FreeFixer v1.07 log
http://www.freefixer.com/
Operating system: Windows 7 Service Pack 1
Log dated 2013-10-24 08:24
Browser Helper Objects
64-bit, {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}, , (no file specified)
64-bit, {DBC80044-A445-435b-BC74-9C25C1C588A9}, , (no file specified)
Basic Internet Explorer settings
HKLM\..\Main, Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
Registry Startups (3 whitelisted)
HKLM\..Wow6432Node..\Run, Display = C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe
HKLM\..Wow6432Node..\Run, emsisoft anti-malware = "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60
HKCU\..\Run, SandboxieControl = "C:\Program Files\Sandboxie\SbieCtrl.exe"
Autostart shortcuts
APC UPS Status.lnk, , C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe
Samsung Magician.lnk, , C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
Processes (34 whitelisted)
C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
Error enumerating modules using 'EnumProcessModules'. System error message: Accesso negato. Error code: 5.
C:\Program Files\Sandboxie\SbieSvc.exe
Error enumerating modules using 'EnumProcessModules'. System error message: Accesso negato. Error code: 5.
C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
Error enumerating modules using 'EnumProcessModules'. System error message: Accesso negato. Error code: 5.
C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
Error enumerating modules using 'EnumProcessModules'. System error message: Accesso negato. Error code: 5.
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Error enumerating modules using 'EnumProcessModules'. System error message: Accesso negato. Error code: 5.
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
Error enumerating modules using 'EnumProcessModules'. System error message: Accesso negato. Error code: 5.
C:\Program Files\Sandboxie\SbieSvc.exe
Error enumerating modules using 'EnumProcessModules'. System error message: Accesso negato. Error code: 5.
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Sandbox\User\DefaultBox\drive\C\Program Files\FreeFixer\freefixer.exe
C:\Program Files\Sandboxie\SandboxieCrypto.exe
Application modules (102 whitelisted)
C:\Program Files\FreeFixer\freefixer.exe
C:\Program Files\Sandboxie\SbieDll.dll
C:\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll
Services (40 whitelisted)
a2AntiMalware, Emsisoft Anti-Malware 7.0 - Service, c:\program files (x86)\emsisoft anti-malware\a2service.exe
APC Data Service, APC Data Service, c:\program files (x86)\apc\powerchute personal edition\dataserv.exe
APC UPS Service, APC UPS Service, c:\program files (x86)\apc\powerchute personal edition\mainserv.exe
clr_optimization_v4.0.30319_32, Microsoft .NET Framework NGEN v4.0.30319_X86, c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
clr_optimization_v4.0.30319_64, Microsoft .NET Framework NGEN v4.0.30319_X64, c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe
IAStorDataMgrSvc, Intel(R) Rapid Storage Technology, c:\program files\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe
jhi_service, Intel(R) Dynamic Application Loader Host Interface Service, c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe
SbieSvc, Sandboxie Service, c:\program files\sandboxie\sbiesvc.exe
Explorer.exe Modules (161 whitelisted)
C:\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll
Dllhost.exe Modules (38 whitelisted)
C:\Program Files\Sandboxie\SbieDll.dll
C:\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll
Drivers (64 whitelisted)
A2DDA, A2 Direct Disk Access Support Driver, c:\program files (x86)\emsisoft anti-malware\a2ddax64.sys
a2injectiondriver, a2injectiondriver, c:\program files (x86)\emsisoft anti-malware\a2dix64.sys
a2util, a-squared Malware-IDS utility driver, c:\program files (x86)\emsisoft anti-malware\a2util64.sys
asahci64, , C:\Windows\system32\drivers\asahci64.sys
AsIO, AsIO, syswow64\drivers\asio.sys (file is missing)
AsUpIO, AsUpIO, syswow64\drivers\asupio.sys (file is missing)
iaStorA, , C:\Windows\system32\drivers\iastora.sys
iaStorF, , C:\Windows\system32\drivers\iastorf.sys
mmkbd, Dritek USB HID Device Filter Driver, syswow64\drivers\mmkbd.sys (file is missing)
Firefox Extensions
WOT, c:\users\user\appdata\roaming\mozilla\firefox\profiles\mic997h7.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}\install.rdf
Ghostery, c:\users\user\appdata\roaming\mozilla\firefox\profiles\mic997h7.default\extensions\firefox@ghostery.com.xpi
NoScript, c:\users\user\appdata\roaming\mozilla\firefox\profiles\mic997h7.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
Adblock Plus, c:\users\user\appdata\roaming\mozilla\firefox\profiles\mic997h7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
BetterPrivacy, c:\users\user\appdata\roaming\mozilla\firefox\profiles\mic997h7.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
The following errors occurred during the scan:
An unexpected exception occurred in the Recently Modified Files Plugin:
Failed to duplicate handle using 'DuplicateHandle' while unlocking file. Unlocking file: 'c:\Sandbox\User\DefaultBox\drive\C\pagefile.sys'. Handle: 00000000000010CC. Process id: 3340. Process full path: C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe. System error message: Accesso negato. Error code: 5.
An unexpected exception occurred in the Csrss.exe Memory Scan Plugin:
Error when trying open a process from a process id using the 'OpenProcess' system call.
processId: 460.
inherit: 0.
desiredAccess: 1040.
System error message: Accesso negato. Error code: 5.
An unexpected exception occurred in the Scheduled Task Scan Plugin:
Failed to get folders. HRESULT = 0x80070032.
End of FreeFixer log
http://www.freefixer.com/
Operating system: Windows 7 Service Pack 1
Log dated 2013-10-24 08:24
Browser Helper Objects
64-bit, {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}, , (no file specified)
64-bit, {DBC80044-A445-435b-BC74-9C25C1C588A9}, , (no file specified)
Basic Internet Explorer settings
HKLM\..\Main, Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
Registry Startups (3 whitelisted)
HKLM\..Wow6432Node..\Run, Display = C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe
HKLM\..Wow6432Node..\Run, emsisoft anti-malware = "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60
HKCU\..\Run, SandboxieControl = "C:\Program Files\Sandboxie\SbieCtrl.exe"
Autostart shortcuts
APC UPS Status.lnk, , C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe
Samsung Magician.lnk, , C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
Processes (34 whitelisted)
C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
Error enumerating modules using 'EnumProcessModules'. System error message: Accesso negato. Error code: 5.
C:\Program Files\Sandboxie\SbieSvc.exe
Error enumerating modules using 'EnumProcessModules'. System error message: Accesso negato. Error code: 5.
C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
Error enumerating modules using 'EnumProcessModules'. System error message: Accesso negato. Error code: 5.
C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
Error enumerating modules using 'EnumProcessModules'. System error message: Accesso negato. Error code: 5.
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Error enumerating modules using 'EnumProcessModules'. System error message: Accesso negato. Error code: 5.
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
Error enumerating modules using 'EnumProcessModules'. System error message: Accesso negato. Error code: 5.
C:\Program Files\Sandboxie\SbieSvc.exe
Error enumerating modules using 'EnumProcessModules'. System error message: Accesso negato. Error code: 5.
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Sandbox\User\DefaultBox\drive\C\Program Files\FreeFixer\freefixer.exe
C:\Program Files\Sandboxie\SandboxieCrypto.exe
Application modules (102 whitelisted)
C:\Program Files\FreeFixer\freefixer.exe
C:\Program Files\Sandboxie\SbieDll.dll
C:\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll
Services (40 whitelisted)
a2AntiMalware, Emsisoft Anti-Malware 7.0 - Service, c:\program files (x86)\emsisoft anti-malware\a2service.exe
APC Data Service, APC Data Service, c:\program files (x86)\apc\powerchute personal edition\dataserv.exe
APC UPS Service, APC UPS Service, c:\program files (x86)\apc\powerchute personal edition\mainserv.exe
clr_optimization_v4.0.30319_32, Microsoft .NET Framework NGEN v4.0.30319_X86, c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
clr_optimization_v4.0.30319_64, Microsoft .NET Framework NGEN v4.0.30319_X64, c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe
IAStorDataMgrSvc, Intel(R) Rapid Storage Technology, c:\program files\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe
jhi_service, Intel(R) Dynamic Application Loader Host Interface Service, c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe
SbieSvc, Sandboxie Service, c:\program files\sandboxie\sbiesvc.exe
Explorer.exe Modules (161 whitelisted)
C:\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll
Dllhost.exe Modules (38 whitelisted)
C:\Program Files\Sandboxie\SbieDll.dll
C:\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll
Drivers (64 whitelisted)
A2DDA, A2 Direct Disk Access Support Driver, c:\program files (x86)\emsisoft anti-malware\a2ddax64.sys
a2injectiondriver, a2injectiondriver, c:\program files (x86)\emsisoft anti-malware\a2dix64.sys
a2util, a-squared Malware-IDS utility driver, c:\program files (x86)\emsisoft anti-malware\a2util64.sys
asahci64, , C:\Windows\system32\drivers\asahci64.sys
AsIO, AsIO, syswow64\drivers\asio.sys (file is missing)
AsUpIO, AsUpIO, syswow64\drivers\asupio.sys (file is missing)
iaStorA, , C:\Windows\system32\drivers\iastora.sys
iaStorF, , C:\Windows\system32\drivers\iastorf.sys
mmkbd, Dritek USB HID Device Filter Driver, syswow64\drivers\mmkbd.sys (file is missing)
Firefox Extensions
WOT, c:\users\user\appdata\roaming\mozilla\firefox\profiles\mic997h7.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}\install.rdf
Ghostery, c:\users\user\appdata\roaming\mozilla\firefox\profiles\mic997h7.default\extensions\firefox@ghostery.com.xpi
NoScript, c:\users\user\appdata\roaming\mozilla\firefox\profiles\mic997h7.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
Adblock Plus, c:\users\user\appdata\roaming\mozilla\firefox\profiles\mic997h7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
BetterPrivacy, c:\users\user\appdata\roaming\mozilla\firefox\profiles\mic997h7.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
The following errors occurred during the scan:
An unexpected exception occurred in the Recently Modified Files Plugin:
Failed to duplicate handle using 'DuplicateHandle' while unlocking file. Unlocking file: 'c:\Sandbox\User\DefaultBox\drive\C\pagefile.sys'. Handle: 00000000000010CC. Process id: 3340. Process full path: C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe. System error message: Accesso negato. Error code: 5.
An unexpected exception occurred in the Csrss.exe Memory Scan Plugin:
Error when trying open a process from a process id using the 'OpenProcess' system call.
processId: 460.
inherit: 0.
desiredAccess: 1040.
System error message: Accesso negato. Error code: 5.
An unexpected exception occurred in the Scheduled Task Scan Plugin:
Failed to get folders. HRESULT = 0x80070032.
End of FreeFixer log
Queste sono le more info:
http://www.freefixer.com/library/regkey/102305/?s=ff
http://www.freefixer.com/library/regkey/113552/?s=ff
http://www.freefixer.com/library/regkey/105703/?s=ff
ATTENZIONE !!!
Io ho una scheda madre ASUS Sabertoot X79, avevo installato i programmi di ASUS, poi li ho eliminati visto che la maggior parte delle funzioni si possono gestire dal BIOS UEFI.
Re: Log FreeFixed v.1.07
