Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Firefox and Internet Explorer keep crashing

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Firefox and Internet Explorer keep crashing

Unread postby mj800 » July 21st, 2013, 1:17 am

Hi,

I'm having a problem with Firefox crashing immediately on starting it. I've uninstalled it, deleted all Mozilla folders and profile folder, and reinstalled it with no extensions but it keeps crashing immediately on starting.

Also Internet Explorer starts and works ok but seems to crash when you shut it down.

In Windows 7 EventViewer there are many of these Application Errors from both firefox.exe and iexplore.exe

Malwarebytes scan says the system is clean. Then I ran ADWCleaner and it found a lot of stuff that it deleted, which confused me because I thought Malwarebytes would find that stuff.

I'd really appreciate help getting Firefox to start and IE to stop crashing on shutdown. This system is localized in Italian, hopefully thats not a problem.

Here is DDS.txt followed by Attach.txt. I also included ADWCleaner's log because it seems to show what type of malware was on the system. Thanks for any help!



>>>>>>>>>>>>>>>>>>> DDS.txt

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2
Run by valter at 6:55:18 on 2013-07-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.3959.1496 [GMT 2:00]
.
AV: Bitdefender Antivirus Free Edition *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Bitdefender Antivirus Free Edition *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ArubaKey\AKSwitcher\ak910switchservice.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\OEM\USBDECTION\USBS3S4Detection.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\vsnp2std.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\NETGEAR\Stora Desktop Applications\HipServAgent\HipServAgent.exe
C:\Program Files (x86)\Garzanti Linguistica\Hazon Clic\Hazon.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\SysWOW64\SISCMon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
c:\program files (x86)\teamviewer\version8\TeamViewer_Desktop.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.it/
uSearch Bar = Preserve
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Guida per l'accesso a Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [PoService] <no file>
mRun: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6"
mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
mRun: [HipServ Agent] C:\Program Files (x86)\NETGEAR\Stora Desktop Applications\HipServAgent\HipServAgent.exe
mRun: [HAZON CLIC] C:\Program Files (x86)\Garzanti Linguistica\Hazon Clic\Hazon.exe -I
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [NokiaMusic FastStart] "C:\Program Files (x86)\Nokia\Nokia Music Player\NokiaMusicPlayer.exe" /command:faststart
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SCMon.lnk - C:\Windows\System32\SISCMon.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: Interfaces\{0050B548-63D8-4728-A5C1-B7FFC91EFAB9} : NameServer = 85.37.17.16,85.38.28.68
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = about:blank
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [snp2std] C:\Windows\vsnp2std.exe
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net ... plugin.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2013-7-21 718840]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [2013-7-21 121928]
R1 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2013-7-21 148696]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-3 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-3 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-3 60464]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-23 143120]
R2 AK910SwitchService;AK910SwitchService;C:\Program Files (x86)\ArubaKey\AKSwitcher\ak910switchservice.exe [2009-7-9 81920]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 gzserv;Bitdefender Antivirus Free Edition;C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2013-7-21 64224]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-5-30 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-5-30 701512]
R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2013-3-26 230416]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-5-29 4153184]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-8-31 243232]
R2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-14 76320]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2013-7-21 593144]
R3 IntcDAud;Audio schermo Intel(R);C:\Windows\System32\drivers\IntcDAud.sys [2010-8-31 244736]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-5-30 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-8-31 346144]
R3 S3XXx64;SCR3xx USB SmartCardReader64;C:\Windows\System32\drivers\S3XXx64.sys [2011-9-7 70016]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-12-16 202632]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 LiveUpSC;LiveUpSC;"C:\Users\valter\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe" --> C:\Users\valter\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S2 SsupdService;Ssupd Service;C:\Users\valter\AppData\Local\ssupd\ssupd.exe [2013-3-13 156160]
S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-4-28 37344]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-5-27 305520]
S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\System32\drivers\nmwcdnsucx64.sys [2013-1-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2013-1-23 171008]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2013-6-2 169288]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2013-6-2 21320]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2013-6-2 188232]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2013-6-2 158024]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-24 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WatAdminSvc;Servizio Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-19 1255736]
.
=============== Created Last 30 ================
.
2013-07-21 02:49:51 261056 ----a-w- C:\Windows\System32\drivers\avchv.sys
2013-07-21 02:48:09 -------- d-----w- C:\Users\valter\AppData\Local\{0CC196AF-7C25-4069-BAB2-9761F5891DF8}
2013-07-21 02:45:34 189205 ----a-w- C:\ProgramData\1374374591.bdinstall.bin
2013-07-21 02:45:23 718840 ----a-w- C:\Windows\System32\drivers\avc3.sys
2013-07-21 02:45:23 593144 ----a-w- C:\Windows\System32\drivers\avckf.sys
2013-07-21 02:43:31 -------- d-----w- C:\Program Files\Bitdefender
2013-07-21 02:43:21 382536 ----a-w- C:\Windows\System32\drivers\trufos.sys
2013-07-21 02:43:21 148696 ----a-w- C:\Windows\System32\drivers\gzflt.sys
2013-07-21 02:41:40 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CE740703-1B23-4A1F-B12C-75989B5C252C}\mpengine.dll
2013-07-21 02:39:02 388096 ----a-r- C:\Users\valter\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-07-21 02:39:02 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-07-21 02:20:16 -------- d-----w- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2013-07-21 01:38:02 82434 ----a-w- C:\ProgramData\1374370604.bdinstall.bin
2013-07-21 01:36:44 22856 ----a-w- C:\ProgramData\1374370603.bdinstall.bin
2013-07-20 02:23:19 -------- d-----w- C:\Users\valter\AppData\Roaming\SUPERAntiSpyware.com
2013-07-20 02:22:59 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2013-07-20 02:22:59 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-07-19 17:39:04 -------- d-----w- C:\Users\valter\AppData\Local\{8DDFE34A-155D-4B4D-B459-B69488CDA12A}
2013-07-19 05:38:52 -------- d-----w- C:\Users\valter\AppData\Local\{D75898CF-C486-4CCE-90E3-EEBD30900B00}
2013-07-18 17:38:27 -------- d-----w- C:\Users\valter\AppData\Local\{4DEDA775-D18E-457F-A2B5-9EA874361DC2}
2013-07-18 05:38:15 -------- d-----w- C:\Users\valter\AppData\Local\{0EEB476C-FD91-4B80-BB38-343B3E35EC2C}
2013-07-17 06:06:40 -------- d-----w- C:\Users\valter\AppData\Local\{C15D441A-0B15-40F1-A48B-E3C15D9A211F}
2013-07-16 06:16:21 -------- d-----w- C:\Users\valter\AppData\Local\{75B6A247-CD67-4332-AD34-BC45D59C2DB8}
2013-07-15 18:00:47 -------- d-----w- C:\Users\valter\AppData\Local\{E4F6EB95-CFEA-48E3-BC0C-EE8A5B48232F}
2013-07-15 06:00:22 -------- d-----w- C:\Users\valter\AppData\Local\{F9EDA7A7-D20A-466F-96BD-C9A35197B08A}
2013-07-13 13:39:58 -------- d-----w- C:\Users\valter\AppData\Local\{FA434BFB-680E-410A-872E-6274A9039EE5}
2013-07-12 17:36:29 -------- d-----w- C:\Users\valter\AppData\Roaming\Garmin
2013-07-12 17:36:29 -------- d-----w- C:\Program Files (x86)\Garmin
2013-07-12 05:48:34 -------- d-----w- C:\Users\valter\AppData\Local\{5078ED22-FEEA-4485-862B-25DA4E8A953D}
2013-07-11 07:58:38 -------- d-----w- C:\Users\valter\AppData\Local\{35543121-7C72-46A6-A815-5EE14B6A61DC}
2013-07-10 19:58:13 -------- d-----w- C:\Users\valter\AppData\Local\{E8454AF0-7E20-45BD-B361-EEE4205F1617}
2013-07-10 07:58:01 -------- d-----w- C:\Users\valter\AppData\Local\{CC19E76C-82A2-49CA-AFB0-357D8DDAD3F6}
2013-07-10 06:14:11 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-07-10 06:14:11 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-10 06:14:11 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-10 06:14:11 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
2013-07-10 06:14:11 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-07-10 06:14:10 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-10 06:14:10 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-10 06:14:09 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-07-10 06:14:08 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-07-10 06:14:07 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-10 06:14:07 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-10 06:14:01 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-07-10 06:13:57 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-10 06:13:57 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-10 06:13:57 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 06:13:56 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-10 06:13:55 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 06:13:42 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-10 06:13:42 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-07-09 19:57:36 -------- d-----w- C:\Users\valter\AppData\Local\{00D2334B-A8E1-4C96-B4AD-CD290F9C6AB2}
2013-07-09 06:38:56 -------- d-----w- C:\Users\valter\AppData\Local\{7A3AC998-B2CB-4C23-8A7F-C634385D71E8}
2013-07-08 18:19:21 -------- d-----w- C:\Users\valter\AppData\Local\{8DDD59EB-FEE3-4024-A7FD-CB8788900EE6}
2013-07-08 06:18:55 -------- d-----w- C:\Users\valter\AppData\Local\{BB0378F7-6D9E-4C7C-AA0D-DAC151730B01}
2013-07-07 15:59:05 -------- d-----w- C:\Users\valter\AppData\Local\{7802F4F1-E7B5-4227-BC96-9EB75DC9412E}
2013-07-06 07:59:03 -------- d-----w- C:\Users\valter\AppData\Local\{850AE261-02E6-49EA-9FF6-44A517316792}
2013-07-05 18:12:05 -------- d-----w- C:\Users\valter\AppData\Local\{D244A3DA-A2F0-4E74-B9AD-7F455C2E5A49}
2013-07-05 06:11:53 -------- d-----w- C:\Users\valter\AppData\Local\{BB210C2B-BC90-4DC8-9DC6-2FA9F97D28D3}
2013-07-04 06:11:35 -------- d-----w- C:\Users\valter\AppData\Local\{C57C2649-DB92-415D-904D-5693E746F0B4}
2013-07-03 18:11:10 -------- d-----w- C:\Users\valter\AppData\Local\{F3F9A29D-E1BE-4F03-A472-B7DC2DF50DB4}
2013-07-03 06:10:58 -------- d-----w- C:\Users\valter\AppData\Local\{C05218FA-AF3F-42DC-B711-78C99C588EB4}
2013-07-02 18:10:34 -------- d-----w- C:\Users\valter\AppData\Local\{81AD2B52-C4E5-4AFA-8BC9-DB7F6E0A67B5}
2013-07-02 06:10:22 -------- d-----w- C:\Users\valter\AppData\Local\{BA5F5659-910D-40F6-AC3D-82C5D93AE724}
2013-07-01 06:16:15 -------- d-----w- C:\Users\valter\AppData\Local\{3523C004-A9CA-48DE-A1A2-2EC196968813}
2013-06-29 12:04:02 -------- d-----w- C:\Users\valter\AppData\Local\{DA29941A-C20F-49A1-A54B-2E7FA846716C}
2013-06-28 20:00:16 -------- d-----w- C:\Users\valter\AppData\Local\{C596224D-EB89-4349-A194-EA5E74258139}
2013-06-28 06:13:12 -------- d-----w- C:\Users\valter\AppData\Local\{C7E91163-C1CC-4FBB-B090-0B1CF2842E21}
2013-06-27 18:03:47 -------- d-----w- C:\Users\valter\AppData\Local\{2A2D9DDC-701B-45CE-ADCF-906E6C3FE0A9}
2013-06-27 05:59:59 -------- d-----w- C:\Users\valter\AppData\Local\{A8ED2026-C433-47BE-AAD7-19AFF08AAA37}
2013-06-26 15:56:02 -------- d-----w- C:\Program Files\iPod
2013-06-26 15:56:01 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-26 15:56:01 -------- d-----w- C:\Program Files\iTunes
2013-06-26 15:56:01 -------- d-----w- C:\Program Files (x86)\iTunes
2013-06-26 06:04:39 -------- d-----w- C:\Users\valter\AppData\Local\{0FA55EE9-DDCF-4BB5-8A49-86AB23A23F5C}
2013-06-25 17:54:46 -------- d-----w- C:\Users\valter\AppData\Local\{D5CCC3BC-0AB0-46C0-A959-1D4D5AC1085D}
2013-06-25 05:54:34 -------- d-----w- C:\Users\valter\AppData\Local\{6EEAD25B-7E92-4FA8-BE6B-048273D327D2}
2013-06-24 05:35:40 -------- d-----w- C:\Users\valter\AppData\Local\{23925B5D-5B26-4CE9-9CE0-7F958BE652F4}
2013-06-23 15:14:17 -------- d-----w- C:\Users\valter\AppData\Local\{37936DBD-AC35-4891-B0AE-21E803BF6F77}
2013-06-21 07:28:26 -------- d-----w- C:\Users\valter\AppData\Local\{893CEAD2-F7D3-46DC-88AA-70E0CFECB2B3}
.
==================== Find3M ====================
.
2013-07-19 07:01:04 2516 --sha-w- C:\Windows\SysWow64\KGyGaAvL.sys
2013-07-18 13:22:21 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-18 13:22:21 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-12 19:48:23 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-06-12 19:48:17 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-12 19:47:57 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-29 22:37:34 165184 ----a-w- C:\ProgramData\1369866364.bdinstall.bin
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-05-02 00:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-05-01 01:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2013-05-01 01:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
.
============= FINISH: 6:55:42,22 ===============









>>>>>>>>>>>>>>>>>>> Attach.txt

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 17/02/2011 20:04:34
System Uptime: 21/07/2013 04:55:41 (2 hours ago)
.
Motherboard: Acer | | Aspire M3910
Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz | CPU 1 | 3200/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 290 GiB total, 179,261 GiB free.
D: is FIXED (NTFS) - 291 GiB total, 290,17 GiB free.
E: is Removable
F: is CDROM (UDF)
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Reflector Display Driver used to gain access to graphics data
Device ID: ROOT\LEGACY_RDPREFMP\0000
Manufacturer:
Name: Reflector Display Driver used to gain access to graphics data
PNP Device ID: ROOT\LEGACY_RDPREFMP\0000
Service: RDPREFMP
.
==== System Restore Points ===================
.
RP428: 10/07/2013 22:59:48 - Windows Update
RP429: 12/07/2013 21:18:45 - Removed Garmin WebUpdater
RP430: 12/07/2013 21:19:25 - Removed Garmin USB Drivers
RP431: 20/07/2013 03:33:29 - Removed Feedback Tool
RP432: 20/07/2013 03:34:09 - eBay Worldwide rimosso
RP433: 20/07/2013 04:48:51 - Installed Microsoft Fix it 50195
RP434: 21/07/2013 01:19:19 - Removed SweetIM for Messenger 3.3
RP435: 21/07/2013 01:24:23 - Removed SweetIM Toolbar for Internet Explorer 4.0
RP436: 21/07/2013 03:47:22 - Removed pdfforge Toolbar v7.3.
RP437: 21/07/2013 03:49:27 - Programma di installazione dei moduli di Windows
RP438: 21/07/2013 03:58:13 - Programma di installazione dei moduli di Windows
RP439: 21/07/2013 04:38:40 - Installed HiJackThis
RP440: 21/07/2013 04:41:32 - Windows Update
.
==== Installed Programs ======================
.
Acer Arcade Deluxe
Acer Arcade Movie
Acer eRecovery Management
Acer GameZone Console
Acer Registration
Acer ScreenSaver
Acer Updater
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Illustrator CS
Adobe Reader X (10.1.7) - Italiano
Advertising Center
AKSwitcher Service
Amazon Music Importer
Apple Mobile Device Support
Apple Software Update
Bitdefender Antivirus Free Edition
Bonjour
CCleaner
CorelDRAW Graphics Suite 12
CorelDRAW Graphics Suite X3
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DesignPro 5 Tico Edition
DiKe Util 2.1.0
Dream Day First Home
eMule
eReg
FontNav
Google Earth
Google Update Helper
Hard Disk Sentinel PRO
Hazon Clic
HiJackThis
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
Hotkey Utility
Identity Card
ImagXpress
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
IT
iTunes
Java 7 Update 25
Java Auto Updater
Junk Mail filter update
Logitech SetPoint 6.32
Malwarebytes Anti-Malware versione 1.75.0.1300
MediaShow Espresso
Merriam Websters Spell Jam
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
Microsoft .NET Framework 4 Client Profile ITA Language Pack
Microsoft Antimalware Service IT-IT Language Pack
Microsoft Application Error Reporting
Microsoft AutoRoute 2007
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (Italian) 2010
Microsoft Office Excel MUI (Italian) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (Italian) 2010
Microsoft Office Outlook MUI (Italian) 2010
Microsoft Office PowerPoint MUI (Italian) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (Italian) 2010
Microsoft Office Publisher MUI (Italian) 2010
Microsoft Office Shared 64-bit MUI (Italian) 2010
Microsoft Office Shared MUI (Italian) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (Italian) 2010
Microsoft Security Client IT-IT Language Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft_VC100_CRT_SP1_x64
Microsoft_VC100_CRT_SP1_x86
MSVC80_x64_v2
MSVC80_x86_v2
MSVC90_x64
MSVC90_x86
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyFreeCodec
MyWinLocker
MyWinLocker Suite
Nero ControlCenter
Nero DiscSpeed
Nero DiscSpeed Help
Nero DriveSpeed
Nero DriveSpeed Help
Nero Express Help
Nero InfoTool
Nero InfoTool Help
Nero Installer
Nero Online Upgrade
Nero StartSmart
Nero StartSmart Help
Nero StartSmart OEM
NeroExpress
neroxml
Nitro Reader 3
Nokia Connectivity Cable Driver
Nokia Music Player
Nokia PC Suite
Nokia Suite
Nokia_Multimedia_Common_Components_2_5
Pacchetto driver Windows - Nokia Modem (02/25/2011 4.7)
Pacchetto driver Windows - Nokia Modem (02/25/2011 7.01.0.9)
Pacchetto driver Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
PC Connectivity Solution
QuickTime
Raccolta foto di Windows Live
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Samsung Kies
SAMSUNG Mobile USB Modem 1.0 Software
Samsung PC Studio 2.0 Internet Access
Samsung PC Studio 2.0 PIM & File Manager
Samsung PC Studio PC Sync
Samsung PC Studio Samples 2.0
SAMSUNG USB Driver for Mobile Phones
Sandboxie 3.76 (64-bit)
SCR355 Smartcard Reader
Security Update for Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Shredder
Siemens - CardOS API 2.4.1 Build 4
Skype Click to Call
Skype™ 6.0
Stora Desktop Applications
SUPERAntiSpyware
Supporto applicazioni Apple
TeamViewer 8
Trust Webcam Live
TVClick
UltraISO Premium V9.35
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Manager
Uranium Backup
VBA
VirtualCloneDrive
Welcome Center
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinRAR gestione archivi
.
==== End Of File ===========================







>>>>>>>>>>>>>>>>>>> AdwCleaner[R1].txt

# AdwCleaner v2.306 - Logfile creato il 21/07/2013 alle 04:08:55
# Aggiornamento 19/07/2013 by Xplode
# Sistema Operativo : Windows 7 Home Premium Service Pack 1 (64 bits)
# Utente : valter - VALTER-PC
# Modalità Avvio : Modalità Normale
# Eseguito da : C:\Users\valter\Downloads\AdwCleaner.exe
# Opzioni [Cerca]


***** [Servizi] *****


***** [File / Cartelle] *****

Cartella Trovato : C:\Program Files (x86)\ChatZum Toolbar
Cartella Trovato : C:\Program Files (x86)\Common Files\337
Cartella Trovato : C:\Program Files (x86)\Common Files\spigot
Cartella Trovato : C:\Program Files (x86)\Desk 365
Cartella Trovato : C:\Program Files (x86)\Nosibay
Cartella Trovato : C:\Program Files (x86)\Omiga Plus
Cartella Trovato : C:\ProgramData\Babylon
Cartella Trovato : C:\ProgramData\eSafe
Cartella Trovato : C:\ProgramData\Tarma Installer
Cartella Trovato : C:\Users\valter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpcjmidkkgldeplajgnbpjkfpmpeepb
Cartella Trovato : C:\Users\valter\AppData\Local\OpenCandy
Cartella Trovato : C:\Users\valter\AppData\Local\PackageAware
Cartella Trovato : C:\Users\valter\AppData\Local\SoftwareUpdater
Cartella Trovato : C:\Users\valter\AppData\Local\SwvUpdater
Cartella Trovato : C:\Users\valter\AppData\LocalLow\BabylonToolbar
Cartella Trovato : C:\Users\valter\AppData\LocalLow\ShoppingReport2
Cartella Trovato : C:\Users\valter\AppData\Roaming\337
Cartella Trovato : C:\Users\valter\AppData\Roaming\Babylon
Cartella Trovato : C:\Users\valter\AppData\Roaming\Desk 365
Cartella Trovato : C:\Users\valter\AppData\Roaming\eIntaller
Cartella Trovato : C:\Users\valter\AppData\Roaming\FissaSearch
Cartella Trovato : C:\Users\valter\AppData\Roaming\Nosibay
Cartella Trovato : C:\Users\valter\AppData\Roaming\OfferBox
Cartella Trovato : C:\Users\valter\AppData\Roaming\Omiga Plus
Cartella Trovato : C:\Users\valter\AppData\Roaming\OpenCandy
Cartella Trovato : C:\Windows\Installer\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}
File Infected : C:\Users\valter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( arg. : hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1369334448)
File Infected : C:\Users\valter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( arg. : hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1369334448)
File Infected : C:\Users\valter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( arg. : hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1369334448)
File Infected : C:\Users\valter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( arg. : hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1369334448)
File Infected : C:\Users\valter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( arg. : hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1369334448)
File Infected : C:\Users\valter\Desktop\Tools\Google Chrome.lnk ( arg. : hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1369334448)
File Trovato : C:\user.js

***** [Registro] *****

Chiave Trovata : HKCU\Software\1ClickDownload
Chiave Trovata : HKCU\Software\AppDataLow\Software\Crossrider
Chiave Trovata : HKCU\Software\AppDataLow\Software\Search Settings
Chiave Trovata : HKCU\Software\AppDataLow\Software\ShoppingReport2
Chiave Trovata : HKCU\Software\BabSolution
Chiave Trovata : HKCU\Software\ChatZum Toolbar
Chiave Trovata : HKCU\Software\DataMngr
Chiave Trovata : HKCU\Software\FissaSearch
Chiave Trovata : HKCU\Software\InstallCore
Chiave Trovata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chiave Trovata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Chiave Trovata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chiave Trovata : HKCU\Software\Nosibay
Chiave Trovata : HKCU\Software\Offerbox
Chiave Trovata : HKCU\Software\Softonic
Chiave Trovata : HKCU\Software\YahooPartnerToolbar
Chiave Trovata : HKLM\Software\Babylon
Chiave Trovata : HKLM\Software\ChatZum Toolbar
Chiave Trovata : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Chiave Trovata : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Chiave Trovata : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chiave Trovata : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Chiave Trovata : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Chiave Trovata : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Chiave Trovata : HKLM\Software\Classes\Installer\Features\BA172DB42E6685D4FA8808EFB370074C
Chiave Trovata : HKLM\Software\Classes\Installer\Products\BA172DB42E6685D4FA8808EFB370074C
Chiave Trovata : HKLM\SOFTWARE\Classes\Prod.cap
Chiave Trovata : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Chiave Trovata : HKLM\Software\DataMngr
Chiave Trovata : HKLM\Software\Desksvc
Chiave Trovata : HKLM\Software\FissaSearch
Chiave Trovata : HKLM\Software\Iminent
Chiave Trovata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Chiave Trovata : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chiave Trovata : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chiave Trovata : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chiave Trovata : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chiave Trovata : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chiave Trovata : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chiave Trovata : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASAPI32
Chiave Trovata : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASMANCS
Chiave Trovata : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Chiave Trovata : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Chiave Trovata : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Chiave Trovata : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Chiave Trovata : HKLM\Software\Offerbox
Chiave Trovata : HKLM\Software\qvo6Software
Chiave Trovata : HKLM\Software\Savings Wave
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Chiave Trovata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chiave Trovata : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chiave Trovata : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Chiave Trovata : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Chiave Trovata : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chiave Trovata : HKLM\SOFTWARE\Tarma Installer

***** [Browser Internet] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registro Pulito.

*************************

AdwCleaner[R1].txt - [9487 octets] - [21/07/2013 04:08:55]

########## EOF - C:\AdwCleaner[R1].txt - [9547 octets] ##########
mj800
Active Member
 
Posts: 2
Joined: July 21st, 2013, 12:50 am
Advertisement
Register to Remove

Re: Firefox and Internet Explorer keep crashing

Unread postby wannabeageek » July 21st, 2013, 10:22 am

Hello mj800, and Welcome to MalWare Removal forums!

My name is wannabeageek and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:

    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start




P2P Advisory!
IMPORTANT There are signs of one or more P2P (Peer to Peer) File Sharing Programs installed on your computer.
eMule

As long as you have the P2P program(s) installed, per Forum Policy, I can offer you no further assistance.
If you choose NOT to remove the program(s)...indicate that in your next reply and this topic will be closed.
Otherwise, please perform the following steps:
Remove P2P Program(s)
  1. Click on Start > Control Panel and double click on Programs and Features.
  2. Locate the following program:
    eMule
  3. Click on the Change/Remove button to uninstall it.
    Carefully read any prompts...
    Some uninstallers prompt in a way to trick you into keeping the program, sometimes, preventing them from being uninstalled again!
    Repeat steps 2 and 3 for each program listed.
  4. When the program(s) have been uninstalled... Close Control Panel.
By using any form of P2P networking to download files you can anticipate infestations of malware to occur. The P2P program
itself, may be safe but the files may not... use P2P at your own risk! Keep in mind that this practice may be the source of your current malware infestation.
Reference... siting risk factors, using P2P programs: How to Prevent the Online Invasion of Spyware and Adware
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Firefox and Internet Explorer keep crashing

Unread postby mj800 » July 21st, 2013, 10:11 pm

Thanks for the reply.

I have just backed up the documents files and removed the eMule program and rebooted.

Please let me know how to proceed.
mj800
Active Member
 
Posts: 2
Joined: July 21st, 2013, 12:50 am

Re: Firefox and Internet Explorer keep crashing

Unread postby wannabeageek » July 22nd, 2013, 12:53 am

Please locate and post the log: C:\AdwCleaner[S1].txt
If there is are any others: [S2], [S3], etc... post those as well
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Firefox and Internet Explorer keep crashing

Unread postby wannabeageek » July 24th, 2013, 1:05 am

Hi mj800.

It has been two days since my last post.

  • Do you still need help?
  • Do you need more time?
  • Are you having problems following my instructions?
  • According to Malware Removal's latest policy, topics can be closed after 3 days without a response.
  • If you do not reply within the next 24 hours, this topic will be closed.
wannabeageek
MRU Master
MRU Master
 
Posts: 1773
Joined: November 23rd, 2009, 10:21 pm
Location: California

Re: Firefox and Internet Explorer keep crashing

Unread postby NonSuch » July 26th, 2013, 2:23 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27300
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 61 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware