Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

IDP.Program.D1B0A5C0 - Absurd

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

IDP.Program.D1B0A5C0 - Absurd

Unread postby Atziluth12 » July 12th, 2014, 1:04 pm

Hi to everyone in the Forums,
After a couple of days of tinkering and researching the Web for a solution, i find myself pretty much harmless and unable to resolve this issue.
Let me explain - At every system startup, AVG detects a IDP.Program.D1B0A5C0 virus, inside svchost.exe. It appears properly cured, after AVG action, but this malware (i suppose) resummons at every Windows startup.
I honestly don't know how to make things okay - so i'm here to ask for your kind help. If anyone could lend me a hand, it would be awesome, guys.
Thanks in advance for any reply.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207 BrowserJavaVersion: 10.55.2
Run by Marco at 19:04:39 on 2014-07-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.16275.13516 [GMT 2:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\Sapphire TRIXX\TRIXX.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
D:\Autodesk\Autodesk Entertainment Creation Suite Ultimate 2014\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Windows\SysWOW64\PnkBstrA.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Logitech\SetPoint II\SetPointII.exe
C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
D:\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\schtasks.exe
C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Wacom\WacomHost.exe
C:\Program Files\Tablet\Pen\WacomHost.exe
C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Users\Marco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Marco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Guida per l'accesso all'account Microsoft: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SETPOI~1.LNK - C:\Program Files\Logitech\SetPoint II\SetPointII.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\START3~1.LNK - C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{A666F479-12CC-402B-BF7D-4E8E5F53A084} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [VIRTU_MVP_AUTORUN] C:\Program Files (x86)\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe /hide
x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2014-6-17 190744]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-6-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-6-17 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-6-17 31512]
R0 iusb3hcs;Driver dello switch Controller Host Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hcs.sys [2012-5-23 16152]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-6-17 153368]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2014-6-17 242968]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-6-17 235800]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-6-17 269080]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2014-5-4 50464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-1-27 283200]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-4-18 239616]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-6-27 3241488]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-6-17 289328]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-5-23 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-5-23 121344]
R2 ISCTAgent;ISCT Always Updated Agent;C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2012-2-9 133632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-5-23 161560]
R2 mi-raysat_3dsmax2014_64;mental ray Satellite for Autodesk 3ds Max 2014 64-bit;D:\Autodesk\Autodesk Entertainment Creation Suite Ultimate 2014\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [2011-9-15 86016]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 RadeonPro Support Service;RadeonPro Support Service;C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2013-7-11 20608]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-5-23 363800]
R2 WTabletServiceCon;Wacom Consumer Service;C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [2014-3-11 627992]
R2 WTabletServicePro;Wacom Professional Service;C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2013-9-11 598808]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-12-19 94720]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2012-5-23 59392]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2012-5-23 84608]
R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\Windows\System32\drivers\ikbevent.sys [2012-2-9 25536]
R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\Windows\System32\drivers\imsevent.sys [2012-2-9 25536]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2012-2-9 44992]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-5-9 425000]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-10-5 32344]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);C:\Windows\System32\drivers\WPRO_41_2001.sys [2012-5-23 34752]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/07/31 22:45:54;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-4-20 241648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-10-28 107288]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-9-16 1471352]
S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-4-17 37344]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-7-3 137336]
S3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2013-9-11 14136]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-7-9 111616]
S3 IntcDAud;Audio schermo Intel(R);C:\Windows\System32\drivers\IntcDAud.sys [2012-5-23 331264]
S3 iusb3hub;Driver hub Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hub.sys [2012-5-23 356120]
S3 iusb3xhc;Driver Controller Host estendibile Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3xhc.sys [2012-5-23 787736]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-1-29 36720]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-10-28 204568]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2013-9-11 90424]
S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2013-9-11 15160]
S3 WatAdminSvc;Servizio Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-25 1255736]
S3 ZMH6AudioSrv;H Series Multi Track Driver Service;C:\Windows\System32\drivers\zmh6au.sys [2013-6-19 139776]
S3 ZMHHPAudioSrv;ZOOM H Series High Performance Audio Driver Service;C:\Windows\System32\drivers\zmhhpau.sys [2013-6-19 45056]
.
=============== Created Last 30 ================
.
2014-07-12 16:47:33 94656 ----a-w- C:\Windows\System32\WPRO_41_2001woem.tmp
2014-07-12 16:24:13 462772 ----a-w- C:\Windows\SysWow64\scrypt140121Tahitiglg2tc8192w64l4.bin
2014-07-12 13:46:47 -------- d-sh--w- C:\$RECYCLE.BIN
2014-07-12 13:35:49 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-07-12 13:35:35 -------- d-----w- C:\AdwCleaner
2014-07-12 13:05:26 -------- d-----w- C:\ProgramData\Malwarebytes
2014-07-12 13:05:23 128728 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-12 13:05:23 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-12 13:04:38 92888 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-07-12 12:37:16 30312 ----a-w- C:\Windows\System32\drivers\TrueSight.sys
2014-07-12 12:37:15 -------- d-----w- C:\ProgramData\RogueKiller
2014-07-12 12:20:05 -------- d-sh--w- C:\Users\Marco\AppData\Local\EmieUserList
2014-07-12 12:20:05 -------- d-sh--w- C:\Users\Marco\AppData\Local\EmieSiteList
2014-07-12 10:59:01 -------- d-----w- C:\Program Files\Enigma Software Group
2014-07-12 10:58:54 -------- d-----w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-12 10:58:53 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2014-07-12 09:53:33 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-07-12 09:53:31 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-09 15:41:59 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-07-09 15:36:55 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-07-09 15:36:55 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-07-09 15:36:55 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-06-30 19:10:46 -------- d-----w- C:\ProgramData\Hagel Technologies
2014-06-17 14:21:34 235800 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2014-06-17 14:07:12 328984 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2014-06-17 14:06:58 269080 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2014-06-17 14:06:24 190744 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2014-06-17 14:06:22 242968 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2014-06-17 14:06:22 153368 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
2014-06-17 14:06:20 123672 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2014-06-17 14:06:06 31512 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
.
==================== Find3M ====================
.
2014-07-12 16:49:31 34752 ----a-w- C:\Windows\System32\drivers\WPRO_41_2001.sys
2014-07-08 19:48:50 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-08 19:48:50 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-30 02:09:33 519168 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-30 02:04:49 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-06-26 16:30:44 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-06-26 16:30:36 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2014-06-19 01:06:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-06-19 01:06:24 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-06-19 00:42:57 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-06-19 00:42:49 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-06-19 00:41:52 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-06-19 00:41:16 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-06-19 00:24:30 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-06-19 00:24:12 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-06-19 00:23:53 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-06-19 00:14:28 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-18 23:59:04 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-06-18 23:56:37 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-06-18 23:51:38 5721088 ----a-w- C:\Windows\System32\jscript9.dll
2014-06-18 23:38:40 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-06-18 23:37:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-06-18 23:36:35 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35:55 62464 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-06-18 23:27:45 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-06-18 23:27:07 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-06-18 23:23:27 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-06-18 23:22:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-06-18 23:06:10 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58:27 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-06-18 22:52:18 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-06-18 22:46:23 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45:59 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-06-18 22:13:59 1791488 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-18 01:10:36 3157504 ----a-w- C:\Windows\System32\win32k.sys
2014-06-11 22:20:49 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-02 19:47:03 50464 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-04-27 16:39:51 0 ----a-w- C:\Windows\ativpsrm.bin
2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-04-18 02:43:08 127872 ----a-w- C:\Windows\System32\amdhcp64.dll
2014-04-18 02:43:06 78432 ----a-w- C:\Windows\System32\atimpc64.dll
2014-04-18 02:43:06 78432 ----a-w- C:\Windows\System32\amdpcom64.dll
2014-04-18 02:43:06 117560 ----a-w- C:\Windows\SysWow64\amdhcp32.dll
2014-04-18 02:43:04 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2014-04-18 02:43:04 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2014-04-18 02:43:00 143304 ----a-w- C:\Windows\System32\atiuxp64.dll
2014-04-18 02:42:58 126336 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2014-04-18 02:42:58 117584 ----a-w- C:\Windows\System32\atiu9p64.dll
2014-04-18 02:42:56 99520 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2014-04-18 02:42:54 1343272 ----a-w- C:\Windows\System32\aticfx64.dll
2014-04-18 02:42:52 1117184 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2014-04-18 02:42:48 10335208 ----a-w- C:\Windows\System32\atidxx64.dll
2014-04-18 02:42:46 8866928 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2014-04-18 02:42:40 6796592 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2014-04-18 02:42:36 6799688 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2014-04-18 02:42:30 7520200 ----a-w- C:\Windows\System32\atiumd6a.dll
2014-04-18 02:42:28 8010968 ----a-w- C:\Windows\System32\atiumd64.dll
2014-04-18 02:39:06 274656 ----a-w- C:\Windows\System32\drivers\amdacpksd.sys
2014-04-18 02:36:46 15376384 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2014-04-18 02:23:08 231424 ----a-w- C:\Windows\System32\clinfo.exe
2014-04-18 02:22:54 98816 ----a-w- C:\Windows\System32\OpenVideo64.dll
2014-04-18 02:22:48 83456 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2014-04-18 02:22:42 86528 ----a-w- C:\Windows\System32\OVDecode64.dll
2014-04-18 02:22:38 73216 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2014-04-18 02:22:32 28685824 ----a-w- C:\Windows\System32\amdocl64.dll
2014-04-18 02:19:54 24107520 ----a-w- C:\Windows\SysWow64\amdocl.dll
2014-04-18 02:17:28 65024 ----a-w- C:\Windows\System32\OpenCL.dll
2014-04-18 02:17:24 58880 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2014-04-18 02:13:30 127488 ----a-w- C:\Windows\System32\mantle64.dll
2014-04-18 02:13:10 113664 ----a-w- C:\Windows\SysWow64\mantle32.dll
2014-04-18 02:12:54 27907584 ----a-w- C:\Windows\System32\atio6axx.dll
2014-04-18 02:12:48 5442048 ----a-w- C:\Windows\System32\amdmantle64.dll
2014-04-18 01:58:32 4358656 ----a-w- C:\Windows\SysWow64\amdmantle32.dll
2014-04-18 01:51:44 23409152 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2014-04-18 01:46:34 368128 ----a-w- C:\Windows\System32\atiapfxx.exe
2014-04-18 01:46:26 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
2014-04-18 01:46:24 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2014-04-18 01:46:18 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
2014-04-18 01:46:18 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2014-04-18 01:46:04 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll
2014-04-18 01:45:56 91136 ----a-w- C:\Windows\System32\mantleaxl64.dll
.
============= FINISH: 19:04:49,55 ===============
Last edited by NonSuch on July 12th, 2014, 1:14 pm, edited 1 time in total.
Reason: Edited to combine contents of two separate posts.
Atziluth12
Active Member
 
Posts: 8
Joined: July 12th, 2014, 12:54 pm
Advertisement
Register to Remove

Re: IDP.Program.D1B0A5C0 - Absurd

Unread postby Gary R » July 13th, 2014, 5:04 am

Please run a scan with ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go HERE then click on Run ESET Online Scanner
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed click on Start to start the scan.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed you will be presented with a list of found threats ....
    • Click on the List of found threats link
    • Click on Export to text file
    • Save as ESET.txt to your Desktop
  • Exit out of ESET Online Scanner.
  • Post me the contents of ESET.txt please.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21872
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: IDP.Program.D1B0A5C0 - Absurd

Unread postby Atziluth12 » July 13th, 2014, 11:15 am

C:\Users\Marco\AppData\Roaming\Origin\update.vbe VBS/CoinMiner.AD trojan
C:\Users\Marco\Desktop\Icone\Verificare\FL Studio 9\flstudio_9.0.exe multiple threats
C:\Users\Marco\Downloads\3DMark_11_1_0_1.exe MSIL/Solimba potentially unwanted application
C:\Users\Marco\Downloads\ccsetup411.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Marco\Downloads\ccsetup412.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Marco\Downloads\DTLite4461-0328.exe Win32/DownWare.L potentially unwanted application
C:\Users\Marco\Downloads\FreeAudioConverter.exe Win32/OpenCandy potentially unsafe application
C:\Users\Marco\Downloads\jZipV1.exe probably a variant of Win32/Toolbar.SearchSuite.J potentially unwanted application
C:\Users\Marco\Downloads\WinZip165.exe a variant of Win32/OpenInstall potentially unwanted application
D:\Videogiochi\Sniper Elite 3\steam_api.dll a variant of Win32/HackTool.Crack.BL potentially unsafe application
Atziluth12
Active Member
 
Posts: 8
Joined: July 12th, 2014, 12:54 pm

Re: IDP.Program.D1B0A5C0 - Absurd

Unread postby Gary R » July 13th, 2014, 12:04 pm

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the "Infected? Virus, malware, adware, ransomware, oh my!" forum and wait for help.


Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed.


Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

As an added safety precaution, before we start removing anything, I'd like you to make a backup of your Registry, which we can restore to if necessary.

Please click on THIS link, and follow the instructions for installing TCRB and creating a backup of your Registry.

Please observe these rules while we work:
  • Do not edit your logs in any way whatsoever.
  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.
If you can do these things, everything should go smoothly.
  • As you're using Windows 7, it will be necessary to right click all tools we use and select ----> Run as Administrator

It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


No sign of anything malicious being launched by svchost.exe, however there are a few things to take care of.

First ...

Download FRST64 to your Desktop.

  • Click Start
  • Type notepad.exe in the search programs and files box and click Enter.
  • A blank Notepad page should open.
    • Copy/Paste the contents of the code box below into Notepad. (Don't include Code: Select all)
Code: Select all
C:\Users\Marco\AppData\Roaming\Origin\update.vbe
C:\Users\Marco\Desktop\Icone\Verificare\FL Studio 9\flstudio_9.0.exe
C:\Users\Marco\Downloads\3DMark_11_1_0_1.exe
C:\Users\Marco\Downloads\ccsetup411.exe
C:\Users\Marco\Downloads\ccsetup412.exe
C:\Users\Marco\Downloads\DTLite4461-0328.exe
C:\Users\Marco\Downloads\FreeAudioConverter.exe
C:\Users\Marco\Downloads\jZipV1.exe
C:\Users\Marco\Downloads\WinZip165.exe
D:\Videogiochi\Sniper Elite 3\steam_api.dll 

    • Save it to the same folder/directory that FRST64.exe is in (ie your Desktop), naming it as fixlist.txt

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Start FRST by clicking on Frst64.exe
  • Accept the user prompt.
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    • Please post me the log

Next ....

Please run a Scan with FRST ...

  • Double click Frst64.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press the Scan button.
    • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.

Summary of the logs I need from you in your next post:
  • fixlog.txt
  • FRST.txt
  • Addition.txt


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21872
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: IDP.Program.D1B0A5C0 - Absurd

Unread postby Atziluth12 » July 14th, 2014, 11:41 am

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-07-2014
Ran by Marco at 2014-07-14 17:38:37 Run:1
Running from C:\Users\Marco\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Marco\AppData\Roaming\Origin\update.vbe
C:\Users\Marco\Desktop\Icone\Verificare\FL Studio 9\flstudio_9.0.exe
C:\Users\Marco\Downloads\3DMark_11_1_0_1.exe
C:\Users\Marco\Downloads\ccsetup411.exe
C:\Users\Marco\Downloads\ccsetup412.exe
C:\Users\Marco\Downloads\DTLite4461-0328.exe
C:\Users\Marco\Downloads\FreeAudioConverter.exe
C:\Users\Marco\Downloads\jZipV1.exe
C:\Users\Marco\Downloads\WinZip165.exe
D:\Videogiochi\Sniper Elite 3\steam_api.dll
*****************

C:\Users\Marco\AppData\Roaming\Origin\update.vbe => Moved successfully.
C:\Users\Marco\Desktop\Icone\Verificare\FL Studio 9\flstudio_9.0.exe => Moved successfully.
C:\Users\Marco\Downloads\3DMark_11_1_0_1.exe => Moved successfully.
C:\Users\Marco\Downloads\ccsetup411.exe => Moved successfully.
C:\Users\Marco\Downloads\ccsetup412.exe => Moved successfully.
C:\Users\Marco\Downloads\DTLite4461-0328.exe => Moved successfully.
C:\Users\Marco\Downloads\FreeAudioConverter.exe => Moved successfully.
C:\Users\Marco\Downloads\jZipV1.exe => Moved successfully.
C:\Users\Marco\Downloads\WinZip165.exe => Moved successfully.
D:\Videogiochi\Sniper Elite 3\steam_api.dll => Moved successfully.

==== End of Fixlog ====
Atziluth12
Active Member
 
Posts: 8
Joined: July 12th, 2014, 12:54 pm

Re: IDP.Program.D1B0A5C0 - Absurd

Unread postby Atziluth12 » July 14th, 2014, 11:42 am

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2014
Ran by Marco at 2014-07-14 17:37:26
Running from C:\Users\Marco\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

3Dconnexion 3DxSoftware (x64 Edition) (HKLM-x32\...\{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}) (Version: 3.16.1 - 3Dconnexion)
3Dconnexion 3DxWare (x64) (Version: 6.16.0000 - 3Dconnexion) Hidden
3Dconnexion Add-In for AutoCAD 2007 - 2010 (Version: 4.5.1 - 3Dconnexion) Hidden
3Dconnexion Add-In for Inventor 11 - 2013 (Version: 1.11.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for Solid Edge V18 - ST5 (Version: 2.21.1 - 3Dconnexion) Hidden
3Dconnexion Add-In for SolidWorks 2005 - 2013 (Version: 2.22.1 - 3Dconnexion) Hidden
3Dconnexion Add-On for XSI v5.0 - 2013 (Version: 2.10.1 - 3Dconnexion) Hidden
3Dconnexion Collage (x32 Version: 1.3.0 - 3Dconnexion) Hidden
3Dconnexion Extension for SketchUp (x32 Version: 3.1.3 - 3Dconnexion) Hidden
3Dconnexion Plug-In for 3ds Max v9 - 2013 (Version: 5.5.1 - 3Dconnexion) Hidden
3Dconnexion Plug-in for Acrobat 3D (x32 Version: 1.2.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Maya v8.5 - 2013 (Version: 4.2.2 - 3Dconnexion) Hidden
3Dconnexion Plug-In for NX v3.0 - v8.5 (Version: 2.12.2 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Photoshop CS3 - CS6 (Version: 2.3.1 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Pro/ENGINEER Wildfire 3.0 - Creo 2.0 (Version: 1.12.2 - 3Dconnexion) Hidden
3Dconnexion Trainer (x32 Version: 3.2.0 - 3Dconnexion) Hidden
4K Video Downloader 2.9 (HKLM-x32\...\4K Video Downloader_is1) (Version: 2.9.0.1000 - Open Media LLC)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.4.0.2710 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version: - Rebellion)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Nome società) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AmpliTube 3 (HKLM-x32\...\{5DD152A8-BFB3-439E-90CD-5C00C2116E23}) (Version: 3.0.0 - IK Multimedia)
Antares Kantos v1.0 (HKLM-x32\...\Antares Kantos v1.0) (Version: - )
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Autodesk 3ds Max 2014 (HKLM\...\Autodesk 3ds Max 2014) (Version: 16.0.420.0 - Autodesk)
Autodesk 3ds Max 2014 (Version: 16.0.420.0 - Autodesk) Hidden
Autodesk 3ds Max 2014 64-bit Populate Data (HKLM\...\{7491836B-659E-47DD-ABBF-F875AD48FD10}) (Version: 1.0.0.1 - Autodesk)
Autodesk Backburner 2014 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 14.0.0.0 - Autodesk, Inc.)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk Essential Skills Movies for 3ds Max 2014 64-bit (HKLM\...\{E8814D63-BB76-4C89-A25E-264ECF11D00D}) (Version: 1.2.0.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2014 64-bit (HKLM\...\{009751C6-22D7-4548-A313-AD48FA57076F}) (Version: 16.0 - Autodesk)
Autodesk MatchMover 2014 (HKLM\...\{B151ECD3-2DBE-45E9-816E-F8AA6238F6A8}) (Version: 14.00.0000 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2014 (HKLM-x32\...\{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}) (Version: 4.0.19.0 - Autodesk)
Autodesk Maya 2014 (HKLM\...\Autodesk Maya 2014) (Version: 16.0.0.0 - Autodesk)
Autodesk Maya 2014 (Version: 16.0.0.0 - Autodesk) Hidden
Autodesk MotionBuilder 2014 (HKLM\...\Autodesk MotionBuilder 2014) (Version: 14.0.0.597 - Autodesk)
Autodesk MotionBuilder 2014 (Version: 14.0.0.597 - Autodesk) Hidden
Autodesk Mudbox 2014 (HKLM\...\Autodesk Mudbox 2014) (Version: 8.0.0.1010 - Autodesk)
Autodesk Mudbox 2014 (Version: 8.0.0.1010 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2014 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2014 (Version: 13.02.15161 - Autodesk) Hidden
Autodesk SketchBook Designer 2014 (HKLM\...\Autodesk SketchBook Designer 2014) (Version: 4.00.0000 - Autodesk)
Autodesk SketchBook Designer 2014 (Version: 4.00.0000 - Autodesk) Hidden
Autodesk Softimage 2014 (HKLM\...\Autodesk Softimage 2014) (Version: 12.0.0000 - Autodesk)
Autodesk Softimage 2014 (Version: 12.0.0000 - Autodesk) Hidden
Autodesk Suite Exclusives 2014 64-bit (HKLM\...\{2B1E251B-715E-4E93-A4BB-B69671405EAA}) (Version: 2.0.0.0 - Autodesk)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
BattlEye Uninstall (HKLM-x32\...\BattlEye) (Version: - )
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.1.0 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - )
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.12.2.1 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.12.2.0 - Canon Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Centro gestione Mouse e Tastiere Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Centro gestione Mouse e Tastiere Microsoft (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Corel Painter 12 (HKLM\...\_{08A8CCEA-36DC-4634-AAAA-79463D644C0E}) (Version: 12.0.0.502 - Corel Corporation)
Creative Pack Volume 1 (HKLM-x32\...\{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}) (Version: 3.0.0 - Avid Technology, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
Driver Pinnacle Video (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dxtory 2.0.109 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.109 - Dxtory Software)
Edirol HQ Orchestral VSTi v1.03 (HKLM-x32\...\Edirol HQ Orchestral VSTi v1.03) (Version: - )
EOSInfo (HKLM-x32\...\{CC23FF9A-989C-4DEB-8970-50E6E4862315}) (Version: 0.2.0 - astrojargon.net)
EOSMSG (HKLM-x32\...\{C68EB8C6-FFCC-42A8-B509-18B331E220F7}) (Version: 3.0.1 - www.eosmsg.com)
er100LT (x32 Version: 1.00.102 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Etron USB3.0 Host Controller (x32 Version: 0.109 - Etron Technology) Hidden
FileZilla Client 3.7.3 (HKCU\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Filmmaker's Toolkit for Studio (HKLM-x32\...\InstallShield_{4CF172C5-F121-41FA-B0B0-0D49840BF003}) (Version: 1.00.0000 - Red Giant)
Filmmaker's Toolkit for Studio (x32 Version: 1.00.0000 - Red Giant) Hidden
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Audio Converter version 5.0.24.430 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.24.430 - DVDVideoSoft Ltd.)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.17.0 - Futuremark Corporation)
Geeks3D.com FurMark 1.10.1 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D.com)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
GoldWave v5.67 (HKLM-x32\...\GoldWave v5.67) (Version: - )
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.25.141 - Google, Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Heaven DX11 Benchmark version 3.0 (HKLM\...\Unigine Heaven DX11 Benchmark (Basic Edition)_is1) (Version: 3.0 - Unigine Corp.)
Hollywood FX Volumes 1-3 (HKLM-x32\...\{E3D181F8-246B-497F-945E-6DB98CBA6677}) (Version: 2.0.0 - Avid Technology, Inc.)
H-Series_ASIO64 (HKLM\...\{5ACDFB68-D994-48E0-A579-2AFA6B851710}) (Version: 2.0.0.3 - ZOOM)
H-Series_Multi_Track_ASIO64 (HKLM\...\{2071332E-57E9-44AC-AD43-E72B069CC576}) (Version: 1.0.0.14 - ZOOM)
IconHandler 64 bit (Version: 2.0 - Corel Corporation) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{BC2A33D9-A853-4214-8DE6-BCFFA5EDA3DE}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Korg Legacy Collection VSTi v1.0.02 (HKLM-x32\...\Korg Legacy Collection VSTi v1.0.02) (Version: - )
LG Burning Tool (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.6009 - CyberLink Corp.)
LG Burning Tool (x32 Version: 6.2.6009 - CyberLink Corp.) Hidden
LG CyberLink BD Advisor (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.4606 - CyberLink Corp.)
LG CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
LG CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
LG CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2820 - CyberLink Corp.)
LG CyberLink Media Suite (x32 Version: 8.0.2820 - CyberLink Corp.) Hidden
LG CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1622_37397b - CyberLink Corp.)
LG CyberLink MediaEspresso (x32 Version: 6.5.1622_37397b - CyberLink Corp.) Hidden
LG CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3402 - CyberLink Corp.)
LG CyberLink MediaShow (x32 Version: 4.1.3402 - CyberLink Corp.) Hidden
LG CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3424.52 - CyberLink Corp.)
LG CyberLink PowerDVD (x32 Version: 10.0.3424.52 - CyberLink Corp.) Hidden
LG CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2820a - CyberLink Corp.)
LG CyberLink PowerProducer (x32 Version: 5.0.2.2820a - CyberLink Corp.) Hidden
LG CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3718 - CyberLink Corp.)
LG CyberLink YouCam (x32 Version: 2.0.3718 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
Logitech SetPoint 5.00 (HKLM\...\{D3120436-1358-4253-9EB2-257FFE8CE1D9}) (Version: 5.00 - Logitech)
Luminance HDR 2.3.1 (HKLM\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version: - Luminance HDR Dev Team)
Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games)
mental ray renderer for Autodesk Maya 2014 (HKLM\...\{4F5AD3FF-38C6-43FB-BB6F-8EF830DEDF16}) (Version: 13.0.0.0 - mental ray)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (ITA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{3AED9DC1-F17E-4DF2-80F4-D577DFBCEE9D}) (Version: 1.20.146.0 - Microsoft)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Motion Graphics Toolkit for Studio (HKLM-x32\...\InstallShield_{178D71F4-DFB1-40EC-9D95-326FD8A3E7A0}) (Version: 1.00.0000 - Red Giant)
Motion Graphics Toolkit for Studio (x32 Version: 1.00.0000 - Red Giant) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mp3tag v2.55 (HKLM-x32\...\Mp3tag) (Version: v2.55 - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Native Instruments - Traktor 1.06 (HKLM-x32\...\Native Instruments - Traktor 1.06) (Version: - )
Neat Image v7.5.0 Demo Standalone (HKLM\...\Neat Image Standalone_is1) (Version: - Neat Image team, ABSoft)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OCCT 4.2.0 (HKLM-x32\...\OCCT) (Version: 4.2.0 - Ocbase.com)
Origin (HKLM-x32\...\Origin) (Version: 8.6.0.357 - Electronic Arts, Inc.)
Painter 12 - Content (Version: 12.0.0 - Corel Corporation) Hidden
Painter 12 - Core (Version: 12.0.0 - Corel Corporation) Hidden
Painter 12 - Corex64 (Version: 12.0.0 - Corel Corporation) Hidden
Painter 12 - EN (Version: 12.0.0 - Corel Corporation) Hidden
Painter 12 - IPM (Version: 12.0 - Corel Corporation) Hidden
Painter 12 - Setup Files (Version: 12.0 - Corel Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Ninja version 1.2.1 (HKLM-x32\...\{A7529D5D-2F7E-4AFC-B279-9CFE153474B8}_is1) (Version: 1.2.1 - PictureCode LLC)
Piante contro Zombi™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinnacle Studio 16 - Install Manager (HKLM-x32\...\{F1886CD7-9F73-417A-92E9-7E0AB0F0E099}) (Version: 16.0.75 - Avid Technology, Inc.)
Pinnacle Studio 16 - Standard Content Pack (HKLM-x32\...\{7D0F4ACC-698A-41B9-B1E2-17594988FBEF}) (Version: 16.0.0 - Avid Technology, Inc.)
Pinnacle Studio 16 (HKLM-x32\...\{284BFDBC-DAC6-43EC-85A8-E1CEC0D3A114}) (Version: 16.0.0.75 - Avid Technology, Inc.)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Premium Pack Volumes 1-2 (HKLM-x32\...\{88C4D8A6-9954-46A0-965D-92E55DAB8734}) (Version: 2.0.0 - Avid Technology, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{8DC42D05-680B-41B0-8878-6C14D24602DB}) (Version: 7.55.90.70 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
RadeonPro 1.0 (Build 1.1.1.0) (HKLM-x32\...\RadeonPro_is1) (Version: - )
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6728 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.3.12085_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.3.12085_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.13114.22 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.13114.22 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Sapphire TRIXX (HKLM-x32\...\Sapphire TRIXX) (Version: - )
ScopeUserGuide (Version: 1.00.0000 - Nome società) Hidden
ScoreFitter Volumes 1-2 (HKLM-x32\...\{0FDA9ECA-6DA3-480E-B7A9-76F353AF6B6C}) (Version: 2.0.0 - Avid Technology, Inc.)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sniper Elite 3 (HKLM-x32\...\U25pcGVyRWxpdGUz_is1) (Version: 1 - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Supporto applicazioni Apple (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Tavoletta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.6-3 - Wacom Technology Corp.)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.4.15 - Electronic Arts)
Title Extreme (HKLM-x32\...\{F7214014-27EE-4237-9978-2F9D1551559B}) (Version: 2.0.0 - Avid Technology, Inc.)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.03 - Ubisoft)
Tomb Raider (HKLM-x32\...\Tomb Raider_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points =========================

12-07-2014 15:51:46 Malwarebytes Anti-Rootkit Restore Point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-07-12 18:44 - 00000000 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {06ADFC3A-7CC3-4636-B2C2-9F42EBC33C86} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {0B39775C-659D-4C65-8EE2-58F164B7840A} - System32\Tasks\Origin => C:\Users\Marco\AppData\Roaming\Origin\update.vbe [2014-07-12] () <==== ATTENTION
Task: {1995FC4C-18C1-4E94-8F6F-E83651178556} - System32\Tasks\Sapphire TRIXX => C:\Program Files (x86)\Sapphire TRIXX\TRIXX.exe [2013-02-07] ()
Task: {3A84B424-2C6E-49D4-BB2E-F55F2C0070E9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {3E47972F-59EC-4A41-9873-EE242FA10B2D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {4AB001F8-9E6D-4D1F-850B-F158AFF7455E} - System32\Tasks\AdobeAAMUpdater-1.0-Marco-PC-Marco => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {5AC7335F-AF01-4B74-A75C-A31E63B2674F} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {5D507E8E-BF31-4630-9EC6-B4616E3D2E7B} - System32\Tasks\Microsoft_Hardware_Launch_IcePick_exe => C:\Program Files (x86)\Microsoft LifeCam\IcePick.exe
Task: {60418AA7-4EAD-4A26-B0C4-1263F3317CF0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {72ECFB2D-AF37-429F-90B7-8B3B0CD1B1B5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4147574590-342259343-1769008775-1000Core => C:\Users\Marco\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-24] (Google Inc.)
Task: {75EF9C74-9428-4758-A727-DE45AC61C355} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {89DA44A4-56AD-4E37-A262-8932E3859493} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {8BD63298-64FE-49B5-852B-AAEB52DEFC5E} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {94A3616A-ED81-491F-B970-7A047E43A572} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {B5F058A0-E91D-4967-9DB8-7A245CF7C59C} - System32\Tasks\PC Shutdown => C:\Windows\System32\shutdown.exe [2009-07-14] (Microsoft Corporation)
Task: {B78DD6D8-E5AA-4FB2-8AEA-9F9B04BB25F7} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {D4CED013-5370-4D4A-95AE-084B5D24AF69} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23] (Google Inc.)
Task: {DEC5F2A3-DC4C-4792-86AC-CE436512A06B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23] (Google Inc.)
Task: {DFED75D3-AA69-40F5-9C04-C967C143E4A2} - System32\Tasks\3DconnexionCreateProcess_3DxSRV.EXE => C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3DxSRV.EXE [2012-10-11] (3Dconnexion, INC)
Task: {E0E435AB-75D3-4532-83A6-0C7017036E6D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4147574590-342259343-1769008775-1000UA => C:\Users\Marco\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-24] (Google Inc.)
Task: {ECD832C9-17B1-4FD0-9388-227D677FDBFF} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4147574590-342259343-1769008775-1000Core.job => C:\Users\Marco\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4147574590-342259343-1769008775-1000UA.job => C:\Users\Marco\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-02-07 11:38 - 2013-02-07 11:38 - 05534016 _____ () C:\Program Files (x86)\Sapphire TRIXX\TRIXX.exe
2012-05-23 15:23 - 2012-02-07 17:27 - 00121344 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2012-02-09 16:26 - 2012-02-09 16:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 16:26 - 2012-02-09 16:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2011-09-15 06:19 - 2011-09-15 06:19 - 00086016 _____ () D:\Autodesk\Autodesk Entertainment Creation Suite Ultimate 2014\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
2012-05-24 19:18 - 2014-06-12 00:20 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-07-31 22:43 - 2009-07-02 16:02 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-10-11 14:58 - 2012-10-11 14:58 - 00056832 _____ () C:\Windows\system32\SPWINI.dll
2013-09-11 13:48 - 2013-06-06 04:09 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2014-03-11 23:42 - 2014-01-13 18:24 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-07-13 19:05 - 2014-07-14 17:33 - 00451086 _____ () C:\Windows\Temp\svchost.exe
2012-05-30 20:06 - 2012-05-30 20:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-04 12:02 - 2011-03-04 12:02 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2011-03-04 12:02 - 2011-03-04 12:02 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2011-03-04 12:02 - 2011-03-04 12:02 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2009-12-15 13:46 - 2009-12-15 13:46 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-12-15 13:49 - 2009-12-15 13:49 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-06-14 20:46 - 2014-06-05 15:58 - 00716616 _____ () C:\Users\Marco\AppData\Local\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-14 20:46 - 2014-06-05 15:58 - 00126280 _____ () C:\Users\Marco\AppData\Local\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-14 20:46 - 2014-06-05 15:58 - 04217672 _____ () C:\Users\Marco\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-14 20:46 - 2014-06-05 15:58 - 00414536 _____ () C:\Users\Marco\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-14 20:46 - 2014-06-05 15:58 - 01732424 _____ () C:\Users\Marco\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-07-12 16:06 - 2014-07-14 17:33 - 00279955 _____ () C:\Windows\Temp\libidn-11.dll
2014-07-12 16:06 - 2014-07-14 17:33 - 00113166 _____ () C:\Windows\Temp\zlib1.dll
2014-07-12 16:06 - 2014-07-14 17:33 - 00148760 _____ () C:\Windows\Temp\libpdcurses.dll
2014-07-12 16:06 - 2014-07-14 17:33 - 00112142 _____ () C:\Windows\Temp\libgcc_s_dw2-1.dll
2014-07-10 18:16 - 2014-07-08 08:18 - 14663856 _____ () C:\Users\Marco\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll
2014-02-14 19:23 - 2014-02-14 19:23 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b162055347700182d96325676dd591c4\IsdiInterop.ni.dll
2012-05-23 15:19 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-05-23 15:22 - 2012-02-07 17:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Controller video
Description: Controller video
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Controller USB ( Universal Serial Bus)
Description: Controller USB ( Universal Serial Bus)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/14/2014 05:35:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Errore nel file manifesto o dei criteri "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2", alla riga C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/14/2014 05:34:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/14/2014 05:32:57 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

Error: (07/13/2014 07:06:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/13/2014 07:04:59 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

Error: (07/13/2014 04:17:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Errore nel file manifesto o dei criteri "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2", alla riga C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/13/2014 04:17:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Errore nel file manifesto o dei criteri "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2", alla riga C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/13/2014 04:17:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/13/2014 04:15:29 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

Error: (07/13/2014 10:24:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/14/2014 05:33:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Il servizio Gruppi reti peer dipende dal servizio Protocollo PNRP che non è stato avviato per il seguente errore:
%%-2140993535

Error: (07/14/2014 05:33:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Protocollo PNRP terminato con l'errore:
%%-2140993535

Error: (07/14/2014 05:33:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Il servizio Gruppi reti peer dipende dal servizio Protocollo PNRP che non è stato avviato per il seguente errore:
%%-2140993535

Error: (07/14/2014 05:33:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Protocollo PNRP terminato con l'errore:
%%-2140993535

Error: (07/14/2014 05:33:17 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (07/14/2014 05:33:17 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (07/14/2014 05:33:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Il servizio Gruppi reti peer dipende dal servizio Protocollo PNRP che non è stato avviato per il seguente errore:
%%-2140993535

Error: (07/14/2014 05:33:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Protocollo PNRP terminato con l'errore:
%%-2140993535

Error: (07/14/2014 05:33:06 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (07/13/2014 07:06:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Protocollo PNRP terminato con l'errore:
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (07/14/2014 05:35:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marco\Downloads\esetsmartinstaller_enu.exe

Error: (07/14/2014 05:34:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/14/2014 05:32:57 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

Error: (07/13/2014 07:06:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/13/2014 07:04:59 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

Error: (07/13/2014 04:17:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marco\Downloads\esetsmartinstaller_enu.exe

Error: (07/13/2014 04:17:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marco\Downloads\esetsmartinstaller_enu.exe

Error: (07/13/2014 04:17:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/13/2014 04:15:29 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

Error: (07/13/2014 10:24:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2014-07-12 15:45:30.165
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.

Date: 2014-07-12 15:45:30.119
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.

Date: 2014-04-27 18:28:28.257
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.

Date: 2014-04-27 18:28:28.210
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.

Date: 2014-04-27 18:28:28.148
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.

Date: 2014-04-27 18:28:28.086
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.

Date: 2014-04-23 18:35:15.086
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.

Date: 2014-04-23 18:35:15.039
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.

Date: 2014-04-23 18:35:14.945
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.

Date: 2014-04-23 18:35:14.898
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.


==================== Memory info ===========================

Percentage of memory in use: 20%
Total physical RAM: 16274.76 MB
Available physical RAM: 12923.92 MB
Total Pagefile: 32547.7 MB
Available Pagefile: 28817.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:32.8 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:199.84 GB) NTFS
Drive g: (Sniper Elite 3) (CDROM) (Total:13.44 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: DEDB659F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: DEDB65EA)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Atziluth12
Active Member
 
Posts: 8
Joined: July 12th, 2014, 12:54 pm

Re: IDP.Program.D1B0A5C0 - Absurd

Unread postby Atziluth12 » July 14th, 2014, 11:42 am

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014
Ran by Marco (administrator) on MARCO-PC on 14-07-2014 17:40:48
Running from C:\Users\Marco\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Italiano (Italia)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Sapphire TRIXX\TRIXX.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() D:\Autodesk\Autodesk Entertainment Creation Suite Ultimate 2014\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Mr. John aka japamd) C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(3Dconnexion, INC) C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) D:\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Users\Marco\AppData\Local\Google\Chrome\Application\chrome.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Google Inc.) C:\Users\Marco\AppData\Local\Google\Chrome\Application\chrome.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Google Inc.) C:\Users\Marco\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Windows\Temp\svchost.exe
(Google Inc.) C:\Users\Marco\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marco\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Google Inc.) C:\Users\Marco\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [VIRTU_MVP_AUTORUN] => %ProgramFiles%\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe /hide
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [134160 2007-07-17] (Logitech, Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-30] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-09-28] (cyberlink)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [413696 2008-09-06] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => D:\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4147574590-342259343-1769008775-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-4147574590-342259343-1769008775-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk
ShortcutTarget: SetPointII.lnk -> C:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start 3DxWare.lnk
ShortcutTarget: Start 3DxWare.lnk -> C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe (3Dconnexion, INC)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE4ADF0D39828CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it-IT
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Guida per l'accesso all'account Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Marco\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Marco\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

Chrome:
=======
CHR Extension: (Documenti Google) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-12]
CHR Extension: (Google Drive) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-12]
CHR Extension: (YouTube) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-12]
CHR Extension: (Ricerca Google) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-12]
CHR Extension: (Google Wallet) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-12]
CHR Extension: (Gmail) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-12]
CHR StartMenuInternet: Google Chrome - C:\Users\Marco\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [121344 2012-02-07] () [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R2 mi-raysat_3dsmax2014_64; D:\Autodesk\Autodesk Entertainment Creation Suite Ultimate 2014\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-12] ()
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [20608 2013-04-13] (Mr. John aka japamd)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-06] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-06-02] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-27] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] () [File not signed]
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [14652768 2012-01-05] (Intel Corporation) [File not signed]
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [331264 2011-12-05] (Intel(R) Corporation) [File not signed]
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [30312 2014-07-12] ()
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-07-14] ()
S3 ZMH6AudioSrv; C:\Windows\System32\drivers\zmh6au.sys [139776 2013-06-19] (ZOOM)
S3 ZMHHPAudioSrv; C:\Windows\System32\drivers\zmhhpau.sys [45056 2013-06-19] (ZOOM)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 DUMeterDrv; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [X]
R3 TRIXX; \??\C:\Users\Marco\AppData\Local\Temp\TRIXX.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-14 17:40 - 2014-07-14 17:40 - 00022085 _____ () C:\Users\Marco\Downloads\FRST.txt
2014-07-14 17:35 - 2014-07-14 17:40 - 00000000 ____D () C:\FRST
2014-07-14 17:35 - 2014-07-14 17:35 - 02086912 _____ (Farbar) C:\Users\Marco\Downloads\FRST64.exe
2014-07-14 17:35 - 2014-07-14 17:35 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MARCO-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-07-14 17:34 - 2014-07-14 17:34 - 04057608 _____ () C:\Users\Marco\Downloads\tweaking.com_registry_backup_setup.exe
2014-07-14 17:34 - 2014-07-14 17:34 - 00002235 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-07-14 17:34 - 2014-07-14 17:34 - 00000000 ____D () C:\RegBackup
2014-07-14 17:34 - 2014-07-14 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-14 17:34 - 2014-07-14 17:34 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-13 17:15 - 2014-07-13 17:15 - 00000988 _____ () C:\Users\Marco\Desktop\ESET.txt
2014-07-13 16:18 - 2014-07-13 16:18 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-13 16:17 - 2014-07-13 16:17 - 02347384 _____ (ESET) C:\Users\Marco\Downloads\esetsmartinstaller_enu.exe
2014-07-13 00:22 - 2014-07-13 00:22 - 00000000 ____D () C:\Users\Marco\AppData\Local\Sniper3
2014-07-13 00:22 - 2014-07-13 00:22 - 00000000 ____D () C:\ProgramData\Steam
2014-07-13 00:17 - 2014-07-13 00:17 - 00000649 _____ () C:\Users\Public\Desktop\Sniper Elite 3.lnk
2014-07-13 00:17 - 2014-07-13 00:17 - 00000649 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sniper Elite 3.lnk
2014-07-12 23:58 - 2014-07-12 04:43 - 00006250 _____ () C:\Users\Marco\Desktop\reloaded.nfo
2014-07-12 19:04 - 2014-07-12 19:04 - 00027148 _____ () C:\Users\Marco\Desktop\dds.txt
2014-07-12 19:04 - 2014-07-12 19:04 - 00009255 _____ () C:\Users\Marco\Desktop\attach.txt
2014-07-12 19:00 - 2014-07-12 19:00 - 00688992 ____R (Swearware) C:\Users\Marco\Downloads\dds.com
2014-07-12 18:47 - 2014-07-14 17:32 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-07-12 18:24 - 2014-07-12 18:24 - 00462772 _____ () C:\Windows\SysWOW64\scrypt140121Tahitiglg2tc8192w64l4.bin
2014-07-12 18:22 - 2014-07-12 18:22 - 00000085 _____ () C:\Windows\wininit.ini
2014-07-12 15:40 - 2014-07-12 15:45 - 00000000 ____D () C:\Windows\erdnt
2014-07-12 15:35 - 2014-07-12 17:36 - 00000000 ____D () C:\AdwCleaner
2014-07-12 15:35 - 2014-07-12 15:35 - 01348263 _____ () C:\Users\Marco\Downloads\adwcleaner_3.215.exe
2014-07-12 15:35 - 2014-07-12 15:35 - 01016261 _____ (Thisisu) C:\Users\Marco\Downloads\JRT.exe
2014-07-12 15:35 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-12 15:05 - 2014-07-12 17:57 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-12 15:05 - 2014-07-12 17:53 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-12 15:05 - 2014-07-12 15:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-12 15:04 - 2014-07-12 17:57 - 00000000 ____D () C:\Users\Marco\Desktop\mbar
2014-07-12 15:04 - 2014-07-12 17:53 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-12 15:03 - 2014-07-12 15:04 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Marco\Downloads\mbar-1.07.0.1012.exe
2014-07-12 14:39 - 2014-07-12 14:39 - 00000000 _____ () C:\Windows\SysWOW64\OCL7560T0
2014-07-12 14:37 - 2014-07-12 18:30 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-07-12 14:37 - 2014-07-12 14:37 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-12 14:36 - 2014-07-12 14:37 - 05336664 _____ () C:\Users\Marco\Downloads\RogueKillerX64.exe
2014-07-12 14:35 - 2014-07-12 14:35 - 00822544 _____ (Reimage®) C:\Users\Marco\Downloads\ReimageRepair.exe
2014-07-12 14:31 - 2014-07-12 14:31 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Marco\Downloads\SpyHunter-Installer (1).exe
2014-07-12 14:20 - 2014-07-12 14:20 - 00000000 __SHD () C:\Users\Marco\AppData\Local\EmieUserList
2014-07-12 14:20 - 2014-07-12 14:20 - 00000000 __SHD () C:\Users\Marco\AppData\Local\EmieSiteList
2014-07-12 12:59 - 2014-07-12 12:59 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-12 12:58 - 2014-07-12 17:51 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-12 12:39 - 2014-07-12 12:39 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Marco\Downloads\SpyHunter-installer.exe
2014-07-12 11:53 - 2014-07-12 18:23 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-12 11:53 - 2014-07-12 18:22 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-12 11:53 - 2014-07-12 11:53 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-07-12 11:50 - 2014-07-12 11:52 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Marco\Downloads\spybot-2.4.exe
2014-07-12 11:48 - 2014-07-12 11:48 - 12348480 _____ (Elex do Brasil Participações Ltda) C:\Users\Marco\Downloads\yet_another_cleaner_sk.exe
2014-07-12 11:37 - 2014-07-12 11:37 - 00000000 _____ () C:\Windows\SysWOW64\OCL3972T6
2014-07-12 04:05 - 2014-07-12 05:37 - 00166552 _____ () C:\Users\Marco\Desktop\Strano.flp
2014-07-12 03:12 - 2014-07-12 03:12 - 00000000 ____D () C:\Users\Marco\Documents\FIFA 14
2014-07-12 03:09 - 2014-07-12 03:09 - 00003120 _____ () C:\Windows\System32\Tasks\Origin
2014-07-11 19:04 - 2014-07-11 19:04 - 00033747 _____ () C:\Users\Marco\Downloads\[katproxy.com]fifa.14.ultimate.edition.full.multi.14.skidrow.torrent
2014-07-11 19:02 - 2014-07-11 19:02 - 00069373 _____ () C:\Users\Marco\Downloads\[kickass.to]sniper.elite.3.reloaded.torrent
2014-07-10 00:11 - 2014-07-10 00:11 - 00005133 _____ () C:\Users\Marco\AppData\Local\recently-used.xbel
2014-07-09 17:42 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 17:42 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 17:42 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 17:42 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 17:42 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 17:42 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 17:42 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 17:42 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 17:42 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 17:42 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 17:42 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 17:42 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 17:42 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 17:42 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 17:42 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 17:42 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 17:42 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 17:42 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 17:42 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 17:42 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 17:42 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 17:42 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 17:42 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 17:42 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 17:42 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 17:42 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 17:42 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 17:42 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 17:42 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 17:42 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 17:42 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 17:42 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 17:42 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 17:42 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 17:42 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 17:42 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 17:42 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 17:42 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 17:42 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 17:42 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 17:42 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 17:42 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 17:42 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 17:42 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 17:42 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 17:42 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 17:42 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 17:42 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 17:42 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 17:42 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 17:42 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 17:42 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 17:42 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 17:42 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 17:42 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 17:42 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 17:42 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 17:42 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 17:42 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 17:42 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 17:42 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 17:42 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 17:42 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 17:41 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 17:41 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 17:41 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 17:41 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 17:41 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 17:41 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 17:41 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 17:41 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 17:41 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 17:41 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 17:41 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 17:41 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 17:41 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 17:41 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 17:41 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 17:36 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 17:36 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 17:36 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-08 17:49 - 2014-07-08 18:03 - 317686496 _____ (AMD Inc.) C:\Users\Marco\Downloads\amd-catalyst-14.6-rc2-windows-june23.exe
2014-07-08 17:47 - 2014-07-08 17:48 - 00275368 _____ () C:\Windows\Minidump\070814-23680-01.dmp
2014-07-07 19:24 - 2014-07-07 19:26 - 00000000 ____D () C:\Users\Marco\Desktop\bw
2014-07-07 19:21 - 2014-07-07 19:24 - 00000000 ____D () C:\Users\Marco\Desktop\Color
2014-06-30 21:18 - 2014-06-30 22:52 - 957798400 _____ () C:\Users\Marco\Downloads\tails-i386-1.0.1.iso
2014-06-30 21:16 - 2014-06-30 21:16 - 00000018 _____ () C:\Users\Marco\Desktop\pw.txt
2014-06-30 21:10 - 2014-06-30 21:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DU Meter
2014-06-30 21:10 - 2014-06-30 21:10 - 00000000 ____D () C:\ProgramData\Hagel Technologies
2014-06-30 21:09 - 2014-06-30 21:09 - 03472312 _____ (Hagel Technologies Ltd. ) C:\Users\Marco\Downloads\DUMeter-Install.exe
2014-06-30 17:35 - 2014-06-30 17:36 - 00859136 _____ () C:\Users\Marco\Downloads\EOScard.exe
2014-06-22 12:32 - 2014-06-22 12:32 - 00045596 _____ () C:\Users\Marco\Downloads\TheWorse Mod (0.7+Fix) for Watch_Dogs.rar
2014-06-19 01:09 - 2014-06-19 01:09 - 00002228 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-06-19 01:00 - 2014-06-20 01:08 - 00000000 ____D () C:\Users\Marco\Desktop\Fede
2014-06-17 18:32 - 2014-06-17 18:32 - 00275368 _____ () C:\Windows\Minidump\061714-26208-01.dmp
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00269080 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-06-16 19:45 - 2014-06-16 19:54 - 00000000 ____D () C:\Users\Marco\Desktop\Foto Documenti

==================== One Month Modified Files and Folders =======

2014-07-14 17:40 - 2014-07-14 17:40 - 00022085 _____ () C:\Users\Marco\Downloads\FRST.txt
2014-07-14 17:40 - 2014-07-14 17:35 - 00000000 ____D () C:\FRST
2014-07-14 17:40 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-14 17:40 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-14 17:38 - 2012-05-24 18:49 - 00000000 ___HD () C:\Users\Marco\AppData\Roaming\Origin
2014-07-14 17:37 - 2014-05-03 17:01 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-14 17:37 - 2012-07-09 19:20 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8F55E55F-64AC-46B0-BA4C-359E394E5CF7}
2014-07-14 17:37 - 2011-04-12 12:49 - 00013676 _____ () C:\Windows\system32\perfh010.dat
2014-07-14 17:37 - 2011-04-12 12:49 - 00004674 _____ () C:\Windows\system32\perfc010.dat
2014-07-14 17:37 - 2009-07-14 07:13 - 00790864 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-14 17:36 - 2014-04-01 17:56 - 01296461 _____ () C:\Windows\WindowsUpdate.log
2014-07-14 17:35 - 2014-07-14 17:35 - 02086912 _____ (Farbar) C:\Users\Marco\Downloads\FRST64.exe
2014-07-14 17:35 - 2014-07-14 17:35 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MARCO-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-07-14 17:34 - 2014-07-14 17:34 - 04057608 _____ () C:\Users\Marco\Downloads\tweaking.com_registry_backup_setup.exe
2014-07-14 17:34 - 2014-07-14 17:34 - 00002235 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2014-07-14 17:34 - 2014-07-14 17:34 - 00000000 ____D () C:\RegBackup
2014-07-14 17:34 - 2014-07-14 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-14 17:34 - 2014-07-14 17:34 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-14 17:33 - 2012-07-30 12:34 - 00000000 ____D () C:\Users\Marco\AppData\Local\Adobe
2014-07-14 17:32 - 2014-07-12 18:47 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-07-14 17:32 - 2014-04-01 17:58 - 00091678 _____ () C:\Windows\PFRO.log
2014-07-14 17:32 - 2014-04-01 17:52 - 00057528 _____ () C:\Windows\setupact.log
2014-07-14 17:32 - 2012-08-23 01:49 - 00001144 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-14 17:32 - 2012-05-23 15:32 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-07-14 17:32 - 2012-05-23 15:23 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-07-14 17:32 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-13 17:57 - 2012-08-23 01:49 - 00001148 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-13 17:48 - 2013-06-17 18:49 - 00000978 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-13 17:32 - 2012-05-24 18:27 - 00001160 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4147574590-342259343-1769008775-1000UA.job
2014-07-13 17:15 - 2014-07-13 17:15 - 00000988 _____ () C:\Users\Marco\Desktop\ESET.txt
2014-07-13 16:18 - 2014-07-13 16:18 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-13 16:17 - 2014-07-13 16:17 - 02347384 _____ (ESET) C:\Users\Marco\Downloads\esetsmartinstaller_enu.exe
2014-07-13 00:42 - 2012-06-29 21:54 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\BitTorrent
2014-07-13 00:22 - 2014-07-13 00:22 - 00000000 ____D () C:\Users\Marco\AppData\Local\Sniper3
2014-07-13 00:22 - 2014-07-13 00:22 - 00000000 ____D () C:\ProgramData\Steam
2014-07-13 00:17 - 2014-07-13 00:17 - 00000649 _____ () C:\Users\Public\Desktop\Sniper Elite 3.lnk
2014-07-13 00:17 - 2014-07-13 00:17 - 00000649 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sniper Elite 3.lnk
2014-07-12 23:32 - 2012-05-24 18:27 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4147574590-342259343-1769008775-1000Core.job
2014-07-12 19:04 - 2014-07-12 19:04 - 00027148 _____ () C:\Users\Marco\Desktop\dds.txt
2014-07-12 19:04 - 2014-07-12 19:04 - 00009255 _____ () C:\Users\Marco\Desktop\attach.txt
2014-07-12 19:00 - 2014-07-12 19:00 - 00688992 ____R (Swearware) C:\Users\Marco\Downloads\dds.com
2014-07-12 18:30 - 2014-07-12 14:37 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-07-12 18:24 - 2014-07-12 18:24 - 00462772 _____ () C:\Windows\SysWOW64\scrypt140121Tahitiglg2tc8192w64l4.bin
2014-07-12 18:23 - 2014-07-12 11:53 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-12 18:22 - 2014-07-12 18:22 - 00000085 _____ () C:\Windows\wininit.ini
2014-07-12 18:22 - 2014-07-12 11:53 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-12 17:57 - 2014-07-12 15:05 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-12 17:57 - 2014-07-12 15:04 - 00000000 ____D () C:\Users\Marco\Desktop\mbar
2014-07-12 17:53 - 2014-07-12 15:05 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-12 17:53 - 2014-07-12 15:04 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-12 17:51 - 2014-07-12 12:58 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-07-12 17:36 - 2014-07-12 15:35 - 00000000 ____D () C:\AdwCleaner
2014-07-12 16:06 - 2012-05-23 15:23 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-07-12 15:46 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-12 15:45 - 2014-07-12 15:40 - 00000000 ____D () C:\Windows\erdnt
2014-07-12 15:45 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-12 15:37 - 2014-05-04 20:37 - 00000000 ____D () C:\Users\Marco\AppData\Local\AVG SafeGuard toolbar
2014-07-12 15:35 - 2014-07-12 15:35 - 01348263 _____ () C:\Users\Marco\Downloads\adwcleaner_3.215.exe
2014-07-12 15:35 - 2014-07-12 15:35 - 01016261 _____ (Thisisu) C:\Users\Marco\Downloads\JRT.exe
2014-07-12 15:12 - 2014-05-22 20:21 - 00000000 ____D () C:\Users\Marco\Desktop\vst
2014-07-12 15:05 - 2014-07-12 15:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-12 15:04 - 2014-07-12 15:03 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Marco\Downloads\mbar-1.07.0.1012.exe
2014-07-12 14:39 - 2014-07-12 14:39 - 00000000 _____ () C:\Windows\SysWOW64\OCL7560T0
2014-07-12 14:37 - 2014-07-12 14:37 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-12 14:37 - 2014-07-12 14:36 - 05336664 _____ () C:\Users\Marco\Downloads\RogueKillerX64.exe
2014-07-12 14:35 - 2014-07-12 14:35 - 00822544 _____ (Reimage®) C:\Users\Marco\Downloads\ReimageRepair.exe
2014-07-12 14:31 - 2014-07-12 14:31 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Marco\Downloads\SpyHunter-Installer (1).exe
2014-07-12 14:20 - 2014-07-12 14:20 - 00000000 __SHD () C:\Users\Marco\AppData\Local\EmieUserList
2014-07-12 14:20 - 2014-07-12 14:20 - 00000000 __SHD () C:\Users\Marco\AppData\Local\EmieSiteList
2014-07-12 12:59 - 2014-07-12 12:59 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-07-12 12:39 - 2014-07-12 12:39 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Marco\Downloads\SpyHunter-installer.exe
2014-07-12 11:53 - 2014-07-12 11:53 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-07-12 11:52 - 2014-07-12 11:50 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Marco\Downloads\spybot-2.4.exe
2014-07-12 11:48 - 2014-07-12 11:48 - 12348480 _____ (Elex do Brasil Participações Ltda) C:\Users\Marco\Downloads\yet_another_cleaner_sk.exe
2014-07-12 11:37 - 2014-07-12 11:37 - 00000000 _____ () C:\Windows\SysWOW64\OCL3972T6
2014-07-12 05:37 - 2014-07-12 04:05 - 00166552 _____ () C:\Users\Marco\Desktop\Strano.flp
2014-07-12 04:43 - 2014-07-12 23:58 - 00006250 _____ () C:\Users\Marco\Desktop\reloaded.nfo
2014-07-12 03:33 - 2012-05-24 18:49 - 00000000 ____D () C:\ProgramData\Origin
2014-07-12 03:12 - 2014-07-12 03:12 - 00000000 ____D () C:\Users\Marco\Documents\FIFA 14
2014-07-12 03:09 - 2014-07-12 03:09 - 00003120 _____ () C:\Windows\System32\Tasks\Origin
2014-07-11 19:47 - 2013-04-02 23:46 - 00000000 ____D () C:\Windows\rescache
2014-07-11 19:04 - 2014-07-11 19:04 - 00033747 _____ () C:\Users\Marco\Downloads\[katproxy.com]fifa.14.ultimate.edition.full.multi.14.skidrow.torrent
2014-07-11 19:02 - 2014-07-11 19:02 - 00069373 _____ () C:\Users\Marco\Downloads\[kickass.to]sniper.elite.3.reloaded.torrent
2014-07-11 18:59 - 2014-04-11 18:38 - 00147586 _____ () C:\Windows\DirectX.log
2014-07-11 18:58 - 2012-05-24 18:49 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-10 00:12 - 2013-08-18 17:41 - 00000000 ____D () C:\Users\Marco\.gimp-2.8
2014-07-10 00:11 - 2014-07-10 00:11 - 00005133 _____ () C:\Users\Marco\AppData\Local\recently-used.xbel
2014-07-10 00:11 - 2013-08-18 17:42 - 00000000 ____D () C:\Users\Marco\AppData\Local\gtk-2.0
2014-07-09 23:29 - 2009-07-14 06:45 - 04974808 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 23:28 - 2014-05-08 01:09 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 23:28 - 2011-04-12 13:00 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-09 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-08 21:48 - 2013-06-17 18:49 - 00003916 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 21:48 - 2012-05-25 18:02 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 21:48 - 2012-05-25 18:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 18:03 - 2014-07-08 17:49 - 317686496 _____ (AMD Inc.) C:\Users\Marco\Downloads\amd-catalyst-14.6-rc2-windows-june23.exe
2014-07-08 17:48 - 2014-07-08 17:47 - 00275368 _____ () C:\Windows\Minidump\070814-23680-01.dmp
2014-07-08 17:47 - 2012-05-24 22:03 - 00000000 ____D () C:\Windows\Minidump
2014-07-07 19:26 - 2014-07-07 19:24 - 00000000 ____D () C:\Users\Marco\Desktop\bw
2014-07-07 19:24 - 2014-07-07 19:21 - 00000000 ____D () C:\Users\Marco\Desktop\Color
2014-07-04 17:40 - 2014-05-03 17:04 - 00000973 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-07-04 17:40 - 2014-05-03 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-30 22:53 - 2013-01-27 13:17 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\DAEMON Tools Lite
2014-06-30 22:52 - 2014-06-30 21:18 - 957798400 _____ () C:\Users\Marco\Downloads\tails-i386-1.0.1.iso
2014-06-30 21:29 - 2014-06-30 21:10 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DU Meter
2014-06-30 21:16 - 2014-06-30 21:16 - 00000018 _____ () C:\Users\Marco\Desktop\pw.txt
2014-06-30 21:10 - 2014-06-30 21:10 - 00000000 ____D () C:\ProgramData\Hagel Technologies
2014-06-30 21:09 - 2014-06-30 21:09 - 03472312 _____ (Hagel Technologies Ltd. ) C:\Users\Marco\Downloads\DUMeter-Install.exe
2014-06-30 19:08 - 2012-05-28 21:20 - 00000000 ____D () C:\Users\Marco\AppData\Local\CrashDumps
2014-06-30 17:36 - 2014-06-30 17:35 - 00859136 _____ () C:\Users\Marco\Downloads\EOScard.exe
2014-06-30 04:09 - 2014-07-09 17:42 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-09 17:42 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 18:33 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-27 17:52 - 2012-08-23 01:49 - 00004144 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-27 17:52 - 2012-08-23 01:49 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-27 17:39 - 2013-11-10 18:55 - 00000000 ____D () C:\Users\Marco\Valley
2014-06-27 17:39 - 2012-06-09 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2014-06-26 18:30 - 2012-05-24 19:18 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-26 18:30 - 2012-05-24 19:18 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-22 12:32 - 2014-06-22 12:32 - 00045596 _____ () C:\Users\Marco\Downloads\TheWorse Mod (0.7+Fix) for Watch_Dogs.rar
2014-06-21 23:27 - 2012-05-24 18:27 - 00004130 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4147574590-342259343-1769008775-1000UA
2014-06-21 23:27 - 2012-05-24 18:27 - 00003734 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4147574590-342259343-1769008775-1000Core
2014-06-20 22:14 - 2014-07-09 17:42 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-09 17:42 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-20 01:08 - 2014-06-19 01:00 - 00000000 ____D () C:\Users\Marco\Desktop\Fede
2014-06-19 03:39 - 2014-07-09 17:42 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-09 17:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-09 17:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-09 17:42 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-09 17:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:42 - 2014-07-09 17:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:41 - 2014-07-09 17:42 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-09 17:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-09 17:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-09 17:42 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-09 17:42 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-09 17:42 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-09 17:42 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-09 17:42 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-09 17:42 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-09 17:42 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-09 17:42 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-09 17:42 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-09 17:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-09 17:42 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-09 17:42 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-09 17:42 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 17:42 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-09 17:42 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-09 17:42 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-09 17:42 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-09 17:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-09 17:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-09 17:42 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-09 17:42 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-09 17:42 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-09 17:42 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-09 17:42 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-09 17:42 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-09 17:42 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-09 17:42 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-09 17:42 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-09 17:42 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:09 - 2014-06-19 01:09 - 00002228 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-06-19 01:09 - 2013-05-16 20:41 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\DVDVideoSoft
2014-06-19 01:09 - 2013-05-16 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-06-19 01:09 - 2013-05-16 20:41 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-06-19 01:06 - 2014-07-09 17:42 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-09 17:42 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-09 17:42 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 17:42 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-09 17:42 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-09 17:42 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-09 17:42 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-09 17:42 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-09 17:42 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-09 17:42 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 17:42 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-09 17:42 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-09 17:42 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 17:42 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-09 17:42 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-09 17:42 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 04:18 - 2014-07-09 17:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-09 17:42 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-09 17:42 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-17 18:32 - 2014-06-17 18:32 - 00275368 _____ () C:\Windows\Minidump\061714-26208-01.dmp
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00269080 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-06-16 19:54 - 2014-06-16 19:45 - 00000000 ____D () C:\Users\Marco\Desktop\Foto Documenti
2014-06-15 21:23 - 2012-07-21 03:54 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Skype

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-09 18:49

==================== End Of Log ============================
Atziluth12
Active Member
 
Posts: 8
Joined: July 12th, 2014, 12:54 pm

Re: IDP.Program.D1B0A5C0 - Absurd

Unread postby Gary R » July 14th, 2014, 1:33 pm

No sign of any active infection is any of the logs you've submitted so far, but there are signs that you've thrown just about every malware removal tool you can find at this problem, including some that their creators have specifically asked people not to use without qualified help. This is not a good practice, and I strongly advise you against following this course of action with any future problems you might have.

Please go to Control Panel > Programs > Uninstall a program and Uninstall the following:

BitTorrent
Java 7 Update 55


Use of P2P programs is the fastest way of contracting an infection that I know of, and old out of date versions of Java can be exploited.

Reboot your computer once both have been uninstalled.

Next ....

I'd like you to check some files for Viruses.
C:\Windows\System32\drivers\TrueSight.sys
C:\Windows\System32\drivers\zmh6au.sys
C:\Windows\System32\drivers\zmhhpau.sys
C:\Windows\TEMP\cpuz136\cpuz136_x64.sys

  • Browse to the first file in the quote box above.
  • Click Send/Submit, and the file will upload to VirusTotal/Jotti, where it will be scanned by several anti-virus programmes.
  • After a while, a window will open, with details of what the scans found.
  • Note details of any viruses found.
  • Repeat for all files on the list, and post me the details please.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21872
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: IDP.Program.D1B0A5C0 - Absurd

Unread postby Atziluth12 » July 14th, 2014, 1:55 pm

Yup, you're right. I tried several extreme methods to eradicate the problem, to no avail. I felt i was in a hurry, wrong virus in the wrong moment!
I've uninstalled both BitTorrent (hic!) and Java 7 Update 55 and Voilà! No more AVG detecting that strange malicious bit of software. I checked with Jotti's the files you pointed me to check, minus the last one (cpuz136_x64.sys), haven't been able to find it. However, the remaining three files were clean as mountain water.
I guess we're done then!
Many thanks for your patience and help.
Atziluth12
Active Member
 
Posts: 8
Joined: July 12th, 2014, 12:54 pm

Re: IDP.Program.D1B0A5C0 - Absurd

Unread postby Gary R » July 14th, 2014, 4:54 pm

If you're no longer getting the prompt from AVG, then I'm fairly sure your machine is clean, at least I haven't seen any reason to suppose you're not in any of the logs you've submitted.

Before we finish, we need to remove the programs you've been using to clean your computer, some of them tend to get flagged by AV programs if you leave them in place, which can cause confusion.

First ...

To remove Combofix (or any remnants of it that may be on your computer) ...


Next ...

  • Please download delfix and save it to your desktop.
  • Right-click on delfix.exe and select " Run as administrator " to run it.
  • Check all the boxes then click on Run.
  • Once it has finished, a notepad file named DelFix.txt will open. Check to make sure its removed FRST, and any of the other programs you've been using. If any are not removed then let me know and I'll help you remove them manually.
  • The log can also be located at the root of the system drive, C:\DelFix.txt.

Next ...

Please go to Control Panel > Programs > Uninstall a program and Uninstall the following:

Tweaking.com Registry Backup


Finally ...

Please read the article below which will give you a few suggestions for how to minimise your chances of getting another infection.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21872
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: IDP.Program.D1B0A5C0 - Absurd

Unread postby Atziluth12 » July 14th, 2014, 5:23 pm

Done. Thank you, Gary.
Atziluth12
Active Member
 
Posts: 8
Joined: July 12th, 2014, 12:54 pm

Re: IDP.Program.D1B0A5C0 - Absurd

Unread postby Gary R » July 14th, 2014, 6:27 pm

You're welcome. :)

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21872
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 24 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware