011-04-12 12:49 - 00147292 _____ () C:\Windows\system32\perfc010.dat
2014-08-17 22:59 - 2009-07-14 07:13 - 01660444 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-17 14:04 - 2009-07-14 07:08 - 00032512 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-16 21:53 - 2014-07-07 00:24 - 00000000 ____D () C:\Users\Marco\AppData\Local\Windows Live
2014-08-16 20:33 - 2014-07-07 13:27 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\uTorrent
2014-08-14 22:51 - 2014-07-07 00:36 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-14 22:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 22:34 - 2014-08-06 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-14 22:33 - 2014-08-14 22:33 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-08-14 22:33 - 2014-08-14 22:33 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-08-14 22:22 - 2014-08-14 22:21 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2013
2014-08-14 22:22 - 2014-08-14 22:21 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2013
2014-08-14 22:21 - 2014-08-07 22:36 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 22:21 - 2014-07-07 14:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 22:18 - 2014-07-07 14:14 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 22:12 - 2014-07-07 02:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 14:22 - 2014-08-14 14:21 - 00000000 ____D () C:\Users\Marco\Documents\Corona Projects
2014-08-14 14:21 - 2014-08-14 14:21 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Corona Labs
2014-08-12 01:37 - 2014-08-12 01:37 - 00000000 ____D () C:\ProgramData\DualMonitor
2014-08-12 00:29 - 2014-08-12 00:29 - 00000000 ____D () C:\Users\Marco\AppData\Local\Macromedia
2014-08-12 00:27 - 2014-08-12 00:27 - 00000000 ____D () C:\Windows\system32\Macromed
2014-08-11 19:47 - 2014-08-11 19:47 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Dual Monitor
2014-08-11 19:46 - 2014-08-11 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dual Monitor
2014-08-11 19:46 - 2014-08-11 19:46 - 00000000 ____D () C:\Program Files (x86)\Dual Monitor
2014-08-10 21:05 - 2014-08-10 21:05 - 00000000 ____D () C:\Users\Default\AppData\Local\Pinnacle
2014-08-10 21:05 - 2014-08-10 21:05 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pinnacle
2014-08-10 21:05 - 2014-07-15 10:45 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2014-08-10 20:43 - 2014-07-15 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 14
2014-08-10 20:40 - 2014-08-10 15:45 - 00000000 ____D () C:\Users\Marco\AppData\Local\EvernoteNW
2014-08-09 01:17 - 2014-08-09 01:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-08-08 19:42 - 2014-07-08 12:47 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\DAEMON Tools Lite
2014-08-08 00:44 - 2014-07-07 12:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-07 23:14 - 2014-08-07 23:14 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\NuGet
2014-08-07 23:08 - 2014-07-06 22:49 - 00092440 _____ () C:\Users\Default\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-07 23:08 - 2014-07-06 22:49 - 00092440 _____ () C:\Users\Default User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-07 23:07 - 2014-08-07 22:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0
2014-08-07 23:06 - 2014-08-07 23:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2014-08-07 23:03 - 2014-08-07 22:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-08-07 23:02 - 2014-08-07 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2014-08-07 22:56 - 2014-08-07 22:56 - 00000000 ____D () C:\ProgramData\NuGet
2014-08-07 22:56 - 2014-08-07 22:56 - 00000000 ____D () C:\Program Files (x86)\NuGet
2014-08-07 22:55 - 2014-08-07 22:42 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-08-07 22:55 - 2014-08-07 22:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-08-07 22:47 - 2014-08-07 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-08-07 22:47 - 2014-08-07 22:46 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-08-07 22:44 - 2014-08-07 22:44 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer
2014-08-07 22:44 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-08-07 22:43 - 2014-08-07 22:43 - 00000000 ____D () C:\Windows\SysWOW64\1040
2014-08-07 22:43 - 2014-08-07 22:43 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-08-07 22:43 - 2014-08-07 22:43 - 00000000 ____D () C:\Windows\system32\1040
2014-08-07 22:43 - 2014-08-07 22:43 - 00000000 ____D () C:\Windows\system32\1033
2014-08-07 22:41 - 2014-08-07 22:41 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-08-07 22:41 - 2014-07-07 15:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-08-07 22:22 - 2014-08-07 22:22 - 00000000 ___HD () C:\OneDriveTemp
2014-08-07 04:06 - 2014-08-14 22:07 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-14 22:07 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 17:26 - 2014-08-06 17:26 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Mozilla
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\Users\Marco\AppData\Local\Mozilla
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-06 17:26 - 2014-08-06 17:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-06 15:48 - 2014-07-07 00:39 - 00000000 ____D () C:\ProgramData\Skype
2014-08-06 10:30 - 2014-08-06 10:30 - 00000000 ____D () C:\Users\Marco\AppData\Local\Apple Computer
2014-08-06 10:30 - 2014-07-10 21:14 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Apple Computer
2014-08-06 10:10 - 2014-08-06 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-06 10:09 - 2014-08-06 10:09 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-08-06 10:08 - 2014-08-06 10:08 - 00000000 ____D () C:\Program Files\Bonjour
2014-08-06 10:08 - 2014-08-06 10:08 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-08-06 10:07 - 2014-07-06 22:21 - 00000000 ____D () C:\Users\Marco
2014-08-06 09:55 - 2014-07-07 00:26 - 00002186 _____ () C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-08-04 17:56 - 2014-08-04 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2014-08-04 17:56 - 2014-08-04 17:56 - 00000000 ____D () C:\Program Files (x86)\Windows Phone
2014-08-04 17:54 - 2014-08-04 17:54 - 00000000 ____D () C:\ProgramData\Applications
2014-08-04 01:59 - 2014-08-04 01:59 - 00000000 ____D () C:\Users\Marco\Documents\My Weblog Posts
2014-08-04 01:59 - 2014-07-07 15:51 - 00000000 ____D () C:\Users\Marco\AppData\Local\Windows Live Writer
2014-08-01 01:41 - 2014-08-14 22:10 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-14 22:10 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-29 09:55 - 2014-07-07 00:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-28 18:54 - 2014-07-28 18:54 - 00000000 ____D () C:\Users\Marco\AppData\Local\Evernote
2014-07-28 18:52 - 2014-07-28 18:52 - 00000000 ____D () C:\Program Files (x86)\Evernote
 
Some content of TEMP:
====================
C:\Users\Marco\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptcfbla.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-27 14:10
 
==================== End Of Log ============================
Link to post
Share on other sites
Capstan

Capstan

Posted
  • Author
Posted
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-08-2014 03

Ran by Marco at 2014-08-27 16:13:16

Running from C:\Users\Marco\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)

Ableton Live 9 Lite (HKLM-x32\...\{28498E69-5368-44D9-9AD6-591239450A65}) (Version: 9.0.0.0 - Ableton)

Acrobat.com (HKLM-x32\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 1.1.377 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)

Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)

Adobe Reader 9.0.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90100000001}) (Version: 9.0.1 - Adobe Systems Incorporated)

AmpegSVX (HKLM-x32\...\{CF1D7323-8A0A-49C7-83B0-088DB90721E2}) (Version: 1.1.0 - IK Multimedia)

AmpliTube 3 version 3.8.0 (HKLM\...\{DA5202AC-12BF-4330-B8EA-BC77F991FA1C}_is1) (Version: 3.8.0 - IK Multimedia)

Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 - Michael Tippach)

ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.10 - ASUS)

ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)

ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)

ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.21 - ASUS)

ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)

ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0021 - ASUS)

ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.41 - ASUS)

ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0006 - ASUS)

ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0009 - ASUS)

ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)

ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.20 - asus)

Asus_PSeries_Screensaver (HKLM-x32\...\Asus_PSeries_Screensaver) (Version: 1.0.0001 - ASUS)

ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0007 - ASUS)

Bass Station 2.0 (HKLM-x32\...\{ABAF1232-6213-4062-9D52-04E04A730CEA}_is1) (Version: 2.0 - Novation)

Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden

Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Build Tools - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden

Build Tools - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden

Build Tools Language Resources - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden

Build Tools Language Resources - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden

CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)

Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.127.0.61 - Conexant)

ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.9 - ASUS)

CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )

CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.6.1622 - CyberLink Corp.)

CyberLink PowerRecover (Version: 5.6.1622 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)

Driver Pinnacle Video (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)

Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)

Dual Monitor 1.22 (HKLM-x32\...\{64AA3F94-ED4A-4A4B-B72C-B7A1481ED5D8}_is1) (Version: 1.22.021813 - Cristi Diaconu)

Entity Framework 6.1.1 Tools  for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)

ETDWare PS/2-x64 7.0.5.16_WHQL (HKLM\...\Elantech) (Version: 7.0.5.16 - ELAN Microelectronics Corp.)

Evernote v. 5.5.3 (HKLM-x32\...\{B1A0F908-1448-11E4-8684-00163E98E7D0}) (Version: 5.5.3.4236 - Evernote Corp.)

Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.7 - ASUS)

FileZilla Client 3.9.0.3 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.3 - Tim Kosse)

Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.)

Framework applicazione livello dati Microsoft SQL Server 2012 (HKLM-x32\...\{6EEAE8E0-4899-4657-870B-EEDF36FC3369}) (Version: 11.1.2902.0 - Microsoft Corporation)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)

Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version:  - Arobas Music)

iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)

IK Multimedia Authorization Manager version 1.0.5 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.5 - IK Multimedia)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2462 - Intel Corporation)

JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.27.6 - JMicron Technology Corp.)

JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)

Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Knoll Light Factory EZ Studio (HKLM-x32\...\Knoll Light Factory EZ Studio) (Version:  - )

Language Pack del Visualizzatore della Guida Microsoft 2.1 - ITA (HKLM-x32\...\Language Pack del Visualizzatore della Guida Microsoft 2.1 - ITA) (Version: 2.1.21005 - Microsoft Corporation)

Language Pack del Visualizzatore della Guida Microsoft 2.1 - ITA (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden

LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden

Magic Bullet Looks Studio (HKLM-x32\...\Magic Bullet Looks Studio) (Version:  - )

Malwarebytes Anti-Malware versione 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)

Microsoft .NET Framework 4.5 SDK - ITA Lang Pack (HKLM-x32\...\{CC85795B-9AB3-4AAE-8BEA-9041178DF6E9}) (Version: 4.5.50710 - Microsoft Corporation)

Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (ITA) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (Italiano) (HKLM-x32\...\{079CDB66-D3E9-31C8-A597-93382A9A7402}) (Version: 4.5.50932 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 SDK (Italiano) (HKLM-x32\...\{46539A2C-DCEB-4BB1-BBBF-CAA06967E509}) (Version: 4.5.51641 - Microsoft Corporation)

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Azure Shared Components for Visual Studio 2013 - v1.2 (x32 Version: 1.2.20710.1601 - Microsoft Corporation) Hidden

Microsoft Azure Shared Components for Visual Studio 2013 Language Pack (ENU) - v1.2 (x32 Version: 1.2.20710.1601 - Microsoft Corporation) Hidden

Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden

Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden

Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden

Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)

Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden

Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)

Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop (x32 Version: 2.8.50313.46 - Microsoft Corporation) Hidden

Microsoft Office a portata di clic 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)

Microsoft Office a portata di clic 2010 (Version: 14.0.6122.5000 - Microsoft Corporation) Hidden

Microsoft Office Starter 2010 - Italiano (HKLM-x32\...\{90140011-0066-0410-0000-0000000FF1CE}) (Version: 14.0.7122.5000 - Microsoft Corporation)

Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)

Microsoft Portable Library Multi-Targeting Pack (x32 Version: 12.0.30501.00 - Microsoft Corporation) Hidden

Microsoft Report Viewer Add-On for Visual Studio 2013 (x32 Version: 11.1.3442.2 - Microsoft Corporation) Hidden

Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{61AB8577-B46C-492A-882E-C0F7AA6F49FB}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{35467A25-F30D-43AB-BDF1-77869DBC6F39}) (Version: 11.1.2902.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{16A550C4-1D4A-4AAF-9D26-3FA37E49D3AF}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{99F9DB22-1D83-4A41-BB6E-8DD58EFC9E8E}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{407F5EC7-B580-4C69-A233-D853C926869D}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Native Client (HKLM\...\{E672485C-E457-4E07-A813-9C78584076CB}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 System CLR Types (HKLM-x32\...\{6E1B40C0-130A-4D3E-90D2-B7AD107A1575}) (Version: 11.1.3366.16 - Microsoft Corporation)

Microsoft SQL Server 2012 System CLR Types (x64) (HKLM\...\{035A5DBB-6799-412B-AD1A-AE1D50ECD5D0}) (Version: 11.1.3366.16 - Microsoft Corporation)

Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{EFCB3339-A7BA-4CB4-B4D8-97BCA0FC2AC5}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server Compact 4.0 SP1 x64 ITA (HKLM\...\{E7BFD3A1-2152-4DE1-9F82-A478DD6097C9}) (Version: 4.0.8876.1 - Microsoft Corporation)

Microsoft SQL Server Data Tools - ITA (12.0.30919.1) (HKLM-x32\...\{10EBF1CD-4D7C-4961-8AA9-D7D2EC4E5413}) (Version: 12.0.30919.1 - Microsoft Corporation)

Microsoft SQL Server Data Tools Build Utilities - ITA (12.0.30919.1) (HKLM-x32\...\{F5675659-3A73-4F35-8673-0D39EB84F093}) (Version: 12.0.30919.1 - Microsoft Corporation)

Microsoft Team Foundation Server 2013 Update 3 Object Model (x64) (Version: 12.0.30723 - Microsoft Corporation) Hidden

Microsoft Visual C++  x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++  x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2013 32bit Compilers - ITA Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Diagnostic Tools - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Diagnostic Tools - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Express Prerequisites x64 - ITA (Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 Team Explorer Language Pack - ITA (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio 2013 XAML UI Designer (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden

Microsoft Visual Studio Express 2013 for Windows Desktop (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio Express 2013 per Windows Desktop - ITA (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual Studio Express 2013 per Windows Desktop - ITA con Update 3 (HKLM-x32\...\{8da5b17b-e0ef-463e-ad74-548bc738c465}) (Version: 12.0.30723.0 - Microsoft Corporation)

Modello a oggetti di Microsoft Team Foundation Server 2013 Update 3 Language Pack (x64) - ITA (Version: 12.0.30723 - Microsoft Corporation) Hidden

Modello di reindirizzamento di Python Tools (x32 Version: 1.0 - Microsoft Corporation) Hidden

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mozilla Firefox 31.0 (x86 it) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 it)) (Version: 31.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

NB Probe (HKLM-x32\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version:  - )

Pacchetto driver Windows - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1) (HKLM\...\CF1FC201D237269A9CD51A3A6B14ADBF67175C32) (Version: 09/25/2013 2.5.128.1 - Focusrite)

Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems)

Pinnacle Studio Ultimate Collection Plugins (HKLM-x32\...\{F5C372A1-40F3-49DA-A049-F75CDE9177DC}) (Version: 14.0.0.7255 - Pinnacle Systems)

Preparazione di Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Prerequisiti per SSDT (HKLM-x32\...\{038D0EF0-B10C-4ED3-8E0E-A9513B6E86F2}) (Version: 11.1.3000.0 - Microsoft Corporation)

Progettazione interfaccia utente XAML di Microsoft Visual Studio 2013 - ITA (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden

QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)

Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Red Giant ToonIt Studio (HKLM-x32\...\Red Giant ToonIt Studio) (Version:  - )

Risorse di Microsoft Visual Studio 2013 Shell (minime) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Scarlett Plug-in Suite 1.6 (HKLM-x32\...\{D7F912D4-C237-4079-966A-5044A5025CBF}}_is1) (Version: 1.6 - Focusrite)

SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.6 - ASUS)

Servizio linguaggio T-SQL Microsoft SQL Server 2012 (HKLM-x32\...\{EB7B7148-F739-4AD8-8FE2-6347034E518B}) (Version: 11.1.3000.0 - Microsoft Corporation)

Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)

Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)

Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)

Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)

Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)

Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)

Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)

Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)

Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)

Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)

Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)

Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)

Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)

Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)

Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)

Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)

SureThing Express Labeler (HKLM-x32\...\stax-Pinnacle_is1) (Version:  - MicroVision Development, Inc.)

Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Trapcode 3DStroke Studio (HKLM-x32\...\Trapcode 3DStroke Studio) (Version:  - )

Trapcode Particular Studio (HKLM-x32\...\Trapcode Particular Studio) (Version:  - )

Trapcode Shine Studio (HKLM-x32\...\Trapcode Shine Studio) (Version:  - )

TypeScript Power Tool (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden

TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden

Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)

Update for Microsoft Visual Studio 2013 (KB2932965) (HKLM-x32\...\{7dbba119-718a-4f68-b33e-454dc8aa5faf}) (Version: 12.0.30112 - Microsoft Corporation)

USB 2.0 VGA UVC WebCam (HKLM\...\USB 2.0 VGA UVC WebCam) (Version:  - )

Visual Studio 2013 Update 3 (KB2829760) (HKLM-x32\...\{86438e3d-7f83-4dd2-94aa-047e7c3974cb}) (Version: 12.0.30723 - Microsoft Corporation)

Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 2.1.30723.00 - Microsoft Corporation) Hidden

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)

VS Update core components (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden

Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Phone app for desktop (HKLM-x32\...\{CFF220E2-642C-4B41-87FA-9A634C6E01CF}) (Version: 1.1.2726.0 - Microsoft Corporation)

Windows Software Development Kit (x32 Version: 8.100.26831 - Microsoft Corporation) Hidden

Windows Software Development Kit (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden

Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden

Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden

Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden

Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.26831 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.26831 - Microsoft Corporation) Hidden

Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.26831 - Microsoft Corporation) Hidden

Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden

WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.3 - ASUS)

WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Marco\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Marco\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Marco\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Marco\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Marco\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3116869577-2081627223-1196300069-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marco\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

 

==================== Restore Points  =========================

 

25-08-2014 15:55:02 Windows Update

25-08-2014 15:58:30 Windows Update

25-08-2014 16:02:12 Windows Update

25-08-2014 17:00:05 Windows Update

25-08-2014 17:11:36 Windows Update

25-08-2014 17:15:54 Windows Update

25-08-2014 17:35:35 Installato MT2.5_RAFF

25-08-2014 17:37:55 Rimosso MT2.5_RAFF

25-08-2014 17:40:08 Installato MagicTune Premium

25-08-2014 17:52:05 Rimosso MagicTunePremium

25-08-2014 17:58:49 Windows Update

25-08-2014 18:02:38 Rimosso MagicTune Premium

25-08-2014 18:22:24 Removed Java 7 Update 67

25-08-2014 18:23:58 Removed System Requirements Lab CYRI

25-08-2014 20:06:33 Installed AppNHost 1.0.5.1

25-08-2014 20:46:12 Removed AppNHost 1.0.5.1

26-08-2014 11:02:24 Windows Update

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {0245AB5A-8C40-4BE8-8DD9-5B103BE25DC3} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)

Task: {1B7D582C-2CD4-4599-9189-1AFF8DBC7165} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-09-30] (asus)

Task: {1B888982-1EC2-4BA6-BB40-C765D185A4D0} - System32\Tasks\{7E40E74E-E471-47BF-8B21-5EEC97DBCAE2} => Chrome.exe http://ui.skype.com/ui/0/6.16.60.105/it/go/help.faq.installer?LastError=1618

Task: {396B9E9A-A959-483B-AD28-C1F18C37713F} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)

Task: {4C8D5A1F-D9AB-4898-B61D-5D87B52075E4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)

Task: {51B5F507-BCC4-4FF1-A368-591C65B60A2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-12] (Google Inc.)

Task: {8E4001BF-9C2C-40F2-BAD5-F069D3B9A48B} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()

Task: {920FE926-238B-4DBA-AE6E-90097EDD48B3} - System32\Tasks\Net4Switch => C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe

Task: {981C53C9-F2E3-4991-83D0-A8933C6BC6A1} - System32\Tasks\ASUS Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2010-05-11] ()

Task: {A30BE9E2-28B5-44F3-B36C-5651BCB0216C} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS)

Task: {A7A59928-8EDA-4C1A-8D42-05AF80F49470} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-21] (Adobe Systems Incorporated)

Task: {D3478010-1115-4DC6-8053-25FBD0D9C074} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-10-15] (ASUS)

Task: {DDEE23CC-6B9A-4417-8F72-19342E8F7E17} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)

Task: {FA4E5C84-B657-4137-B58A-FB255757D0E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-12] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

2010-04-02 19:21 - 2008-09-30 23:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll

2014-07-06 22:56 - 2007-11-30 11:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

2010-07-14 16:11 - 2010-07-14 16:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll

2010-05-11 17:35 - 2010-05-11 17:35 - 00489392 _____ () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe

2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2014-07-06 23:04 - 2007-08-03 12:24 - 00125496 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

2010-09-23 16:53 - 2010-09-23 16:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

2014-07-07 14:10 - 2014-08-22 15:31 - 00610872 _____ () C:\Users\Marco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

2014-07-07 14:10 - 2014-08-22 15:31 - 36966968 _____ () C:\Users\Marco\AppData\Roaming\Spotify\Data\libcef.dll

2014-07-06 23:04 - 2007-09-14 10:00 - 00147456 _____ () C:\Program Files\ASUS\NB Probe\SPM\spdiskex.dll

2014-07-06 23:04 - 2003-11-28 02:11 - 00135168 _____ () C:\Program Files\ASUS\NB Probe\SPM\spos.dll

2014-07-06 23:04 - 2005-08-29 15:24 - 00081920 _____ () C:\Program Files\ASUS\NB Probe\SPM\spnbacpi.dll

2014-07-06 23:04 - 2003-09-09 16:08 - 00049152 _____ () C:\Program Files\ASUS\NB Probe\SPM\spdmi.dll

2014-07-06 23:04 - 2006-04-04 10:24 - 00036864 _____ () C:\Program Files\ASUS\NB Probe\SPM\ghadmi.dll

2014-07-06 23:04 - 2005-04-07 19:25 - 00077824 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmemory.dll

2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll

2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll

2014-08-27 15:38 - 2014-08-27 15:38 - 00043008 _____ () c:\users\marco\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptcfbla.dll

2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Marco\AppData\Roaming\Dropbox\bin\libcef.dll

2014-07-25 16:22 - 2014-07-25 16:22 - 00436576 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll

2014-07-25 16:22 - 2014-07-25 16:22 - 00318304 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll

2014-07-25 16:22 - 2014-07-25 16:22 - 21118304 _____ () C:\Program Files (x86)\Evernote\Evernote\libcef.dll

2014-07-25 16:22 - 2014-07-25 16:22 - 00985968 _____ () C:\Program Files (x86)\Evernote\Evernote\avcodec-54.dll

2014-07-25 16:22 - 2014-07-25 16:22 - 00136048 _____ () C:\Program Files (x86)\Evernote\Evernote\avutil-51.dll

2014-07-25 16:22 - 2014-07-25 16:22 - 00192368 _____ () C:\Program Files (x86)\Evernote\Evernote\avformat-54.dll

2014-08-27 15:38 - 2014-08-27 15:38 - 02449920 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\python27.dll

2014-08-27 15:37 - 2014-08-27 15:37 - 00098816 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\win32api.pyd

2014-08-27 15:38 - 2014-08-27 15:38 - 00110080 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\pywintypes27.dll

2014-08-27 15:37 - 2014-08-27 15:37 - 00364544 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\pythoncom27.dll

2014-08-27 15:37 - 2014-08-27 15:37 - 00045568 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\_socket.pyd

2014-08-27 15:38 - 2014-08-27 15:38 - 01160704 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\_ssl.pyd

2014-08-27 15:37 - 2014-08-27 15:37 - 00320512 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\win32com.shell.shell.pyd

2014-08-27 15:38 - 2014-08-27 15:38 - 00713216 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\_hashlib.pyd

2014-08-27 15:37 - 2014-08-27 15:37 - 01175040 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\wx._core_.pyd

2014-08-27 15:38 - 2014-08-27 15:38 - 01985024 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\wxbase294u_vc90.dll

2014-08-27 15:38 - 2014-08-27 15:38 - 00154112 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\wxbase294u_net_vc90.dll

2014-08-27 15:38 - 2014-08-27 15:38 - 04598272 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\wxmsw294u_core_vc90.dll

2014-08-27 15:38 - 2014-08-27 15:38 - 01234944 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\wxmsw294u_adv_vc90.dll

2014-08-27 15:38 - 2014-08-27 15:38 - 00805888 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\wx._gdi_.pyd

2014-08-27 15:38 - 2014-08-27 15:38 - 00811008 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\wx._windows_.pyd

2014-08-27 15:38 - 2014-08-27 15:38 - 00595968 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\wxmsw294u_html_vc90.dll

2014-08-27 15:38 - 2014-08-27 15:38 - 01062400 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\wx._controls_.pyd

2014-08-27 15:37 - 2014-08-27 15:37 - 00735232 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\wx._misc_.pyd

2014-08-27 15:37 - 2014-08-27 15:37 - 00128512 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\_elementtree.pyd

2014-08-27 15:37 - 2014-08-27 15:37 - 00127488 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\pyexpat.pyd

2014-08-27 15:37 - 2014-08-27 15:37 - 00557056 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\pysqlite2._sqlite.pyd

2014-08-27 15:38 - 2014-08-27 15:38 - 00007168 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\hashobjs_ext.pyd

2014-08-27 15:37 - 2014-08-27 15:37 - 00087552 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\_ctypes.pyd

2014-08-27 15:37 - 2014-08-27 15:37 - 00119808 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\win32file.pyd

2014-08-27 15:37 - 2014-08-27 15:37 - 00108544 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\win32security.pyd

2014-08-27 15:38 - 2014-08-27 15:38 - 00018432 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\win32event.pyd

2014-08-27 15:37 - 2014-08-27 15:37 - 00038912 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\win32inet.pyd

2014-08-27 15:38 - 2014-08-27 15:38 - 00070656 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\wx._html2.pyd

2014-08-27 15:38 - 2014-08-27 15:38 - 00091648 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\wxmsw294u_webview_vc90.dll

2014-08-27 15:37 - 2014-08-27 15:37 - 00167936 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\win32gui.pyd

2014-08-27 15:37 - 2014-08-27 15:37 - 00011264 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\win32crypt.pyd

2014-08-27 15:38 - 2014-08-27 15:38 - 00027136 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\_multiprocessing.pyd

2014-08-27 15:38 - 2014-08-27 15:38 - 00686080 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\unicodedata.pyd

2014-08-27 15:37 - 2014-08-27 15:37 - 00122368 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\wx._wizard.pyd

2014-08-27 15:38 - 2014-08-27 15:38 - 00010240 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\select.pyd

2014-08-27 15:38 - 2014-08-27 15:38 - 00024064 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\win32pipe.pyd

2014-08-27 15:38 - 2014-08-27 15:38 - 00025600 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\win32pdh.pyd

2014-08-27 15:37 - 2014-08-27 15:37 - 00525640 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\windows._lib_cacheinvalidation.pyd

2014-08-27 15:37 - 2014-08-27 15:37 - 00035840 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\win32process.pyd

2014-08-27 15:37 - 2014-08-27 15:37 - 00017408 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\win32profile.pyd

2014-08-27 15:37 - 2014-08-27 15:37 - 00022528 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\win32ts.pyd

2014-08-27 15:37 - 2014-08-27 15:37 - 00078336 _____ () C:\Users\Marco\AppData\Local\Temp\_MEI36922\wx._animate.pyd

2014-07-07 19:01 - 2014-08-22 15:31 - 00867896 _____ () C:\Users\Marco\AppData\Roaming\Spotify\Data\ffmpegsumo.dll

2014-07-07 14:10 - 2014-08-22 15:31 - 00886840 _____ () C:\Users\Marco\AppData\Roaming\Spotify\Data\libglesv2.dll

2014-07-07 14:10 - 2014-08-22 15:31 - 00108600 _____ () C:\Users\Marco\AppData\Roaming\Spotify\Data\libegl.dll

2010-09-30 15:13 - 2010-09-30 15:13 - 00041472 _____ () C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll

2010-09-30 15:13 - 2010-09-30 15:13 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll

2010-09-30 15:14 - 2010-09-30 15:14 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll

2010-09-30 15:13 - 2010-09-30 15:13 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll

2014-03-31 21:35 - 2014-03-31 21:35 - 00035008 _____ () C:\Program Files (x86)\Windows Live\Shared\it\uxctlloc.dll.mui

2014-03-31 21:35 - 2014-03-31 21:35 - 00278208 _____ () C:\Program Files (x86)\Windows Live\Writer\it\WindowsLive.Writer.Localization.resources.dll

2014-08-13 16:09 - 2014-08-13 16:09 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll

2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll

2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll

2014-08-25 20:29 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll

2014-08-25 20:29 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll

2014-08-25 20:29 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll

2014-08-25 20:29 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll

2014-08-25 20:29 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll

2010-07-01 11:21 - 2010-07-01 11:21 - 00204800 _____ () C:\Program Files (x86)\asus\VirtualCamera\virtualCamera.ax

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (08/27/2014 03:51:06 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nome dell'applicazione che ha generato l'errore: FRST64.exe, versione: 24.8.2014.3, timestamp: 0x53fa06d9

Nome del modulo che ha generato l'errore: ntdll.dll, versione: 6.1.7601.18247, timestamp: 0x521eaf24

Codice eccezione: 0xc00000fd

Offset errore 0x000000000005626a

ID processo che ha generato l'errore: 0x868

Ora di avvio dell'applicazione che ha generato l'errore: 0xFRST64.exe0

Percorso dell'applicazione che ha generato l'errore: FRST64.exe1

Percorso del modulo che ha generato l'errore: FRST64.exe2

ID segnalazione: FRST64.exe3

 

Error: (08/27/2014 03:44:44 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nome dell'applicazione che ha generato l'errore: FRST64.exe, versione: 24.8.2014.3, timestamp: 0x53fa06d9

Nome del modulo che ha generato l'errore: ntdll.dll, versione: 6.1.7601.18247, timestamp: 0x521eaf24

Codice eccezione: 0xc00000fd

Offset errore 0x000000000005501f

ID processo che ha generato l'errore: 0x154c

Ora di avvio dell'applicazione che ha generato l'errore: 0xFRST64.exe0

Percorso dell'applicazione che ha generato l'errore: FRST64.exe1

Percorso del modulo che ha generato l'errore: FRST64.exe2

ID segnalazione: FRST64.exe3

 

Error: (08/27/2014 03:43:28 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nome dell'applicazione che ha generato l'errore: FRST64.exe, versione: 24.8.2014.3, timestamp: 0x53fa06d9

Nome del modulo che ha generato l'errore: ntdll.dll, versione: 6.1.7601.18247, timestamp: 0x521eaf24

Codice eccezione: 0xc00000fd

Offset errore 0x000000000005626a

ID processo che ha generato l'errore: 0x1628

Ora di avvio dell'applicazione che ha generato l'errore: 0xFRST64.exe0

Percorso dell'applicazione che ha generato l'errore: FRST64.exe1

Percorso del modulo che ha generato l'errore: FRST64.exe2

ID segnalazione: FRST64.exe3

 

Error: (08/27/2014 03:42:31 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nome dell'applicazione che ha generato l'errore: FRST64.exe, versione: 24.8.2014.3, timestamp: 0x53fa06d9

Nome del modulo che ha generato l'errore: ntdll.dll, versione: 6.1.7601.18247, timestamp: 0x521eaf24

Codice eccezione: 0xc00000fd

Offset errore 0x0000000000053443

ID processo che ha generato l'errore: 0x1b5c

Ora di avvio dell'applicazione che ha generato l'errore: 0xFRST64.exe0

Percorso dell'applicazione che ha generato l'errore: FRST64.exe1

Percorso del modulo che ha generato l'errore: FRST64.exe2

ID segnalazione: FRST64.exe3

 

Error: (08/27/2014 03:37:47 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

System errors:

=============

Error: (08/27/2014 03:37:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: All'avvio non è stato possibile caricare i seguenti driver: 

sptd

 

Error: (08/27/2014 03:36:55 PM) (Source: sptd) (EventID: 4) (User: )

Description: Il driver ha rilevato un errore interno nelle strutture dati per .

 

 

Microsoft Office Sessions:

=========================

Error: (08/27/2014 03:51:06 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: FRST64.exe24.8.2014.353fa06d9ntdll.dll6.1.7601.18247521eaf24c00000fd000000000005626a86801cfc1fdd851e568C:\Users\Marco\Desktop\FRST64.exeC:\Windows\SYSTEM32\ntdll.dll30eef38c-2df1-11e4-b06e-bcaec54e2c2d

 

Error: (08/27/2014 03:44:44 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: FRST64.exe24.8.2014.353fa06d9ntdll.dll6.1.7601.18247521eaf24c00000fd000000000005501f154c01cfc1fcf9e8bd96C:\Users\Marco\Desktop\FRST64.exeC:\Windows\SYSTEM32\ntdll.dll4d063e9e-2df0-11e4-b06e-bcaec54e2c2d

 

Error: (08/27/2014 03:43:28 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: FRST64.exe24.8.2014.353fa06d9ntdll.dll6.1.7601.18247521eaf24c00000fd000000000005626a162801cfc1fccc5bc3c8C:\Users\Marco\Desktop\FRST64.exeC:\Windows\SYSTEM32\ntdll.dll1f91d63c-2df0-11e4-b06e-bcaec54e2c2d

 

Error: (08/27/2014 03:42:31 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: FRST64.exe24.8.2014.353fa06d9ntdll.dll6.1.7601.18247521eaf24c00000fd00000000000534431b5c01cfc1fc9d46c4acC:\Users\Marco\Desktop\FRST64.exeC:\Windows\SYSTEM32\ntdll.dllfd71ae31-2def-11e4-b06e-bcaec54e2c2d

 

Error: (08/27/2014 03:37:47 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core i3 CPU M 330 @ 2.13GHz

Percentage of memory in use: 62%

Total physical RAM: 3884.3 MB

Available physical RAM: 1471.17 MB

Total Pagefile: 7766.77 MB

Available Pagefile: 4509.77 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:116.44 GB) (Free:60.25 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (Data) (Fixed) (Total:327.83 GB) (Free:327.09 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E0C5913D)

Partition 1: (Active) - (Size=116.4 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=327.8 GB) - (Type=OF Extended)

 

==================== End Of Log ============================

Link to post
Share on other sites
Naathim

Naathim

Posted
Posted

I can't really say it.

I saw it before just using Malewarebytes but never on my browser.

I have removed what I saw. There was an Astromenda entry, so it should be gone now.

51c9d14017fa0-SecurityCheck.PNG Scan with Security Check

Please download Security Check by Screen317 and save it to your desktop.

  • Right-click on 51c9d14017fa0-SecurityCheck.PNG icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow onscreen instructions inside the black box. This scan won't take long.
  • Soon a notepad document called checkup.txt will open automaticaly.

Please include the content of that document.

Link to post
Share on other sites
Capstan

Capstan

Posted
  • Author
Posted
 Results of screen317's Security Check version 0.99.87  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  

 Internet Explorer 11  

``````````````Antivirus/Firewall Check:`````````````` 

Microsoft Security Essentials   

 Antivirus up to date!  

`````````Anti-malware/Other Utilities Check:````````` 

 Visual Studio Extensions for Windows Library for JavaScript 

 Java version out of Date! 

 Adobe Flash Player 14.0.0.179  

 Adobe Reader 9 Adobe Reader out of Date! 

 Mozilla Firefox (31.0) 

 Google Chrome 36.0.1985.143  

````````Process Check: objlist.exe by Laurent````````  

 Microsoft Security Essentials MSMpEng.exe 

 Microsoft Security Essentials msseces.exe 

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C: 0% 

````````````````````End of Log`````````````````````` 
Link to post
Share on other sites
Naathim

Naathim

Posted
Posted

updates.png Update outdated software

Staying always updated is crucial, not only for your operating system, but also for any third-party installed software.

Your logs clearly indicate that some of your software needs updating.

javacup.png Updating Java manually

  • Click the Start button
  • Click Control Panel
  • Double click Java - Looks like a coffee cup. You may have to switch to Classical View to see it.
  • Click the Update tab
  • Click Update Now
  • Allow any updates to be downloaded and installed.
  • If prompted (during the installation) to also install ASK toolbar, leave this unchecked - Ask does not have a good reputation.
  • From Control panel also please remove any older versions of Java - do not leave them installed!.

Adobe_Reader_v9-0_icon.png Updating Adobe manually

  • Visit Adobe website.
  • You will see a download option there for the newest Adobe Acrobat version.
  • In the center part you will be prompted to install McAfee Security Scan Plus as a free program. This is foistware. Remember to leave the box for McAfee UNCHECKED.
  • Click on Install, save the file to a convenient location, double-click it and follow the prompts.

Remember to keep your software always up-to-date.

 

Report when done.

Link to post
Share on other sites
Naathim

Naathim

Posted
Posted

True, you don't have Java so skip it.
 
 
51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please re-run 51a46ae42d560-malwarebytes_anti_malware. Malwarebytes' Anti-Malware.

  • First of all, select update.
  • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the newest Scan Log.
  • At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.
 
ESETOnline.png Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Please visit ESET Online Scanner website.
Click there Run ESET Online Scanner.

If using Internet Explorer:

  • Accept the Terms of Use and click Start.
  • Allow the running of add-on.

If using Mozilla Firefox or Google Chrome:

  • Download esetsmartinstaller_enu.exe that you'll be given link to.
  • Double click esetsmartinstaller_enu.exe.
  • Allow the Terms of Use and click Start.

To perform the scan:

  • Make sure that Enable detecion of potentially unwanted applications is checked.
  • In the Advanced Settings dropdown menu:
    • Make sure that Remove found threats is unchecked.
    • Scan archives is checked.
    • Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
    • Use custom proxy settings is unchecked.
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
  • When the scan is done, click Finish.
  • A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.

Please include this logfile in your next reply.
Don't forget to re-enable previously switched-off protection software!

Link to post
Share on other sites
Capstan

Capstan

Posted
  • Author
Posted
Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 27/08/2014

Scan Time: 17:04:59

Logfile: scan_log.txt

Administrator: Yes

 

Version: 2.00.2.1012

Malware Database: v2014.08.27.04

Rootkit Database: v2014.08.21.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Marco

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 342208

Time Elapsed: 13 min, 19 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

 

 

 


ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7623

# api_version=3.0.2

# EOSSerial=ce83b5ed55f2f84299d933e215be299b

# engine=19870

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2014-08-27 04:52:40

# local_time=2014-08-27 06:52:40 (+0100, ora legale Europa occidentale)

# country="Italy"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode_1='Microsoft Security Essentials'

# compatibility_mode=5895 16777213 100 100 4476393 32142354 0 0

# scanned=184503

# found=0

# cleaned=0

# scan_time=4934

 

Link to post
Share on other sites
Naathim

Naathim

Posted
Posted

No no no, still cleaning remains :)



51a5ce45263de-delfix.png Clean with DelFix

Please download DelFix by Xplode and save it to your desktop.

  • Right-click on 51a5ce45263de-delfix.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Ensure that Remove disinfection tools, Purge system restore and Reset system settings are checked.
  • Push Run.
  • When finished, it will display a notepad report.

Include it for my review.
Please also manually reboot your machine after posting your logfile.

Link to post
Share on other sites
Capstan

Capstan

Posted
  • Author
Posted

I mean any sorftware I should run sometimes to check if everything is ok.

 

About antivirus and firewall I'm using Microsoft Security Essentials and Microsoft Firewall.

 

Are they ok?

 

# DelFix v10.8 - Logfile created 27/08/2014 at 21:48:54
# Updated 29/07/2014 by Xplode
# Username : Marco - MARCO-PC
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : HKLM\SOFTWARE\AdwCleaner
 
~ Cleaning system restore ...
 
Deleted : RP #138 [Windows Update | 08/25/2014 15:55:02]
Deleted : RP #139 [Windows Update | 08/25/2014 15:58:30]
Deleted : RP #140 [Windows Update | 08/25/2014 16:02:12]
Deleted : RP #141 [Windows Update | 08/25/2014 17:00:05]
Deleted : RP #142 [Windows Update | 08/25/2014 17:11:36]
Deleted : RP #143 [Windows Update | 08/25/2014 17:15:54]
Deleted : RP #144 [installato MT2.5_RAFF | 08/25/2014 17:35:35]
Deleted : RP #145 [Rimosso MT2.5_RAFF | 08/25/2014 17:37:55]
Deleted : RP #146 [installato MagicTune Premium | 08/25/2014 17:40:08]
Deleted : RP #147 [Rimosso MagicTunePremium | 08/25/2014 17:52:05]
Deleted : RP #148 [Windows Update | 08/25/2014 17:58:49]
Deleted : RP #149 [Rimosso MagicTune Premium | 08/25/2014 18:02:38]
Deleted : RP #150 [Removed Java 7 Update 67 | 08/25/2014 18:22:24]
Deleted : RP #151 [Removed System Requirements Lab CYRI | 08/25/2014 18:23:58]
Deleted : RP #152 [installed AppNHost 1.0.5.1 | 08/25/2014 20:06:33]
Deleted : RP #153 [Removed AppNHost 1.0.5.1 | 08/25/2014 20:46:12]
Deleted : RP #154 [Windows Update | 08/26/2014 11:02:24]
 
New restore point created !
 
~ Resetting system settings ... OK
 
########## - EOF - ##########
Link to post
Share on other sites
Naathim

Naathim

Posted
Posted

Well, this is it. We're really done now :)
 

I mean any sorftware I should run sometimes to check if everything is ok.


See below :)
 

About antivirus and firewall I'm using Microsoft Security Essentials and Microsoft Firewall.

Are they ok?


They are enough for an average user :)




Below you will find my thoughts about securing your machine. Go ahead through it, you will benefit from some useful advice about safe computing.

 

Recommended reading:


icon_exclaim.gif MUST READ - security tips: Computer Security - a short guide to staying safer online.
icon_exclaim.gif MUST READ - general maintenance: What to do if your Computer is running slowly?




Recommended additional software:


icon_arrow.gif TFC - to clean unneeded temporary files.
icon_arrow.gif Malwarebytes' Anti-Malware - to scan your system from time to time in search for malware.
icon_arrow.gif Malwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.
icon_arrow.gif McShield - to prevent infections spread by removable media.
icon_arrow.gif CryptoPrevent - to secure yourself from very severe CryptoLocker infection.
icon_arrow.gif Unchecky - to prevent from installing additional foistware, implemented in legitimate installations.


Now if you have any other questions, feel free to ask me. Otherwise simply acknowledge my recommendations and this topic will be closed.




Minion-Bye-smaller.jpg


Stay safe,
Naat :)

Link to post
Share on other sites
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.