Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

"POSITIVE FINDS ADS" how to remove it

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

"POSITIVE FINDS ADS" how to remove it

Unread postby morfal » February 16th, 2015, 4:42 am

Hi, I apologize for my english!!
since yesterday, on my browser Chrome it's present POSITIVE FINDS ADS.
in every page that I open on Chrome there are a lots of publicity banner ....... it's incredible! It open new pages (with video or not)
i've tried to use combofix but for the moment there are not good results.
i hope in your help.
thank you
fabio (from Cremona - Italy)

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17631
Run by fffppp at 9:24:37 on 2015-02-16
Microsoft Windows 7 Professional 6.1.7601.1.1252.39.1040.18.16270.13328 [GMT 1:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\explorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CODECP~1.LNK - C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: Aggiungi a PDF esistente - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti destinazione link in Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti destinazione link in PDF esistente - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti in Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&sporta in Microsoft Excel - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{BDE2F8E8-04EB-4B31-8B61-D5C7A38008AF} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [ISCT Tray] C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswNdisFlt.sys [2015-2-15 449936]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2015-2-12 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2015-2-12 267632]
R0 iusb3hcs;Driver dello switch Controller Host Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hcs.sys [2015-2-12 20464]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2015-2-15 28184]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2015-2-12 1050432]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2015-2-12 436624]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2015-2-12 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswmonflt.sys [2015-2-12 87912]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-10-14 52896]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-2-12 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-2-15 104416]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2014-10-3 329104]
R2 ISCTAgent;Intel(R) Smart Connect Technology Agent;C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2014-6-18 209712]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-2-19 154584]
R2 MSI_SuperCharger;MSI_SuperCharger;C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [2015-2-12 162800]
R2 MSI_Trigger_Service;MSI_Trigger_Service;C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [2015-2-12 30240]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2010-10-14 36000]
R3 AvastVBoxSvc;AvastVBox COM Service;C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-2-12 4012248]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2010-10-14 298144]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2010-10-14 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2010-10-14 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2010-10-14 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2010-10-14 154272]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2010-10-14 275104]
R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\Windows\System32\drivers\ikbevent.sys [2014-5-27 22216]
R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\Windows\System32\drivers\imsevent.sys [2014-5-27 22728]
R3 INETMON;INETMON;C:\Windows\System32\drivers\INETMON.sys [2015-2-12 25800]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD.sys [2014-2-3 44744]
R3 iusb3hub;Driver hub Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hub.sys [2015-2-12 370672]
R3 iusb3xhc;Driver Controller Host estendibile Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3xhc.sys [2015-2-12 791024]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [2015-2-12 13368]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2015-2-12 888536]
S2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2015-2-12 116728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2010-10-14 51872]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-2-13 114688]
S3 IntcDAud;Audio Intel(R) per schermi;C:\Windows\System32\drivers\IntcDAud.sys [2015-2-12 450520]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-1-31 887232]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-2-13 19456]
S3 StorSvc;Servizio di archiviazione;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-2-13 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2015-2-13 30208]
S3 WatAdminSvc;Servizio Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-2-13 1255736]
.
=============== Created Last 30 ================
.
2015-02-16 08:06:13 -------- d-sh--w- C:\$RECYCLE.BIN
2015-02-16 08:00:18 98816 ----a-w- C:\Windows\sed.exe
2015-02-16 08:00:18 256000 ----a-w- C:\Windows\PEV.exe
2015-02-16 08:00:18 208896 ----a-w- C:\Windows\MBR.exe
2015-02-16 07:55:52 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{39DA51FF-DA04-45F4-8609-2EDB7E1400A0}\offreg.dll
2015-02-16 07:26:35 -------- d-----w- C:\AdwCleaner
2015-02-15 23:04:38 -------- d-----w- C:\Users\fffppp\AppData\Local\BMExplorer
2015-02-15 17:31:01 -------- d-sh--w- C:\Users\fffppp\AppData\Local\EmieUserList
2015-02-15 17:31:01 -------- d-sh--w- C:\Users\fffppp\AppData\Local\EmieSiteList
2015-02-15 17:31:01 -------- d-sh--w- C:\Users\fffppp\AppData\Local\EmieBrowserModeList
2015-02-15 17:20:43 -------- d-----w- C:\Program Files (x86)\Common Files\Atheros
2015-02-15 17:20:04 -------- d-----w- C:\Program Files (x86)\Bluetooth Suite
2015-02-15 17:10:20 28184 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2015-02-15 17:10:05 449936 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys
2015-02-15 16:47:50 95232 ----a-w- C:\Windows\System32\esxwia52.dll
2015-02-15 16:47:50 64000 ----a-w- C:\Windows\System32\esfw52.bin
2015-02-15 16:47:50 4608 ----a-w- C:\Windows\System32\esxwiaml.dll
2015-02-15 16:47:50 262144 ----a-w- C:\Windows\SysWow64\esint52.dll
2015-02-15 16:47:50 161280 ----a-w- C:\Windows\System32\esxuin52.dll
2015-02-15 16:47:50 -------- d-----w- C:\Program Files (x86)\epson
2015-02-15 16:46:00 65024 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\PPhp1020.DLL
2015-02-15 16:45:58 501760 ----a-w- C:\Windows\System32\ZSHP1020.EXE
2015-02-15 16:45:58 192512 ----a-w- C:\Windows\System32\ZLhp1020.DLL
2015-02-15 16:38:47 -------- d-----w- C:\Users\fffppp\AppData\Local\Apps
2015-02-15 10:51:05 -------- d-----w- C:\Users\fffppp\AppData\Local\ElevatedDiagnostics
2015-02-14 11:29:02 118 ----a-w- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-02-14 11:19:08 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2015-02-14 11:17:28 6584320 ----a-w- C:\Windows\System32\mstscax.dll
2015-02-14 11:17:28 5703168 ----a-w- C:\Windows\SysWow64\mstscax.dll
2015-02-14 11:17:28 2871808 ----a-w- C:\Windows\explorer.exe
2015-02-14 11:17:28 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
2015-02-14 11:17:08 67072 ----a-w- C:\Windows\splwow64.exe
2015-02-14 11:17:08 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2015-02-14 09:30:58 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-02-14 09:30:58 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-02-14 09:30:58 6041600 ----a-w- C:\Windows\System32\jscript9.dll
2015-02-14 09:30:58 4300800 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-02-14 09:30:56 87040 ----a-w- C:\Windows\System32\TSWbPrxy.exe
2015-02-14 09:30:55 3179520 ----a-w- C:\Windows\System32\rdpcorets.dll
2015-02-14 09:30:55 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2015-02-14 09:25:52 -------- d-sh--w- C:\Users\fffppp\IntelGraphicsProfiles
2015-02-14 09:25:49 425 ----a-w- C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-02-13 21:53:25 -------- d-----w- C:\ProgramData\Samsung
2015-02-13 21:53:25 -------- d-----w- C:\Program Files (x86)\Samsung
2015-02-13 21:29:09 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2015-02-13 21:29:09 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2015-02-13 21:29:09 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2015-02-13 21:29:09 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2015-02-13 21:25:07 -------- d-----w- C:\Windows\Migration
2015-02-13 21:19:16 30208 ----a-w- C:\Windows\System32\drivers\TsUsbGD.sys
2015-02-13 21:19:16 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2015-02-13 21:19:16 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2015-02-13 21:19:16 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2015-02-13 21:19:16 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2015-02-13 21:17:13 55808 ----a-w- C:\Windows\System32\rrinstaller.exe
2015-02-13 21:17:13 50176 ----a-w- C:\Windows\SysWow64\rrinstaller.exe
2015-02-13 21:17:13 4121600 ----a-w- C:\Windows\System32\mf.dll
2015-02-13 21:17:13 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2015-02-13 21:17:13 24576 ----a-w- C:\Windows\System32\mfpmp.exe
2015-02-13 21:17:13 23040 ----a-w- C:\Windows\SysWow64\mfpmp.exe
2015-02-13 21:17:13 206848 ----a-w- C:\Windows\System32\mfps.dll
2015-02-13 21:17:13 2048 ----a-w- C:\Windows\SysWow64\mferror.dll
2015-02-13 21:17:13 2048 ----a-w- C:\Windows\System32\mferror.dll
2015-02-13 21:17:13 103424 ----a-w- C:\Windows\SysWow64\mfps.dll
2015-02-13 21:16:43 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2015-02-13 21:16:43 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2015-02-13 21:16:43 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2015-02-13 21:16:43 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2015-02-13 21:16:42 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2015-02-13 21:16:42 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2015-02-13 21:16:42 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2015-02-13 21:10:17 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2015-02-13 21:10:17 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2015-02-13 21:06:58 55296 ----a-w- C:\Windows\SysWow64\cero.rs
2015-02-13 21:05:59 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2015-02-13 21:00:34 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2015-02-13 08:05:45 -------- d-----w- C:\Users\fffppp\AppData\Roaming\MakeMusic
2015-02-13 07:32:18 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{39DA51FF-DA04-45F4-8609-2EDB7E1400A0}\mpengine.dll
2015-02-13 07:30:57 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2015-02-13 07:30:57 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2015-02-13 07:17:37 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
2015-02-13 07:17:36 -------- d-----w- C:\Windows\System32\wbem\en-US
2015-02-13 07:17:22 -------- d-----w- C:\Windows\SysWow64\Wat
2015-02-13 07:17:22 -------- d-----w- C:\Windows\System32\Wat
2015-02-12 18:53:19 878080 ----a-w- C:\Windows\System32\advapi32.dll
2015-02-12 18:53:19 859648 ----a-w- C:\Windows\System32\tdh.dll
2015-02-12 18:53:19 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2015-02-12 18:53:19 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2015-02-12 18:53:19 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2015-02-12 18:53:19 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-02-12 18:52:40 327168 ----a-w- C:\Windows\System32\mswsock.dll
2015-02-12 18:52:40 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2015-02-12 18:48:19 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2015-02-12 18:48:19 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2015-02-12 18:06:40 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2015-02-12 18:06:40 5120 ----a-w- C:\Windows\System32\wmi.dll
2015-02-12 18:06:40 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2015-02-12 18:02:05 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2015-02-12 18:02:05 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2015-02-12 18:02:05 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2015-02-12 18:02:05 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2015-02-12 18:02:02 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2015-02-12 18:02:02 8856 ----a-w- C:\Windows\System32\icardres.dll
2015-02-12 18:01:47 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2015-02-12 18:01:47 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2015-02-12 18:00:08 98304 ----a-w- C:\Windows\System32\MPCDec.ax
2015-02-12 18:00:08 77824 ----a-w- C:\Windows\System32\vorbisfile.dll
2015-02-12 18:00:08 75264 ----a-w- C:\Windows\System32\MACDec.dll
2015-02-12 18:00:08 61440 ----a-w- C:\Windows\System32\ogg.dll
2015-02-12 18:00:08 245760 ----a-w- C:\Windows\System32\CoreVorbis.ax
2015-02-12 18:00:08 237568 ----a-w- C:\Windows\System32\OggDS.dll
2015-02-12 18:00:08 217088 ----a-w- C:\Windows\System32\FLAC.ax
2015-02-12 18:00:08 177152 ----a-w- C:\Windows\System32\MonkeySource.ax
2015-02-12 18:00:08 1163264 ----a-w- C:\Windows\System32\vorbis.dll
2015-02-12 18:00:08 1040384 ----a-w- C:\Windows\System32\vorbisenc.dll
2015-02-12 17:51:33 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2015-02-12 17:23:52 455168 ----a-w- C:\Windows\System32\winlogon.exe
2015-02-12 17:22:42 633856 ----a-w- C:\Windows\System32\comctl32.dll
2015-02-12 17:21:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2015-02-12 17:20:13 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2015-02-12 17:18:06 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2015-02-12 17:18:06 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2015-02-12 17:18:06 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2015-02-12 17:18:06 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2015-02-12 17:18:04 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2015-02-12 17:16:59 642944 ----a-w- C:\Windows\System32\winload.efi
2015-02-12 17:14:31 -------- d-----w- C:\Program Files (x86)\Nero
2015-02-12 17:14:21 -------- d-----w- C:\ProgramData\Nero
2015-02-12 17:12:32 3201536 ----a-w- C:\Windows\System32\win32k.sys
2015-02-12 17:06:09 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2015-02-12 17:06:09 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2015-02-12 17:06:09 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2015-02-12 17:06:09 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2015-02-12 17:06:09 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2015-02-12 17:03:52 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2015-02-12 17:03:52 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2015-02-12 16:58:32 -------- d-----w- C:\ProgramData\MakeMusic
2015-02-12 16:57:32 -------- d-----w- C:\Program Files (x86)\Finale 2012
2015-02-12 16:55:44 -------- d-----w- C:\Users\fffppp\AppData\Roaming\Garritan
2015-02-12 16:55:43 -------- d-----w- C:\Program Files\Plogue
2015-02-12 16:55:43 -------- d-----w- C:\Program Files\Garritan
2015-02-12 16:53:47 -------- d-----w- C:\PSFONTS
2015-02-12 16:53:07 -------- d-----w- C:\Program Files (x86)\Finale 2009
2015-02-12 16:45:13 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2015-02-12 16:45:08 -------- d-----w- C:\Windows\PCHEALTH
2015-02-12 16:45:08 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2015-02-12 16:43:43 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2015-02-12 16:43:43 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2015-02-12 16:43:27 -------- d-----w- C:\Users\fffppp\AppData\Local\Microsoft Help
2015-02-12 16:40:02 -------- d-----w- C:\Users\fffppp\AppData\Roaming\OpenCandy
2015-02-12 16:39:24 -------- d-----w- C:\Windows\SysWow64\C2MP
2015-02-12 16:38:53 -------- d-----w- C:\Program Files (x86)\Lame For Audacity
2015-02-12 16:33:53 -------- d-----w- C:\Program Files (x86)\Audacity
2015-02-12 16:20:34 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
2015-02-12 16:20:33 -------- d-----w- C:\Users\fffppp\AppData\Local\Adobe
2015-02-12 16:20:25 24416 ----a-r- C:\Windows\System32\AdobePDFUI.dll
2015-02-12 11:21:54 -------- d-----w- C:\Users\fffppp\AppData\Local\Intel_Corporation
2015-02-12 10:23:30 -------- d-----w- C:\Program Files (x86)\ASUS E-Green
2015-02-12 10:22:49 -------- d-----w- C:\Program Files\Bandizip
2015-02-12 09:22:35 -------- d-----w- C:\Windows\Activator
2015-02-12 09:18:29 -------- d-----w- C:\Windows\SysWow64\vbox
2015-02-12 09:18:29 -------- d-----w- C:\Windows\System32\vbox
2015-02-12 09:18:29 -------- d-----w- C:\Users\fffppp\AppData\Roaming\AVAST Software
2015-02-12 09:18:08 267632 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2015-02-12 09:18:08 116728 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2015-02-12 09:18:07 87912 ----a-w- C:\Windows\System32\drivers\aswmonflt.sys
2015-02-12 09:18:07 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2015-02-12 09:18:06 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2015-02-12 09:18:06 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2015-02-12 09:18:05 1050432 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2015-02-12 09:18:02 43152 ----a-w- C:\Windows\avastSS.scr
2015-02-12 09:17:18 -------- d-----w- C:\Program Files\AVAST Software
2015-02-12 09:16:50 -------- d-----w- C:\ProgramData\AVAST Software
2015-02-12 09:08:34 25800 ----a-w- C:\Windows\System32\drivers\INETMON.sys
2015-02-12 08:23:27 -------- d-----w- C:\SuperChargerProfile
2015-02-12 08:21:26 20464 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2015-02-12 08:21:19 791024 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2015-02-12 08:21:18 370672 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2015-02-12 08:20:49 -------- d-----w- C:\Program Files (x86)\Common Files\PostureAgent
2015-02-12 08:20:35 -------- d-----w- C:\Users\fffppp\Intel
2015-02-12 08:03:06 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2015-02-12 08:03:06 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2015-02-12 08:03:06 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2015-02-12 08:02:49 2560 ----a-w- C:\Windows\System32\drivers\it-IT\wdf01000.sys.mui
2015-02-12 08:02:48 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2015-02-12 08:02:48 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2015-02-12 07:58:52 -------- d-----w- C:\Program Files (x86)\GUM5A8D.tmp
2015-02-12 07:58:34 -------- d-----w- C:\Users\fffppp\AppData\Local\Google
2015-02-12 07:58:11 -------- d-----w- C:\Windows\SysWow64\RTCOM
2015-02-12 07:58:11 -------- d-----w- C:\Program Files\Realtek
2015-02-12 07:56:49 888536 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2015-02-12 07:55:37 450520 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys
2015-02-12 07:55:24 -------- d-----w- C:\Intel
2015-02-12 07:55:12 -------- d-----w- C:\ProgramData\Package Cache
2015-02-12 07:55:09 -------- d-----w- C:\Users\fffppp\AppData\Local\Programs
2015-02-12 07:55:09 -------- d-----w- C:\Program Files (x86)\MSI
2015-02-12 07:53:24 -------- d-sh--w- C:\Windows\Installer
2015-02-12 07:41:41 -------- d-----w- C:\Windows\Panther
.
==================== Find3M ====================
.
2015-02-12 18:49:27 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-01-15 08:14:17 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-01-15 08:14:16 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-01-15 08:09:58 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2015-01-15 08:09:58 136192 ----a-w- C:\Windows\System32\sspicli.dll
2015-01-15 08:09:57 28160 ----a-w- C:\Windows\System32\secur32.dll
2015-01-15 08:09:51 1461760 ----a-w- C:\Windows\System32\lsasrv.dll
2015-01-15 08:09:15 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-01-15 08:08:59 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-01-15 08:06:22 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-01-15 08:06:11 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-01-15 08:04:23 686080 ----a-w- C:\Windows\System32\adtschema.dll
2015-01-15 07:42:59 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2015-01-15 07:42:05 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-01-15 07:41:53 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-01-15 07:39:53 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-01-15 07:39:36 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-01-15 07:37:55 686080 ----a-w- C:\Windows\SysWow64\adtschema.dll
2015-01-15 04:22:18 458824 ----a-w- C:\Windows\System32\drivers\cng.sys
2015-01-14 06:09:27 5554112 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-01-14 06:05:30 503808 ----a-w- C:\Windows\System32\srcore.dll
2015-01-14 06:05:30 50176 ----a-w- C:\Windows\System32\srclient.dll
2015-01-14 06:04:56 296960 ----a-w- C:\Windows\System32\rstrui.exe
2015-01-14 05:44:59 3972544 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-01-14 05:44:58 3917760 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-01-14 05:41:09 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2015-01-12 03:05:32 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-01-12 03:05:19 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-01-12 02:49:42 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-01-12 02:48:57 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-01-12 02:48:52 584192 ----a-w- C:\Windows\System32\vbscript.dll
2015-01-12 02:47:25 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-01-12 02:34:42 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-01-12 02:34:30 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-01-12 02:25:28 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-01-12 02:21:19 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-01-12 02:13:27 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-01-12 02:08:09 503296 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-01-12 02:07:51 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-01-12 02:07:06 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-01-12 02:05:36 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-01-12 01:55:47 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-01-12 01:46:29 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-01-12 01:46:00 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-01-12 01:40:43 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-01-12 01:27:32 2358272 ----a-w- C:\Windows\System32\wininet.dll
2015-01-12 01:23:09 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-01-12 01:22:17 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-01-12 01:00:17 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-01-10 06:48:22 210944 ----a-w- C:\Windows\System32\wdigest.dll
2015-01-10 06:48:19 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2015-01-10 06:48:17 341504 ----a-w- C:\Windows\System32\schannel.dll
2015-01-10 06:48:13 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2015-01-10 06:48:12 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2015-01-10 06:48:10 728064 ----a-w- C:\Windows\System32\kerberos.dll
2015-01-10 06:48:05 22016 ----a-w- C:\Windows\System32\credssp.dll
2015-01-10 06:27:54 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2015-01-10 06:27:51 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2015-01-10 06:27:47 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2015-01-10 06:27:44 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2015-01-10 06:27:43 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2015-01-10 06:27:39 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2015-01-10 06:27:32 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2015-01-09 03:14:27 91136 ----a-w- C:\Windows\System32\wdi.dll
2015-01-09 03:14:19 950272 ----a-w- C:\Windows\System32\perftrack.dll
2015-01-09 03:14:19 29696 ----a-w- C:\Windows\System32\powertracker.dll
2015-01-09 02:48:18 76800 ----a-w- C:\Windows\SysWow64\wdi.dll
2014-12-22 23:41:02 298120 ------w- C:\Windows\System32\MpSigStub.exe
2014-12-19 03:06:55 210432 ----a-w- C:\Windows\System32\profsvc.dll
2014-12-19 01:46:45 141312 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2014-12-12 05:31:39 1480192 ----a-w- C:\Windows\System32\crypt32.dll
2014-12-12 05:07:26 1174528 ----a-w- C:\Windows\SysWow64\crypt32.dll
2014-12-08 03:09:05 406528 ----a-w- C:\Windows\System32\scesrv.dll
2014-12-08 02:46:05 308224 ----a-w- C:\Windows\SysWow64\scesrv.dll
2014-12-06 04:17:27 303616 ----a-w- C:\Windows\System32\nlasvc.dll
2014-12-06 03:50:19 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
2014-12-06 03:50:18 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2014-11-26 03:53:59 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-11-26 03:32:05 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
.
============= FINISH: 9:24:43,96 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/02/2015 08:46:24
System Uptime: 16/02/2015 08:33:51 (1 hours ago)
.
Motherboard: MSI | | Z97M-G43(MS-7924)
Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz | SOCKET 0 | 3168/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 460 GiB total, 367,244 GiB free.
D: is FIXED (NTFS) - 471 GiB total, 419,162 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP3: 11/02/2015 22:29:49 - Windows Update
RP4: 11/02/2015 22:34:06 - Installato Realtek Ethernet Controller Driver
RP5: 11/02/2015 22:40:11 - Windows Update
RP6: 11/02/2015 23:22:43 - avast! antivirus system restore point
RP3: 12/02/2015 08:53:08 - Windows Update
RP4: 12/02/2015 08:56:38 - Installato Realtek Ethernet Controller Driver
RP5: 12/02/2015 08:57:33 - Windows Update
RP6: 12/02/2015 09:02:33 - Windows Update
RP7: 12/02/2015 09:32:03 - Windows Update
RP8: 12/02/2015 10:17:09 - avast! antivirus system restore point
RP9: 12/02/2015 17:18:35 - Installed Adobe Acrobat 9 Pro Extended - Italiano, Español, Nederlands, Português.
RP10: 12/02/2015 17:20:58 - Installed Adobe Acrobat 9 Pro Extended 64-bit Add-On.
RP11: 12/02/2015 17:43:05 - Installed Microsoft Office Professional Plus 2010
RP12: 12/02/2015 17:53:12 - Microsoft Visual C++ 2005 Redistributable installato
RP13: 12/02/2015 18:13:07 - DirectX installato
RP14: 12/02/2015 18:31:26 - DirectX installato
RP15: 12/02/2015 19:01:27 - Windows Update
RP16: 13/02/2015 18:39:04 - Windows Update
RP17: 13/02/2015 22:07:20 - Windows Update
RP18: 13/02/2015 23:16:33 - Windows Update
RP7: 14/02/2015 08:26:47 - Windows Update
RP8: 14/02/2015 08:52:41 - Windows Update
RP19: 14/02/2015 12:17:36 - Windows Update
RP20: 15/02/2015 17:48:06 - Installazione pacchetto driver di dispositivo: EPSON Dispositivi di acquisizione immagini
RP21: 15/02/2015 18:08:57 - avast! antivirus system restore point
RP22: 15/02/2015 18:10:31 - Installazione pacchetto driver di dispositivo: Avast Servizi di rete
RP23: 15/02/2015 18:19:46 - Installed Bluetooth Win7 Suite (64).
.
==== Installed Programs ======================
.
"Nero SoundTrax Help
Adobe Acrobat 9 Pro Extended - Italiano, Español, Nederlands, Português
Adobe Acrobat 9 Pro Extended 64-bit Add-On
Advertising Center
ASUS E-Green Uninstall
Audacity 2.0.6
Avast Internet Security
Bandizip
Bluetooth Win7 Suite (64)
DolbyFiles
EPSON Scan
Finale 2009
Finale 2012
Garritan Instruments for Finale 2009
Google Chrome
Google Drive
Google Update Helper
ImagXpress
Intel(R) Chipset Device Software
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Smart Connect Technology
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
LAME v3.99.3 (for Windows)
Menu Templates - Starter Kit
Microsoft .NET Framework 4.5.2
Microsoft .NET Framework 4.5.2 (ITA)
Microsoft .NET Framework 4.5.2 (Italiano)
Microsoft Office Access MUI (Italian) 2010
Microsoft Office Excel MUI (Italian) 2010
Microsoft Office Groove MUI (Italian) 2010
Microsoft Office InfoPath MUI (Italian) 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (Italian) 2010
Microsoft Office Outlook MUI (Italian) 2010
Microsoft Office PowerPoint MUI (Italian) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (Italian) 2010
Microsoft Office Publisher MUI (Italian) 2010
Microsoft Office Shared 32-bit MUI (Italian) 2010
Microsoft Office Shared MUI (Italian) 2010
Microsoft Office Word MUI (Italian) 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Movie Templates - Starter Kit
MSI Super Charger
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 9
Nero BurningROM
Nero BurnRights
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero Disc Copy Gadget
Nero Disc Copy Gadget Help
Nero DiscSpeed
Nero DriveSpeed
Nero Express
Nero InfoTool
Nero Installer
Nero Live
Nero Live Help
Nero PhotoSnap
Nero PhotoSnap Help
Nero Recode
Nero Recode Help
Nero Rescue Agent
Nero RescueAgent Help
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero Vision
Nero WaveEditor
Nero WaveEditor Help
NeroBurningROM
NeroExpress
neroxml
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Samsung Magician
Security Update for Microsoft .NET Framework 4.5.2 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.2 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.2 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.2 (KB2979578v2)
Software per periferiche con chipset Intel®
SoundTrax
VGA Boost
Windows 7 Codec Pack 4.0.9
.
==== End Of File ===========================
morfal
Active Member
 
Posts: 2
Joined: February 16th, 2015, 4:31 am
Advertisement
Register to Remove

Re: "POSITIVE FINDS ADS" how to remove it

Unread postby Gary R » February 17th, 2015, 4:32 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the "Infected? Virus, malware, adware, ransomware, oh my!" forum and wait for help.


Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed.


Hi morfal

I'm Gary R,

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

As an added safety precaution, before we start removing anything, I'd like you to make a backup of your Registry, which we can restore to if necessary.

Please click on THIS link, and follow the instructions for installing TCRB and creating a backup of your Registry.

Please observe these rules while we work:
  • Do not edit your logs in any way whatsoever.
  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.
If you can do these things, everything should go smoothly.
  • As you're using Windows 7, it will be necessary to right click all tools we use and select ----> Run as Administrator

It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


There's no obvious signs of infection in the DDS logs that you've supplied, so I'm going to need you to run some additional scans for me to see if we can find out what it is that is causing your problems.

First ...

  • Download FRST64 to your Desktop.
  • Double click Frst64.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press the Scan button.
    • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.

Next ...

Please download AdwCleaner and save it to your desktop.

  • Double click AdwCleaner.exe to run it.
  • Click Scan.
  • A logfile will automatically open after the scan has finished.
  • Close the adwCleaner window, click ok to the prompt.
  • Please post the contents of that logfile with your next reply.
  • You can also find the logfile at C:\AdwCleaner[R1].txt.

AT THIS POINT, DO NOT ATTEMPT TO CLEAN ANYTHING THAT MAY BE FOUND

Next ...

Please run a scan with ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go HERE then click on Run ESET Online Scanner
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed click on Start to start the scan.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed you will be presented with a list of found threats ....
    • Click on the List of found threats link
    • Click on Export to text file
    • Save as ESET.txt to your Desktop
  • Exit out of ESET Online Scanner.
  • Post me the contents of ESET.txt please.

Summary of the logs I need from you in your next post:
  • FRST.txt
  • Addition.txt
  • ADWCleaner log
  • E-Set.txt


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: "POSITIVE FINDS ADS" how to remove it

Unread postby morfal » February 17th, 2015, 8:46 am

First I want to thank you for the help you are giving me, but the situation has changed. I tried to uninstall and reinstall chrome and the problem, for the moment, has disappeared. I do not know what to say .......... I hope it goes always good.
thanks a lot again.
fabio (alias morfal)
morfal
Active Member
 
Posts: 2
Joined: February 16th, 2015, 4:31 am

Re: "POSITIVE FINDS ADS" how to remove it

Unread postby Gary R » February 17th, 2015, 11:57 am

No problem, thanks for letting me know. :)

As you no longer require help, this topic is now closed.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 298 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware