ho letto la guida per la pulizia, e ho pure esceguito le scansino eccovi i log
Malwarebytes Anti-Malware
www.malwarebytes.orgData scansione: 25/11/2014
Ora scansione: 21:46:15
File di log: malwarebytes.txt
Amministratore: Si
Versione: 2.00.3.1025
Database malware: v2014.11.25.14
Database rootkit: v2014.11.22.01
Licenza: Free
Protezione da malware: Disattivata
Protezione da siti web nocivi: Disattivata
Autoprotezione: Disattivata
SO: Windows 7 Service Pack 1
CPU: x64
File system: NTFS
Utente: borni
Tipo di scansione: Scansione elementi nocivi
Risultati: Completata
Elementi analizzati: 412975
Tempo impiegato: 27 min, 54 sec
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Euristica: Attivata
PUP: Attivata
PUM: Attivata
Processi: 0
(Nessun elemento malevolo rilevato)
Moduli: 0
(Nessun elemento malevolo rilevato)
Chiavi di registro: 0
(Nessun elemento malevolo rilevato)
Valori di registro: 0
(Nessun elemento malevolo rilevato)
Dati di registro: 0
(Nessun elemento malevolo rilevato)
Cartelle: 0
(Nessun elemento malevolo rilevato)
File: 0
(Nessun elemento malevolo rilevato)
Settori fisici: 0
(Nessun elemento malevolo rilevato)
(end)
# AdwCleaner v4.102 - Rapporto creato 25/11/2014 in 20:27:16
# Aggiornato 23/11/2014 di Xplode
# Database : 2014-11-25.1 [Live]
# Sistema operativo : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nome utente : borni - BORNI-PC
# In esecuzione da : C:\Users\borni\Downloads\adwcleaner_4.102.exe
# Opzione : Pulisci
***** [ Servizi ] *****
[#] Servizio Eliminato : ServUpdater
***** [ File / Cartelle ] *****
Cartella Eliminato : C:\ProgramData\driver whiz
Cartella Eliminato : C:\Users\borni\AppData\Local\ServUpdater
Cartella Eliminato : C:\Users\borni\Documents\drivergenius
***** [ Compiti ] *****
Compito Eliminati : BrowserDefendert
Compito Eliminati : MySearchDial
***** [ Collegamenti ] *****
***** [ Registro ] *****
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v33.1 (x86 it)
[kop9q3zn.default\prefs.js] - Riga eliminata : user_pref("extensions.zonealarm.kw_url", "hxxp://search.zonealarm.com/search?src=sp&tbid=goughDev3&Lan=it&gu=dd7949b5b0f844e6af4e45f1080e5290&tu=10NQy00An5B0CO0&sku=&tstsId=&ver=&&q=");
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [21929 octets] - [22/11/2013 14:49:44]
AdwCleaner[R1].txt - [8912 octets] - [24/11/2013 19:36:16]
AdwCleaner[R2].txt - [1259 octets] - [08/12/2013 11:30:34]
AdwCleaner[R3].txt - [2622 octets] - [27/03/2014 20:26:48]
AdwCleaner[R4].txt - [2919 octets] - [29/06/2014 18:16:27]
AdwCleaner[R5].txt - [2313 octets] - [25/11/2014 19:43:30]
AdwCleaner[S0].txt - [20945 octets] - [22/11/2013 14:50:57]
AdwCleaner[S1].txt - [8846 octets] - [24/11/2013 19:37:36]
AdwCleaner[S2].txt - [1325 octets] - [08/12/2013 11:32:06]
AdwCleaner[S3].txt - [2574 octets] - [27/03/2014 20:27:33]
AdwCleaner[S4].txt - [3011 octets] - [29/06/2014 18:49:07]
AdwCleaner[S5].txt - [2252 octets] - [25/11/2014 20:27:16]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [2312 octets] ##########
unkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Home Premium x64
Ran by borni on 25/11/2014 at 20:35:48,32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:\Windows\wininit.ini"
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\borni\AppData\Roaming\mozilla\firefox\profiles\kop9q3zn.default\minidumps [103 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25/11/2014 at 20:40:42,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
OTL logfile created on: 25/11/2014 20:45:32 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\borni\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17420)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
3,86 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 60,61% Memory free
7,71 Gb Paging File | 5,80 Gb Available in Paging File | 75,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285,60 Gb Total Space | 46,98 Gb Free Space | 16,45% Space Free | Partition Type: NTFS
Computer Name: BORNI-PC | User Name: borni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ========== PRC - C:\Users\borni\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\ProgramData\Avg_Update_1114av\AVG-Secure-Search-Update_1114av.exe ()
PRC - C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe (asus)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b22741531a2850c807656d0298a96bd\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1f539baa94516139240877cb6afd72c2\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3d4f835b8078dacc8d5da623e2c3f0ee\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll ()
MOD - C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll ()
MOD - C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll ()
MOD - C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll ()
MOD - C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll ()
MOD - C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipswcore.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipswsysmon.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ResItf.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\cxcmrt.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_it_31bf3856ad364e35\PresentationCore.resources.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipsw_cfgmgr.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\LogonStartup.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\iphelper.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipswui.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipswobj.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipswhlp.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipswgblset.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipswds.dll ()
MOD - C:\Program Files (x86)\ASUS\Net4Switch\ipswresmgr.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll ()
========== Services (SafeList) ========== SRV:
64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:
64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:
64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:
64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:
64bit: - (EPSON_EB_RPCV4_04) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (SEIKO EPSON CORPORATION)
SRV:
64bit: - (EPSON_PM_RPCV4_04) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (SEIKO EPSON CORPORATION)
SRV:
64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:
64bit: - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (c2cautoupdatesvc) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
SRV - (c2cpnrsvc) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (postgresql-8.4) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (TipCtrl) -- C:\Program Files (x86)\uTIPu\TipCtrl.exe (Utipu inc.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
SRV - (ADSMService) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
========== Driver Services (SafeList) ========== DRV:
64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
DRV:
64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:
64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:
64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:
64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:
64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)
DRV:
64bit: - (Avgdiska) -- C:\Windows\SysNative\drivers\avgdiska.sys (AVG Technologies CZ, s.r.o.)
DRV:
64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:
64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:
64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:
64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:
64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:
64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:
64bit: - (npf) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:
64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:
64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:
64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:
64bit: - (AsDsm) -- C:\Windows\SysNative\drivers\AsDsm.sys (ASUSTek Computer Inc)
DRV:
64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:
64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:
64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.)
DRV:
64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:
64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:
64bit: - (JLTECH0227) -- C:\Windows\SysNative\drivers\jl2005c.sys (Windows (R) Codename Longhorn DDK provider)
DRV:
64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:
64bit: - (JME) -- C:\Windows\SysNative\drivers\JME.sys (JMicron Technology Corp.)
DRV:
64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:
64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:
64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:
64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:
64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:
64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:
64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:
64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:
64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:
64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:
64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:
64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:
64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:
64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:
64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:
64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:
64bit: - (dfmirage) -- C:\Windows\SysNative\drivers\dfmirage.sys (DemoForge, LLC)
DRV:
64bit: - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE:
64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1666706445-4238253143-1674265975-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://asus.msn.comIE - HKU\S-1-5-21-1666706445-4238253143-1674265975-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1666706445-4238253143-1674265975-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1666706445-4238253143-1674265975-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 3B 3D 8F 36 01 00 00 80 06 00 65 04 00 00 00 00 [binary data]
IE - HKU\S-1-5-21-1666706445-4238253143-1674265975-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKU\S-1-5-21-1666706445-4238253143-1674265975-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.comIE - HKU\S-1-5-21-1666706445-4238253143-1674265975-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.comIE - HKU\S-1-5-21-1666706445-4238253143-1674265975-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1666706445-4238253143-1674265975-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1666706445-4238253143-1674265975-1014\..\SearchScopes,DefaultScope =
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "StartWeb"
FF - prefs.js..browser.search.selectedEngine: "StartWeb"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "https://www.google.it/"
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.17
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.24
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1
FF - prefs.js..keyword.URL: ""
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\borni\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmdownloader@gmail.com: C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ytfmdownloader@gmail.com: C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2012/03/18 21:12:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\borni\AppData\Roaming\mozilla\Extensions
[2014/09/05 16:45:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\borni\AppData\Roaming\mozilla\Firefox\Profiles\kop9q3zn.default\extensions
[2014/09/05 16:45:56 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\borni\AppData\Roaming\mozilla\Firefox\Profiles\kop9q3zn.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014/05/01 19:41:45 | 000,731,942 | ---- | M] () (No name found) -- C:\Users\borni\AppData\Roaming\mozilla\firefox\profiles\kop9q3zn.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2014/11/10 22:47:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2014/11/10 22:47:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2014/11/10 22:47:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2014/11/10 22:47:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014/11/10 22:47:20 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ========== CHR - Extension: No name found = C:\Users\borni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: No name found = C:\Users\borni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\borni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2014/03/31 17:19:22 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:
64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:
64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:
64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:
64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:
64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:
64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:
64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1666706445-4238253143-1674265975-1001..\Run: [AVG-Secure-Search-Update_1114av] C:\Users\borni\AppData\Roaming\Avg_Update_1114av\AVG-Secure-Search-Update_1114av.exe ()
O4 - HKU\S-1-5-21-1666706445-4238253143-1674265975-1001..\Run: [uTorrent] C:\Users\borni\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\borni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\borni\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\borni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:
64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74AAF975-7A11-48FF-82C5-9C75750B87A4}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74AAF975-7A11-48FF-82C5-9C75750B87A4}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDE45CE6-29A5-4E1F-A23B-5FF461CF7348}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDE45CE6-29A5-4E1F-A23B-5FF461CF7348}: NameServer = 8.8.8.8,8.8.4.4
O18:
64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (BootDefrag.exe)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 60 Days ========== [2014/11/25 17:43:53 | 000,000,000 | ---D | C] -- C:\Users\borni\Desktop\log virus
[2014/11/23 11:01:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GDpoker
[2014/11/23 11:01:40 | 000,000,000 | ---D | C] -- C:\GDPoker
[2014/11/12 13:40:00 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/11/12 13:40:00 | 000,304,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014/11/12 13:40:00 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/11/12 13:39:53 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2014/11/12 13:39:53 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2014/11/12 13:39:52 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/11/12 13:39:52 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2014/11/12 13:39:52 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2014/11/12 13:39:43 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/11/12 13:39:43 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/11/12 13:39:42 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/11/12 13:39:42 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/11/12 13:39:41 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/11/12 13:39:41 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/11/12 13:39:41 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/11/12 13:39:41 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/11/12 13:39:40 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/11/12 13:39:39 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/11/12 13:39:39 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/11/12 13:39:39 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/11/12 13:39:38 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/11/12 13:39:38 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/11/12 13:39:38 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/11/12 13:39:38 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/11/12 13:39:38 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/11/12 13:39:38 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/11/12 13:39:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/11/12 13:39:37 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/11/12 13:39:37 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/11/12 13:39:36 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/11/12 13:39:35 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/11/12 13:39:35 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/11/12 13:39:35 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/11/12 13:39:35 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/11/12 13:39:34 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/11/12 13:39:34 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/11/12 13:39:33 | 006,040,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/11/12 13:39:33 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/11/12 13:39:33 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/11/12 13:39:33 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/11/12 13:39:33 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/11/12 13:39:32 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/11/12 13:39:32 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/11/12 13:36:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/11/12 13:36:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/11/12 13:36:09 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2014/11/12 13:36:09 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2014/11/12 13:35:59 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014/11/12 13:35:53 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014/11/12 13:35:53 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014/11/12 13:35:53 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014/11/12 13:35:53 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014/11/12 13:35:53 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2014/11/12 13:35:45 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/11/12 13:35:45 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/11/12 13:35:40 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/11/12 13:35:37 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014/11/10 22:47:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/11/06 20:11:48 | 000,000,000 | ---D | C] -- C:\Users\borni\AppData\Roaming\Avg_Update_1114av
[2014/11/06 20:11:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg_Update_1114av
[2014/11/06 13:20:59 | 000,000,000 | ---D | C] -- C:\Users\borni\Desktop\carta didentità
[2014/10/29 21:35:16 | 000,263,960 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2014/10/18 20:59:01 | 000,000,000 | ---D | C] -- C:\Users\borni\AppData\Roaming\AVG2015
[2014/10/18 20:55:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2015
[2014/10/18 20:12:13 | 000,000,000 | ---D | C] -- C:\Users\borni\AppData\Local\Avg2015
[2014/10/17 08:20:09 | 001,943,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2014/10/17 08:20:09 | 001,131,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2014/10/17 08:20:09 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2014/10/17 08:20:09 | 000,156,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2014/10/17 08:20:09 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2014/10/17 08:20:09 | 000,073,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2014/10/17 08:16:42 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2014/10/17 08:16:42 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2014/10/17 08:16:40 | 003,722,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/10/17 08:16:40 | 003,221,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/10/17 08:16:39 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014/10/17 08:16:39 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014/10/17 08:16:39 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll
[2014/10/17 08:16:38 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/10/17 08:16:38 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014/10/17 08:16:38 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2014/10/16 12:00:06 | 000,000,000 | ---D | C] -- C:\Users\borni\Desktop\foto cell
[2014/10/16 08:26:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/10/16 08:26:46 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/10/16 08:26:39 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/10/16 08:26:39 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/10/16 08:26:39 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/10/16 08:26:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/10/16 08:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/10/10 15:14:32 | 000,274,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2014/10/08 19:57:36 | 000,000,000 | ---D | C] -- C:\Users\borni\Desktop\le iene
[2014/10/08 19:46:17 | 000,000,000 | ---D | C] -- C:\Users\borni\Desktop\temperatura
[2014/10/06 09:50:28 | 000,000,000 | ---D | C] -- C:\Users\borni\Desktop\serpenti
[2014/10/05 21:41:40 | 000,124,184 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2014/10/01 09:02:16 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014/10/01 09:02:15 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
========== Files - Modified Within 60 Days ========== [2014/11/25 20:43:00 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/11/25 20:36:43 | 000,019,056 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/11/25 20:36:43 | 000,019,056 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/11/25 20:30:21 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 4.job
[2014/11/25 20:29:19 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\AVG_SYS_TASK_1114av_DELETE.job
[2014/11/25 20:29:10 | 000,000,520 | ---- | M] () -- C:\Windows\tasks\AVG_SYS_TASK_1114av.job
[2014/11/25 20:28:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/11/25 20:28:44 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/25 17:56:09 | 000,001,178 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1666706445-4238253143-1674265975-1001UA.job
[2014/11/25 17:53:03 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/11/25 17:52:03 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/11/24 11:56:00 | 000,001,156 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1666706445-4238253143-1674265975-1001Core.job
[2014/11/23 22:52:30 | 518,272,587 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/11/23 22:40:51 | 000,000,201 | ---- | M] () -- C:\Users\borni\Desktop\ATDHE ATDHE.net Stream sportivi gratis.URL
[2014/11/23 11:01:40 | 000,001,443 | ---- | M] () -- C:\Users\Public\Desktop\GDpoker.lnk
[2014/11/18 20:26:12 | 001,661,180 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/11/18 20:26:12 | 000,741,636 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2014/11/18 20:26:12 | 000,654,464 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/11/18 20:26:12 | 000,147,658 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2014/11/18 20:26:12 | 000,122,336 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/11/14 20:02:16 | 000,001,053 | ---- | M] () -- C:\Users\borni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/11/14 20:02:10 | 000,001,021 | ---- | M] () -- C:\Users\borni\Desktop\Dropbox.lnk
[2014/11/14 08:51:44 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2015.lnk
[2014/11/13 03:57:52 | 000,306,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/11/12 19:53:12 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/11/12 19:53:12 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/11/07 10:00:13 | 000,002,610 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2014/11/06 05:03:50 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/11/06 04:47:03 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/11/06 04:46:12 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/11/06 04:46:12 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/11/06 04:44:28 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/11/06 04:35:59 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/11/06 04:31:48 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/11/06 04:30:22 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/11/06 04:30:08 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/11/06 04:29:18 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/11/06 04:23:57 | 006,040,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/11/06 04:20:18 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/11/06 04:16:23 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/11/06 04:13:36 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/11/06 04:12:44 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/11/06 04:10:58 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/11/06 04:07:29 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/11/06 04:03:56 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/11/06 04:02:05 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/11/06 04:00:56 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/11/06 04:00:51 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/11/06 03:59:36 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/11/06 03:58:38 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/11/06 03:57:38 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/11/06 03:42:36 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/11/06 03:41:26 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/11/06 03:41:26 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/11/06 03:39:39 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/11/06 03:38:25 | 002,124,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/11/06 03:37:58 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/11/06 03:36:47 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/11/06 03:21:25 | 002,051,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/11/06 03:20:37 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/11/06 02:53:19 | 000,799,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/11/06 02:47:17 | 000,708,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/11/05 18:56:54 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014/11/05 18:56:36 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/11/05 18:52:22 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/11/02 17:12:55 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\ALLFSAF8a.ocx
[2014/10/29 21:35:16 | 000,263,960 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2014/10/25 02:57:59 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/10/25 02:32:37 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/10/18 03:05:23 | 000,861,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014/10/16 08:26:34 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/10/16 08:26:33 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/10/16 08:26:33 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/10/16 08:26:33 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/10/14 03:13:00 | 003,241,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/10/14 03:12:57 | 001,460,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/10/14 03:09:31 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2014/10/14 03:07:31 | 000,681,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2014/10/14 02:47:30 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2014/10/14 02:46:02 | 000,681,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2014/10/10 15:14:32 | 000,274,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2014/10/05 21:41:40 | 000,124,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2014/10/03 03:12:00 | 000,500,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014/10/03 03:11:54 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2014/10/03 03:11:51 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014/10/03 03:11:51 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014/10/03 02:44:42 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014/10/01 11:11:26 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/10/01 11:11:16 | 000,093,400 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/10/01 11:11:12 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
========== Files Created - No Company Name ========== [2014/11/23 22:40:51 | 000,000,201 | ---- | C] () -- C:\Users\borni\Desktop\ATDHE ATDHE.net Stream sportivi gratis.URL
[2014/11/23 11:01:40 | 000,001,443 | ---- | C] () -- C:\Users\Public\Desktop\GDpoker.lnk
[2014/11/23 10:53:46 | 518,272,587 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/11/06 20:11:47 | 000,000,520 | ---- | C] () -- C:\Windows\tasks\AVG_SYS_TASK_1114av.job
[2014/11/06 20:11:47 | 000,000,388 | ---- | C] () -- C:\Windows\tasks\AVG_SYS_TASK_1114av_DELETE.job
[2014/11/02 17:12:55 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\ALLFSAF8a.ocx
[2014/10/18 20:57:13 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2015.lnk
[2013/11/24 14:17:57 | 000,000,101 | ---- | C] () -- C:\Users\borni\AppData\Roaming\mainhst.zgh
[2013/11/24 13:22:32 | 000,003,737 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2013/11/02 14:09:57 | 000,000,000 | ---- | C] () -- C:\Windows\Net4Switch.INI
[2013/03/24 15:35:23 | 000,004,608 | ---- | C] () -- C:\Users\borni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/11/23 16:39:11 | 000,715,038 | ---- | C] () -- C:\Users\borni\AppData\Local\unins000.exe
[2012/11/23 16:39:11 | 000,004,067 | ---- | C] () -- C:\Users\borni\AppData\Local\unins000.dat
[2012/05/27 18:06:32 | 000,001,085 | ---- | C] () -- C:\Users\borni\Documenti - collegamento.lnk
========== ZeroAccess Check ========== [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/25 03:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ========== [2013/08/27 17:45:32 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\Absolute Uninstaller
[2012/02/16 15:20:38 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\Asus WebStorage
[2013/01/22 12:00:02 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\AVG January 2013 Campaign
[2014/10/18 20:59:01 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\AVG2015
[2014/11/06 20:11:49 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\Avg_Update_1114av
[2013/10/31 08:04:10 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\Check Point Software Technologies LTD
[2014/11/25 20:30:42 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\Dropbox
[2013/12/19 17:23:32 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\DVDVideoSoft
[2014/01/14 22:18:45 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\Epson
[2013/11/23 00:21:18 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\Eusing
[2012/04/19 15:55:28 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\Foxit Software
[2013/11/21 22:18:39 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\GlarySoft
[2012/11/23 17:18:57 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\HEM Data
[2013/11/03 14:06:17 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\HoldemManager
[2012/04/19 15:56:40 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\OpenOffice.org
[2012/06/25 11:20:48 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\Stormdance
[2013/01/16 23:48:09 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\TeamViewer
[2013/01/02 16:10:34 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\TechSmith
[2012/04/08 08:02:08 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\Thunderbird
[2013/08/04 10:52:39 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\TuneUp Software
[2014/11/25 20:30:45 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\uTorrent
[2013/11/24 14:18:39 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\ZipGenius
[2013/11/24 14:02:16 | 000,000,000 | ---D | M] -- C:\Users\borni\AppData\Roaming\ZippHO3
[2012/10/26 21:54:49 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2012/10/26 21:54:49 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2012/10/26 21:54:49 | 000,000,000 | ---D | M] -- C:\Users\postgres.borni-PC\AppData\Roaming\TuneUp Software
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34
< End of report >
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:44:45, on 25/11/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://asus.msn.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/p/?LinkId=255141R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/p/?LinkId=255141R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ÿþ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\borni\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_1114av] C:\Users\borni\AppData\Roaming\Avg_Update_1114av\AVG-Secure-Search-Update_1114av.exe /PROMPT /mid=d979559c4efe47d1bea9c593afba2352-4726813a67d6936a13a59f937260d82ded6340d2 /CMPID=1114av
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - Startup: Dropbox.lnk = borni\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Inserisci blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Inserisci &blog in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - (no file) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{74AAF975-7A11-48FF-82C5-9C75750B87A4}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{BDE45CE6-29A5-4E1F-A23B-5FF461CF7348}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{74AAF975-7A11-48FF-82C5-9C75750B87A4}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{74AAF975-7A11-48FF-82C5-9C75750B87A4}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TipCtrl - Utipu inc. - C:\Program Files (x86)\uTIPu\TipCtrl.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11084 bytes
grazie