Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Phantom voices malware

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Phantom voices malware

Unread postby frans79 » April 2nd, 2013, 8:25 pm

Hello guys, since a week or two I'm experiencing the so called symptom of "phantom voices malware". In detail, once per day, out of nowhere someone starts talking a foreign language (one time russian, the other portuguese, the last 2 times in english). It seems like a radio advertisement or something like that but I don't have any browser open in that moment neither a program running in the background. Here is my DDS.txt and Attach.txt. Please help me, I'm getting mad with this...

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16519 BrowserJavaVersion: 10.17.2
Run by Francesco at 2:19:06 on 2013-04-03
Microsoft Windows 8 Pro 6.2.9200.0.1252.39.1040.18.8152.5902 [GMT 2:00]
.
AV: Kaspersky Anti-Virus *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Anti-Virus *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.04\AsusFanControlService.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
D:\Programmi (x86)\Sapphire TRIXX\TRIXX.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Users\Francesco\AppData\Local\Temp\ToolbarUpdater.exe
D:\Programmi (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
D:\Programmi (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
D:\Programmi (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
D:\Programmi (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\SysWOW64\PnkBstrB.exe
D:\Programmi (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Programmi (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
uRun: [DAEMON Tools Lite] "D:\Programmi (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\runner_avp.exe"
mRun: [THX Audio Control Panel] "D:\Programmi (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe" /r
mRun: [VolPanel] "D:\Programmi (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe" /r
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-Explorer: NoDriveTypeAutoRun = dword:16
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
IE: E&sporta in Microsoft Excel - D:\Programmi (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
IE: I&nvia a OneNote - D:\Programmi (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
IE: Scarica con Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 62.101.93.101 83.103.25.250
TCP: Interfaces\{2FA212D0-98EF-473B-B257-7E6F62D435B5} : DHCPNameServer = 62.101.93.101 83.103.25.250
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programmi\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programmi\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [THXCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [RunDLLEntry] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\AmbRunE.dll,RunDLLEntry
x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:16
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - D:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - D:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programmi\Microsoft Office\Office14\GROOVEEX.DLL
Hosts: 127.0.0.1 http://www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Francesco\AppData\Roaming\Mozilla\Firefox\Profiles\j9dxt1vc.default\
FF - prefs.js: browser.search.selectedEngine - YouTube
FF - prefs.js: browser.startup.homepage - hxxps://www.google.it/
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - plugin: D:\Programmi (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: D:\Programmi (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: D:\Programmi (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: D:\Programmi (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - ExtSQL: 2013-02-17 00:47; content_blocker@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com
FF - ExtSQL: 2013-02-17 00:47; url_advisor@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com
FF - ExtSQL: 2013-02-17 00:47; virtual_keyboard@kaspersky.com; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com
FF - ExtSQL: 2013-02-18 21:03; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; C:\Users\Francesco\AppData\Roaming\Mozilla\Firefox\Profiles\j9dxt1vc.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - ExtSQL: 2013-02-21 20:46; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; D:\Programmi (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - ExtSQL: 2013-03-07 11:07; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Francesco\AppData\Roaming\Mozilla\Firefox\Profiles\j9dxt1vc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-03-17 15:04; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; C:\Users\Francesco\AppData\Roaming\Mozilla\Firefox\Profiles\j9dxt1vc.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\Drivers\amd_sata.sys [2013-2-17 79016]
R0 amd_xata;amd_xata;C:\Windows\System32\Drivers\amd_xata.sys [2013-2-17 26280]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\Drivers\dtsoftbus01.sys [2013-3-19 283200]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\Drivers\klim6.sys [2012-8-2 28504]
R1 klwfp;klwfp;C:\Windows\System32\Drivers\klwfp.sys [2012-8-3 50088]
R1 kneps;kneps;C:\Windows\System32\Drivers\kneps.sys [2012-8-13 178008]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2013-2-17 920736]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2013-2-17 951936]
R2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.04\AsusFanControlService.exe [2013-2-25 1473664]
R2 AVP;Servizio Kaspersky Anti-Virus;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe [2012-8-17 356376]
R2 SBSDWSCService;SBSD Security Center Service;D:\Programmi (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-2-22 1153368]
R2 TolbarUpdater;Toolbar Updater;C:\Users\Francesco\AppData\Local\Temp\ToolbarUpdater.exe [2012-10-30 508416]
R3 asahci64;asahci64;C:\Windows\System32\Drivers\asahci64.sys [2012-1-6 49760]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\Drivers\asmthub3.sys [2012-8-20 138568]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\Drivers\asmtxhci.sys [2012-8-20 416072]
R3 ASUSstpt;ASUS USB 3.0 Boost Storage Driver (Storage Driver);C:\Windows\System32\Drivers\ASUSstpt.sys [2013-2-25 25928]
R3 ASUSumsc;ASUS USB 3.0 Boost Storage Driver (WDM);C:\Windows\System32\Drivers\ASUSumsc.sys [2013-2-25 150344]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-12-21 104184]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-2-17 266240]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\Drivers\klkbdflt.sys [2012-10-25 29016]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\Drivers\klmouflt.sys [2012-10-25 29528]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\Drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\Windows\System32\Drivers\LGSHidFilt.Sys [2012-10-3 66360]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\Drivers\LGVirHid.sys [2009-11-24 16008]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\Drivers\nx6000.sys [2010-12-13 36720]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\Drivers\usbfilter.sys [2013-2-17 57000]
S0 klelam;klelam;C:\Windows\System32\Drivers\klelam.sys [2012-7-27 29616]
S2 SkypeUpdate;Skype Updater;D:\Programmi (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S3 bthav;Profilo Bluetooth AV;C:\Windows\System32\Drivers\bthav.sys [2008-7-10 40448]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-2-17 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-2-17 79360]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 Revoflt;Revoflt;C:\Windows\System32\Drivers\revoflt.sys [2013-2-22 31800]
S3 SaiHFF0C;SaiHFF0C;C:\Windows\System32\Drivers\SaiHFF0C.sys [2007-5-1 171144]
S3 SaiUFF0C;SaiUFF0C;C:\Windows\System32\Drivers\SaiUFF0C.sys [2007-5-1 34304]
S3 vmbusr;Provider Bus macchina virtuale;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-26 117248]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
.
=============== Created Last 30 ================
.
2013-04-02 10:43:44 -------- d-----w- C:\Users\Francesco\AppData\Local\Gas Powered Games
2013-04-02 00:09:15 -------- d-----w- C:\Users\Francesco\AppData\Local\Norman Malware Cleaner
2013-04-01 21:43:45 -------- d-----w- C:\Users\Francesco\AppData\Roaming\Malwarebytes
2013-04-01 21:43:37 -------- d-----w- C:\ProgramData\Malwarebytes
2013-04-01 00:54:24 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-04-01 00:53:58 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-29 21:16:24 -------- d-----w- C:\Program Files\CCleaner
2013-03-29 13:12:31 -------- d-----w- C:\ProgramData\Elaborate Bytes
2013-03-29 11:46:34 -------- d-----w- C:\Users\Francesco\AppData\Local\BridgeProject
2013-03-29 11:46:34 -------- d-----w- C:\ProgramData\Steam
2013-03-27 00:34:17 -------- d-----w- C:\Users\Francesco\AppData\Roaming\Kalypso Media
2013-03-27 00:31:08 -------- d-----w- C:\Users\Francesco\AppData\Roaming\Tropico 4
2013-03-25 19:32:31 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2013-03-25 19:21:09 -------- d-----w- C:\Program Files (x86)\Microsoft Games
2013-03-24 20:16:32 -------- d-----w- C:\Windows\System32\appmgmt
2013-03-24 19:41:12 -------- d-----w- C:\Users\Francesco\AppData\Local\Downloaded Installations
2013-03-23 16:22:42 99384 ----a-w- C:\Users\Francesco\AppData\Roaming\inst.exe
2013-03-23 16:22:42 82816 ----a-w- C:\Users\Francesco\AppData\Roaming\pcouffin.sys
2013-03-21 19:53:33 -------- d-----w- C:\Windows\XSxS
2013-03-19 14:34:48 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2013-03-18 18:03:01 -------- d-----w- C:\ProgramData\vsosdk
2013-03-18 17:13:00 -------- d-----w- C:\ProgramData\Vso
2013-03-18 17:11:14 626688 ----a-w- C:\Windows\SysWow64\vp7vfw.dll
2013-03-18 17:11:14 1184984 ----a-w- C:\Windows\SysWow64\wvc1dmod.dll
2013-03-18 17:11:14 -------- d-----w- C:\Program Files (x86)\vso
2013-03-17 14:05:20 -------- d-----w- C:\Users\Francesco\dwhelper
2013-03-16 00:46:07 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-03-14 13:14:36 -------- d-----w- C:\Users\Francesco\AppData\Local\EA Games
2013-03-14 12:41:56 20992 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2013-03-12 14:00:53 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
2013-03-11 15:39:30 -------- d-----w- C:\Users\Francesco\AppData\Local\Rockstar Games
2013-03-10 20:00:13 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-03-10 12:26:21 -------- d-----w- C:\Users\Francesco\AppData\Local\FANiSO
2013-03-06 10:16:36 -------- d-----w- C:\Users\Francesco\AppData\Local\Diagnostics
2013-03-05 15:31:17 -------- d-----w- C:\Users\Francesco\AppData\Local\Skyrim
2013-03-04 23:56:06 -------- d-----w- C:\Users\Francesco\AppData\Local\Chromium
2013-03-04 23:55:33 -------- d-----w- C:\Users\Francesco\AppData\Roaming\The Creative Assembly
2013-03-04 11:28:06 -------- d-----w- C:\Users\Francesco\AppData\Roaming\Mipony
2013-03-04 11:27:58 -------- d-----w- C:\Program Files (x86)\MiPony
.
==================== Find3M ====================
.
2013-04-02 23:22:50 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-04-02 23:22:50 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-04-02 23:22:34 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-04-01 00:54:21 963488 ----a-w- C:\Windows\System32\deployJava1.dll
2013-04-01 00:54:21 1085344 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-04-01 00:53:56 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-04-01 00:53:56 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-03-14 12:44:20 151040 ----a-w- C:\Windows\System32\netprofm.dll
2013-03-05 23:07:25 78168 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-05 23:07:25 692568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-03-02 08:22:18 361984 ----a-w- C:\Windows\SysWow64\MFMediaEngine.dll
2013-03-02 02:44:30 468992 ----a-w- C:\Windows\System32\MFMediaEngine.dll
2013-02-28 12:31:03 43680 ----a-w- C:\Windows\System32\drivers\lirsgt.sys
2013-02-28 12:31:03 314016 ----a-w- C:\Windows\System32\drivers\atksgt.sys
2013-02-26 13:02:17 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2013-02-26 11:23:47 50088 ----a-w- C:\Windows\System32\drivers\klwfp.sys
2013-02-24 00:00:46 128512 ----a-w- C:\Windows\SysWow64\WinMonitor.exe
2013-02-24 00:00:45 17864381 ----a-w- C:\Windows\SysWow64\libs.exe
2013-02-17 00:14:08 466520 ----a-w- C:\Windows\System32\wrap_oal.dll
2013-02-17 00:14:08 445016 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2013-02-17 00:14:08 123480 ----a-w- C:\Windows\System32\OpenAL32.dll
2013-02-17 00:14:08 109144 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2013-02-16 23:47:43 29016 ----a-w- C:\Windows\System32\drivers\klkbdflt.sys
2013-02-16 23:10:52 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2013-02-16 21:35:35 9 ----a-w- C:\Windows\slsvc.dll
2013-02-16 21:29:13 0 ----a-w- C:\Windows\ativpsrm.bin
2013-02-15 07:58:59 39936 ----a-w- C:\Windows\apppatch\apppatch64\acspecfc.dll
2013-02-15 06:35:40 444416 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 01:30:04 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2013-02-12 00:56:19 53760 ----a-w- C:\Windows\System32\UXInit.dll
2013-02-12 00:25:18 4041728 ----a-w- C:\Windows\System32\win32k.sys
2013-02-07 04:09:56 69864 ----a-w- C:\Windows\System32\drivers\pdc.sys
2013-02-07 03:34:58 10115072 ----a-w- C:\Windows\System32\twinui.dll
2013-02-07 03:33:47 2302464 ----a-w- C:\Windows\System32\authui.dll
2013-02-07 03:33:42 2146816 ----a-w- C:\Windows\System32\actxprxy.dll
2013-02-07 01:34:00 8856576 ----a-w- C:\Windows\SysWow64\twinui.dll
2013-02-07 01:33:03 2033664 ----a-w- C:\Windows\SysWow64\authui.dll
2013-02-07 01:33:01 754176 ----a-w- C:\Windows\SysWow64\actxprxy.dll
2013-02-05 22:31:11 622080 ----a-w- C:\Windows\System32\drivers\srv2.sys
2013-02-05 22:29:09 370688 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2013-02-05 22:28:48 247808 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2013-02-05 22:28:36 215552 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2013-02-05 04:58:01 1766912 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-02-05 04:56:33 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-02-05 04:56:27 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-02-05 04:56:27 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-02-05 03:55:27 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-02-05 01:44:50 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2013-02-04 22:39:47 2246656 ----a-w- C:\Windows\System32\wininet.dll
2013-02-04 22:39:39 907776 ----a-w- C:\Windows\System32\uxtheme.dll
2013-02-04 22:38:55 3966464 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-04 22:38:53 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-02-02 11:19:44 496872 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-02-02 11:19:44 446184 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS
2013-02-02 11:19:41 329960 ----a-w- C:\Windows\System32\drivers\storport.sys
2013-02-02 11:19:33 61672 ----a-w- C:\Windows\System32\drivers\crashdmp.sys
2013-02-02 10:54:54 1933544 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-02-02 10:28:54 993512 ----a-w- C:\Windows\System32\drivers\ndis.sys
2013-02-02 10:28:54 2226408 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-02 09:42:07 2207232 ----a-w- C:\Windows\SysWow64\PrintConfig.dll
2013-02-02 08:40:58 375808 ----a-w- C:\Windows\SysWow64\wbem\WmiPrvSE.exe
2013-02-02 08:40:55 80896 ----a-w- C:\Windows\SysWow64\tasklist.exe
2013-02-02 08:40:55 79360 ----a-w- C:\Windows\SysWow64\taskkill.exe
2013-02-02 08:40:36 155136 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll
2013-02-02 08:40:35 370688 ----a-w- C:\Windows\SysWow64\WWanAPI.dll
2013-02-02 08:40:27 131072 ----a-w- C:\Windows\SysWow64\wbem\WmiDcPrv.dll
2013-02-02 08:40:26 410624 ----a-w- C:\Windows\SysWow64\wlroamextension.dll
2013-02-02 08:40:22 197632 ----a-w- C:\Windows\SysWow64\Windows.Networking.Connectivity.dll
2013-02-02 08:40:22 10792448 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll
2013-02-02 08:40:01 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll
2013-02-02 08:39:59 325632 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-02-02 08:39:47 18432 ----a-w- C:\Windows\SysWow64\npmproxy.dll
2013-02-02 08:39:34 55296 ----a-w- C:\Windows\SysWow64\nlaapi.dll
2013-02-02 08:39:34 15872 ----a-w- C:\Windows\SysWow64\nlmproxy.dll
2013-02-02 08:39:34 12288 ----a-w- C:\Windows\SysWow64\nlmsprep.dll
2013-02-02 08:39:33 115712 ----a-w- C:\Windows\SysWow64\netprofm.dll
2013-02-02 08:39:28 5090816 ----a-w- C:\Windows\SysWow64\mstscax.dll
2013-02-02 08:39:15 157696 ----a-w- C:\Windows\SysWow64\mbsmsapi.dll
2013-02-02 08:38:54 567808 ----a-w- C:\Windows\SysWow64\duser.dll
2013-02-02 08:24:19 107520 ----a-w- C:\Windows\System32\taskkill.exe
2013-02-02 08:24:19 102400 ----a-w- C:\Windows\System32\tasklist.exe
2013-02-02 08:23:44 228352 ----a-w- C:\Windows\System32\XpsRasterService.dll
2013-02-02 08:23:43 475136 ----a-w- C:\Windows\System32\WWanAPI.dll
2013-02-02 08:23:37 611840 ----a-w- C:\Windows\System32\wpd_ci.dll
2013-02-02 08:23:37 105472 ----a-w- C:\Windows\System32\wpdbusenum.dll
2013-02-02 08:23:30 830464 ----a-w- C:\Windows\System32\wbem\WmiPrvSD.dll
2013-02-02 08:23:28 543232 ----a-w- C:\Windows\System32\wlroamextension.dll
2013-02-02 08:23:21 13643264 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll
2013-02-02 08:23:19 293376 ----a-w- C:\Windows\System32\Windows.Networking.Connectivity.dll
2013-02-02 08:23:18 731648 ----a-w- C:\Windows\System32\win32spl.dll
2013-02-02 08:23:16 87552 ----a-w- C:\Windows\System32\wersvc.dll
2013-02-02 08:22:28 448512 ----a-w- C:\Windows\System32\SettingSync.dll
2013-02-02 08:22:22 416256 ----a-w- C:\Windows\System32\schannel.dll
2013-02-02 08:21:45 467456 ----a-w- C:\Windows\System32\netprofmsvc.dll
2013-02-02 08:21:44 385024 ----a-w- C:\Windows\System32\ncsi.dll
2013-02-02 08:21:38 5977600 ----a-w- C:\Windows\System32\mstscax.dll
2013-02-02 08:21:10 225280 ----a-w- C:\Windows\System32\mbsmsapi.dll
2013-02-02 08:20:47 260096 ----a-w- C:\Windows\System32\hotspotauth.dll
2013-02-02 08:20:31 729600 ----a-w- C:\Windows\System32\duser.dll
2013-02-02 07:30:05 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
.
============= FINISH: 2.19.17,48 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8 Pro
Boot Device: \Device\HarddiskVolume1
Install Date: 16/02/2013 22.35.40
System Uptime: 03/04/2013 01.17.40 (1 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | Crosshair V Formula
Processor: AMD Phenom(tm) II X4 975 Processor | Socket 942 | 3600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 111 GiB total, 59,365 GiB free.
D: is FIXED (NTFS) - 699 GiB total, 426,817 GiB free.
E: is FIXED (NTFS) - 699 GiB total, 72,212 GiB free.
F: is FIXED (NTFS) - 1397 GiB total, 120,656 GiB free.
G: is CDROM ()
H: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP22: 02/04/2013 01.33.06 - Revo Uninstaller Pro's restore point - Alan Wake
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.02) - Italiano
Age of Mythology
AI Suite II
Alan Wake American Nightmare
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD VISION Engine Control Center
ANNO 1404
ANNO 1404 - Venezia
Asmedia ASM104x USB 3.0 Host Controller Driver
Asmedia ASM106x SATA Host Controller Driver
Assassin's Creed(R) III v1.03
µTorrent
Battlefield 3™
Bridge Project version 1
BS.Player FREE
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Command & Conquer™ and The Covert Operations™
ConvertHelper 2.2
CPUID CPU-Z 1.63.0
D3DX10
DAEMON Tools Lite
DarthMod Empire
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
DivX Setup
Don't Starve
Dota 2
Empire: Total War
eMule AdunanzA
ESN Sonar
Euro Truck Simulator 2
Euro Truck Simulator 2 version 1.3.1.43709
Far Cry 3
Forge
FormatFactory 3.0.1
FXAA Post Process Injector
Grand Theft Auto IV
Hitman 2: Silent Assassin
Hitman: Absolution
Hitman: Blood Money
Hitman: Codename 47
Hitman: Sniper Challenge
HL-2240D
ImgBurn
Impire
Java 7 Update 17
Java 7 Update 17 (64-bit)
Java Auto Updater
Junk Mail filter update
Kaspersky Anti-Virus 2013
Kenshi
League of Legends
Lineage® II: Freya (High Five)
Logitech Gaming Software
Logitech Gaming Software 8.40
Magicka
Majesty 2: Monster Kingdom
Microsoft Application Error Reporting
Microsoft Corporation
Microsoft LifeCam
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (Italian) 2010
Microsoft Office Excel MUI (Italian) 2010
Microsoft Office Groove MUI (Italian) 2010
Microsoft Office InfoPath MUI (Italian) 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (Italian) 2010
Microsoft Office Outlook MUI (Italian) 2010
Microsoft Office PowerPoint MUI (Italian) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (Italian) 2010
Microsoft Office Publisher MUI (Italian) 2010
Microsoft Office Shared 32-bit MUI (Italian) 2010
Microsoft Office Shared MUI (Italian) 2010
Microsoft Office Word MUI (Italian) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Microsoft XNA Framework Redistributable 3.1
Microsoft_VC100_CRT_SP1_x64
Microsoft_VC100_CRT_SP1_x86
MiPony 2.0.4
Mozilla Firefox 19.0.2 (x86 it)
Mozilla Maintenance Service
MSVC80_x64_v2
MSVC80_x86_v2
MSVC90_x64
MSVC90_x86
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML4 Parser
Nokia Connectivity Cable Driver
NVIDIA PhysX
Origin
Pacchetto driver Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
Parser MSXML 4.0 SP2 e SDK
PC Connectivity Solution
Photo Common
PunkBuster Services
Realtek High Definition Audio Driver
redist
Revo Uninstaller Pro 3.0.2
Sapphire TRIXX
Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 64-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 64-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 64-Bit Edition
Security Update for Microsoft Visio 2010 (KB2760762) 64-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 64-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition
Sid Meier's Civilization V
Skype™ 6.3
Sound Blaster X-Fi MB 2
Speccy
Spybot - Search & Destroy
Steam
Supreme Commander
TeamSpeak 3 Client
The Elder Scrolls V Skyrim - High Resolution Texture Pack
The Elder Scrolls V Skyrim Dragonborn (c) Bethesda Softworks version 1
The Settlers 7 - La strada verso il regno
The Sims Medieval
The Sims Medieval Nobili e Pirati
The Sims™ 3
The Sims™ 3 70s, 80s, & 90s Stuff
The Sims™ 3 Ambitions
The Sims™ 3 Animali & Co.
The Sims™ 3 Diesel Stuff
The Sims™ 3 Fast Lane Stuff
The Sims™ 3 Generations
The Sims™ 3 Katy Perry Dolci Sorprese
The Sims™ 3 Late Night
The Sims™ 3 Loft Stuff
The Sims™ 3 Master Suite Stuff
The Sims™ 3 Outdoor Living Stuff
The Sims™ 3 Showtime
The Sims™ 3 Stagioni
The Sims™ 3 Supernatural
The Sims™ 3 Travel Adventures
The Sims™ 3 Vita Universitaria
The Sims™ 3 Vivi la Città Stuff
Total War: SHOGUN 2
Tropico 4
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
Uplay
VC80CRTRedist - 8.0.50727.6195
VLC media player 2.0.5
VSO ConvertXToDVD
VueScan x64
Winamp
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Mobile Device Updater Component
Zune
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
.
==== End Of File ===========================
frans79
Active Member
 
Posts: 2
Joined: April 2nd, 2013, 8:14 pm
Advertisement
Register to Remove

Re: Phantom voices malware

Unread postby nunped » April 4th, 2013, 3:12 pm

Hello frans79, and welcome to the forum.

My name is nunped and I'll be helping you with any malware problems. I'm an Undergraduate trainee here, and as such my posts to you have to first be checked by a Teacher, because of this my replies to your posts may be slightly delayed. Please be patient and I'm sure we'll be able to resolve your problems.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Here are some guidelines for the cleaning process to run as easy as possible.

  1. Please read this topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
  2. The instructions being given are for YOUR computer and system only! Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  3. You must have Administrator rights permissions for this computer.
  4. DO NOT run any other fix or removal tools unless instructed to do so!
  5. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  6. Only post your problem at one help site. Applying fixes from multiple help sites can cause problems.
  7. Only reply to this thread. Do not start another thread.
  8. The absence of symptoms does not imply the absence of malware. Please continue responding until I give you the "All Clean".
  9. No Reply Within 3 Days will result in your topic being closed!


Read through these instructions with your full attention.
Please ask first if you have any doubts.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Phantom voices malware

Unread postby frans79 » April 4th, 2013, 5:00 pm

Thank you nunped for your patience and attention to my malware problem. As a legal owner of Kaspersky Antivirus 2013 (I renew the license every year) I did a complete scan during the time I posted my problem and your reply and therefore I removed some of the viruses/malware Kaspersky encountered in his scan process. Nowadays the symptoms seems to be gone but... I'll wait for your reply to my logs to understand if there were something else.

Thank you in advance.

Francesco.
frans79
Active Member
 
Posts: 2
Joined: April 2nd, 2013, 8:14 pm

Re: Phantom voices malware

Unread postby nunped » April 7th, 2013, 3:49 pm

Hi frans79,

Warning!
You have P2P (Peer to Peer) File Sharing Programs installed on your computer.
µTorrent
eMule AdunanzA


As long as you have the P2P programs installed, we won't offer you no further assistance. See Forum Policy

If you choose NOT to remove the programs, indicate that in your next reply and this topic will be closed.

Else, uninstall the programs and proceed to the next step:

CKScanner
Please download CKScanner ... Save it to your desktop.
This program should only be run once!
Make sure that CKScanner.exe is on the your desktop before running the application!

  1. Right-click on the CKScanner.exe icon and select "Run as administrator" then click the Search For Files button.
  2. When the scan is finished (the cursor hourglass disappears) click the Save List To File button.
    A text file will be created on your desktop named "ckfiles.txt"
  3. Click OK at the file saved message box. Double-click on the ckfiles.txt icon on your desktop.
  4. Please copy/paste the contents of ckfiles.txt in your next reply.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Phantom voices malware

Unread postby deltalima » April 11th, 2013, 5:19 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 125 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware