Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

Pagine che si aprono da sole.

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: Luke57, kadosh

Re: Pagine che si aprono da sole.

Postdi shel » 14/12/16 21:20

hai sbagliato qualcosa, nei due log non c'e' niente

prova a ripetere la scansione
shel
Utente Senior
 
Post: 1320
Iscritto il: 29/08/08 21:56

Sponsor
 

Re: Pagine che si aprono da sole.

Postdi marsenmax » 14/12/16 23:46

Addition.txt
FRST.txt
rifatti mentre jrt non cambia
marsenmax
Newbie
 
Post: 7
Iscritto il: 13/12/16 15:00

Re: Pagine che si aprono da sole.

Postdi shel » 15/12/16 11:36

fai come prima, con frst sul desktop scarichi l'allegato sul desktop e clicchi fix poi alleghi il nuovo fixlog.txt

allegato

disattiva l'antivirus e disconnettiti dalla rete e installa virit aggiornalo e fai una scansione completa

allega il rapporto
shel
Utente Senior
 
Post: 1320
Iscritto il: 29/08/08 21:56

Re: Pagine che si aprono da sole.

Postdi shel » 15/12/16 17:01

fai come prima, con frst sul desktop scarichi l'allegato sul desktop apri frst e clicchi fix poi alleghi il nuovo fixlog.txt

allegato

disattiva l'antivirus e disconnettiti dalla rete e installa virit aggiornalo e fai una scansione completa

allega il rapporto
shel
Utente Senior
 
Post: 1320
Iscritto il: 29/08/08 21:56

Re: Pagine che si aprono da sole.

Postdi marsenmax » 15/12/16 18:55

VIRITEXP.LOG
alla fine mi ha cancellato solo le creck dei vari programmi.....il problema principale delle pagine pubblicitarie sembra risolto.... il problema che continuano ad aprirsi queste pagine
Immagine questo vale per tutti i motori google ie opera mozilla
marsenmax
Newbie
 
Post: 7
Iscritto il: 13/12/16 15:00

Re: Pagine che si aprono da sole.

Postdi shel » 15/12/16 20:53

mi serve il fixlog.txt
shel
Utente Senior
 
Post: 1320
Iscritto il: 29/08/08 21:56

Re: Pagine che si aprono da sole.

Postdi marsenmax » 15/12/16 22:57

marsenmax
Newbie
 
Post: 7
Iscritto il: 13/12/16 15:00

Re: Pagine che si aprono da sole.

Postdi shel » 15/12/16 23:05

lo screen che hai postato non fa parte delle pagine pubblicitarie

ora vai in C\ ed elimina la cartella FRST poi fai pulizia con ccleaner -> http://www.filehippo.com/download_ccleaner/
Importante:
In fase d’installazione togli la spunta altrimenti viene installata Yahoo Tollbar.
Avvialo e clicca su:
- Opzioni Avanzate
Togli la spunta da:
- Elimina file solo se più vecchi di 48 ore
Clicca i tasti:
- Pulizia (il primo in alto a Sinistra)
- Analizza ( Pulsante in basso Centrale)
- Avvia Pulizia (Pulsante in basso a Destra)

Correzione errori File di Registro
CCleaner
Clicca i tasti:
- Registro (Secondo tasto in alto a Sinistra)
- Trova Problemi (Pulsante in basso Centrale)

disattiva e riattiva il ripristino

rimuovi anche virit e riattiva l'antivirus

Se e' tutto a posto possiamo chiudere
shel
Utente Senior
 
Post: 1320
Iscritto il: 29/08/08 21:56

Re: Pagine che si aprono da sole.

Postdi gianlu2811 » 17/12/16 01:43

salve a tutti, anche io ho un problema con le pagine di pubblicità che si aprono da sole ho provato a fare pulizia con diversi tool come adwcleaner combofix spyhunter4 malwarebytes ecc ma con nessun risultato , ora ho scaricato vedendo la discussione vostra FRST ed ho effettuato lo scan ma non so come si usa e come si puo procedere , allego i file di report di FRST, GRAZIE MILLE PER LA DISPONIBILITA' SPERO POSSIATE AIUTARMI !!!!! :cry: :cry: ...




ecco il log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by ChopShop (administrator) on CHOPSHOP-PC (17-12-2016 01:18:04)
Running from C:\Users\ChopShop\Desktop
Loaded Profiles: ChopShop (Available Profiles: ChopShop)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Italiano (Italia)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
() C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectify.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Entertainment Center\EAXLoadr.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [2306448 2010-07-21] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [Module Loader] => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [57344 2007-07-23] (Creative Technology Ltd.)
HKLM-x32\...\Run: [CTxfiHlp] => C:\Windows\SysWOW64\CTXFIHLP.EXE [26112 2014-03-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [AudioDrvEmulator] => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [57344 2007-07-23] (Creative Technology Ltd.)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-2159126139-3582771133-3070103992-1000\...\Run: [CreativeTaskScheduler] => C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd)
HKU\S-1-5-21-2159126139-3582771133-3070103992-1000\...\Run: [Connectify] => C:\Program Files (x86)\Connectify\Connectify.exe [2967368 2011-12-19] (Connectify)
HKU\S-1-5-21-2159126139-3582771133-3070103992-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AA0715B0-0754-4A58-BD12-BF08967A06D5}: [NameServer] 192.168.134.1
Tcpip\..\Interfaces\{AF104FCE-B5FA-446F-A28E-B2EE94878A2E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2159126139-3582771133-3070103992-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2159126139-3582771133-3070103992-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: HKU\S-1-5-21-2159126139-3582771133-3070103992-1000 - (No Name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - No File
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-26] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-16] (AO Kaspersky Lab)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\ChopShop\AppData\Roaming\Mozilla\Firefox\Profiles\pkglvuqz.default-1481817004683 [2016-12-17]
FF Homepage: Mozilla\Firefox\Profiles\pkglvuqz.default-1481817004683 -> www.google.it/
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-16]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-22] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2009-10-27] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2009-10-27] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.it/
CHR StartupUrls: Default -> "hxxp://www.google.it/"
CHR Profile: C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default [2016-12-17]
CHR Extension: (Presentazioni Google) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-26]
CHR Extension: (Documenti Google) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-26]
CHR Extension: (Google Drive) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-26]
CHR Extension: (YouTube) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-26]
CHR Extension: (Fogli Google) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-26]
CHR Extension: (Kaspersky Protection) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2016-12-16]
CHR Extension: (Google Documenti offline) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-26]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-26]
CHR Extension: (Gmail) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\ChopShop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/deta ... ijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/deta ... ijdbbplhib

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-10-26] (Adobe Systems) [File not signed]
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [69632 2011-09-29] () [File not signed]
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2016-10-26] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-10-26] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd.)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S4 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-22] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2118664 2016-11-30] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180112 2016-11-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-11-03] ()
S4 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 9BB095C3; C:\Windows\System32\drivers\9BB095C3.sys [478392 2016-12-15] (Kaspersky Lab ZAO)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R1 cnnctfy2; C:\Windows\System32\DRIVERS\cnnctfy2.sys [31344 2016-10-26] (Connectify)
S3 cpuz137; C:\Users\ChopShop\Downloads\pc wizard\pcwiz_x64.sys [26856 2014-02-17] (CPUID)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] () [File not signed]
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [54736 2016-12-16] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [189264 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2016-12-16] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1036512 2016-12-16] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2016-12-16] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [134880 2016-12-16] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 mlkumidi; C:\Windows\System32\drivers\mlkumidi.sys [57408 2012-08-29] (MusicLab, Inc.)
R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2016-10-26] () [File not signed]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-12-15] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-12-15] (Zemana Ltd.)
U3 amalttfx; C:\Windows\System32\Drivers\amalttfx.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
U0 aswVmm; no ImagePath
S0 TfFsMon; system32\drivers\TfFsMon.sys [X]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [X]
S0 TfSysMon; system32\drivers\TfSysMon.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-17 01:10 - 2016-12-17 01:11 - 00055094 _____ C:\Users\ChopShop\Desktop\Addition.txt
2016-12-17 01:09 - 2016-12-17 01:18 - 00021071 _____ C:\Users\ChopShop\Desktop\FRST.txt
2016-12-17 01:09 - 2016-12-17 01:18 - 00000000 ____D C:\FRST
2016-12-17 01:07 - 2016-12-17 01:07 - 02420224 _____ (Farbar) C:\Users\ChopShop\Desktop\FRST64.exe
2016-12-16 23:29 - 2016-12-16 23:29 - 00262144 _____ C:\Windows\system32\config\elam
2016-12-16 23:27 - 2016-12-16 23:27 - 00000000 _____ C:\Windows\system32\Drivers\SETBC33.tmp
2016-12-16 23:27 - 2016-12-16 23:27 - 00000000 _____ C:\Windows\system32\Drivers\SET6931.tmp
2016-12-16 23:05 - 2016-12-17 00:35 - 00003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2016-12-16 23:00 - 2016-12-17 00:20 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-16 23:00 - 2016-12-16 23:00 - 00002150 _____ C:\Users\Public\Desktop\Safe Money.lnk
2016-12-16 23:00 - 2016-12-16 23:00 - 00002096 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2016-12-16 23:00 - 2016-12-16 23:00 - 00000000 ____D C:\Windows\ELAMBKUP
2016-12-16 23:00 - 2016-12-16 23:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-12-16 23:00 - 2016-12-16 23:00 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-12-16 23:00 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2016-12-16 22:59 - 2016-12-16 23:26 - 01036512 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-12-16 22:59 - 2016-06-26 15:10 - 00189264 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2016-12-16 22:53 - 2016-12-17 01:18 - 00088992 _____ C:\Windows\ZAM.krnl.trace
2016-12-16 22:53 - 2016-12-17 01:18 - 00057477 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-12-16 22:33 - 2016-12-16 22:33 - 00297760 _____ C:\Users\ChopShop\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-16 19:38 - 2016-12-16 19:38 - 00005614 _____ C:\Windows\system32\.crusader
2016-12-16 17:05 - 2016-12-16 17:18 - 00000000 ____D C:\Users\ChopShop\Desktop\ok
2016-12-16 16:23 - 2016-12-16 16:24 - 00388608 _____ (Trend Micro Inc.) C:\Users\ChopShop\Desktop\HijackThis.exe
2016-12-16 16:07 - 2016-12-16 22:45 - 00000000 ____D C:\ProgramData\TEMP
2016-12-16 16:07 - 2016-12-16 20:02 - 01316739 _____ C:\Windows\system32\Drivers\Cat.DB
2016-12-16 02:31 - 2016-12-16 02:31 - 07609152 _____ (Security Stronghold ) C:\Users\ChopShop\Desktop\StrongholdAntiMalware.exe
2016-12-16 02:02 - 2016-12-16 02:12 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\FreeFixer
2016-12-16 02:02 - 2016-12-16 02:12 - 00000000 ____D C:\Users\ChopShop\AppData\Local\FreeFixer
2016-12-16 01:56 - 2016-12-16 15:08 - 00000000 ____D C:\Program Files (x86)\Stronghold AntiMalware
2016-12-16 01:56 - 2016-12-16 01:58 - 00000000 ____D C:\Users\Public\Documents\Stronghold AntiMalware
2016-12-16 01:55 - 2016-12-16 02:12 - 00000000 ____D C:\Program Files\FreeFixer
2016-12-16 01:01 - 2016-12-16 01:21 - 00000000 ____D C:\ProgramData\Ultra Adware Killer
2016-12-16 00:51 - 2016-12-16 00:51 - 01028832 _____ (Carifred) C:\Users\ChopShop\Desktop\UltraAdwareKiller64.exe
2016-12-15 23:58 - 2016-12-16 00:27 - 00000000 ____D C:\Users\ChopShop\AppData\Local\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD}
2016-12-15 23:57 - 2016-12-16 00:37 - 00000000 ____D C:\Program Files\Plumbytes Software
2016-12-15 20:17 - 2016-12-15 20:17 - 00478392 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\9BB095C3.sys
2016-12-15 20:07 - 2016-12-16 22:15 - 00054736 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2016-12-15 18:08 - 2016-12-15 23:08 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2016-12-15 18:08 - 2016-12-15 23:08 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2016-12-15 18:08 - 2016-12-15 18:08 - 00000000 ____D C:\Users\ChopShop\AppData\Local\Zemana
2016-12-15 17:33 - 2016-12-15 17:33 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\SecurityXploded
2016-12-15 17:21 - 2016-12-15 17:21 - 00001911 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-12-15 17:21 - 2016-12-15 17:21 - 00000000 ____D C:\Program Files\HitmanPro
2016-12-15 16:19 - 2016-12-15 21:57 - 00000000 ____D C:\ProgramData\HitmanPro
2016-12-15 16:15 - 2016-12-15 17:19 - 00000000 ____D C:\KVRT_Data
2016-12-15 15:44 - 2016-12-15 15:44 - 00013562 _____ C:\Users\ChopShop\Desktop\msconfig - collegamento.lnk
2016-12-15 04:34 - 2016-12-15 04:34 - 00000000 _____ C:\autoexec.bat
2016-12-15 03:10 - 2016-12-15 03:11 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\Wise Registry Cleaner
2016-12-15 03:10 - 2016-12-15 03:10 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\Wise Euask
2016-12-15 03:09 - 2016-12-15 03:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2016-12-15 03:07 - 2016-12-15 03:07 - 00021293 _____ C:\ComboFix.txt
2016-12-15 02:54 - 2016-12-16 23:34 - 00885512 _____ C:\Windows\ntbtlog.txt
2016-12-15 02:51 - 2016-12-15 02:51 - 00000000 ____D C:\2-click run
2016-12-15 01:46 - 2016-12-15 01:48 - 00216368 _____ C:\TDSSKiller.3.1.0.12_15.12.2016_01.46.27_log.txt
2016-12-15 00:41 - 2016-12-15 00:41 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2016-12-15 00:05 - 2016-12-17 00:40 - 00000000 ____D C:\Users\ChopShop\AppData\LocalLow\Mozilla
2016-12-15 00:04 - 2016-12-15 00:11 - 00000000 ____D C:\Users\ChopShop\AppData\Local\Mozilla
2016-12-15 00:04 - 2016-12-15 00:05 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\Mozilla
2016-12-15 00:04 - 2016-12-15 00:04 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-15 00:04 - 2016-12-15 00:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-15 00:04 - 2016-12-15 00:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-14 21:55 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-12-14 21:55 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-12-14 21:55 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-12-14 21:55 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-12-14 21:55 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-12-14 21:55 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-12-14 21:55 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-12-14 21:55 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-12-14 21:54 - 2016-12-15 03:07 - 00000000 ____D C:\Qoobox
2016-12-14 21:54 - 2016-12-14 22:04 - 00000000 ____D C:\Windows\erdnt
2016-12-14 18:24 - 2016-12-14 18:24 - 00003630 _____ C:\Windows\System32\Tasks\InternetDC
2016-12-12 18:20 - 2016-12-12 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-12-12 18:18 - 2016-12-12 18:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-12-12 18:18 - 2016-12-12 18:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2016-12-12 18:14 - 2016-12-12 18:14 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-12 18:14 - 2016-12-12 18:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-12-12 18:13 - 2016-12-12 18:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-12 18:13 - 2016-12-12 18:13 - 00000000 ___RD C:\MSOCache
2016-12-12 18:13 - 2016-12-12 18:13 - 00000000 ____D C:\Users\ChopShop\AppData\Local\Microsoft Help
2016-12-09 03:41 - 2016-12-09 03:41 - 00000000 ____D C:\ProgramData\Movavi Video Suite 12
2016-12-09 03:39 - 2016-12-16 19:33 - 00000000 ____D C:\Program Files (x86)\Movavi Screen Capture Studio 5
2016-12-09 03:39 - 2016-12-09 03:39 - 00001150 _____ C:\Users\Public\Desktop\Movavi Screen Capture Studio 5.lnk
2016-12-09 03:39 - 2016-12-09 03:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Screen Capture Studio 5
2016-12-09 03:39 - 2016-12-09 03:39 - 00000000 ____D C:\Program Files (x86)\Movavi Core 5.1.0
2016-12-09 03:16 - 2016-12-09 03:16 - 00000000 ____D C:\Users\ChopShop\AppData\Local\ScreenCapture
2016-12-09 03:16 - 2016-12-09 03:16 - 00000000 ____D C:\Users\ChopShop\AppData\Local\Movavi
2016-12-09 03:15 - 2016-12-09 03:15 - 00004096 _____ C:\ProgramData\dfnpcrng.nwi
2016-12-09 03:15 - 2016-12-09 03:15 - 00000000 ____D C:\ProgramData\Movavi Screen Capture Studio 8
2016-12-09 03:04 - 2016-12-09 03:10 - 00000000 ____D C:\Program Files (x86)\TubeMaster++
2016-12-07 17:04 - 2016-12-07 17:04 - 00000000 ___HD C:\Users\ChopShop\Desktop\PIONEER
2016-12-06 03:16 - 2016-12-12 01:47 - 00000000 ____D C:\Users\ChopShop\Desktop\dvd new
2016-12-05 15:50 - 2016-12-05 15:50 - 00000000 ____D C:\Users\ChopShop\AppData\Local\ElevatedDiagnostics

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-17 00:24 - 2010-11-21 16:30 - 00740658 _____ C:\Windows\system32\perfh010.dat
2016-12-17 00:24 - 2010-11-21 16:30 - 00146712 _____ C:\Windows\system32\perfc010.dat
2016-12-17 00:24 - 2009-07-14 06:13 - 01658888 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-17 00:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-17 00:22 - 2016-10-26 01:52 - 00000000 ____D C:\Users\ChopShop\Desktop\ok villi new
2016-12-17 00:21 - 2016-10-26 00:49 - 00000978 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-17 00:09 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-17 00:09 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-17 00:02 - 2016-10-26 01:07 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\uTorrent
2016-12-17 00:01 - 2016-10-25 23:18 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-17 00:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-16 23:33 - 2016-10-26 01:31 - 00061080 _____ C:\Windows\system32\BMXStateBkp-{00000001-00000000-00000008-00001102-00000005-002C1102}.rfx
2016-12-16 23:33 - 2016-10-26 01:31 - 00061080 _____ C:\Windows\system32\BMXState-{00000001-00000000-00000008-00001102-00000005-002C1102}.rfx
2016-12-16 23:33 - 2016-10-26 01:31 - 00000788 _____ C:\Windows\system32\DVCState-{00000001-00000000-00000008-00001102-00000005-002C1102}.rfx
2016-12-16 23:26 - 2016-06-20 17:51 - 00305496 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2016-12-16 23:26 - 2016-06-20 17:29 - 00057936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2016-12-16 23:26 - 2016-06-02 22:39 - 00134880 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2016-12-16 23:05 - 2016-10-26 17:33 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-16 23:04 - 2016-10-26 01:57 - 00003582 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-16 23:04 - 2016-10-26 01:57 - 00003454 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-16 22:53 - 2016-10-26 01:44 - 00000000 ____D C:\ProgramData\AVAST Software
2016-12-16 22:40 - 2009-07-14 06:08 - 00032512 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-16 22:36 - 2016-10-25 23:13 - 00000000 ____D C:\Users\ChopShop\AppData\Local\VirtualStore
2016-12-16 22:35 - 2016-10-25 23:13 - 00000000 ____D C:\Users\ChopShop
2016-12-16 22:20 - 2016-11-04 15:20 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-16 16:54 - 2016-11-11 16:48 - 00000000 ____D C:\Windows\Minidump
2016-12-16 16:54 - 2016-10-25 23:08 - 00358923 ____N C:\Windows\Minidump\121616-27000-01.dmp
2016-12-16 02:01 - 2016-10-26 01:59 - 00000000 ____D C:\Users\ChopShop\Desktop\mix
2016-12-16 01:51 - 2016-10-26 01:54 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\TS3Client
2016-12-15 21:57 - 2016-10-27 15:18 - 00000000 ____D C:\Users\ChopShop\AppData\Local\CrashDumps
2016-12-15 20:12 - 2016-11-13 17:57 - 00000000 ____D C:\AdwCleaner
2016-12-15 15:43 - 2016-10-26 00:36 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-15 03:16 - 2016-10-26 02:23 - 00000000 ____D C:\Program Files (x86)\Vstplugins
2016-12-15 03:09 - 2016-10-26 01:12 - 00001191 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2016-12-15 03:09 - 2016-10-26 01:12 - 00000000 ____D C:\Program Files (x86)\Wise
2016-12-15 03:06 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-12-15 02:55 - 2016-10-28 14:44 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\iZotope
2016-12-15 02:55 - 2016-10-27 18:39 - 00000000 ____D C:\Users\ChopShop\Documents\ACID Music Studio 10.0 Projects
2016-12-15 02:54 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Media
2016-12-15 02:05 - 2016-10-26 01:58 - 00002153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 20:21 - 2016-10-26 03:18 - 00001080 _____ C:\Windows\system32\settingsbkup.sfm
2016-12-14 20:21 - 2016-10-26 03:18 - 00001080 _____ C:\Windows\system32\settings.sfm
2016-12-14 17:39 - 2016-10-26 01:07 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\Apple Computer
2016-12-13 20:21 - 2016-10-26 00:49 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-13 20:21 - 2016-10-26 00:49 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-13 20:21 - 2016-10-26 00:49 - 00003916 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-13 20:21 - 2016-10-26 00:49 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-13 20:21 - 2016-10-26 00:49 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-12 22:36 - 2009-07-14 05:45 - 16734768 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-12 22:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-12-12 18:18 - 2010-11-21 16:41 - 00000000 ____D C:\Windows\ShellNew
2016-12-12 18:18 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-12 18:16 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-12-12 18:13 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2016-12-10 19:58 - 2016-10-26 01:44 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\PioneerLog
2016-12-10 15:47 - 2016-10-26 01:12 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\vlc
2016-12-08 15:57 - 2016-11-11 16:48 - 593410547 _____ C:\Windows\MEMORY.DMP
2016-12-05 18:49 - 2016-10-26 01:14 - 00000000 ____D C:\ProgramData\Origin
2016-12-05 18:48 - 2016-10-26 01:21 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\Origin
2016-12-05 01:56 - 2016-10-26 01:08 - 00000000 ___SD C:\Users\ChopShop\AppData\LocalLow\Temp
2016-11-30 16:16 - 2016-10-26 01:18 - 00000000 ____D C:\Program Files (x86)\Origin
2016-11-28 02:04 - 2016-10-26 14:17 - 00001708 _____ C:\Users\Public\Desktop\League of Legends.lnk
2016-11-18 15:33 - 2016-11-11 05:15 - 00000000 ____D C:\Users\ChopShop\AppData\LocalLow\Adobe
2016-11-18 15:33 - 2016-10-26 00:39 - 00000000 ____D C:\Users\ChopShop\AppData\Roaming\Adobe
2016-11-18 15:33 - 2016-10-26 00:39 - 00000000 ____D C:\Users\ChopShop\AppData\Local\Adobe

==================== Files in the root of some directories =======

2016-12-09 03:15 - 2016-12-09 03:15 - 0004096 _____ () C:\ProgramData\dfnpcrng.nwi

Some files in TEMP:
====================
C:\Users\ChopShop\AppData\Local\Temp\libeay32.dll
C:\Users\ChopShop\AppData\Local\Temp\msvcr120.dll
C:\Users\ChopShop\AppData\Local\Temp\ReimagePackage.exe
C:\Users\ChopShop\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-14 01:12

==================== End of FRST.txt ============================
gianlu2811
Utente Junior
 
Post: 18
Iscritto il: 17/12/16 01:36

Re: Pagine che si aprono da sole.

Postdi shel » 17/12/16 11:01

gianlu2811 serve anche il log addition.txt

ripeti la scansione e prima di avviarla metti la spunta su addition.txt poi premi scan

ricorda che i log vanno allegati non copiati

per allegare i log vai qui = > http://wikisend.com/ e clicca su ''sfoglia''

seleziona il file di testo, clicca su ''apri'' e poi su ''upload file''

copia il primo link e incollalo nel forum
shel
Utente Senior
 
Post: 1320
Iscritto il: 29/08/08 21:56

Re: Pagine che si aprono da sole.

Postdi gianlu2811 » 17/12/16 15:45

gianlu2811
Utente Junior
 
Post: 18
Iscritto il: 17/12/16 01:36

Re: Pagine che si aprono da sole.

Postdi gianlu2811 » 17/12/16 15:46

gianlu2811
Utente Junior
 
Post: 18
Iscritto il: 17/12/16 01:36

Re: Pagine che si aprono da sole.

Postdi shel » 17/12/16 20:43

ora apri blocco note e copia al suo interno questo codice in grassetto, nomina il file fixlist.txt e salvalo sul desktop

ora metti FRST sul desktop apri il programma e clicca su FIX, al termine delle operazioni rilascera' un file come fixlog.txt che dovrai allegare, dopo il riavvio testa il pc e fai sapere se il problema e' risolto oppure no


HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2159126139-3582771133-3070103992-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
U3 amalttfx; C:\Windows\System32\Drivers\amalttfx.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
2016-12-16 23:27 - 2016-12-16 23:27 - 00000000 _____ C:\Windows\system32\Drivers\SETBC33.tmp
2016-12-16 23:27 - 2016-12-16 23:27 - 00000000 _____ C:\Windows\system32\Drivers\SET6931.tmp
2016-12-15 23:58 - 2016-12-16 00:27 - 00000000 ____D C:\Users\ChopShop\AppData\Local\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD}
2016-12-09 03:15 - 2016-12-09 03:15 - 00004096 _____ C:\ProgramData\dfnpcrng.nwi
2016-12-16 23:33 - 2016-10-26 01:31 - 00061080 _____ C:\Windows\system32\BMXStateBkp-{00000001-00000000-00000008-00001102-00000005-002C1102}.rfx
2016-12-16 23:33 - 2016-10-26 01:31 - 00061080 _____ C:\Windows\system32\BMXState-{00000001-00000000-00000008-00001102-00000005-002C1102}.rfx
2016-12-16 23:33 - 2016-10-26 01:31 - 00000788 _____ C:\Windows\system32\DVCState-{00000001-00000000-00000008-00001102-00000005-002C1102}.rfx
2016-12-14 20:21 - 2016-10-26 03:18 - 00001080 _____ C:\Windows\system32\settingsbkup.sfm
2016-12-14 20:21 - 2016-10-26 03:18 - 00001080 _____ C:\Windows\system32\settings.sfm
2016-12-09 03:15 - 2016-12-09 03:15 - 0004096 _____ () C:\ProgramData\dfnpcrng.nwi
EmptyTemp:

shel
Utente Senior
 
Post: 1320
Iscritto il: 29/08/08 21:56

Re: Pagine che si aprono da sole.

Postdi gianlu2811 » 18/12/16 05:14

fatto tutto come descritto ma la pubblicità esce ancora sono stato al lavoro avevo installato nel computer Adguard e quando sono tornato aveva bloccato 71 annunci pubblicitari quindi il problema ancora è presente
gianlu2811
Utente Junior
 
Post: 18
Iscritto il: 17/12/16 01:36

Re: Pagine che si aprono da sole.

Postdi gianlu2811 » 18/12/16 05:27

ora non so il motivo non mi funziona l'upload del file fixlog domani appena accendo il computer riprovo e lo posto.. grazie mille speriamo si risolva questo fastidiosissimo problema della pubblicità ..
gianlu2811
Utente Junior
 
Post: 18
Iscritto il: 17/12/16 01:36

Re: Pagine che si aprono da sole.

Postdi shel » 18/12/16 09:54

se i server non funzionano prova a incollarlo poi fai una scansione con ► virit

disattiva l'antivirus e installalo, fai una scansione ed elimina tutto quello che rileva, al termine allega il log
shel
Utente Senior
 
Post: 1320
Iscritto il: 29/08/08 21:56

Re: Pagine che si aprono da sole.

Postdi gianlu2811 » 18/12/16 16:29

questo è il logfix di ieri sera di FRST :

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-12-2016
Ran by ChopShop (17-12-2016 21:51:13) Run:1
Running from C:\Users\ChopShop\Desktop
Loaded Profiles: ChopShop (Available Profiles: ChopShop)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Task: {0A44262B-B084-44CF-A17A-62F98D4209CA} - System32\Tasks\SysUrlSH => C:\Wsis32\urlSH\Release\sysWIN_SHW.exe [2016-04-18] ()
Task: {6CD8134F-1ACE-4BD1-A7B8-AD615C48FDDF} - System32\Tasks\SysUrlHL => C:\Wsis32\urlHL\Release\sysWIN_IMP.exe [2016-07-11] ()
EmptyTemp:

*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A44262B-B084-44CF-A17A-62F98D4209CA} => key not found.
C:\Windows\System32\Tasks\SysUrlSH => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SysUrlSH => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CD8134F-1ACE-4BD1-A7B8-AD615C48FDDF} => key not found.
C:\Windows\System32\Tasks\SysUrlHL => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SysUrlHL => key not found.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24952195 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 392612 B
Edge => 0 B
Chrome => 195788092 B
Firefox => 379609529 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
systemprofile32 => 692 B
LocalService => 132244 B
NetworkService => 67476 B
ChopShop => 117240371 B

RecycleBin => 0 B
EmptyTemp: => 685 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:51:27 ====
gianlu2811
Utente Junior
 
Post: 18
Iscritto il: 17/12/16 01:36

Re: Pagine che si aprono da sole.

Postdi shel » 18/12/16 20:40

@gianlu2811 a parte che quello non e' il mio fix, ma se non segui le indicazioni che ti scrivo e' inutile continuare, o fai di testa tua oppure mi alleghi i log giusti, altrimenti saro' costretto a non risponderti piu' - non prenderlo come un atto di scortesia ma non si puo' dare assistenza in questo modo

pensaci e fammi sapere
shel
Utente Senior
 
Post: 1320
Iscritto il: 29/08/08 21:56

Re: Pagine che si aprono da sole.

Postdi gianlu2811 » 19/12/16 01:36

scusami tanto hai ragione forse avendo confusione ho sbagliato log allora intanto ti copio il log di virit

VirIT eXplorer Lite Log

[SCANSIONE DELLA MEMORIA]
OK
--------------------------------------------------------
18/12/2016 - 16:53:49

[SCANSIONE DEL REGISTRO]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} Infetto da BHO.49bar.A
* * * RIMOSSO * * *

[A:]


[C:]
MASTER BOOT RECORD (\\.\PhysicalDrive0): OK
BOOT SECTOR: OK

C:\AdwCleaner\quarantine\files\wpmuigshfjrmwacweqpgwyrvymaahiah\YTD Video Downloader\ytd.exe.BAK Infetto da PUP.Win32.GreenTree.A
* * * RIMOSSO * * *
C:\AdwCleaner\quarantine\files\wpmuigshfjrmwacweqpgwyrvymaahiah\YTD Video Downloader\ytd.exe Infetto da PUP.Win32.GreenTree.A
* * * RIMOSSO * * *
C:\AdwCleaner\quarantine\files\zlcbbmlhwluqcaqirsejoygeglvicchk\YTD Video Downloader\ytd.exe Infetto da PUP.Win32.ProinstallApp.A
* * * RIMOSSO * * *

Chiavi Registro infette: 1.
Files Infetti: 3.
Files Sospetti: 0.
Files Analizzati: 4858.
Files Totali: 4858.
Chiavi Registro rimosse: 1.
Virus Rimossi: 3.

[SCANSIONE DELLA MEMORIA]
OK
--------------------------------------------------------
18/12/2016 - 16:58:29

[SCANSIONE DEL REGISTRO]
OK

[A:]


[C:]
MASTER BOOT RECORD (\\.\PhysicalDrive0): OK
BOOT SECTOR: OK


Chiavi Registro infette: 0.
Files Infetti: 0.
Files Sospetti: 0.
Files Analizzati: 21741.
Files Totali: 21741.
Chiavi Registro rimosse: 0.
Virus Rimossi: 0.

[SCANSIONE DELLA MEMORIA]
OK
--------------------------------------------------------
18/12/2016 - 17:03:48

[SCANSIONE DEL REGISTRO]
OK

[A:]


[C:]
MASTER BOOT RECORD (\\.\PhysicalDrive0): OK
BOOT SECTOR: OK

C:\PROGRAM FILES (X86)\WONDERSHARE\MOBILEGOCOMMON\ANDROIDDAEMON.APK -> classes.dex Infetto da Android.Trj.SMSAgent-G.Gen
Contattare il Supporto Tecnico TG Soft
C:\USERS\CHOPSHOP\APPDATA\ROAMING\WONDERSHARE\MOBILEGO\DRIVERS\ANDROIDDAEMON.APK -> classes.dex Infetto da Android.Trj.SMSAgent-G.Gen
* * * RIMOSSO * * *

[D:]
MASTER BOOT RECORD (\\.\PhysicalDrive0): OK
BOOT SECTOR: OK


[E:]
BOOT SECTOR: OK


[F:]
BOOT SECTOR: OK


[G:]
BOOT SECTOR: OK


[H:]
BOOT SECTOR: OK


[M:]


Chiavi Registro infette: 0.
Files Infetti: 2.
Files Sospetti: 0.
Files Analizzati: 247760.
Files Totali: 247760.
Chiavi Registro rimosse: 0.
Virus Rimossi: 1.
VirIT eXplorer Lite Log

[SCANSIONE DELLA MEMORIA]
OK
--------------------------------------------------------
18/12/2016 - 16:53:49

[SCANSIONE DEL REGISTRO]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} Infetto da BHO.49bar.A
* * * RIMOSSO * * *

[A:]


[C:]
MASTER BOOT RECORD (\\.\PhysicalDrive0): OK
BOOT SECTOR: OK

C:\AdwCleaner\quarantine\files\wpmuigshfjrmwacweqpgwyrvymaahiah\YTD Video Downloader\ytd.exe.BAK Infetto da PUP.Win32.GreenTree.A
* * * RIMOSSO * * *
C:\AdwCleaner\quarantine\files\wpmuigshfjrmwacweqpgwyrvymaahiah\YTD Video Downloader\ytd.exe Infetto da PUP.Win32.GreenTree.A
* * * RIMOSSO * * *
C:\AdwCleaner\quarantine\files\zlcbbmlhwluqcaqirsejoygeglvicchk\YTD Video Downloader\ytd.exe Infetto da PUP.Win32.ProinstallApp.A
* * * RIMOSSO * * *

Chiavi Registro infette: 1.
Files Infetti: 3.
Files Sospetti: 0.
Files Analizzati: 4858.
Files Totali: 4858.
Chiavi Registro rimosse: 1.
Virus Rimossi: 3.

[SCANSIONE DELLA MEMORIA]
OK
--------------------------------------------------------
18/12/2016 - 16:58:29

[SCANSIONE DEL REGISTRO]
OK

[A:]


[C:]
MASTER BOOT RECORD (\\.\PhysicalDrive0): OK
BOOT SECTOR: OK


Chiavi Registro infette: 0.
Files Infetti: 0.
Files Sospetti: 0.
Files Analizzati: 21741.
Files Totali: 21741.
Chiavi Registro rimosse: 0.
Virus Rimossi: 0.

[SCANSIONE DELLA MEMORIA]
OK
--------------------------------------------------------
18/12/2016 - 17:03:48

[SCANSIONE DEL REGISTRO]
OK

[A:]


[C:]
MASTER BOOT RECORD (\\.\PhysicalDrive0): OK
BOOT SECTOR: OK

C:\PROGRAM FILES (X86)\WONDERSHARE\MOBILEGOCOMMON\ANDROIDDAEMON.APK -> classes.dex Infetto da Android.Trj.SMSAgent-G.Gen
Contattare il Supporto Tecnico TG Soft
C:\USERS\CHOPSHOP\APPDATA\ROAMING\WONDERSHARE\MOBILEGO\DRIVERS\ANDROIDDAEMON.APK -> classes.dex Infetto da Android.Trj.SMSAgent-G.Gen
* * * RIMOSSO * * *

[D:]
MASTER BOOT RECORD (\\.\PhysicalDrive0): OK
BOOT SECTOR: OK


[E:]
BOOT SECTOR: OK


[F:]
BOOT SECTOR: OK


[G:]
BOOT SECTOR: OK


[H:]
BOOT SECTOR: OK


[M:]


Chiavi Registro infette: 0.
Files Infetti: 2.
Files Sospetti: 0.
Files Analizzati: 247760.
Files Totali: 247760.
Chiavi Registro rimosse: 0.
Virus Rimossi: 1.
gianlu2811
Utente Junior
 
Post: 18
Iscritto il: 17/12/16 01:36

Re: Pagine che si aprono da sole.

Postdi gianlu2811 » 19/12/16 01:57

avevi ragione ho sbagliato il fix ma avevo molti file nel desktop perciò scusami ancora veramente sono desolato comunque ho ripetuto anche la procedura che mi hai detto con FRST e ti incollo il logfix


Fix result of Farbar Recovery Scan Tool (x64) Version: 17-12-2016
Ran by ChopShop (19-12-2016 01:34:01) Run:2
Running from C:\Users\ChopShop\Desktop
Loaded Profiles: ChopShop (Available Profiles: ChopShop)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2159126139-3582771133-3070103992-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
U3 amalttfx; C:\Windows\System32\Drivers\amalttfx.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
2016-12-16 23:27 - 2016-12-16 23:27 - 00000000 _____ C:\Windows\system32\Drivers\SETBC33.tmp
2016-12-16 23:27 - 2016-12-16 23:27 - 00000000 _____ C:\Windows\system32\Drivers\SET6931.tmp
2016-12-15 23:58 - 2016-12-16 00:27 - 00000000 ____D C:\Users\ChopShop\AppData\Local\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD}
2016-12-09 03:15 - 2016-12-09 03:15 - 00004096 _____ C:\ProgramData\dfnpcrng.nwi
2016-12-16 23:33 - 2016-10-26 01:31 - 00061080 _____ C:\Windows\system32\BMXStateBkp-{00000001-00000000-00000008-00001102-00000005-002C1102}.rfx
2016-12-16 23:33 - 2016-10-26 01:31 - 00061080 _____ C:\Windows\system32\BMXState-{00000001-00000000-00000008-00001102-00000005-002C1102}.rfx
2016-12-16 23:33 - 2016-10-26 01:31 - 00000788 _____ C:\Windows\system32\DVCState-{00000001-00000000-00000008-00001102-00000005-002C1102}.rfx
2016-12-14 20:21 - 2016-10-26 03:18 - 00001080 _____ C:\Windows\system32\settingsbkup.sfm
2016-12-14 20:21 - 2016-10-26 03:18 - 00001080 _____ C:\Windows\system32\settings.sfm
2016-12-09 03:15 - 2016-12-09 03:15 - 0004096 _____ () C:\ProgramData\dfnpcrng.nwi
EmptyTemp:
*****************

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-2159126139-3582771133-3070103992-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
amalttfx => service not found.
C:\Windows\system32\Drivers\SETBC33.tmp => moved successfully
C:\Windows\system32\Drivers\SET6931.tmp => moved successfully
C:\Users\ChopShop\AppData\Local\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD} => moved successfully
C:\ProgramData\dfnpcrng.nwi => moved successfully
C:\Windows\system32\BMXStateBkp-{00000001-00000000-00000008-00001102-00000005-002C1102}.rfx => moved successfully
C:\Windows\system32\BMXState-{00000001-00000000-00000008-00001102-00000005-002C1102}.rfx => moved successfully
C:\Windows\system32\DVCState-{00000001-00000000-00000008-00001102-00000005-002C1102}.rfx => moved successfully
C:\Windows\system32\settingsbkup.sfm => moved successfully
C:\Windows\system32\settings.sfm => moved successfully
"C:\ProgramData\dfnpcrng.nwi" => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7129001 B
Java, Flash, Steam htmlcache => 1484 B
Windows/system/drivers => 323620 B
Edge => 0 B
Chrome => 453969027 B
Firefox => 103859963 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 692 B
systemprofile32 => 692 B
LocalService => 132244 B
NetworkService => 0 B
ChopShop => 210215114 B

RecycleBin => 0 B
EmptyTemp: => 747.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 01:34:20 ====
gianlu2811
Utente Junior
 
Post: 18
Iscritto il: 17/12/16 01:36

PrecedenteProssimo

Torna a Sicurezza e Privacy


Topic correlati a "Pagine che si aprono da sole.":


Chi c’è in linea

Visitano il forum: Nessuno e 14 ospiti