Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Kann Antivirus nicht Aktualisieren und öffnen

Kann Antivirus nicht Aktualisieren und öffnen


Plagegeister aller Art und deren Bekämpfung: Kann Antivirus nicht Aktualisieren und öffnen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 16.12.2013, 12:44   #1
congstar
 
Kann Antivirus nicht Aktualisieren und öffnen - Standard

Kann Antivirus nicht Aktualisieren und öffnen


Hallo zusammen,
habe ein Problem mit den PC von meiner Frau

Erstens, immer wenn ich den einschalte kommt automatisch die Installation von Havij 1.15 Free.exe.

Darauf hin, wollte ich den Microsoft Security Essentials, nur wenn ich den öffne gibt er mir eine Fehlermeldung "DATEI NICHT GEFUNDEN", darauf hin, habe ich es deinstalliert und Kaspersky PUR 3.0 30 Tagen Probe downloadet, ich sehe es auch auf der Taskleiste, leider kann ich kann UPDATE machen.

Was kann sein?

Meine Frau sagt, sie hat eine EMail geöffnet, von Ihrer Freundin, mit ein Anhang in .rar und den Titel Fotos von mein Baby.
Darauf hin kam dieses Havij und sie hat die EMail komplett gelöscht.

Wie komme ich weiter, bin mit mein Latein am ende

Alt 16.12.2013, 13:18   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Kann Antivirus nicht Aktualisieren und öffnen - Standard

Kann Antivirus nicht Aktualisieren und öffnen


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 16.12.2013, 13:33   #3
congstar
 
Kann Antivirus nicht Aktualisieren und öffnen - Standard

Kann Antivirus nicht Aktualisieren und öffnen


Ok, danke für deine Antwort.
Normalerweise benutzt mein Sohn dieses PC
Ich wollte heute mal fliegen mit FSX und funktionierte nicht

FRST.TXT


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-12-2013 02
Ran by Luca (administrator) on LUCA-PC on 16-12-2013 13:24:10
Running from D:\EVA
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Italian Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung) E:\Program Files (x86)\kies\Kies\Kies.exe
(Samsung) E:\Program Files (x86)\kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
() C:\Users\Luca\AppData\Local\Viber\Viber.exe
(Samsung Electronics Co., Ltd.) E:\Program Files (x86)\kies\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Farbar) D:\EVA\FRST64 (1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [Monitor] - C:\Windows\PixArt\Pac207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKCU\...\Run: [Google Update] - C:\Users\Luca\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-15] (Google Inc.)
HKCU\...\Run: [KiesPreload] - E:\Program Files (x86)\kies\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKCU\...\Run: [] - E:\Program Files (x86)\kies\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
HKCU\...\Run: [Viber] - C:\Users\Luca\AppData\Local\Viber\Viber.exe [912904 2013-07-31] ()
HKCU\...\Run: [AlcoholAutomount] - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKCU\...\Run: [Macha3v3lli] - C:\Users\Luca\AppData\Local\Temp\Rar$EX00.375\Havij 1.15 Free.exe [3325952 2013-12-16] (DT Soft Ltd.) <===== ATTENTION
HKCU\...\RunOnce: [Macha3v3lli] - C:\Users\Luca\AppData\Local\Temp\Rar$EX00.375\Havij 1.15 Free.exe [3325952 2013-12-16] (DT Soft Ltd.)
HKCU\...\Policies\Explorer: [TaskbarNoNotification] 1
HKCU\...\Policies\Explorer: [HideSCAHealth] 1
MountPoints2: {807dff40-38f9-11e3-8bd3-806e6f6e6963} - G:\DisneySplash.exe
MountPoints2: {a07e9f40-2150-11e3-9748-806e6f6e6963} - H:\setup.exe
MountPoints2: {efc6cec0-2154-11e3-aedf-806e6f6e6963} - G:\setup.exe
HKLM-x32\...\Run: [FLxHCIm64] - C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe [47616 2011-10-17] (Windows (R) Win 7 DDK provider)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [417792 2009-09-05] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] - E:\Program Files (x86)\kies\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Macha3v3lli] - C:\Users\Luca\AppData\Local\Temp\Rar$EX00.375\Havij 1.15 Free.exe [3325952 2013-12-16] (DT Soft Ltd.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356968 2012-12-20] (Kaspersky Lab ZAO)
IFEO\hijackthis.exe: [Debugger] b_.exe
IFEO\housecalllauncher.exe: [Debugger] s_.exe
IFEO\rstrui.exe: [Debugger] r_.exe
IFEO\spybotsd.exe: [Debugger] s_.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://it.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2871082225F4CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default
FF SearchEngineOrder.2: Yahoo
FF Homepage: https://www.google.it/webhp?hl=it
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20(url.indexOf('turntable.fm')%20!%3D%20-1%20%26%26%20url.indexOf('static.turntable.fm')%20%3D%3D%20-1%20%26%26%20url.indexOf('s3.amazonaws.com')%20%3D%3D%20-1%20%26%26%20url.indexOf('ping.chartbeat.net')%20%3D%3D%20-1%20%26%26%20url.indexOf('.png')%20%3D%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*'))%20%7B%20return%20'PROXY%20ab-us12.personalitycores.com%3A8000%3B%20PROXY%20ab-us13.personalitycores.com%3A8000%3B%20PROXY%20ab-us10.personalitycores.com%3A8000%3B%20PROXY%20ab-us15.personalitycores.com%3A8000%3B%20PROXY%20ab-us21.personalitycores.com%3A8000%3B%20PROXY%20ab-us02.personalitycores.com%3A8000%3B%20PROXY%20ab-us17.personalitycores.com%3A8000%3B%20PROXY%20ab-us14.personalitycores.com%3A8000%3B%20PROXY%20ab-us11.personalitycores.com%3A8000%3B%20PROXY%20ab-us09.personalitycores.com%3A8000%3B%20PROXY%20ab-us16.personalitycores.com%3A8000%3B%20PROXY%20ab-us01.personalitycores.com%3A8000%3B%20PROXY%20ab-us08.personalitycores.com%3A8000%3B%20PROXY%20ab-us20.personalitycores.com%3A8000%3B%20PROXY%20ab-us07.personalitycores.com%3A8000%3B%20PROXY%20ab-us22.personalitycores.com%3A8000%3B%20PROXY%20ab-us03.personalitycores.com%3A8000%3B%20PROXY%20ab-us18.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "http", "80.88.161.177"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @protectdisc.com/NPPDLicenseHelper - C:\Users\Luca\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Luca\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Luca\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Luca\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Luca\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Luca\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-it.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-it.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\hoepli.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-it.xml
FF Extension: Deutsches Wörterbuch - C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default\Extensions\de-DE@dictionaries.addons.mozilla.org
FF Extension: Default Manager - C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default\Extensions\DefaultManager@Microsoft
FF Extension: United States English Spellchecker - C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default\Extensions\en-US@dictionaries.addons.mozilla.org
FF Extension: Diccionario de Español/España - C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default\Extensions\es-es@dictionaries.addons.mozilla.org
FF Extension: TVU Web Player - C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default\Extensions\firefox@tvunetworks.com
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default\Extensions\ich@maltegoetz.de
FF Extension: Dizionario italiano - C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default\Extensions\it-IT@dictionaries.addons.mozilla.org
FF Extension: Facebook Photo Stalker - C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default\Extensions\joshua.carcione@gmail.com
FF Extension: Justin.tv Publisher - C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default\Extensions\justintvpublisher@justin.tv
FF Extension: Mega Manager Integration - C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default\Extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6}
FF Extension: helper - C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default\Extensions\helper@savefrom.net.xpi
FF Extension: magicplayer - C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default\Extensions\magicplayer@torrentstream.org.xpi
FF Extension: youtube2mp3 - C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default\Extensions\youtube2mp3@mondayx.de.xpi
FF Extension: flashgot - C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF Extension: No Name - C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default\Extensions\{1fc895a6-2042-46ec-a61b-233165b4c218}.xpi
FF Extension: No Name - C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-6665170634FE}.xpi
FF Extension: Adblock Plus - C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\65l8dibh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "https://www.google.it/webhp?hl=it"
CHR DefaultSearchKeyword: google.de
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Luca\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Luca\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Luca\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Skype Click to Call) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Desktop) - C:\Users\Luca\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll No File
CHR Plugin: (Protect Disc License Acquisition Plugin) - C:\Users\Luca\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.2.558_0
CHR Extension: (AdBlock) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Safe Money) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0
CHR Extension: (Virtual Keyboard) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.2.558_0
CHR Extension: (Google Wallet) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Anti-Banner) - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356968 2012-12-20] (Kaspersky Lab ZAO)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [37888 2013-03-08] ()

==================== Drivers (Whitelisted) ====================

S3 appliand; C:\Windows\System32\DRIVERS\appliand.sys [33888 2011-06-26] (Applian Technologies Inc.)
R3 appliandMP; C:\Windows\System32\DRIVERS\appliand.sys [33888 2011-06-26] (Applian Technologies Inc.)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [69888 2011-10-17] (Fresco Logic)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [613720 2012-11-02] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2012-09-03] (Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29528 2012-09-03] (Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54104 2012-10-18] (Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178008 2012-08-13] (Kaspersky Lab)
R3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [36680 2013-12-16] ()
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-11-06] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-11-06] (RapidSolution Software AG)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-09-19] (Duplex Secure Ltd.)
U3 a4czgynk; C:\Windows\System32\Drivers\a4czgynk.sys [0 ] (Marvell Semiconductor, Inc.)
S3 ALSysIO; \??\C:\Users\Luca\AppData\Local\Temp\ALSysIO64.sys [x]
S3 AODDriver; \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys [x]
S3 gwiopm; \??\C:\Program Files (x86)\Slotman\gwiopm.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [89944 2012-11-02] (Kaspersky Lab)
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-16 13:23 - 2013-12-16 13:23 - 00000000 ____D C:\FRST
2013-12-16 13:15 - 2013-12-16 13:15 - 00259584 _____ (OldTimer Tools) C:\Users\Luca\Desktop\OTH.scr
2013-12-16 13:08 - 2013-12-16 13:08 - 00036680 _____ C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-16 13:08 - 2013-12-16 13:08 - 00000000 ____D C:\Users\Luca\AppData\Roaming\Malwarebytes
2013-12-16 12:50 - 2013-12-16 12:50 - 00000000 ____D C:\Program Files (x86)\ESET
2013-12-16 12:49 - 2013-12-16 12:49 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-16 12:49 - 2013-12-16 12:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-16 12:49 - 2013-12-16 12:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-16 12:49 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-16 12:26 - 2013-12-16 12:26 - 00002120 _____ C:\Users\Luca\Desktop\Safe Money.lnk
2013-12-16 12:23 - 2013-12-16 12:23 - 00000056 _____ C:\Windows\setupact.log
2013-12-16 12:23 - 2013-12-16 12:23 - 00000000 _____ C:\Windows\setuperr.log
2013-12-16 12:22 - 2013-12-16 12:21 - 00001078 _____ C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
2013-12-16 12:21 - 2012-07-11 17:09 - 00064856 _____ (Kaspersky Lab) C:\Windows\system32\klfphc.dll
2013-12-16 12:21 - 2011-06-02 14:39 - 00084536 _____ (Infowatch) C:\Windows\system32\Drivers\CSCrySec.sys
2013-12-16 12:21 - 2011-06-02 14:39 - 00066616 _____ (Infowatch) C:\Windows\system32\Drivers\CSVirtualDiskDrv.sys
2013-12-16 12:20 - 2013-12-16 13:15 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-16 12:20 - 2013-12-16 12:20 - 00000000 ____D C:\Windows\ELAMBKUP
2013-12-16 12:20 - 2013-12-16 12:20 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-12-16 12:20 - 2012-11-02 15:48 - 00613720 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2013-12-16 12:20 - 2012-11-02 15:48 - 00089944 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2013-12-16 12:15 - 2013-12-16 12:15 - 00001362 _____ C:\Windows\WindowsUpdate.log
2013-12-16 11:48 - 2013-12-16 11:48 - 00002971 _____ C:\Users\Luca\Desktop\HiJackThis.lnk
2013-12-16 11:48 - 2013-12-16 11:48 - 00000000 ____D C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-12-16 11:48 - 2013-12-16 11:48 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-12-16 11:09 - 2004-03-08 23:30 - 01081616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscomctl.ocx
2013-12-15 21:27 - 2013-12-15 21:27 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-12 23:19 - 2013-12-12 23:19 - 00354736 _____ C:\Users\Luca\Documents\STOP...perche'   - Cuba al Microscopio.htm
2013-12-12 23:19 - 2013-12-12 23:19 - 00000000 ____D C:\Users\Luca\Documents\STOP...perche'   - Cuba al Microscopio_files
2013-12-12 13:06 - 2013-12-12 13:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-09 08:24 - 2013-12-08 20:53 - 02358813 _____ C:\Users\Luca\Desktop\Hoic.zip
2013-12-07 16:59 - 2013-12-07 17:22 - 00000000 ____D C:\Users\Luca\Desktop\joomla
2013-12-07 16:20 - 2013-12-07 16:20 - 00000326 _____ C:\Users\Luca\Desktop\IPVanish.appref-ms
2013-12-07 16:20 - 2013-12-07 16:20 - 00000000 ____D C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IPVanish.com
2013-12-06 23:06 - 2013-12-06 23:06 - 00000823 _____ C:\Users\Public\Desktop\William Hill CASINO CLUB.lnk
2013-12-06 23:06 - 2013-12-06 23:06 - 00000000 ____D C:\Casino
2013-12-05 23:13 - 2013-12-05 23:14 - 00060143 _____ C:\Users\Luca\Downloads\viewtopic.php.htm
2013-12-05 23:13 - 2013-12-05 23:14 - 00000000 ____D C:\Users\Luca\Downloads\viewtopic.php_files
2013-11-23 09:26 - 2013-11-23 09:26 - 00000634 _____ C:\Users\Luca\Desktop\Start Tor Browser.exe - collegamento.lnk
2013-11-18 22:29 - 2013-11-18 22:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2013-11-18 22:28 - 2013-04-26 16:33 - 00000000 ____D C:\Users\Luca\Desktop\motochopper
2013-11-18 22:23 - 2013-11-18 22:23 - 00000000 ____D C:\Program Files\SAMSUNG
2013-11-17 13:39 - 2013-11-17 13:39 - 00000000 ____D C:\Users\Luca\AppData\Local\GHISLER

==================== One Month Modified Files and Folders =======

2013-12-16 13:23 - 2013-12-16 13:23 - 00000000 ____D C:\FRST
2013-12-16 13:15 - 2013-12-16 13:15 - 00259584 _____ (OldTimer Tools) C:\Users\Luca\Desktop\OTH.scr
2013-12-16 13:15 - 2013-12-16 12:20 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-16 13:10 - 2012-01-15 11:04 - 00001156 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2140840013-835955819-1653817336-1001UA.job
2013-12-16 13:08 - 2013-12-16 13:08 - 00036680 _____ C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-16 13:08 - 2013-12-16 13:08 - 00000000 ____D C:\Users\Luca\AppData\Roaming\Malwarebytes
2013-12-16 12:50 - 2013-12-16 12:50 - 00000000 ____D C:\Program Files (x86)\ESET
2013-12-16 12:49 - 2013-12-16 12:49 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-16 12:49 - 2013-12-16 12:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-16 12:49 - 2013-12-16 12:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-16 12:49 - 2012-03-28 22:36 - 00000978 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-16 12:35 - 2013-02-02 18:00 - 00002515 _____ C:\Users\Public\Desktop\Skype.lnk
2013-12-16 12:35 - 2012-03-23 22:01 - 00000000 ____D C:\ProgramData\Skype
2013-12-16 12:33 - 2009-07-14 05:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-16 12:33 - 2009-07-14 05:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-16 12:26 - 2013-12-16 12:26 - 00002120 _____ C:\Users\Luca\Desktop\Safe Money.lnk
2013-12-16 12:25 - 2013-09-25 08:46 - 00000000 ____D C:\Users\Luca\AppData\Roaming\ViberPC
2013-12-16 12:25 - 2013-09-25 08:45 - 00000000 ____D C:\Users\Luca\AppData\Local\Viber
2013-12-16 12:25 - 2012-03-19 12:00 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-16 12:23 - 2013-12-16 12:23 - 00000056 _____ C:\Windows\setupact.log
2013-12-16 12:23 - 2013-12-16 12:23 - 00000000 _____ C:\Windows\setuperr.log
2013-12-16 12:23 - 2012-03-19 12:00 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-16 12:23 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-16 12:21 - 2013-12-16 12:22 - 00001078 _____ C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
2013-12-16 12:20 - 2013-12-16 12:20 - 00000000 ____D C:\Windows\ELAMBKUP
2013-12-16 12:20 - 2013-12-16 12:20 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-12-16 12:16 - 2012-01-03 23:57 - 00001912 _____ C:\Windows\epplauncher.mif
2013-12-16 12:16 - 2010-11-21 16:30 - 00740090 _____ C:\Windows\system32\perfh010.dat
2013-12-16 12:16 - 2010-11-21 16:30 - 00146652 _____ C:\Windows\system32\perfc010.dat
2013-12-16 12:16 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-12-16 12:15 - 2013-12-16 12:15 - 00001362 _____ C:\Windows\WindowsUpdate.log
2013-12-16 11:48 - 2013-12-16 11:48 - 00002971 _____ C:\Users\Luca\Desktop\HiJackThis.lnk
2013-12-16 11:48 - 2013-12-16 11:48 - 00000000 ____D C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-12-16 11:48 - 2013-12-16 11:48 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-12-16 10:58 - 2012-01-03 18:05 - 00000000 ____D C:\Users\Luca\AppData\Roaming\vlc
2013-12-16 10:10 - 2012-01-15 11:04 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2140840013-835955819-1653817336-1001Core.job
2013-12-16 09:27 - 2013-09-15 22:13 - 00000000 ____D C:\Users\Luca\AppData\Local\Deployment
2013-12-15 21:27 - 2013-12-15 21:27 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-12 23:19 - 2013-12-12 23:19 - 00354736 _____ C:\Users\Luca\Documents\STOP...perche'   - Cuba al Microscopio.htm
2013-12-12 23:19 - 2013-12-12 23:19 - 00000000 ____D C:\Users\Luca\Documents\STOP...perche'   - Cuba al Microscopio_files
2013-12-12 23:13 - 2012-04-12 23:09 - 00000000 ____D C:\Users\Luca\AppData\Roaming\FileZilla
2013-12-12 15:46 - 2012-05-04 08:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-12 13:06 - 2013-12-12 13:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-12 10:04 - 2013-09-15 17:48 - 00000000 ____D C:\Users\Luca\Desktop\CANALI RECEIVER
2013-12-11 12:37 - 2012-03-28 22:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 12:37 - 2012-03-28 22:36 - 00003916 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 12:37 - 2012-01-03 17:57 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 09:18 - 2013-02-11 10:25 - 00000000 ____D C:\Users\Luca\AppData\Roaming\uTorrent
2013-12-10 09:21 - 2013-10-03 23:13 - 00000078 _____ C:\Users\Luca\Desktop\arrow.txt
2013-12-08 20:53 - 2013-12-09 08:24 - 02358813 _____ C:\Users\Luca\Desktop\Hoic.zip
2013-12-08 10:05 - 2012-01-15 11:04 - 00004128 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2140840013-835955819-1653817336-1001UA
2013-12-08 10:05 - 2012-01-15 11:04 - 00003732 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2140840013-835955819-1653817336-1001Core
2013-12-07 17:22 - 2013-12-07 16:59 - 00000000 ____D C:\Users\Luca\Desktop\joomla
2013-12-07 16:20 - 2013-12-07 16:20 - 00000326 _____ C:\Users\Luca\Desktop\IPVanish.appref-ms
2013-12-07 16:20 - 2013-12-07 16:20 - 00000000 ____D C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IPVanish.com
2013-12-06 23:06 - 2013-12-06 23:06 - 00000823 _____ C:\Users\Public\Desktop\William Hill CASINO CLUB.lnk
2013-12-06 23:06 - 2013-12-06 23:06 - 00000000 ____D C:\Casino
2013-12-05 23:14 - 2013-12-05 23:13 - 00060143 _____ C:\Users\Luca\Downloads\viewtopic.php.htm
2013-12-05 23:14 - 2013-12-05 23:13 - 00000000 ____D C:\Users\Luca\Downloads\viewtopic.php_files
2013-12-03 07:20 - 2012-03-19 12:00 - 00004142 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-03 07:20 - 2012-03-19 12:00 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-23 09:26 - 2013-11-23 09:26 - 00000634 _____ C:\Users\Luca\Desktop\Start Tor Browser.exe - collegamento.lnk
2013-11-19 11:21 - 2010-11-21 04:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-18 22:29 - 2013-11-18 22:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2013-11-18 22:23 - 2013-11-18 22:23 - 00000000 ____D C:\Program Files\SAMSUNG
2013-11-17 13:51 - 2009-07-14 06:13 - 01663626 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-17 13:39 - 2013-11-17 13:39 - 00000000 ____D C:\Users\Luca\AppData\Local\GHISLER

Files to move or delete:
====================
C:\Users\Luca\AppData\Local\Temp\Rar$EX00.375\Havij 1.15 Free.exe


Some content of TEMP:
====================
C:\Users\Luca\AppData\Local\Temp\CWG55.exe
C:\Users\Luca\AppData\Local\Temp\FYJF27.exe
C:\Users\Luca\AppData\Local\Temp\IDNI73.exe
C:\Users\Luca\AppData\Local\Temp\KEOJ33.exe
C:\Users\Luca\AppData\Local\Temp\RMVRMT40.exe
C:\Users\Luca\AppData\Local\Temp\VPAUQX78.exe
C:\Users\Luca\AppData\Local\Temp\YTE59.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-10 10:22

==================== End Of Log ============================
--- --- ---

--- --- ---



addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-12-2013 02
Ran by Luca at 2013-12-16 13:25:09
Running from D:\EVA
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

==================== Installed Programs ======================

Active Sky 2012 (x32 Version: 13.1.4387.37836)
Active Sky Evolution (x32 Version: 12.00.0566)
ActiveSky Version 6 and ActiveSky Graphics (x32 Version: 0.6.6442)
Adobe AIR (x32 Version: 2.5.1.17730)
Adobe Flash Media Live Encoder 3.2 (x32 Version: 3.2.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Adobe Reader X (10.1.8) - Italiano (x32 Version: 10.1.8)
Aerosoft's - Airbus X Extended - FSX (x32 Version: 1.15)
Aerosoft's - Airbus X Extended - PrePar3D (x32 Version: 1.15)
aerosoft's - Approaching Innsbruck X (x32 Version: 1.10)
Aerosoft's - Bari X - FSX (x32)
aerosoft's - FlightSim Commander 9 (x32 Version: 9.00)
Aerosoft's - Frankfurt-Hahn X - FSX (x32)
aerosoft's - German Airports 2 - Cologne-Bonn  - FS2004 (x32)
aerosoft's - Madrid 2008 (x32 Version: 1.00)
aerosoft's - Maldives X (x32 Version: 1.00)
aerosoft's - Mallorca X for FS2004 (x32 Version: 1.00)
Aerosoft's - Mega Airport Duesseldorf - PrePar3D (x32)
aerosoft's - Mega Airport Frankfurt - FS2004 (x32)
aerosoft's - Mega Airport Munich (x32 Version: 1.03)
aerosoft's - Mega Airport Rome (x32 Version: 1.00)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2013.0328.2218.38225)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
AMD Steady Video Plug-In  (Version: 2.04.0000)
AMD VISION Engine Control Center (x32 Version: 2013.0328.2218.38225)
Audials (x32 Version: 10.0.46604.300)
AVM FRITZ!fax für FRITZ!Box (x32)
BlackBox Simulation - Airbus Xtreme (Prologue) (x32 Version: 0.60.1)
Cars 2 (x32 Version: 1.00.0000)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225)
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225)
CCC Help Czech (x32 Version: 2013.0328.2217.38225)
CCC Help Danish (x32 Version: 2013.0328.2217.38225)
CCC Help Dutch (x32 Version: 2013.0328.2217.38225)
CCC Help English (x32 Version: 2013.0328.2217.38225)
CCC Help Finnish (x32 Version: 2013.0328.2217.38225)
CCC Help French (x32 Version: 2013.0328.2217.38225)
CCC Help German (x32 Version: 2013.0328.2217.38225)
CCC Help Greek (x32 Version: 2013.0328.2217.38225)
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225)
CCC Help Italian (x32 Version: 2013.0328.2217.38225)
CCC Help Japanese (x32 Version: 2013.0328.2217.38225)
CCC Help Korean (x32 Version: 2013.0328.2217.38225)
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225)
CCC Help Polish (x32 Version: 2013.0328.2217.38225)
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225)
CCC Help Russian (x32 Version: 2013.0328.2217.38225)
CCC Help Spanish (x32 Version: 2013.0328.2217.38225)
CCC Help Swedish (x32 Version: 2013.0328.2217.38225)
CCC Help Thai (x32 Version: 2013.0328.2217.38225)
CCC Help Turkish (x32 Version: 2013.0328.2217.38225)
ccc-utility64 (Version: 2013.0328.2218.38225)
CCleaner (Version: 4.04)
City Bus Simulator 2010 - New York (x32 Version: 1.21)
City Bus Simulator 2010 - Regiobus Usedom (x32 Version: 1.10)
CPUID CPU-Z 1.60
D3DX10 (x32 Version: 15.4.2368.0902)
Defraggler (Version: 2.15)
Disney Planes (x32 Version: 1.00.0000)
dreamboxEDIT -- The one and only settings editor for your Dreambox (x32)
DreamStream E2 (x32 Version: 0.4.0 (Beta 14a))
Enigma TV (HKCU Version: 2.0.0.2)
ESET Online Scanner v3 (x32)
Euro-Fahrschule 2011 (x32 Version: 1.0)
F1 2011 (x32 Version: 1.0.0000.129)
F1 2011 (x32 Version: 1.0.0001.129)
F1 2011 (x32 Version: 1.0.0002.129)
F1 2012 (x32)
FIFA 13 (x32 Version: 1.1.0.0)
FLV Converter 3.5 (x32)
Foxit PDF Editor (x32)
Fraps (remove only) (x32)
Fresco Logic USB3.0 Host Controller (Version: 3.5.4.0)
FS Water Configurator 3.15
FS2Crew: Aerosoft Airbus X Voice Control (x32)
FS2Crew: Emergency NGX! (x32)
FS2Crew: PMDG 737 NGX Edition (x32)
FSC (x32 Version: 9.3)
FSrealWX lite version 1.07.1522 (x32 Version: 1.06.1475)
FSX Scenery ISTANBUL ATATURK AIRPORT (LTBA) (HKCU)
GIMP 2.6.11 (x32 Version: 2.6.11)
Global AI Traffic Para FSX Parte 1 (x32)
Global AI Traffic Para FSX Parte 2 (x32)
Google Chrome (HKCU Version: 31.0.1650.63)
Google Earth (x32 Version: 7.1.2.2041)
Google Talk Plugin (x32 Version: 4.9.1.16010)
Google Update Helper (x32 Version: 1.3.22.3)
HiJackThis (x32 Version: 1.0.0)
ICE AI Traffic Para FS2004 (x32 Version: 2.01.0006)
Java 7 Update 45 (x32 Version: 7.0.450)
Java 7 Update 9 (64-bit) (Version: 7.0.90)
Java Auto Updater (x32 Version: 2.1.9.8)
Java(TM) 6 Update 22 (x32 Version: 6.0.220)
Java(TM) 6 Update 30 (x32 Version: 6.0.300)
José Martí International Airport for FSX (x32)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558)
KLAX v1.1.2 for FSX (Version: 1.1.2)
Level-D 767-300 for FSX (HKCU)
Level-D Simulations 767-300 (x32)
Level-D Simulations 767-300 Update (x32)
London 2012: The Official Video Game of the Olympic Games (x32)
Majestic MJC8Q400 (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
marvell 91xx driver (x32 Version: 1.2.0.1014)
Mega Airport Dusseldorf (x32)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Flight Simulator 2004 A Century of Flight (x32 Version: 9.0)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (x32 Version: 10.0.61259.0)
Microsoft Flight Simulator X (x32 Version: 10.0.61355.0)
Microsoft Flight Simulator X Service Pack 1 (x32 Version: 10.0.61355.0)
Microsoft Flight Simulator X Service Pack 2 (x32 Version: 10.0.61472.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (x32 Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
mIRC (x32)
Mozilla Firefox 26.0 (x86 it) (x32 Version: 26.0)
Mozilla Maintenance Service (x32 Version: 26.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT Redists (x32 Version: 1.0)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MVP Cuba 2011 Update 3 (x32 Version: 3.0)
MyFreeCodec (HKCU)
MyWorld2004 LandClass 2005 (x32 Version: )
Need for Speed™ Most Wanted (x32)
OpenOffice.org 3.3 (x32 Version: 3.3.9567)
OpenVPN 2.2.2 (x32 Version: 2.2.2)
Parser MSXML 4.0 SP2 e SDK (x32 Version: 4.20.9818.0)
PMDG 737 6700 NGX RTM (x32 Version: 1.00.3219)
PMDG 737 8900 NGX (x32 Version: 1.00.3219)
PMDG 747-400 FS9 Update V1R12 (Unifies to FSX) (x32 Version: 1.12.0030)
PMDG 747-400/400F for FSX (x32 Version: 2.10.0040)
PMDG 747X World Airliners 2 v1.1b007 (HKCU)
PMDG 777-200LR/F Base Package FSX (x32 Version: 1.00.5376)
PMDG_747-400_Sound_Update (x32 Version: 1.00.000)
PMDG_MD11_FSX (x32 Version: 1.20.0055)
PMDG744X_GE_LH (x32 Version: 1.00.0000)
PMDG747_400 Queen of the Skies (x32 Version: 1.10.0000)
PMDG747_400F (x32 Version: 1.01.0000)
PMDGMD11X_GE_AZ (x32 Version: 1.00.0000)
Prepar3D (x32 Version: 1.4.4747.0)
Pro Cycling Manager - Stagione 2012 versione 1.3.0.0 (x32 Version: 1.3.0.0)
Protect Disc License Helper 1.0.125 (IE) (HKCU Version: 1.0.125)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14)
QuickTime (x32 Version: 7.64.17.73)
RAAS Professional by FS2Crew (LOCKED) (x32)
RAAS Professional by FS2Crew (UNLOCKED) (x32)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Real Environment Xtreme - Overdrive (x32 Version: 2.5.2010.0820)
Real Environment Xtreme - Overdrive (x32 Version: 2.5.2010.1027)
Real Environment Xtreme (x32 Version: 1.0.2008.1128)
Real Environment Xtreme FS2004 (x32 Version: 1.0.8)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6409)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6482)
Replay Media Catcher 4 (4.3.2) (x32 Version: 4.3.2)
REX Essential Plus (x32 Version: 3.1.2012.1028)
REX Essential Plus SP2 (Patch Only) (x32 Version: 3.3.2013.0715)
Samsung Kies (x32 Version: 2.5.2.13021_10)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.1500.0)
SceneryTech Asia Landclass v1.0 (x32 Version: 1.0)
SceneryTech Europe Landclass v1.1 (x32 Version: 1.1)
SceneryTech Indo-Pacific Landclass v1.0 (x32 Version: 1.0)
SceneryTech North America Landclass v1.4 (x32 Version: 1.4)
SceneryTech South America Landclass v1.0 (x32 Version: 1.0)
SetEditHD100 (remove only) (x32)
Shade (HKCU)
Shade 1.02 (HKCU)
SimLauncher (HKCU)
Skype™ 6.3 (x32 Version: 6.3.107)
SpeedFan (remove only) (x32)
Strumento di download in USB/DVD per Windows 7 (x32 Version: 1.0.30)
The KMPlayer (remove only) (x32)
Torino Genova Rel. 3.0 per RailWorks (x32)
TORREON for FSX (x32)
Total Commander 64-bit (Remove or Repair) (Version: 8.50 beta 3)
Tropico 3 1.00 (x32 Version: 1.00)
TS dreambox player (x32)
TSS Boeing 767 PW Sound (x32)
Ultimate Racer 3.0 version 30r2 (x32 Version: 30r2)
Varadero-Juan G Gomez International Airport for FSX (x32)
Viber (HKCU Version: 3.0.0.133634)
VLC media player 2.1.1 (x32 Version: 2.1.1)
VV Air - Black Box (x32 Version: 1.0.1010)
William Hill CASINO CLUB (x32)
Windows 7 USB/DVD Download Tool (x32 Version: 1.0.30)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
WinRAR archiver (x32)

==================== Restore Points  =========================

08-12-2013 15:41:30 Windows Update
12-12-2013 10:02:29 Windows Update
16-12-2013 10:48:30 Installed HiJackThis

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-10-19 16:35 - 00001140 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com
127.0.0.1 serial.alcohol-soft.com # alcohol 120% 
127.0.0.1 alcohol-soft.com # alcohol 120% 
127.0.0.1 images.alcohol-soft.com # alcohol 120% 
127.0.0.1 mermaidconsulting.dk # alcohol 120% 
127.0.0.1 195.137.236.101


==================== Scheduled Tasks (whitelisted) =============

Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => Rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => Rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
Task: {403AAE84-F91F-4330-A5F3-68B5D887DFB9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-19] (Google Inc.)
Task: {5563B059-6F06-4CCF-8211-53082A8E1401} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2140840013-835955819-1653817336-1001 => Rundll32.exe portabledeviceapi.dll,#1
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => Rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe aepdu.dll,AePduRunUpdate
Task: {A8D2BA73-F907-4E7B-9CF5-87EDD2F2D296} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2140840013-835955819-1653817336-1001Core => C:\Users\Luca\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-15] (Google Inc.)
Task: {B5538BE3-269A-4F26-8824-16C2284BAE16} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {C9E7B199-A654-43F5-BFB9-7830A1ED2893} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2140840013-835955819-1653817336-1001UA => C:\Users\Luca\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-15] (Google Inc.)
Task: {D1CBCC89-20F1-488D-A2CA-4BECED5A1FED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-19] (Google Inc.)
Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => Rundll32.exe /d acproxy.dll,PerformAutochkOperations
Task: {E09A5AC0-B2DF-4914-B452-A7318F3AC449} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => Rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => Rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
Task: {FCFF16B9-06C1-4498-ABB6-2D13AB2E1881} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2140840013-835955819-1653817336-1001Core.job => C:\Users\Luca\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2140840013-835955819-1653817336-1001UA.job => C:\Users\Luca\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-01-03 19:03 - 2005-06-07 12:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-03-28 21:30 - 2013-03-28 21:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2013-12-08 16:31 - 2013-12-08 16:31 - 14893056 _____ () C:\Users\Luca\AppData\Local\Viber\4.0.2.30\libViber.dll
2013-12-08 16:31 - 2013-12-08 16:31 - 00729088 _____ () C:\Users\Luca\AppData\Local\Viber\4.0.2.30\libGLESv2.dll
2013-12-08 16:31 - 2013-12-08 16:31 - 00049152 _____ () C:\Users\Luca\AppData\Local\Viber\4.0.2.30\libEGL.dll
2013-12-08 16:31 - 2013-12-08 16:31 - 00835584 _____ () C:\Users\Luca\AppData\Local\Viber\4.0.2.30\platforms\qwindows.dll
2013-12-08 16:31 - 2013-12-08 16:31 - 00024576 _____ () C:\Users\Luca\AppData\Local\Viber\4.0.2.30\imageformats\qgif.dll
2013-12-08 16:31 - 2013-12-08 16:31 - 00024576 _____ () C:\Users\Luca\AppData\Local\Viber\4.0.2.30\imageformats\qico.dll
2013-12-08 16:31 - 2013-12-08 16:31 - 00212992 _____ () C:\Users\Luca\AppData\Local\Viber\4.0.2.30\imageformats\qjpeg.dll
2013-12-08 16:31 - 2013-12-08 16:31 - 00221184 _____ () C:\Users\Luca\AppData\Local\Viber\4.0.2.30\imageformats\qmng.dll
2013-12-08 16:31 - 2013-12-08 16:31 - 00016384 _____ () C:\Users\Luca\AppData\Local\Viber\4.0.2.30\imageformats\qsvg.dll
2013-12-08 16:31 - 2013-12-08 16:31 - 00016384 _____ () C:\Users\Luca\AppData\Local\Viber\4.0.2.30\imageformats\qtga.dll
2013-12-08 16:31 - 2013-12-08 16:31 - 00278528 _____ () C:\Users\Luca\AppData\Local\Viber\4.0.2.30\imageformats\qtiff.dll
2013-12-08 16:31 - 2013-12-08 16:31 - 00016384 _____ () C:\Users\Luca\AppData\Local\Viber\4.0.2.30\imageformats\qwbmp.dll
2013-12-08 16:31 - 2013-12-08 16:31 - 00622592 _____ () C:\Users\Luca\AppData\Local\Viber\4.0.2.30\sqldrivers\qsqlite.dll
2012-12-20 18:20 - 2012-12-20 18:20 - 00068616 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\QtWebKit\qmlwebkitplugin4.dll
2013-12-12 13:06 - 2013-12-12 13:06 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF
AlternateDataStreams: C:\ProgramData\TEMP:08948D52
AlternateDataStreams: C:\ProgramData\TEMP:74603393

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: D-Link DWA-111 Wireless G USB Adapter
Description: D-Link DWA-111 Wireless G USB Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: D-Link Corporation
Service: netr7364
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/16/2013 01:16:20 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Impossibile estrarre l'elenco radice di terze parti dal file CAB di aggiornamento automatico in <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> a causa dell'errore seguente: Un certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.
.

Error: (12/16/2013 01:06:40 PM) (Source: Application Error) (User: )
Description: Impossibile accedere al file  per uno dei motivi seguenti: 
Si è verificato un problema relativo alla connessione di rete, al disco in cui è archiviato il file o ai driver
di archiviazione installati nel computer oppure il disco è assente.
Il programma Adobe Reader è stato chiuso a causa dell'errore.

Programma: Adobe Reader
File: 

Il valore dell'errore è indicato nella sezione Dati aggiuntivi.
Azione utente
1. Aprire nuovamente il file.
Potrebbe trattarsi di un problema temporaneo che si risolverà automaticamente rieseguendo il programma.
2.
Se il file risulta comunque non accessibile e:
	- Si trova in rete,
è necessario che l'amministratore della rete verifichi la presenza di eventuali problemi di rete e che sia possibile contattare il server.
	- Si trova in un disco rimovibile, ad esempio un disco floppy o un CD, verificare che il disco sia inserito correttamente nel computer.
3. Controllare e ripristinare il file system eseguendo CHKDSK. Per eseguire CHKDSK, fare clic sul pulsante Start, scegliere Esegui, digitare CMD, quindi scegliere OK. Al prompt dei comandi, digitare CHKDSK /F, quindi premere INVIO.
4. Se il problema persiste, ripristinare il file da una copia di backup.
5. Determinare se è possibile aprire altri file nello stesso disco. Se non è possibile, il disco potrebbe essere danneggiato. Se si tratta di un disco rigido, contattare l'amministratore o il fornitore dell'hardware
del computer per ottenere assistenza.

Dati aggiuntivi
Valore errore: 00000000
Tipo disco: 0

Error: (12/16/2013 01:06:40 PM) (Source: Application Error) (User: )
Description: Nome dell'applicazione che ha generato l'errore: AcroRd32.exe, versione: 10.1.8.24, timestamp: 0x5225d462
Nome del modulo che ha generato l'errore: ntdll.dll, versione: 6.1.7601.17514, timestamp: 0x4ce7ba58
Codice eccezione: 0xc000001d
Offset errore 0x00000082
ID processo che ha generato l'errore: 0x1578
Ora di avvio dell'applicazione che ha generato l'errore: 0xAcroRd32.exe0
Percorso dell'applicazione che ha generato l'errore: AcroRd32.exe1
Percorso del modulo che ha generato l'errore: AcroRd32.exe2
ID segnalazione: AcroRd32.exe3

Error: (12/16/2013 01:06:32 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Impossibile estrarre l'elenco radice di terze parti dal file CAB di aggiornamento automatico in <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> a causa dell'errore seguente: Un certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.
.

Error: (12/16/2013 01:06:32 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Impossibile estrarre l'elenco radice di terze parti dal file CAB di aggiornamento automatico in <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> a causa dell'errore seguente: Un certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.
.

Error: (12/16/2013 01:06:32 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Impossibile estrarre l'elenco radice di terze parti dal file CAB di aggiornamento automatico in <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> a causa dell'errore seguente: Un certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.
.

Error: (12/16/2013 01:06:32 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Impossibile estrarre l'elenco radice di terze parti dal file CAB di aggiornamento automatico in <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> a causa dell'errore seguente: Un certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.
.

Error: (12/16/2013 01:06:32 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Impossibile estrarre l'elenco radice di terze parti dal file CAB di aggiornamento automatico in <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> a causa dell'errore seguente: Un certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.
.

Error: (12/16/2013 00:51:10 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Impossibile estrarre l'elenco radice di terze parti dal file CAB di aggiornamento automatico in <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> a causa dell'errore seguente: Un certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.
.

Error: (12/16/2013 00:50:45 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Impossibile estrarre l'elenco radice di terze parti dal file CAB di aggiornamento automatico in <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> a causa dell'errore seguente: Un certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.
.


System errors:
=============
Error: (12/16/2013 00:24:52 PM) (Source: Service Control Manager) (User: )
Description: Servizio Listener Gruppo Home terminato. Errore specifico del servizio %%-2147023143.

Error: (12/16/2013 00:23:51 PM) (Source: Service Control Manager) (User: )
Description: All'avvio non è stato possibile caricare i seguenti driver: 
hwinterface

Error: (12/16/2013 00:23:51 PM) (Source: Service Control Manager) (User: )
Description: Il servizio AODDriver4.2 non è stato avviato per il seguente errore: 
%%2

Error: (12/16/2013 00:23:47 PM) (Source: Service Control Manager) (User: )
Description: Il servizio AODDriver4.2 non è stato avviato per il seguente errore: 
%%2

Error: (12/16/2013 00:23:29 PM) (Source: Application Popup) (User: )
Description: Caricamento del driver \SystemRoot\SysWow64\Drivers\hwinterface.sys bloccato a causa di incompatibilità con il sistema in uso. Rivolgersi al fornitore del software per richiedere una versione compatibile del driver.

Error: (12/16/2013 00:15:20 PM) (Source: Microsoft Antimalware) (User: )
Description: %%8603.0.8402.01.163.2007.07%%859NT AUTHORITYSYSTEMS-1-5-181%%8001%%8031.1.10100.00x80070422Impossibile avviare il servizio. Il servizio è disabilitato oppure non è associato ad alcun dispositivo attivo. 1%%852Default URL

Error: (12/16/2013 11:51:52 AM) (Source: Service Control Manager) (User: )
Description: Servizio Listener Gruppo Home terminato. Errore specifico del servizio %%-2147023143.

Error: (12/16/2013 11:50:52 AM) (Source: Service Control Manager) (User: )
Description: All'avvio non è stato possibile caricare i seguenti driver: 
hwinterface

Error: (12/16/2013 11:50:52 AM) (Source: Service Control Manager) (User: )
Description: Il servizio AODDriver4.2 non è stato avviato per il seguente errore: 
%%2

Error: (12/16/2013 11:50:51 AM) (Source: Service Control Manager) (User: )
Description: Il servizio AODDriver4.2 non è stato avviato per il seguente errore: 
%%2


Microsoft Office Sessions:
=========================
Error: (12/16/2013 01:16:20 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabUn certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.

Error: (12/16/2013 01:06:40 PM) (Source: Application Error)(User: )
Description: Adobe Reader000000000

Error: (12/16/2013 01:06:40 PM) (Source: Application Error)(User: )
Description: AcroRd32.exe10.1.8.245225d462ntdll.dll6.1.7601.175144ce7ba58c000001d00000082157801cefa5745ae0fc7C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exeC:\Windows\SysWOW64\ntdll.dll84f24dbf-664a-11e3-b809-0025228779ad

Error: (12/16/2013 01:06:32 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabUn certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.

Error: (12/16/2013 01:06:32 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabUn certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.

Error: (12/16/2013 01:06:32 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabUn certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.

Error: (12/16/2013 01:06:32 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabUn certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.

Error: (12/16/2013 01:06:32 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabUn certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.

Error: (12/16/2013 00:51:10 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabUn certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.

Error: (12/16/2013 00:50:45 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabUn certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.


CodeIntegrity Errors:
===================================
  Date: 2013-01-27 12:06:22.595
  Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume4\Program Files (x86)\Slotman\gwiopm.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.

  Date: 2013-01-27 12:06:22.559
  Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume4\Program Files (x86)\Slotman\gwiopm.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.

  Date: 2012-01-05 12:55:14.686
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\System32\user32.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

  Date: 2012-01-05 12:42:36.206
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\System32\user32.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

  Date: 2012-01-05 12:25:25.328
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\System32\user32.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

  Date: 2012-01-05 11:36:31.661
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\System32\user32.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

  Date: 2012-01-05 11:00:42.264
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\System32\user32.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

  Date: 2012-01-05 10:07:04.373
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\System32\user32.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

  Date: 2012-01-05 09:50:45.891
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\System32\user32.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

  Date: 2012-01-04 21:26:13.468
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\System32\user32.dll. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.


==================== Memory info =========================== 

Percentage of memory in use: 29%
Total physical RAM: 8191.3 MB
Available physical RAM: 5735.95 MB
Total Pagefile: 16388.79 MB
Available Pagefile: 13507.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:5.5 GB) NTFS
Drive d: (Volume) (Fixed) (Total:111.79 GB) (Free:19.56 GB) NTFS
Drive e: (Volume) (Fixed) (Total:149.05 GB) (Free:61.73 GB) NTFS
Drive f: (ALFREDO III) (Fixed) (Total:596.17 GB) (Free:139.25 GB) NTFS
Drive g: (Disney_Planes) (CDROM) (Total:5.61 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 112 GB) (Disk ID: E8000000)
Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 75AF07C7)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: E4F96D1E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 596 GB) (Disk ID: D238D28B)
Partition 1: (Not Active) - (Size=596 GB) - (Type=07 NTFS)

==================== End Of Log ============================
__________________
Alt 17.12.2013, 09:36   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Kann Antivirus nicht Aktualisieren und öffnen - Standard

Kann Antivirus nicht Aktualisieren und öffnen


Tools immer vom Desktop laufen lassen.


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Kann Antivirus nicht Aktualisieren und öffnen
aktualisieren, anhang, antivirus, automatisch, datei, deinstalliert, email, essen, fehlermeldung, fotos, freundin, hallo zusammen, installation, kaspersky, komplett, latein, microsoft, problem, security, tagen, taskleiste, titel, update, zusammen, öffnen


« PC extrem verlangsamt /heiß /schaltet von selbst ab /SVCHOST 100% ausgelastet | Wie kann ich Nationzoom entfernen? »


Ähnliche Themen: Kann Antivirus nicht Aktualisieren und öffnen


  1. Avira und Spybot lassen sich nicht aktualisieren, Windows-Update geht nicht.
    Plagegeister aller Art und deren Bekämpfung - 02.06.2015 (27)
  2. Kann Flash player nicht installieren weil Antivirus es nicht zulässt obwohl nicht vorhanden ?
    Alles rund um Windows - 26.10.2014 (8)
  3. Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen
    Log-Analyse und Auswertung - 09.09.2014 (13)
  4. in PPopup vom flash Player: Seite kann nicht angezeigt werden! Aktualisieren sie Player auf die neueste Version!
    Plagegeister aller Art und deren Bekämpfung - 26.06.2014 (21)
  5. Firefox Popup: Seite kann nicht angezeigt werden , aktualisieren Sie ihren Player
    Plagegeister aller Art und deren Bekämpfung - 21.06.2014 (12)
  6. popup:Seite kann nicht angezeigt werden - aktualisieren sie flash Player aud die neueste version
    Plagegeister aller Art und deren Bekämpfung - 17.06.2014 (37)
  7. popup: Seite kann nicht angezeigt werden - aktualisieren sie Player auf die neueste version
    Plagegeister aller Art und deren Bekämpfung - 13.06.2014 (5)
  8. Trojan.ADH.2 Norton AntiVirus kann nicht entfernen
    Log-Analyse und Auswertung - 27.05.2014 (11)
  9. Windows 8: Guter ping. Kann jedoch keine Webseite öffnen im Browser öffnen|Steamshop geht auch nicht
    Plagegeister aller Art und deren Bekämpfung - 26.05.2014 (20)
  10. System Care Antivirus kann nicht entfernt werden
    Log-Analyse und Auswertung - 24.05.2013 (20)
  11. Programme lassen sich nicht öffnen!inkl. Systemsteuerung Norton antivirus ist komplett blockiert
    Plagegeister aller Art und deren Bekämpfung - 26.01.2012 (5)
  12. Trojahner kann nicht gelöscht werden. Googleseiten lassen sich nicht öffnen
    Plagegeister aller Art und deren Bekämpfung - 29.07.2010 (1)
  13. Sämtliche antivirus software aktualisieren nicht!
    Antiviren-, Firewall- und andere Schutzprogramme - 08.11.2009 (3)
  14. Web-Antivirus auf dem PC, der nicht gelöscht werden kann?
    Log-Analyse und Auswertung - 16.09.2009 (1)
  15. Kann C nicht öffnen - Recycler.../Anti-Malwareprogramme starten nicht
    Plagegeister aller Art und deren Bekämpfung - 31.03.2009 (29)
  16. Links öffnen nicht, antivirus 2008
    Log-Analyse und Auswertung - 30.08.2008 (3)
  17. Kann Spybot nicht aktualisieren
    Antiviren-, Firewall- und andere Schutzprogramme - 19.05.2005 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Kann Antivirus nicht Aktualisieren und öffnen - Hallo zusammen, habe ein Problem mit den PC von meiner Frau Erstens, immer wenn ich den einschalte kommt automatisch die Installation von Havij 1.15 Free.exe . Darauf hin, wollte ich - Kann Antivirus nicht Aktualisieren und öffnen...
Archiv
Du betrachtest: Kann Antivirus nicht Aktualisieren und öffnen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129