HI Nevan,
I understand and apologize.
I have uninstalled Microsoft Office and Spybot and run the FRST and CKSCANNER tools again.
Kind regards,
Alex
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-02-2015
Ran by Daniela (administrator) on ARCHIMEDE on 02-02-2015 19:25:42
Running from C:\Users\Daniela\Desktop
Loaded Profiles: Daniela (Available profiles: Daniela)
Platform: Windows 8.1 (X64) OS Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Privacyware/PWI, Inc.) C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\pfsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ReviverSoft) C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ReviverSoft) C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Privacyware/PWI, Inc.) C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\PFGUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Users\Daniela\Downloads\adwcleaner_4.106.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [Privatefirewall] => C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\PFGUI.exe [3048480 2013-12-17] (Privacyware/PWI, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-03-27] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1412495065-925347443-1446318384-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1412495065-925347443-1446318384-1001\...\MountPoints2: {6039a2ff-8c74-11e4-be7f-240a645605e0} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL F:\start.exe
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-1412495065-925347443-1446318384-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\qyat9uma.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\qyat9uma.default\Extensions\[email protected] [2015-01-07]
FF Extension: Adblock Plus - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\qyat9uma.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-21]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227968 2013-03-27] (Qualcomm Atheros Commnucations)
R3 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R3 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 PFNet; C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\pfsvc.exe [374600 2013-12-17] (Privacyware/PWI, Inc.)
R2 StartMenuReviverService; C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe [765048 2014-09-17] (ReviverSoft)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-12-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-12-22] (Microsoft Corporation)
R3 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-03-27] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-03-27] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-12-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-02 19:25 - 2015-02-02 19:25 - 00014005 _____ () C:\Users\Daniela\Desktop\FRST.txt
2015-02-01 20:35 - 2015-02-01 20:36 - 00014005 _____ () C:\Users\Daniela\Desktop\FRST.txt
2015-02-01 20:35 - 2015-02-01 20:35 - 00000000 ____D () C:\FRST
2015-02-01 20:34 - 2015-02-01 20:34 - 02131456 _____ (Farbar) C:\Users\Daniela\Desktop\FRST64.exe
2015-02-01 20:33 - 2015-02-01 20:32 - 01122304 _____ (Farbar) C:\Users\Daniela\Desktop\FRST.exe
2015-01-28 21:17 - 2015-01-28 21:17 - 00000000 ____D () C:\Users\Daniela\AppData\Local\Privatefirewall
2015-01-28 21:10 - 2013-09-29 21:24 - 00133152 _____ (Privacyware/PWI, Inc.) C:\WINDOWS\system32\Drivers\pwipf6.sys
2015-01-28 21:09 - 2015-01-28 21:09 - 00000146 _____ () C:\WINDOWS\ODBC.INI
2015-01-28 21:09 - 2015-01-28 21:09 - 00000000 ____D () C:\ProgramData\Privacyware
2015-01-28 21:09 - 2015-01-28 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Privatefirewall 7.0
2015-01-28 21:09 - 2015-01-28 21:09 - 00000000 ____D () C:\Program Files (x86)\Privacyware
2015-01-28 21:07 - 2015-01-28 21:07 - 03749640 _____ (PWI, Inc. ) C:\Users\Daniela\Downloads\privatefirewall.exe
2015-01-28 20:45 - 2015-01-28 20:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-28 20:43 - 2015-01-28 20:44 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Daniela\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-28 17:05 - 2015-01-29 09:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-01-26 17:02 - 2015-01-26 17:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-14 10:55 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-14 10:55 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-14 10:55 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-14 10:55 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-14 10:55 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-14 10:55 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-14 10:55 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-14 10:55 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-14 10:55 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-14 10:55 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-14 10:55 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-14 10:55 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-14 10:55 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-14 10:55 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-14 10:55 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-14 10:55 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-14 10:55 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-14 10:55 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-14 10:55 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-14 10:55 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-14 10:55 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-14 10:55 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-14 10:55 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-14 10:55 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-14 10:55 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-14 10:55 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-14 10:55 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-14 10:55 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-14 10:55 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-14 10:55 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-14 10:55 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-11 10:27 - 2015-01-31 09:43 - 00000000 ____D () C:\Users\Daniela\FIABE SONORE
2015-01-07 20:21 - 2015-02-01 20:22 - 00003758 _____ () C:\WINDOWS\System32\Tasks\AutoKMS
2015-01-07 20:13 - 2015-01-07 20:13 - 00001263 _____ () C:\Users\Daniela\Desktop\Antibolle.lnk
2015-01-07 19:34 - 2015-02-01 20:33 - 00000000 ____D () C:\AdwCleaner
2015-01-07 19:34 - 2015-01-07 19:34 - 02173952 _____ () C:\Users\Daniela\Downloads\adwcleaner_4.106.exe
2015-01-04 19:21 - 2015-01-29 09:44 - 00146944 ___SH () C:\Users\Daniela\Downloads\Thumbs.db
2015-01-04 19:08 - 2015-01-04 19:08 - 00000000 ____D () C:\ProgramData\Sun
2015-01-04 19:08 - 2015-01-04 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-04 19:08 - 2015-01-04 19:07 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-01-04 19:07 - 2015-01-04 19:07 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-04 19:07 - 2015-01-04 19:07 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-04 19:02 - 2015-01-04 19:02 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-01-04 19:02 - 2015-01-04 19:02 - 00002041 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-01-04 19:02 - 2015-01-04 19:02 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-04 18:59 - 2015-01-04 18:59 - 00000000 ____D () C:\Users\Daniela\AppData\Local\Macromedia
2015-01-04 18:46 - 2014-12-21 20:48 - 00450709 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20150104-184616.backup
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-01 20:27 - 2014-12-21 17:54 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1412495065-925347443-1446318384-1001
2015-02-01 20:24 - 2014-12-21 19:03 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\Skype
2015-02-01 20:23 - 2014-12-21 16:45 - 00000074 _____ () C:\Users\Daniela\AppData\Roaming\sp_data.sys
2015-02-01 20:23 - 2013-07-30 20:12 - 00003260 _____ () C:\WINDOWS\System32\Tasks\ASUS Patch for Touch Panel
2015-02-01 20:23 - 2013-07-30 20:06 - 00003268 _____ () C:\WINDOWS\System32\Tasks\AsusVibeSchedule
2015-02-01 20:23 - 2013-07-30 20:05 - 00003004 _____ () C:\WINDOWS\System32\Tasks\ASUS Splendid ColorU
2015-02-01 20:23 - 2013-07-30 20:05 - 00002988 _____ () C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2015-02-01 20:23 - 2013-07-30 20:02 - 00003028 _____ () C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2015-02-01 20:22 - 2014-12-21 18:42 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-02-01 20:21 - 2014-12-31 08:42 - 00006046 _____ () C:\WINDOWS\setupact.log
2015-02-01 20:21 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-01 13:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-01 12:08 - 2014-12-29 13:23 - 00143664 _____ () C:\WINDOWS\PFRO.log
2015-02-01 12:07 - 2014-12-29 11:37 - 01919426 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-31 09:36 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-30 19:08 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-30 17:25 - 2014-09-24 16:06 - 01813012 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-30 17:25 - 2014-09-24 15:33 - 00803564 _____ () C:\WINDOWS\system32\perfh010.dat
2015-01-30 17:25 - 2014-09-24 15:33 - 00156688 _____ () C:\WINDOWS\system32\perfc010.dat
2015-01-30 17:21 - 2014-12-21 17:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-28 21:10 - 2014-12-21 18:23 - 00366080 ___SH () C:\Users\Daniela\Desktop\Thumbs.db
2015-01-28 17:24 - 2014-12-21 18:23 - 00000000 ____D () C:\Users\Daniela\Desktop\materiale per NICOLA
2015-01-26 16:30 - 2014-12-21 18:39 - 00000000 ____D () C:\Users\Daniela\AppData\Roaming\vlc
2015-01-24 21:20 - 2014-09-24 17:37 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:20 - 2014-09-24 17:37 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-21 18:11 - 2014-12-21 22:54 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-21 18:07 - 2014-12-21 22:53 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-21 18:07 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-11 10:30 - 2014-12-22 14:58 - 00000000 ____D () C:\Users\Daniela
2015-01-07 20:19 - 2013-04-26 00:18 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-07 19:55 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-01-07 19:53 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-01-07 19:42 - 2013-04-26 00:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-04 19:02 - 2013-04-26 00:15 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-04 18:59 - 2014-12-21 18:31 - 00000000 ____D () C:\Users\Daniela\AppData\Local\Adobe
2015-01-04 18:26 - 2014-12-21 20:21 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-03 18:38 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
==================== Files in the root of some directories =======
2014-12-25 23:11 - 2014-12-25 23:11 - 0007176 _____ () C:\Users\Daniela\AppData\Roaming\pcouffin.cat
2014-12-25 23:11 - 2014-12-25 23:11 - 0001167 _____ () C:\Users\Daniela\AppData\Roaming\pcouffin.inf
2014-12-25 23:11 - 2014-12-25 23:11 - 0000074 _____ () C:\Users\Daniela\AppData\Roaming\pcouffin.log
2014-12-25 23:11 - 2014-12-25 23:11 - 0082048 _____ (VSO Software) C:\Users\Daniela\AppData\Roaming\pcouffin.sys
2014-12-21 16:45 - 2015-02-01 20:23 - 0000074 _____ () C:\Users\Daniela\AppData\Roaming\sp_data.sys
2014-12-25 21:55 - 2014-12-25 21:55 - 0000096 _____ () C:\Users\Daniela\AppData\Roaming\version2.xml
2014-12-25 22:39 - 2014-12-25 22:39 - 0004608 _____ () C:\Users\Daniela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-23 09:40 - 2014-12-23 09:40 - 0000057 _____ () C:\ProgramData\Ament.ini
Files to move or delete:
====================
C:\ProgramData\uninstall2758021.exe
Some content of TEMP:
====================
C:\Users\Daniela\AppData\Local\Temp\avgnt.exe
C:\Users\Daniela\AppData\Local\Temp\Quarantine.exe
C:\Users\Daniela\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-28 17:49
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2015
Ran by Daniela at 2015-02-02 19:26:59
Running from C:\Users\Daniela\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Privatefirewall (Enabled) {16337F50-A853-219F-6DEC-E7BDA0A7E8E7}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 5.1.0.0 - Auslogics Labs Pty Ltd)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
CloneDVD 4.1.0.23 (HKLM-x32\...\MainApp.exe_is1) (Version: - Copyright © 2003-2007 DVD X Studios.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.02 - NCH Software)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
HP Deskjet 3070 B611 series Software di base dispositivo (HKLM\...\{70199358-0768-44F6-A057-581072C2549F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 - Christian Kindahl)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 it) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 it)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.3.0 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 it) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 it)) (Version: 31.4.0 - Mozilla)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7138 - MyHeritage.com)
Privatefirewall 7.0 (HKLM-x32\...\{E8EA933E-03A2-4E62-9F52-812C72BE2A6B}) (Version: 7.0.30.3 - PWI, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.224 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Start Menu Reviver (HKLM-x32\...\Start Menu Reviver) (Version: 2.5.0.18 - ReviverSoft)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
XMind 6 (v3.5.1) (HKLM-x32\...\XMind_is1) (Version: 3.5.1.201411201906 - XMind Ltd.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
21-01-2015 18:05:37 Windows Update
25-01-2015 11:13:28 Windows Update
28-01-2015 21:08:25 Installed Privatefirewall 7.0
02-02-2015 19:08:42 Uninstalled Microsoft Office Professional Plus 2010
02-02-2015 19:12:19 Uninstalled Spybot - Search & Destroy
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 06:26 - 2015-01-04 18:46 - 00450831 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1F21537F-5979-4BE0-A457-6D06912CC701} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {2ACB7FFB-901E-4227-B1C6-EC838D70373D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-21] (Microsoft Corporation)
Task: {342E264C-6F8B-487A-82E4-9C375EFF71AB} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {4803A3A1-3C3C-4865-9597-B75B57D99871} - System32\Tasks\ReviverSoft Start Menu Run once task => C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe [2014-09-17] (ReviverSoft)
Task: {56518EFA-467E-4382-887A-6856A26C9A92} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.)
Task: {74E70EB6-9A5B-4483-B1FC-5791FC8ABF20} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS)
Task: {ADAA6A77-6991-419F-8C0E-EED8B7F8EF68} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
Task: {CFB6306C-A10C-4BA1-92C4-80C429E81FD7} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
==================== Loaded Modules (whitelisted) =============
2013-03-27 11:36 - 2013-03-27 11:36 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-03-27 11:33 - 2013-03-27 11:33 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-03-27 11:39 - 2013-03-27 11:39 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-06-27 02:57 - 2012-12-13 23:14 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2015-01-07 19:34 - 2015-01-07 19:34 - 02173952 _____ () C:\Users\Daniela\Downloads\adwcleaner_4.106.exe
2013-07-30 19:44 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-01-26 17:02 - 2015-01-26 17:02 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
MSCONFIG\startupreg: DisableS3S4 => c:\windows\temp\DisableS3S464\sethigh.cmd
MSCONFIG\startupreg: HotKeysCmds => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: RtHDVBg => "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "BCSSync"
========================= Accounts: ==========================
Administrator (S-1-5-21-1412495065-925347443-1446318384-500 - Administrator - Disabled)
Daniela (S-1-5-21-1412495065-925347443-1446318384-1001 - Administrator - Enabled) => C:\Users\Daniela
Guest (S-1-5-21-1412495065-925347443-1446318384-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1412495065-925347443-1446318384-1005 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: pcouffin device ...
Description: pcouffin device ...
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/01/2015 08:26:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma Skype.exe versione 7.0.80.102 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.
ID processo: 101c
Ora di avvio: 01d03e5464d63cdc
Ora di chiusura: 4294967295
Percorso applicazione: C:\Program Files (x86)\Skype\Phone\Skype.exe
ID segnalazione: 318d9689-aa48-11e4-bec7-240a645605e0
Nome completo pacchetto che ha generato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:
Error: (02/01/2015 00:03:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma adwcleaner_4.106.exe versione 4.1.0.6 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.
ID processo: 1370
Ora di avvio: 01d03e0d508853db
Ora di chiusura: 14985
Percorso applicazione: C:\Users\Daniela\Downloads\adwcleaner_4.106.exe
ID segnalazione: d68bc2e3-aa01-11e4-bec4-240a645605e0
Nome completo pacchetto che ha generato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:
Error: (02/01/2015 11:51:45 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (02/01/2015 11:44:33 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (01/30/2015 05:23:00 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (01/30/2015 05:23:00 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (01/28/2015 09:22:51 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (01/28/2015 09:17:45 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (01/26/2015 05:18:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Errore nel file manifesto o dei criteri "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2", alla riga C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Error: (01/26/2015 05:15:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Errore nel file manifesto o dei criteri "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2", alla riga C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
System errors:
=============
Error: (02/01/2015 00:07:44 PM) (Source: DCOM) (EventID: 10010) (User: Archimede)
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (02/01/2015 00:07:43 PM) (Source: DCOM) (EventID: 10010) (User: Archimede)
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (02/01/2015 00:07:43 PM) (Source: DCOM) (EventID: 10010) (User: Archimede)
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (02/01/2015 00:07:43 PM) (Source: DCOM) (EventID: 10010) (User: Archimede)
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (01/28/2015 09:11:07 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della risposta alla transazione dal servizio AntiVirSchedulerService.
Error: (01/28/2015 09:10:37 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della risposta alla transazione dal servizio ZAtheros Bt and Wlan Coex Agent.
Error: (01/28/2015 09:10:37 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della risposta alla transazione dal servizio ShellHWDetection.
Error: (01/28/2015 05:50:04 PM) (Source: DCOM) (EventID: 10010) (User: Archimede)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (01/28/2015 05:49:34 PM) (Source: DCOM) (EventID: 10010) (User: Archimede)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/26/2015 06:02:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Ottimizzazione avvio terminato con l'errore:
%%1062
Microsoft Office Sessions:
=========================
Error: (02/01/2015 08:26:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe7.0.80.102101c01d03e5464d63cdc4294967295C:\Program Files (x86)\Skype\Phone\Skype.exe318d9689-aa48-11e4-bec7-240a645605e0
Error: (02/01/2015 00:03:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: adwcleaner_4.106.exe4.1.0.6137001d03e0d508853db14985C:\Users\Daniela\Downloads\adwcleaner_4.106.exed68bc2e3-aa01-11e4-bec4-240a645605e0
Error: (02/01/2015 11:51:45 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (02/01/2015 11:44:33 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (01/30/2015 05:23:00 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (01/30/2015 05:23:00 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (01/28/2015 09:22:51 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (01/28/2015 09:17:45 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (01/26/2015 05:18:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files\ReviverSoft\Start Menu Reviver\SMRWelcome.exe
Error: (01/26/2015 05:15:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files\CCleaner\CCleaner.exe
==================== Memory info ===========================
Processor: Intel® Core i3-2365M CPU @ 1.40GHz
Percentage of memory in use: 44%
Total physical RAM: 3979.75 MB
Available physical RAM: 2216.63 MB
Total Pagefile: 4683.75 MB
Available Pagefile: 2847.18 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:185.87 GB) (Free:153.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:258.15 GB) (Free:215.34 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 32FAA5A0)
Partition: GPT Partition Type.
==================== End Of Log ============================
CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\asus\atk package\atk hotkey\atkmsgctrl.exe
scanner sequence 3.LB.11.MUNAHZ
----- EOF -----
Edited by alex.tower, 02 February 2015 - 12:45 PM.