salve a tutti, anche io ho un problema con le pagine di pubblicità che si aprono da sole ho provato a fare pulizia con diversi tool come adwcleaner combofix spyhunter4 malwarebytes ecc ma con nessun risultato , ora ho scaricato vedendo la discussione vostra FRST ed ho effettuato lo scan ma non so come si usa e come si puo procedere , allego i file di report di FRST, GRAZIE MILLE PER LA DISPONIBILITA' SPERO POSSIATE AIUTARMI !!!!!
...
ecco il log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by ChopShop (administrator) on CHOPSHOP-PC (17-12-2016 01:18:04)
Running from C:\Users\ChopShop\Desktop
Loaded Profiles: ChopShop (Available Profiles: ChopShop)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Italiano (Italia)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
() C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectify.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Entertainment Center\EAXLoadr.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [2306448 2010-07-21] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [Module Loader] => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [57344 2007-07-23] (Creative Technology Ltd.)
HKLM-x32\...\Run: [CTxfiHlp] => C:\Windows\SysWOW64\CTXFIHLP.EXE [26112 2014-03-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [AudioDrvEmulator] => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [57344 2007-07-23] (Creative Technology Ltd.)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-2159126139-3582771133-3070103992-1000\...\Run: [CreativeTaskScheduler] => C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd)
HKU\S-1-5-21-2159126139-3582771133-3070103992-1000\...\Run: [Connectify] => C:\Program Files (x86)\Connectify\Connectify.exe [2967368 2011-12-19] (Connectify)
HKU\S-1-5-21-2159126139-3582771133-3070103992-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AA0715B0-0754-4A58-BD12-BF08967A06D5}: [NameServer] 192.168.134.1
Tcpip\..\Interfaces\{AF104FCE-B5FA-446F-A28E-B2EE94878A2E}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2159126139-3582771133-3070103992-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page =
hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearchHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page =
hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhomeHKU\S-1-5-21-2159126139-3582771133-3070103992-1000\Software\Microsoft\Internet Explorer\Main,Search Page =
hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearchURLSearchHook: HKU\S-1-5-21-2159126139-3582771133-3070103992-1000 - (No Name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - No File
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-26] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\ChopShop\AppData\Roaming\Mozilla\Firefox\Profiles\pkglvuqz.default-1481817004683 [2016-12-17]
FF Homepage: Mozilla\Firefox\Profiles\pkglvuqz.default-1481817004683 ->
www.google.it/FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-16]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-22] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2009-10-27] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2009-10-27] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default ->
hxxp://www.google.it/CHR StartupUrls: Default -> "hxxp://www.google.it/"
CHR Profile: C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default [2016-12-17]
CHR Extension: (Presentazioni Google) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-26]
CHR Extension: (Documenti Google) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-26]
CHR Extension: (Google Drive) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-26]
CHR Extension: (YouTube) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-26]
CHR Extension: (Fogli Google) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-26]
CHR Extension: (Kaspersky Protection) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2016-12-16]
CHR Extension: (Google Documenti offline) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-26]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-26]
CHR Extension: (Gmail) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] -
hxxps://chrome.google.com/webstore/deta ... ijdbbplhibCHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] -
hxxps://chrome.google.com/webstore/deta ... ijdbbplhib==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-10-26] (Adobe Systems) [File not signed]
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [69632 2011-09-29] () [File not signed]
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2016-10-26] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-10-26] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd.)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S4 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-22] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2118664 2016-11-30] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180112 2016-11-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-11-03] ()
S4 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 9BB095C3; C:\Windows\System32\drivers\9BB095C3.sys [478392 2016-12-15] (Kaspersky Lab ZAO)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R1 cnnctfy2; C:\Windows\System32\DRIVERS\cnnctfy2.sys [31344 2016-10-26] (Connectify)
S3 cpuz137; C:\Users\ChopShop\Downloads\pc wizard\pcwiz_x64.sys [26856 2014-02-17] (CPUID)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] () [File not signed]
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [54736 2016-12-16] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [189264 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2016-12-16] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1036512 2016-12-16] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2016-12-16] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [134880 2016-12-16] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 mlkumidi; C:\Windows\System32\drivers\mlkumidi.sys [57408 2012-08-29] (MusicLab, Inc.)
R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2016-10-26] () [File not signed]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-12-15] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-12-15] (Zemana Ltd.)
U3 amalttfx; C:\Windows\System32\Drivers\amalttfx.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
U0 aswVmm; no ImagePath
S0 TfFsMon; system32\drivers\TfFsMon.sys [X]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X]
S0 TfSysMon; system32\drivers\TfSysMon.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-17 01:10 - 2016-12-17 01:11 - 00055094 _____ C:\Users\ChopShop\Desktop\Addition.txt
2016-12-17 01:09 - 2016-12-17 01:18 - 00021071 _____ C:\Users\ChopShop\Desktop\FRST.txt
2016-12-17 01:09 - 2016-12-17 01:18 - 00000000 ____D C:\FRST
2016-12-17 01:07 - 2016-12-17 01:07 - 02420224 _____ (Farbar) C:\Users\ChopShop\Desktop\FRST64.exe
2016-12-16 23:29 - 2016-12-16 23:29 - 00262144 _____ C:\Windows\system32\config\elam
2016-12-16 23:27 - 2016-12-16 23:27 - 00000000 _____ C:\Windows\system32\Drivers\SETBC33.tmp
2016-12-16 23:27 - 2016-12-16 23:27 - 00000000 _____ C:\Windows\system32\Drivers\SET6931.tmp
2016-12-16 23:05 - 2016-12-17 00:35 - 00003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2016-12-16 23:00 - 2016-12-17 00:20 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-16 23:00 - 2016-12-16 23:00 - 00002150 _____ C:\Users\Public\Desktop\Safe Money.lnk
2016-12-16 23:00 - 2016-12-16 23:00 - 00002096 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2016-12-16 23:00 - 2016-12-16 23:00 - 00000000 ____D C:\Windows\ELAMBKUP
2016-12-16 23:00 - 2016-12-16 23:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-12-16 23:00 - 2016-12-16 23:00 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-12-16 23:00 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2016-12-16 22:59 - 2016-12-16 23:26 - 01036512 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-12-16 22:59 - 2016-06-26 15:10 - 00189264 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2016-12-16 22:53 - 2016-12-17 01:18 - 00088992 _____ C:\Windows\ZAM.krnl.trace
2016-12-16 22:53 - 2016-12-17 01:18 - 00057477 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-12-16 22:33 - 2016-12-16 22:33 - 00297760 _____ C:\Users\ChopShop\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-16 19:38 - 2016-12-16 19:38 - 00005614 _____ C:\Windows\system32\.crusader
2016-12-16 17:05 - 2016-12-16 17:18 - 00000000 ____D C:\Users\ChopShop\Desktop\ok
2016-12-16 16:23 - 2016-12-16 16:24 - 00388608 _____ (Trend Micro Inc.) C:\Users\ChopShop\Desktop\HijackThis.exe
2016-12-16 16:07 - 2016-12-16 22:45 - 00000000 ____D C:\ProgramData\TEMP
2016-12-16 16:07 - 2016-12-16 20:02 - 01316739 _____ C:\Windows\system32\Drivers\Cat.DB
2016-12-16 02:31 - 2016-12-16 02:31 - 07609152 _____ (Security Stronghold ) C:\Users\ChopShop\Desktop\StrongholdAntiMalware.exe
2016-12-16 02:02 - 2016-12-16 02:12 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\FreeFixer
2016-12-16 02:02 - 2016-12-16 02:12 - 00000000 ____D C:\Users\ChopShop\AppData\Local\FreeFixer
2016-12-16 01:56 - 2016-12-16 15:08 - 00000000 ____D C:\Program Files (x86)\Stronghold AntiMalware
2016-12-16 01:56 - 2016-12-16 01:58 - 00000000 ____D C:\Users\Public\Documents\Stronghold AntiMalware
2016-12-16 01:55 - 2016-12-16 02:12 - 00000000 ____D C:\Program Files\FreeFixer
2016-12-16 01:01 - 2016-12-16 01:21 - 00000000 ____D C:\ProgramData\Ultra Adware Killer
2016-12-16 00:51 - 2016-12-16 00:51 - 01028832 _____ (Carifred) C:\Users\ChopShop\Desktop\UltraAdwareKiller64.exe
2016-12-15 23:58 - 2016-12-16 00:27 - 00000000 ____D C:\Users\ChopShop\AppData\Local\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD}
2016-12-15 23:57 - 2016-12-16 00:37 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-12-15 20:17 - 2016-12-15 20:17 - 00478392 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\9BB095C3.sys
2016-12-15 20:07 - 2016-12-16 22:15 - 00054736 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2016-12-15 18:08 - 2016-12-15 23:08 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2016-12-15 18:08 - 2016-12-15 23:08 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2016-12-15 18:08 - 2016-12-15 18:08 - 00000000 ____D C:\Users\ChopShop\AppData\Local\Zemana
2016-12-15 17:33 - 2016-12-15 17:33 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\SecurityXploded
2016-12-15 17:21 - 2016-12-15 17:21 - 00001911 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-12-15 17:21 - 2016-12-15 17:21 - 00000000 ____D C:\Program Files\HitmanPro
2016-12-15 16:19 - 2016-12-15 21:57 - 00000000 ____D C:\ProgramData\HitmanPro
2016-12-15 16:15 - 2016-12-15 17:19 - 00000000 ____D C:\KVRT_Data
2016-12-15 15:44 - 2016-12-15 15:44 - 00013562 _____ C:\Users\ChopShop\Desktop\msconfig - collegamento.lnk
2016-12-15 04:34 - 2016-12-15 04:34 - 00000000 _____ C:\autoexec.bat
2016-12-15 03:10 - 2016-12-15 03:11 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\Wise Registry Cleaner
2016-12-15 03:10 - 2016-12-15 03:10 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\Wise Euask
2016-12-15 03:09 - 2016-12-15 03:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2016-12-15 03:07 - 2016-12-15 03:07 - 00021293 _____ C:\ComboFix.txt
2016-12-15 02:54 - 2016-12-16 23:34 - 00885512 _____ C:\Windows\ntbtlog.txt
2016-12-15 02:51 - 2016-12-15 02:51 - 00000000 ____D C:\2-click run
2016-12-15 01:46 - 2016-12-15 01:48 - 00216368 _____ C:\TDSSKiller.3.1.0.12_15.12.2016_01.46.27_log.txt
2016-12-15 00:41 - 2016-12-15 00:41 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2016-12-15 00:05 - 2016-12-17 00:40 - 00000000 ____D C:\Users\ChopShop\AppData\LocalLow\Mozilla
2016-12-15 00:04 - 2016-12-15 00:11 - 00000000 ____D C:\Users\ChopShop\AppData\Local\Mozilla
2016-12-15 00:04 - 2016-12-15 00:05 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\Mozilla
2016-12-15 00:04 - 2016-12-15 00:04 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-15 00:04 - 2016-12-15 00:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-15 00:04 - 2016-12-15 00:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-14 21:55 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-12-14 21:55 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-12-14 21:55 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-12-14 21:55 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-12-14 21:55 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-12-14 21:55 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-12-14 21:55 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-12-14 21:55 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-12-14 21:54 - 2016-12-15 03:07 - 00000000 ____D C:\Qoobox
2016-12-14 21:54 - 2016-12-14 22:04 - 00000000 ____D C:\Windows\erdnt
2016-12-14 18:24 - 2016-12-14 18:24 - 00003630 _____ C:\Windows\System32\Tasks\InternetDC
2016-12-12 18:20 - 2016-12-12 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-12-12 18:18 - 2016-12-12 18:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-12-12 18:18 - 2016-12-12 18:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2016-12-12 18:14 - 2016-12-12 18:14 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-12 18:14 - 2016-12-12 18:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-12-12 18:13 - 2016-12-12 18:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-12 18:13 - 2016-12-12 18:13 - 00000000 ___RD C:\MSOCache
2016-12-12 18:13 - 2016-12-12 18:13 - 00000000 ____D C:\Users\ChopShop\AppData\Local\Microsoft Help
2016-12-09 03:41 - 2016-12-09 03:41 - 00000000 ____D C:\ProgramData\Movavi Video Suite 12
2016-12-09 03:39 - 2016-12-16 19:33 - 00000000 ____D C:\Program Files (x86)\Movavi Screen Capture Studio 5
2016-12-09 03:39 - 2016-12-09 03:39 - 00001150 _____ C:\Users\Public\Desktop\Movavi Screen Capture Studio 5.lnk
2016-12-09 03:39 - 2016-12-09 03:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Screen Capture Studio 5
2016-12-09 03:39 - 2016-12-09 03:39 - 00000000 ____D C:\Program Files (x86)\Movavi Core 5.1.0
2016-12-09 03:16 - 2016-12-09 03:16 - 00000000 ____D C:\Users\ChopShop\AppData\Local\ScreenCapture
2016-12-09 03:16 - 2016-12-09 03:16 - 00000000 ____D C:\Users\ChopShop\AppData\Local\Movavi
2016-12-09 03:15 - 2016-12-09 03:15 - 00004096 _____ C:\ProgramData\dfnpcrng.nwi
2016-12-09 03:15 - 2016-12-09 03:15 - 00000000 ____D C:\ProgramData\Movavi Screen Capture Studio 8
2016-12-09 03:04 - 2016-12-09 03:10 - 00000000 ____D C:\Program Files (x86)\TubeMaster++
2016-12-07 17:04 - 2016-12-07 17:04 - 00000000 ___HD C:\Users\ChopShop\Desktop\PIONEER
2016-12-06 03:16 - 2016-12-12 01:47 - 00000000 ____D C:\Users\ChopShop\Desktop\dvd new
2016-12-05 15:50 - 2016-12-05 15:50 - 00000000 ____D C:\Users\ChopShop\AppData\Local\ElevatedDiagnostics
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-17 00:24 - 2010-11-21 16:30 - 00740658 _____ C:\Windows\system32\perfh010.dat
2016-12-17 00:24 - 2010-11-21 16:30 - 00146712 _____ C:\Windows\system32\perfc010.dat
2016-12-17 00:24 - 2009-07-14 06:13 - 01658888 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-17 00:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-17 00:22 - 2016-10-26 01:52 - 00000000 ____D C:\Users\ChopShop\Desktop\ok villi new
2016-12-17 00:21 - 2016-10-26 00:49 - 00000978 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-17 00:09 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-17 00:09 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-17 00:02 - 2016-10-26 01:07 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\uTorrent
2016-12-17 00:01 - 2016-10-25 23:18 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-17 00:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-16 23:33 - 2016-10-26 01:31 - 00061080 _____ C:\Windows\system32\BMXStateBkp-{00000001-00000000-00000008-00001102-00000005-002C1102}.rfx
2016-12-16 23:33 - 2016-10-26 01:31 - 00061080 _____ C:\Windows\system32\BMXState-{00000001-00000000-00000008-00001102-00000005-002C1102}.rfx
2016-12-16 23:33 - 2016-10-26 01:31 - 00000788 _____ C:\Windows\system32\DVCState-{00000001-00000000-00000008-00001102-00000005-002C1102}.rfx
2016-12-16 23:26 - 2016-06-20 17:51 - 00305496 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2016-12-16 23:26 - 2016-06-20 17:29 - 00057936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2016-12-16 23:26 - 2016-06-02 22:39 - 00134880 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2016-12-16 23:05 - 2016-10-26 17:33 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-16 23:04 - 2016-10-26 01:57 - 00003582 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 23:04 - 2016-10-26 01:57 - 00003454 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-16 22:53 - 2016-10-26 01:44 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-16 22:40 - 2009-07-14 06:08 - 00032512 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-16 22:36 - 2016-10-25 23:13 - 00000000 ____D C:\Users\ChopShop\AppData\Local\VirtualStore
2016-12-16 22:35 - 2016-10-25 23:13 - 00000000 ____D C:\Users\ChopShop
2016-12-16 22:20 - 2016-11-04 15:20 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-16 16:54 - 2016-11-11 16:48 - 00000000 ____D C:\Windows\Minidump
2016-12-16 16:54 - 2016-10-25 23:08 - 00358923 ____N C:\Windows\Minidump\121616-27000-01.dmp
2016-12-16 02:01 - 2016-10-26 01:59 - 00000000 ____D C:\Users\ChopShop\Desktop\mix
2016-12-16 01:51 - 2016-10-26 01:54 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\TS3Client
2016-12-15 21:57 - 2016-10-27 15:18 - 00000000 ____D C:\Users\ChopShop\AppData\Local\CrashDumps
2016-12-15 20:12 - 2016-11-13 17:57 - 00000000 ____D C:\AdwCleaner
2016-12-15 15:43 - 2016-10-26 00:36 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-15 03:16 - 2016-10-26 02:23 - 00000000 ____D C:\Program Files (x86)\Vstplugins
2016-12-15 03:09 - 2016-10-26 01:12 - 00001191 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2016-12-15 03:09 - 2016-10-26 01:12 - 00000000 ____D C:\Program Files (x86)\Wise
2016-12-15 03:06 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-12-15 02:55 - 2016-10-28 14:44 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\iZotope
2016-12-15 02:55 - 2016-10-27 18:39 - 00000000 ____D C:\Users\ChopShop\Documents\ACID Music Studio 10.0 Projects
2016-12-15 02:54 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Media
2016-12-15 02:05 - 2016-10-26 01:58 - 00002153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 20:21 - 2016-10-26 03:18 - 00001080 _____ C:\Windows\system32\settingsbkup.sfm
2016-12-14 20:21 - 2016-10-26 03:18 - 00001080 _____ C:\Windows\system32\settings.sfm
2016-12-14 17:39 - 2016-10-26 01:07 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\Apple Computer
2016-12-13 20:21 - 2016-10-26 00:49 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-13 20:21 - 2016-10-26 00:49 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-13 20:21 - 2016-10-26 00:49 - 00003916 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-13 20:21 - 2016-10-26 00:49 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-13 20:21 - 2016-10-26 00:49 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-12 22:36 - 2009-07-14 05:45 - 16734768 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-12 22:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-12-12 18:18 - 2010-11-21 16:41 - 00000000 ____D C:\Windows\ShellNew
2016-12-12 18:18 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-12 18:16 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-12-12 18:13 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2016-12-10 19:58 - 2016-10-26 01:44 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\PioneerLog
2016-12-10 15:47 - 2016-10-26 01:12 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\vlc
2016-12-08 15:57 - 2016-11-11 16:48 - 593410547 _____ C:\Windows\MEMORY.DMP
2016-12-05 18:49 - 2016-10-26 01:14 - 00000000 ____D C:\ProgramData\Origin
2016-12-05 18:48 - 2016-10-26 01:21 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\Origin
2016-12-05 01:56 - 2016-10-26 01:08 - 00000000 ___SD C:\Users\ChopShop\AppData\LocalLow\Temp
2016-11-30 16:16 - 2016-10-26 01:18 - 00000000 ____D C:\Program Files (x86)\Origin
2016-11-28 02:04 - 2016-10-26 14:17 - 00001708 _____ C:\Users\Public\Desktop\League of Legends.lnk
2016-11-18 15:33 - 2016-11-11 05:15 - 00000000 ____D C:\Users\ChopShop\AppData\LocalLow\Adobe
2016-11-18 15:33 - 2016-10-26 00:39 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\Adobe
2016-11-18 15:33 - 2016-10-26 00:39 - 00000000 ____D C:\Users\ChopShop\AppData\Local\Adobe
==================== Files in the root of some directories =======
2016-12-09 03:15 - 2016-12-09 03:15 - 0004096 _____ () C:\ProgramData\dfnpcrng.nwi
Some files in TEMP:
====================
C:\Users\ChopShop\AppData\Local\Temp\libeay32.dll
C:\Users\ChopShop\AppData\Local\Temp\msvcr120.dll
C:\Users\ChopShop\AppData\Local\Temp\ReimagePackage.exe
C:\Users\ChopShop\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-12-14 01:12
==================== End of FRST.txt ============================
Registrazione
di shel » 14/12/16 21:20 
questo vale per tutti i motori google ie opera mozilla