Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Chrome: always redirected to "tracking.syncedvision.com"


  • This topic is locked This topic is locked
18 replies to this topic

#1 ale27

ale27

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:39 AM

Posted 27 June 2014 - 04:09 PM

Hi all,

I really need help with an issue in Google Chrome that I'm not able to eliminate. Since a week or 2 i can't browse the internet anymore with Chrome because in every page I open I can't click any link. No matter where I click in the page i get redirected to "tracking.syncedvision.com" then to the final site that is "http://lp.starvegas.it/?page=v02&lang=it&curr=eur&camp=slots&header=slots&lang=it&cid=55807&pid=16797&afid=google.com%2fforum%2f%23!topic%2fgmail-it%2fgWZJjNR5adk%2fdiscussion" .

I already searched the forum for similar problems/threads and tryed some of the recommended software but nothing changed.

I tryed many antivirus, antispyware every software I could knew but the problem is still here.

I tryed also to reset all the chrome cookies and navigation data, but nothing.

If I use Firefox all is normal.

I'm going to paste here the DDS.txt hoping someone could really help:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17126  BrowserJavaVersion: 10.60.2
Run by Alessandro at 22:47:06 on 2014-06-27
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.39.1040.18.8142.3854 [GMT 2:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe
C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\vmnat.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\QNAP\NetBak\Enclosure.exe
C:\Program Files (x86)\QNAP\Finder\iSCSIAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Users\Alessandro\AppData\Roaming\Dashlane\Dashlane.exe
C:\Users\Alessandro\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\UltraMon\UltraMon.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\QNAP\NetBak\NetBak.exe
C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.it/
uDefault_Search_URL = hxxp://www.google.com
uProxyOverride = local
mSearchAssistant = about:blank
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Guida per l'accesso a Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Dashlane Toolbar: {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Alessandro\AppData\Roaming\Dashlane\ie\KWIEBar.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
uRun: [Dashlane] "C:\Users\Alessandro\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup
uRun: [MusicManager] "C:\Users\Alessandro\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\UltraMon.lnk - C:\Windows\Installer\{537056B7-32A4-4408-9B54-0341963C7C9C}\IcoUltraMon.ico
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&sporta in Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: Interfaces\{356A62A2-2178-4F09-9C89-88A3DB8713AA} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{53F37D08-EB97-4AB9-A891-4E7798BE8CFA} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{CC212592-50AA-468C-AB9F-E8E4AE7A643C} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: LBTWlgn - <no file>
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Alessandro\AppData\Roaming\Mozilla\Firefox\Profiles\cz5cx433.default\
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Users\Alessandro\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
.
============= SERVICES / DRIVERS ===============
.
R0 vsock;vSockets Driver;C:\Windows\System32\drivers\vsock.sys [2014-5-4 73296]
R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2011-3-12 21992]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-3-12 13336]
R2 MSI_SuperCharger;MSI_SuperCharger;C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-3-2 138768]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-2 1617696]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-7 21007192]
R2 Popcorn Time Updater;Popcorn Time Updater;C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe [2014-6-26 210944]
R2 RzKLService;RzKLService;C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2013-10-5 106472]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-3-12 1153368]
R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2011-3-12 11576]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-5-28 413128]
R2 UltraMonUtility;UltraMon Utility Driver;C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [2008-11-14 20512]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2014-2-27 906432]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\System32\drivers\ladfGSCamd64.sys [2011-4-11 410184]
R3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\System32\drivers\ladfGSRamd64.sys [2011-4-11 341832]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2013-5-23 77592]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2013-5-23 13080]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-6-18 25816]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2012-1-6 32344]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2011-7-29 97040]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2012-3-2 14136]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-5-28 18776]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-5-28 40392]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-12-5 849992]
R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2014-4-9 39080]
R3 rzjstk;Razer Virtual Joystick Driver;C:\Windows\System32\drivers\rzjstk.sys [2014-4-9 27816]
R3 rzkeypadendpt;Razer Keypad Endpoint;C:\Windows\System32\drivers\rzkeypadendpt.sys [2013-11-15 32936]
R3 rzudd;Razer Keyboard Driver;C:\Windows\System32\drivers\rzudd.sys [2014-4-9 154792]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-6-18 860472]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-8-20 103576]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-12-27 135584]
S3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\Windows\System32\drivers\hitmanpro37.sys [2014-2-27 32512]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-10 111616]
S3 ipadtst;ipadtst;C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [2012-3-2 17936]
S3 LADF_BakerCOnly;BakerC Filter Driver;C:\Windows\System32\drivers\ladfBakerCamd64.sys [2010-10-17 363224]
S3 LADF_BakerROnly;BakerR Filter Driver;C:\Windows\System32\drivers\ladfBakerRamd64.sys [2010-10-17 334552]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-6-18 63704]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-4-9 289256]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-8-2 22528]
S3 NTIOLib_1_0_1;NTIOLib_1_0_1;C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [2011-3-13 14136]
S3 NTIOLib_1_0_6;NTIOLib_1_0_6;C:\Program Files (x86)\Setup Files\Ms7681v1H0\NTIOLib_X64.sys [2011-1-6 11888]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2013-1-23 13368]
S3 rzjoystk;Razer VJoystick;C:\Windows\System32\drivers\rzjoystk.sys [2011-3-24 19968]
S3 RzSynapse;Razer Driver;C:\Windows\System32\drivers\RzSynapse.sys [2011-7-14 157184]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;C:\Windows\System32\drivers\silabenm.sys [2013-12-28 27336]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;C:\Windows\System32\drivers\silabser.sys [2013-12-28 71168]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-8-20 204568]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2013-3-18 54784]
S3 usbUDisc;usbUDisc;C:\Windows\System32\drivers\USBDrv_AMD64.sys [2013-5-3 17280]
S3 WatAdminSvc;Servizio Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-12 1255736]
S3 WSDScan;Supporto digitalizzazione WSD tramite UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
S4 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-6-18 1809720]
.
=============== Created Last 30 ================
.
2014-06-27 20:11:45 -------- d-----w- C:\Users\Alessandro\AppData\Local\{AE62722C-5119-4DF7-8742-B33839A26D74}
2014-06-27 17:54:52 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{40743AF7-D20D-4AF5-9E02-5D5D30DABA21}\mpengine.dll
2014-06-27 17:52:00 -------- d-----w- C:\Users\Alessandro\AppData\Local\Adobe
2014-06-26 20:43:32 -------- d-----w- C:\Program Files\McAfee Security Scan
2014-06-26 20:42:13 -------- d-----w- C:\ProgramData\McAfee Security Scan
2014-06-26 17:49:48 -------- d-----w- C:\Program Files (x86)\Popcorn Time
2014-06-25 22:38:53 -------- d-----w- C:\FRST
2014-06-25 22:33:09 -------- d-----w- C:\Windows\ERUNT
2014-06-20 20:26:35 -------- d-sh--w- C:\$RECYCLE.BIN
2014-06-18 21:30:56 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-18 21:30:49 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-18 21:30:49 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-06-18 21:30:49 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-06-18 21:30:49 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-18 21:00:34 -------- d-----w- C:\Users\Alessandro\AppData\Local\CrashDumps
2014-06-18 20:58:06 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-06-18 20:53:14 -------- d-----w- C:\AdwCleaner
2014-06-18 20:44:56 -------- d-----w- C:\ProgramData\RogueKiller
2014-06-16 20:52:58 -------- d-----w- C:\ProgramData\Malwarebytes
2014-06-10 20:20:09 506368 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-10 20:20:09 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-28 21:10:30 601432 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
.
==================== Find3M  ====================
.
2014-06-26 20:42:11 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-26 20:42:11 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-05-20 01:25:42 6769096 ----a-w- C:\Windows\System32\nvcpl.dll
2014-05-20 01:25:42 3514144 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-05-20 01:25:39 927520 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-05-20 01:25:38 62808 ----a-w- C:\Windows\System32\nvshext.dll
2014-05-20 01:25:38 387528 ----a-w- C:\Windows\System32\nvmctray.dll
2014-05-20 01:25:38 2560968 ----a-w- C:\Windows\System32\nvsvcr.dll
2014-05-14 23:49:42 3774821 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-05-08 09:32:02 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-05-07 13:02:43 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-30 18:27:16 1081112 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-04-30 18:26:54 1225920 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-04-14 14:41:38 359128 ----a-w- C:\Windows\SysWow64\vmnetdhcp.exe
2014-04-14 14:41:38 31448 ----a-w- C:\Windows\System32\drivers\vmnetuserif.sys
2014-04-14 14:41:30 437976 ----a-w- C:\Windows\SysWow64\vmnat.exe
2014-04-14 14:41:24 931032 ----a-w- C:\Windows\System32\vnetlib64.dll
2014-04-14 14:41:22 64728 ----a-w- C:\Windows\System32\drivers\vmx86.sys
2014-04-14 14:40:42 80464 ----a-w- C:\Windows\System32\vmnetbridge.dll
2014-04-14 14:40:42 49232 ----a-w- C:\Windows\System32\vnetinst.dll
2014-04-14 14:40:42 46160 ----a-w- C:\Windows\System32\drivers\vmnetbridge.sys
2014-04-14 14:40:42 24656 ----a-w- C:\Windows\System32\drivers\vmnet.sys
2014-04-14 14:40:42 20560 ----a-w- C:\Windows\System32\drivers\vmnetadapter.sys
2014-04-14 14:40:40 33496 ----a-w- C:\Windows\System32\drivers\VMkbd.sys
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-09 13:13:00 489064 ----a-w- C:\SecurityScanner.dll
2014-04-09 02:52:48 27816 ----a-w- C:\Windows\System32\drivers\rzjstk.sys
2014-04-09 02:52:44 39080 ----a-w- C:\Windows\System32\drivers\rzendpt.sys
2014-04-09 02:52:44 154792 ----a-w- C:\Windows\System32\drivers\rzudd.sys
2014-04-09 02:24:32 88576 ----a-w- C:\Windows\SysWow64\rzdevinfo.dll
2014-04-09 02:24:32 154624 ----a-w- C:\Windows\SysWow64\rztouchdll.dll
2014-04-09 02:24:30 117248 ----a-w- C:\Windows\SysWow64\rzdisplaydll.dll
2014-04-09 02:24:28 856576 ----a-w- C:\Windows\SysWow64\rzdevicedll.dll
2014-04-09 02:24:28 306688 ----a-w- C:\Windows\SysWow64\rzaudiodll.dll
2014-04-05 02:47:20 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-04-05 02:47:09 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-04-01 13:22:32 38400 ----a-w- C:\Windows\System32\drivers\csrbcx64.sys
2014-03-31 16:42:44 40392 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2014-03-31 16:42:42 37320 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2014-03-31 16:42:40 34760 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2014-03-31 07:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
2013-01-10 12:26:50 44 ---h--w- C:\Program Files (x86)\68dce621.tmp
2011-11-10 16:45:03 81408 ----a-w- C:\Program Files (x86)\Simpack.exe
2011-11-10 16:45:03 75264 ----a-w- C:\Program Files (x86)\zlib1.dll
.
============= FINISH: 22:47:13,90 ===============


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,732 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:39 PM

Posted 02 July 2014 - 04:10 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/539233 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 ale27

ale27
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:39 AM

Posted 03 July 2014 - 03:08 PM

Hi, I still need help.

In these days I didn't use the pc, because the navigation with chrome is so frustrating.

As news, today i received a mail from my mantainer that told me that my email address was used to send many spam mail.. I think I could have some trojan or similar that sniffed my password then used it for spam.

Anyway the most important problem is that I continue to not be able to navigate with Google Chrome because after a few second I open a page, I can click wherever I want but I only get a new page with a spam site (the redirection url is: tracking.syncedvision.com/ many random characters).

It's like to have an invisible layer that make me not be able to click on the page links.

The softwares I used to try to resolve are: Spybot search and destroy, cccleaner, malware byte antimalware, mcafee security scan plus, housecall online antivirus,adwcleaner, roguekiller, and some others i cant remember the name.

I paste the new DDS.txt here:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126  BrowserJavaVersion: 10.60.2
Run by Alessandro at 21:48:21 on 2014-07-03
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.39.1040.18.8142.1374 [GMT 2:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe
C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWOW64\vmnat.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\QNAP\NetBak\Enclosure.exe
C:\Program Files (x86)\QNAP\Finder\iSCSIAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Users\Alessandro\AppData\Roaming\Dashlane\Dashlane.exe
C:\Users\Alessandro\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\UltraMon\UltraMon.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\QNAP\NetBak\NetBak.exe
C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alessandro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.it/
uDefault_Search_URL = hxxp://www.google.com
uProxyOverride = local
mSearchAssistant = about:blank
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Guida per l'accesso a Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Dashlane Toolbar: {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Alessandro\AppData\Roaming\Dashlane\ie\KWIEBar.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
uRun: [Dashlane] "C:\Users\Alessandro\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup
uRun: [MusicManager] "C:\Users\Alessandro\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\UltraMon.lnk - C:\Windows\Installer\{537056B7-32A4-4408-9B54-0341963C7C9C}\IcoUltraMon.ico
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&sporta in Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: Interfaces\{356A62A2-2178-4F09-9C89-88A3DB8713AA} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{53F37D08-EB97-4AB9-A891-4E7798BE8CFA} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{CC212592-50AA-468C-AB9F-E8E4AE7A643C} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: LBTWlgn - <no file>
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Alessandro\AppData\Roaming\Mozilla\Firefox\Profiles\cz5cx433.default\
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Users\Alessandro\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
.
============= SERVICES / DRIVERS ===============
.
R0 vsock;vSockets Driver;C:\Windows\System32\drivers\vsock.sys [2014-5-4 73296]
R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2011-3-12 21992]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-3-12 13336]
R2 MSI_SuperCharger;MSI_SuperCharger;C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-3-2 138768]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-2 1617696]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-7 21007192]
R2 Popcorn Time Updater;Popcorn Time Updater;C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe [2014-6-26 210944]
R2 RzKLService;RzKLService;C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2013-10-5 106472]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-3-12 1153368]
R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2011-3-12 11576]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-5-28 413128]
R2 UltraMonUtility;UltraMon Utility Driver;C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [2008-11-14 20512]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2014-2-27 906432]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\System32\drivers\ladfGSCamd64.sys [2011-4-11 410184]
R3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\System32\drivers\ladfGSRamd64.sys [2011-4-11 341832]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2013-5-23 77592]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2013-5-23 13080]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-6-18 25816]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2012-1-6 32344]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2011-7-29 97040]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2012-3-2 14136]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-5-28 18776]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-5-28 40392]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-12-5 849992]
R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2014-4-9 39080]
R3 rzjstk;Razer Virtual Joystick Driver;C:\Windows\System32\drivers\rzjstk.sys [2014-4-9 27816]
R3 rzkeypadendpt;Razer Keypad Endpoint;C:\Windows\System32\drivers\rzkeypadendpt.sys [2013-11-15 32936]
R3 rzudd;Razer Keyboard Driver;C:\Windows\System32\drivers\rzudd.sys [2014-4-9 154792]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-6-18 860472]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-8-20 103576]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-12-27 135584]
S3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\Windows\System32\drivers\hitmanpro37.sys [2014-2-27 32512]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-10 111616]
S3 ipadtst;ipadtst;C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [2012-3-2 17936]
S3 LADF_BakerCOnly;BakerC Filter Driver;C:\Windows\System32\drivers\ladfBakerCamd64.sys [2010-10-17 363224]
S3 LADF_BakerROnly;BakerR Filter Driver;C:\Windows\System32\drivers\ladfBakerRamd64.sys [2010-10-17 334552]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-6-18 63704]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-4-9 289256]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-8-2 22528]
S3 NTIOLib_1_0_1;NTIOLib_1_0_1;C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [2011-3-13 14136]
S3 NTIOLib_1_0_6;NTIOLib_1_0_6;C:\Program Files (x86)\Setup Files\Ms7681v1H0\NTIOLib_X64.sys [2011-1-6 11888]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2013-1-23 13368]
S3 rzjoystk;Razer VJoystick;C:\Windows\System32\drivers\rzjoystk.sys [2011-3-24 19968]
S3 RzSynapse;Razer Driver;C:\Windows\System32\drivers\RzSynapse.sys [2011-7-14 157184]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;C:\Windows\System32\drivers\silabenm.sys [2013-12-28 27336]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;C:\Windows\System32\drivers\silabser.sys [2013-12-28 71168]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-8-20 204568]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2013-3-18 54784]
S3 usbUDisc;usbUDisc;C:\Windows\System32\drivers\USBDrv_AMD64.sys [2013-5-3 17280]
S3 WatAdminSvc;Servizio Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-12 1255736]
S3 WSDScan;Supporto digitalizzazione WSD tramite UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
S4 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-6-18 1809720]
.
=============== Created Last 30 ================
.
2014-07-03 19:39:52    --------    d-----w-    C:\Users\Alessandro\AppData\Local\{33836C0B-EE1A-441A-A664-A0A470C5A010}
2014-07-03 18:13:39    --------    d-----w-    C:\Users\Alessandro\AppData\Local\{5FD34906-E73D-49C0-8BB3-17240175A215}
2014-07-02 18:40:57    --------    d-----w-    C:\Users\Alessandro\AppData\Local\{33E9519C-D9EF-426A-906E-24F34144714F}
2014-07-02 03:24:48    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0541CC21-2888-4EEF-8CA1-48ACD29E44F3}\offreg.dll
2014-07-01 20:30:51    --------    d-----w-    C:\Users\Alessandro\AppData\Local\{99DFD41E-80BE-4A82-9DFF-8343D3F8E2BF}
2014-07-01 17:44:23    10779000    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0541CC21-2888-4EEF-8CA1-48ACD29E44F3}\mpengine.dll
2014-06-30 19:47:50    --------    d-----w-    C:\Users\Alessandro\AppData\Local\{993495EC-04DD-4006-98D3-E80A73E5B1EE}
2014-06-27 20:11:45    --------    d-----w-    C:\Users\Alessandro\AppData\Local\{AE62722C-5119-4DF7-8742-B33839A26D74}
2014-06-27 17:52:00    --------    d-----w-    C:\Users\Alessandro\AppData\Local\Adobe
2014-06-26 20:43:32    --------    d-----w-    C:\Program Files\McAfee Security Scan
2014-06-26 20:42:13    --------    d-----w-    C:\ProgramData\McAfee Security Scan
2014-06-26 17:49:48    --------    d-----w-    C:\Program Files (x86)\Popcorn Time
2014-06-25 22:38:53    --------    d-----w-    C:\FRST
2014-06-25 22:33:09    --------    d-----w-    C:\Windows\ERUNT
2014-06-20 20:26:35    --------    d-sh--w-    C:\$RECYCLE.BIN
2014-06-18 21:30:56    122584    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-18 21:30:49    91352    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-18 21:30:49    63704    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-06-18 21:30:49    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-06-18 21:30:49    --------    d-----w-    C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-18 21:00:34    --------    d-----w-    C:\Users\Alessandro\AppData\Local\CrashDumps
2014-06-18 20:58:06    536576    ----a-w-    C:\Windows\SysWow64\sqlite3.dll
2014-06-18 20:53:14    --------    d-----w-    C:\AdwCleaner
2014-06-18 20:44:56    --------    d-----w-    C:\ProgramData\RogueKiller
2014-06-16 20:52:58    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-06-10 20:20:09    506368    ----a-w-    C:\Windows\System32\aepdu.dll
2014-06-10 20:20:09    424448    ----a-w-    C:\Windows\System32\aeinv.dll
.
==================== Find3M  ====================
.
2014-06-26 20:42:11    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-26 20:42:11    699056    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-30 10:02:37    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-05-30 10:02:09    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-05-30 09:39:43    548352    ----a-w-    C:\Windows\System32\vbscript.dll
2014-05-30 09:39:23    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-05-30 09:38:29    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-05-30 09:21:23    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-05-30 09:21:05    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-05-30 09:20:36    752640    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-05-30 09:11:24    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-05-30 09:08:22    5782528    ----a-w-    C:\Windows\System32\jscript9.dll
2014-05-30 09:02:39    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-05-30 08:55:36    38400    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-05-30 08:44:28    455168    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-05-30 08:43:06    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-05-30 08:42:16    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-05-30 08:28:33    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-05-30 08:27:56    592896    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-05-30 08:24:19    1249280    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-05-30 08:23:22    2040832    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-05-30 08:10:46    32256    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-30 07:56:56    2266112    ----a-w-    C:\Windows\System32\wininet.dll
2014-05-30 07:56:50    4244992    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-05-30 07:50:09    1068032    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-05-30 07:49:38    1964544    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-05-30 07:21:10    1790976    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-05-20 01:25:42    6769096    ----a-w-    C:\Windows\System32\nvcpl.dll
2014-05-20 01:25:42    3514144    ----a-w-    C:\Windows\System32\nvsvc64.dll
2014-05-20 01:25:39    927520    ----a-w-    C:\Windows\System32\nvvsvc.exe
2014-05-20 01:25:38    62808    ----a-w-    C:\Windows\System32\nvshext.dll
2014-05-20 01:25:38    387528    ----a-w-    C:\Windows\System32\nvmctray.dll
2014-05-20 01:25:38    2560968    ----a-w-    C:\Windows\System32\nvsvcr.dll
2014-05-19 23:10:44    601432    ----a-w-    C:\Windows\SysWow64\nvStreaming.exe
2014-05-14 23:49:42    3774821    ----a-w-    C:\Windows\System32\nvcoproc.bin
2014-05-08 09:32:02    1112064    ----a-w-    C:\Windows\System32\rdpcorets.dll
2014-05-07 13:02:43    98216    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-30 18:27:16    1081112    ----a-w-    C:\Windows\SysWow64\nvspcap.dll
2014-04-30 18:26:54    1225920    ----a-w-    C:\Windows\System32\nvspcap64.dll
2014-04-25 02:34:59    801280    ----a-w-    C:\Windows\System32\usp10.dll
2014-04-25 02:06:17    626688    ----a-w-    C:\Windows\SysWow64\usp10.dll
2014-04-14 14:41:38    359128    ----a-w-    C:\Windows\SysWow64\vmnetdhcp.exe
2014-04-14 14:41:38    31448    ----a-w-    C:\Windows\System32\drivers\vmnetuserif.sys
2014-04-14 14:41:30    437976    ----a-w-    C:\Windows\SysWow64\vmnat.exe
2014-04-14 14:41:24    931032    ----a-w-    C:\Windows\System32\vnetlib64.dll
2014-04-14 14:41:22    64728    ----a-w-    C:\Windows\System32\drivers\vmx86.sys
2014-04-14 14:40:42    80464    ----a-w-    C:\Windows\System32\vmnetbridge.dll
2014-04-14 14:40:42    49232    ----a-w-    C:\Windows\System32\vnetinst.dll
2014-04-14 14:40:42    46160    ----a-w-    C:\Windows\System32\drivers\vmnetbridge.sys
2014-04-14 14:40:42    24656    ----a-w-    C:\Windows\System32\drivers\vmnet.sys
2014-04-14 14:40:42    20560    ----a-w-    C:\Windows\System32\drivers\vmnetadapter.sys
2014-04-14 14:40:40    33496    ----a-w-    C:\Windows\System32\drivers\VMkbd.sys
2014-04-12 02:22:05    95680    ----a-w-    C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05    155072    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38    29184    ----a-w-    C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38    136192    ----a-w-    C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37    28160    ----a-w-    C:\Windows\System32\secur32.dll
2014-04-12 02:19:32    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05    31232    ----a-w-    C:\Windows\System32\lsass.exe
2014-04-12 02:12:06    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-04-09 13:13:00    489064    ----a-w-    C:\SecurityScanner.dll
2014-04-09 02:52:48    27816    ----a-w-    C:\Windows\System32\drivers\rzjstk.sys
2014-04-09 02:52:44    39080    ----a-w-    C:\Windows\System32\drivers\rzendpt.sys
2014-04-09 02:52:44    154792    ----a-w-    C:\Windows\System32\drivers\rzudd.sys
2014-04-09 02:24:32    88576    ----a-w-    C:\Windows\SysWow64\rzdevinfo.dll
2014-04-09 02:24:32    154624    ----a-w-    C:\Windows\SysWow64\rztouchdll.dll
2014-04-09 02:24:30    117248    ----a-w-    C:\Windows\SysWow64\rzdisplaydll.dll
2014-04-09 02:24:28    856576    ----a-w-    C:\Windows\SysWow64\rzdevicedll.dll
2014-04-09 02:24:28    306688    ----a-w-    C:\Windows\SysWow64\rzaudiodll.dll
2014-04-05 02:47:20    1903552    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2014-04-05 02:47:09    288192    ----a-w-    C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-01-10 12:26:50    44    ---h--w-    C:\Program Files (x86)\68dce621.tmp
2011-11-10 16:45:03    81408    ----a-w-    C:\Program Files (x86)\Simpack.exe
2011-11-10 16:45:03    75264    ----a-w-    C:\Program Files (x86)\zlib1.dll
.
============= FINISH: 21:48:29,11 ===============

 

I don't have my windows 7 DVD 'cause i lost it.

Thanks for any help you could do.

 

Attached Files



#4 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,767 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:39 AM

Posted 04 July 2014 - 04:13 AM

Hi ale27, :)

:welcome:

My name is Valinorum and I will be the acolyte today. Before we proceed, please, acknowledge yourself the following(s):
  • Please do not create any new threads on this while we are working on your system as it wastes another volunteer's time. If you are being helped/have solved the issue/no longer wish to continue, notify me in your reply and I will quickly close this thread. Failing to comply will result in denial of future assistance.
  • Please do not install any new software while we are working on this system as it may hinder our process.
  • Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
  • Please do not try to fix anything without being ask.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • Please print or save the instructions I give you for quick reference. We may be using Safe mode which will cut you off from internet and you will not always be able to access this thread.
  • Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
  • If you are confused about any instruction stop and ask. Do not keep on going.
  • Do not repeat the steps if you face any problems.
  • I am not an omniscient. There are things even I cannot foresee. But what I know took years to learn and perfect the skill. This site is run by volunteers who help people in need in their own free time. I would ask you to respect their time and be patient as sometimes real life demands our time and replies to you can be delayed.
  • Private Message(PM) if and only if I have not responded to your thread within three days or your query is offtopic and personal. Do not PM me under any other circumstances. Your thread is the only medium of communication.
  • The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.
 

From a clean PC, please change all your login information and uninstall Spybot - Search & Destroy for now.

 
  • Step # 1Uninstall Programs
    I want you to uninstall the following program(s) listed below due to poor reputation we receive about them. To uninstall a program, go to Start > Control Panel > Uninstall a program or Start > Control Panel > Programs and Features. Wait for the list to fill up and double-click on the items I have listed below and follow the on-screen instruction to remove/uninstall them.
    • McAfee Security Scan Plus
    • PunkBuster Services
    • Razer Game Booster
 
  • Step # 2Fix with AdwCleaner
    • Download AdwCleaner by Xplode to your Desktop from the following link.
    • Right-click on AdwCleaner.exe and choose Run as administrator;
    • Click on Scan and let the program run unhindered;
    • When done, click on Clean and allow the system to reboot after it is done;
    • A log will be opened automatically after the restart;
    • Copy and Paste the contents of this log in your reply.
 
  • Step # 3Fix with Junkware Removal Tool
    Download Junkware Removal Tool by thisisu to your Desktop from the link below.
    Download Link 1
    Download Link 2
    • Disable your anti-virus to avoid potential conflicts. For more information please acknowledge yourself this article;
    • Run the program either by double-clicking(Windows XP) or Right-clicking and choosing Run as administrator(Windows Vista and above);
    • Please be patient as the tool cleans your system;
    • After completion of the process a log named JRT.txt will automatically open and is save to your Desktop;
    • Copy and Paste the contents of the log in your next reply.
 
  • Step # 4Scan with OTL
    • Please download OldTimer's Listit by OldTimer from one of the following locations and save it to your Desktop.
      Download Link 1
      Download Link 2
      Downlaod LInk 3
    • Copy and Paste the following code inside the Custom Scans/Fixes box;
      netsvcs
      BASESERVICES
      %SYSTEMDRIVE%\*.exe
      dir "%systemdrive%\*" /S /A:L /C
      /md5start
      services.*
      explorer.exe
      winlogon.exe
      Userinit.exe
      svchost.exe
      rpcss.dll
      /md5stop
      CREATERESTOREPOINT
    • Click the Quick Scan button;
    • After the scan two logs will be produced;
    • Copy and paste the content of the logs in your next reply
 
  • Required Log(s):
    • AdwCleaner Log
    • Junkware Removal Tool Log
    • OTL Logs --
      • OTL.txt
      • Extras.txt
Regards,
Valinorum

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 


#5 ale27

ale27
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:39 AM

Posted 04 July 2014 - 02:43 PM

Hello, thanks for your help!

I tryed to follow all the steps as indicated.

Here are all the logs (i will divide it in several posts):

 

AdwCleaner.txt

# AdwCleaner v3.214 - Rapporto creato 04/07/2014 in 21:17:19
# Aggiornato 29/06/2014 di Xplode
# Sistema operativo : Windows 7 Ultimate Service Pack 1 (64 bits)
# Nome utente : Alessandro - OMBROMANTO
# In esecuzione da : C:\Users\Alessandro\Downloads\AdwCleaner.exe
# Opzione : Pulisci

***** [ Servizi ] *****


***** [ File / Cartelle ] *****

Cartella Eliminato : C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh

***** [ Collegamenti ] *****


***** [ Registro ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v30.0 (it)

[ File : C:\Users\Alessandro\AppData\Roaming\Mozilla\Firefox\Profiles\cz5cx433.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Eliminati [Extension] : bopakagnckmlgajfccecajhnimjiiedh

*************************

AdwCleaner[R0].txt - [5550 octets] - [18/06/2014 22:57:57]
AdwCleaner[R1].txt - [1277 octets] - [18/06/2014 23:01:08]
AdwCleaner[R2].txt - [1166 octets] - [20/06/2014 22:07:05]
AdwCleaner[R3].txt - [1286 octets] - [26/06/2014 19:41:35]
AdwCleaner[R4].txt - [1587 octets] - [04/07/2014 21:12:40]
AdwCleaner[S0].txt - [5277 octets] - [18/06/2014 22:59:46]
AdwCleaner[S1].txt - [1339 octets] - [18/06/2014 23:01:49]
AdwCleaner[S2].txt - [1225 octets] - [20/06/2014 22:07:53]
AdwCleaner[S3].txt - [1345 octets] - [26/06/2014 19:44:18]
AdwCleaner[S4].txt - [1509 octets] - [04/07/2014 21:17:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1569 octets] ##########
 

 

JRT.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Ultimate x64
Ran by Alessandro on 04/07/2014 at 21:23:24,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Alessandro\appdata\local\{33836C0B-EE1A-441A-A664-A0A470C5A010}
Successfully deleted: [Empty Folder] C:\Users\Alessandro\appdata\local\{33E9519C-D9EF-426A-906E-24F34144714F}
Successfully deleted: [Empty Folder] C:\Users\Alessandro\appdata\local\{5FD34906-E73D-49C0-8BB3-17240175A215}
Successfully deleted: [Empty Folder] C:\Users\Alessandro\appdata\local\{993495EC-04DD-4006-98D3-E80A73E5B1EE}
Successfully deleted: [Empty Folder] C:\Users\Alessandro\appdata\local\{99DFD41E-80BE-4A82-9DFF-8343D3F8E2BF}
Successfully deleted: [Empty Folder] C:\Users\Alessandro\appdata\local\{AE62722C-5119-4DF7-8742-B33839A26D74}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04/07/2014 at 21:24:28,38
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

OTL.txt

 

OTL logfile created on: 04/07/2014 21:27:45 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Alessandro\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
 
7,95 Gb Total Physical Memory | 6,03 Gb Available Physical Memory | 75,84% Memory free
15,90 Gb Paging File | 13,79 Gb Available in Paging File | 86,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,15 Gb Total Space | 21,20 Gb Free Space | 17,79% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 329,58 Gb Free Space | 35,38% Space Free | Partition Type: NTFS
Drive H: | 5542,04 Gb Total Space | 2901,89 Gb Free Space | 52,36% Space Free | Partition Type: NTFS
Drive K: | 5542,04 Gb Total Space | 2901,89 Gb Free Space | 52,36% Space Free | Partition Type: NTFS
Drive M: | 5542,04 Gb Total Space | 2901,89 Gb Free Space | 52,36% Space Free | Partition Type: NTFS
Drive P: | 5542,04 Gb Total Space | 2901,89 Gb Free Space | 52,36% Space Free | Partition Type: NTFS
Drive S: | 5542,04 Gb Total Space | 2901,89 Gb Free Space | 52,36% Space Free | Partition Type: NTFS
Drive V: | 25,00 Gb Total Space | 9,25 Gb Free Space | 37,00% Space Free | Partition Type: NTFS
Drive Z: | 5542,04 Gb Total Space | 2901,89 Gb Free Space | 52,36% Space Free | Partition Type: NTFS
 
Computer Name: OMBROMANTO | User Name: Alessandro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/04 21:25:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alessandro\Desktop\OTL.exe
PRC - [2014/06/21 16:36:48 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/06/12 18:23:08 | 000,359,128 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2014/06/12 18:22:40 | 000,437,976 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2014/06/12 17:22:10 | 000,086,744 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
PRC - [2014/05/27 16:38:54 | 000,219,832 | ---- | M] () -- C:\Users\Alessandro\AppData\Roaming\Dashlane\Dashlane.exe
PRC - [2014/05/22 15:43:40 | 000,210,944 | ---- | M] (Popcorn Time) -- C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe
PRC - [2014/05/20 01:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014/05/15 23:38:02 | 007,631,872 | ---- | M] (Google Inc.) -- C:\Users\Alessandro\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
PRC - [2014/04/30 20:28:45 | 002,199,840 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/04/30 20:28:32 | 001,617,696 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/04/17 16:37:00 | 000,585,048 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2013/12/24 02:00:00 | 000,863,848 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
PRC - [2013/12/24 02:00:00 | 000,642,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
PRC - [2013/12/18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/03 09:07:02 | 001,738,384 | ---- | M] () -- C:\Program Files (x86)\QNAP\Finder\iSCSIAgent.exe
PRC - [2012/05/24 03:41:20 | 001,576,080 | ---- | M] (QNAP Systems, Inc.) -- C:\Programmi\QNAP\NetBak\Enclosure.exe
PRC - [2012/01/03 14:34:20 | 000,138,768 | ---- | M] (MSI) -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
PRC - [2012/01/03 14:34:16 | 000,502,288 | ---- | M] (MSI) -- C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
PRC - [2011/03/17 10:15:46 | 000,382,272 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2011/03/17 10:15:04 | 000,842,048 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
PRC - [2010/11/06 01:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/11/06 01:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/12/21 09:00:50 | 000,081,920 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/06/21 16:36:48 | 003,852,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/05/27 16:38:54 | 000,219,832 | ---- | M] () -- C:\Users\Alessandro\AppData\Roaming\Dashlane\Dashlane.exe
MOD - [2014/05/27 16:38:04 | 000,423,608 | ---- | M] () -- C:\Users\Alessandro\AppData\Roaming\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.2.4.1.63897.dll
MOD - [2014/05/27 16:38:04 | 000,263,352 | ---- | M] () -- C:\Users\Alessandro\AppData\Roaming\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.2.4.1.63897.dll
MOD - [2014/05/27 16:38:00 | 028,239,544 | ---- | M] () -- C:\Users\Alessandro\AppData\Roaming\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.2.4.1.63897.dll
MOD - [2014/05/27 16:38:00 | 004,805,304 | ---- | M] () -- C:\Users\Alessandro\AppData\Roaming\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.2.4.1.63897.dll
MOD - [2014/05/27 16:38:00 | 000,363,704 | ---- | M] () -- C:\Users\Alessandro\AppData\Roaming\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.2.4.1.63897.dll
MOD - [2014/05/27 16:38:00 | 000,255,160 | ---- | M] () -- C:\Users\Alessandro\AppData\Roaming\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.2.4.1.63897.dll
MOD - [2014/05/27 16:37:58 | 004,319,416 | ---- | M] () -- C:\Users\Alessandro\AppData\Roaming\Dashlane\2.4.1.63897\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.2.4.1.63897.dll
MOD - [2014/05/15 23:24:36 | 000,344,064 | ---- | M] () -- C:\Users\Alessandro\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
MOD - [2014/05/15 23:21:24 | 000,253,440 | ---- | M] () -- C:\Users\Alessandro\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
MOD - [2014/05/15 23:20:58 | 000,231,936 | ---- | M] () -- C:\Users\Alessandro\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
MOD - [2014/05/15 23:20:54 | 000,117,248 | ---- | M] () -- C:\Users\Alessandro\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
MOD - [2014/05/15 14:29:43 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\0eef5f1e5c15e0171152ee8f1cfc6924\IAStorUtil.ni.dll
MOD - [2014/05/15 13:54:33 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014/02/27 04:40:25 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\0d3cb1df8b6af32cebdc6e2cc4948c69\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2014/02/27 04:40:24 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll
MOD - [2014/02/27 04:39:43 | 000,399,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b6c7a1ca929c1b10f36b683c9f1a0517\System.Xml.Linq.ni.dll
MOD - [2014/02/27 04:39:43 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014/02/27 04:02:42 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
MOD - [2014/02/27 04:02:32 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014/02/27 04:02:31 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
MOD - [2014/02/27 04:02:30 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
MOD - [2014/02/27 04:02:25 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014/02/27 04:02:25 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014/02/27 04:02:25 | 001,180,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0893e0e7137e3b2da905da6216b75344\System.Management.ni.dll
MOD - [2014/02/27 04:02:23 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
MOD - [2014/02/27 04:02:23 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014/02/27 04:02:22 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
MOD - [2014/02/27 04:02:22 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll
MOD - [2014/02/27 04:02:22 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll
MOD - [2014/02/27 04:02:20 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014/02/27 04:02:20 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
MOD - [2014/02/27 04:02:19 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014/02/27 04:02:14 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/02/13 13:01:16 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\b1f7b4e15aef3faf382db6ba14c81371\IAStorCommon.ni.dll
MOD - [2014/02/13 12:40:19 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/13 12:40:16 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/13 12:40:13 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/13 12:40:11 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/13 12:40:05 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014/02/13 12:40:04 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/13 12:40:01 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013/12/10 23:06:52 | 000,026,624 | ---- | M] () -- C:\Users\Alessandro\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
MOD - [2013/12/10 23:06:42 | 010,683,392 | ---- | M] () -- C:\Users\Alessandro\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
MOD - [2013/12/10 23:06:40 | 001,681,408 | ---- | M] () -- C:\Users\Alessandro\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
MOD - [2013/12/10 23:06:38 | 007,741,952 | ---- | M] () -- C:\Users\Alessandro\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
MOD - [2013/12/10 23:06:36 | 002,248,192 | ---- | M] () -- C:\Users\Alessandro\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
MOD - [2013/07/08 14:50:07 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_it_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2012/07/03 09:07:02 | 001,738,384 | ---- | M] () -- C:\Program Files (x86)\QNAP\Finder\iSCSIAgent.exe
MOD - [2010/11/13 01:50:53 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/07/14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/05/30 11:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/06/26 22:42:11 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/21 16:36:48 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/06/12 18:23:08 | 000,359,128 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2014/06/12 18:22:40 | 000,437,976 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2014/06/12 17:22:10 | 000,086,744 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2014/05/22 15:43:40 | 000,210,944 | ---- | M] (Popcorn Time) [Auto | Running] -- C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe -- (Popcorn Time Updater)
SRV - [2014/05/20 01:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/04/30 20:28:32 | 001,617,696 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/04/30 20:28:23 | 021,007,192 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programmi\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2014/02/27 18:40:46 | 000,906,432 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2013/12/18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/07/27 00:46:24 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/06/13 21:31:10 | 000,357,144 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programmi\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2012/01/03 14:34:20 | 000,138,768 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2011/12/09 15:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011/03/28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/11/06 01:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010/01/09 21:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/06/12 18:23:04 | 000,064,728 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2014/06/12 18:22:50 | 000,031,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2014/06/12 18:22:02 | 000,046,160 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2014/06/12 18:22:02 | 000,020,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2014/06/12 18:21:58 | 000,033,496 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2014/05/12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/04/09 04:52:48 | 000,027,816 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzjstk.sys -- (rzjstk)
DRV:64bit: - [2014/04/09 04:52:44 | 000,154,792 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2014/04/09 04:52:44 | 000,039,080 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:64bit: - [2014/04/01 15:22:32 | 000,038,400 | ---- | M] (CSR plc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\csrbcx64.sys -- (CSRBC)
DRV:64bit: - [2014/03/31 18:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014/03/19 15:23:28 | 000,050,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2014/02/27 22:41:29 | 000,032,512 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hitmanpro37.sys -- (hitmanpro37)
DRV:64bit: - [2014/02/27 18:40:32 | 000,054,464 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2013/11/28 15:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/11/15 08:37:30 | 000,032,936 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzkeypadendpt.sys -- (rzkeypadendpt)
DRV:64bit: - [2013/10/08 18:21:10 | 000,073,296 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)
DRV:64bit: - [2013/10/08 18:21:06 | 000,085,584 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2013/08/29 03:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013/08/20 07:02:12 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013/08/20 07:02:12 | 000,103,576 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/05/23 08:12:50 | 000,076,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2013/05/23 08:12:48 | 000,077,592 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2013/05/23 08:12:48 | 000,013,080 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2013/04/10 12:09:24 | 000,849,992 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013/03/18 17:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2013/02/12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/26 13:56:32 | 000,017,280 | ---- | M] (Scott) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBDrv_AMD64.sys -- (usbUDisc)
DRV:64bit: - [2011/10/14 17:13:26 | 000,071,168 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\silabser.sys -- (silabser)
DRV:64bit: - [2011/10/14 17:13:26 | 000,027,336 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\silabenm.sys -- (silabenm)
DRV:64bit: - [2011/09/02 08:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011/09/02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/08/31 22:43:24 | 000,526,392 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/08/02 16:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011/07/14 18:18:52 | 000,157,184 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:64bit: - [2011/05/13 03:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/05/13 03:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011/04/11 22:01:00 | 000,341,832 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys -- (LADF_RenderOnly)
DRV:64bit: - [2011/04/11 22:00:18 | 000,410,184 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys -- (LADF_CaptureOnly)
DRV:64bit: - [2011/03/24 15:35:36 | 000,019,968 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rzjoystk.sys -- (rzjoystk)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/19 18:47:18 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2011/01/01 10:12:24 | 000,097,040 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2010/11/21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/06 01:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/17 20:22:02 | 000,334,552 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfBakerRamd64.sys -- (LADF_BakerROnly)
DRV:64bit: - [2010/10/17 20:21:50 | 000,363,224 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfBakerCamd64.sys -- (LADF_BakerCOnly)
DRV:64bit: - [2010/08/19 19:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010/04/27 16:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/27 16:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
DRV:64bit: - [2010/04/27 16:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 14:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 14:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010/03/31 14:30:58 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009/11/24 03:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/24 03:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/11/18 08:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/02 15:12:18 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2009/03/02 15:12:14 | 000,053,816 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2014/04/30 20:28:22 | 000,018,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Programmi\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV - [2013/01/23 08:12:38 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2011/12/12 14:45:08 | 000,017,936 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys -- (ipadtst)
DRV - [2011/01/06 12:06:56 | 000,011,888 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Setup Files\Ms7681v1H0\NTIOLib_X64.sys -- (NTIOLib_1_0_6)
DRV - [2010/01/29 12:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2010/01/18 11:36:44 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys -- (NTIOLib_1_0_3)
DRV - [2009/10/06 01:10:14 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys -- (NTIOLib_1_0_1)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/11/14 03:11:42 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6C 15 F8 4F 89 E0 CB 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{2CBD2AED-D2D4-4FCB-8EC9-FE57B721F709}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..extensions.enabledAddons: %7BF003DA68-8256-4b37-A6C4-350FA04494DF%7D:6.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\Sonar\npesnsonar.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch: C:\Program Files (x86)\BF3 Alpha Trial Web Plugins\npesnlaunch.dll (ESN AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.7: C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Alessandro\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Alessandro\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014/01/16 10:50:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/06/21 16:36:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012/06/25 15:40:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alessandro\AppData\Roaming\mozilla\Extensions
[2014/06/23 22:41:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alessandro\AppData\Roaming\mozilla\Firefox\Profiles\cz5cx433.default\extensions
[2014/06/21 16:36:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/21 16:36:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/01/16 10:50:45 | 000,000,000 | ---D | M] (Logitech SetPoint) -- C:\PROGRAM FILES\LOGITECH\SETPOINTP\LOGISMOOTHFIREFOXEXT
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Profilo predefinito (Disabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
CHR - plugin: Error reading preferences file
CHR - Extension: Google Drive = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: MyNetDiary Calorie Counter and Food Diary = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjackipnjjjefeppmpbgcdefaplneopj\0.98.8_0\
CHR - Extension: YouTube = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.1_0\
CHR - Extension: Adblock Plus = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: Plugins = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\chemohaemmfhjpmlgkmkanfpfbkaihop\0.8.0_0\
CHR - Extension: Ricerca Google = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: ADVFN - Stocks & Shares = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdhkkpfmhlkcighmllammffmnolgdafh\0.0.0.1_0\
CHR - Extension: Salva in Google Drive = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne\2.1.0_0\
CHR - Extension: Salva in Google Drive = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne\2.1.1_0\
CHR - Extension: TinEye Reverse Image Search = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.4_0\
CHR - Extension: Reload All Tabs = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpkdnfkjhdkcpimadpdcgapffceacjem\1.5.2_0\
CHR - Extension: Reload All Tabs = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpkdnfkjhdkcpimadpdcgapffceacjem\1.5.3_0\
CHR - Extension: Download = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nccjoeeljedbmkidebclpoabijggpbdp\0.1.7_0\
CHR - Extension: FreshStart – Gestore di Sessioni Browser = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmidkjogcjnnlfimjcedenagjfacpobb\1.6.1_0\
CHR - Extension: Google Wallet = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Wikinvest Portfolio Manager = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpkgmnajebobcebngnagdabphfmooej\1.0_0\
CHR - Extension: Page Monitor = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemhgklkefakciniebenbfclihhmmfcd\3.3.3_0\
CHR - Extension: Page Monitor = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemhgklkefakciniebenbfclihhmmfcd\3.3.4_0\
CHR - Extension: Antisocial = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pghncadecdbeoiklgemofaoampiiicmn\0.2.4_0\
CHR - Extension: Gmail = C:\Users\Alessandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2014/06/18 23:07:56 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Programmi\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programmi\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Programmi\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Dashlane Toolbar) - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Alessandro\AppData\Roaming\Dashlane\ie\KWIEBar.dll (Dashlane)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" File not found
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Dashlane] C:\Users\Alessandro\AppData\Roaming\Dashlane\Dashlane.exe ()
O4 - HKCU..\Run: [MusicManager] C:\Users\Alessandro\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O8:64bit: - Extra context menu item: E&sporta in Microsoft Excel - C:\Programmi\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&sporta in Microsoft Excel - C:\Programmi\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programmi\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 10.60.2)
O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 1.7.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 10.60.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{356A62A2-2178-4F09-9C89-88A3DB8713AA}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53F37D08-EB97-4AB9-A891-4E7798BE8CFA}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CC212592-50AA-468C-AB9F-E8E4AE7A643C}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programmi\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/10/14 23:33:28 | 042,444,800 | ---- | M] () - V:\autoinst.iso -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/04 21:25:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Alessandro\Desktop\OTL.exe
[2014/07/04 21:15:56 | 000,073,296 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vsock.sys
[2014/07/04 21:15:56 | 000,067,664 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vsocklib.dll
[2014/07/04 21:15:56 | 000,063,568 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vsocklib.dll
[2014/07/04 21:15:55 | 000,064,728 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys
[2014/07/04 21:15:55 | 000,033,496 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\VMkbd.sys
[2014/07/04 21:15:35 | 000,359,128 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe
[2014/07/04 21:15:34 | 000,931,032 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll
[2014/07/04 21:15:34 | 000,437,976 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe
[2014/07/04 21:15:34 | 000,031,448 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys
[2014/07/04 21:15:33 | 000,054,464 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys
[2014/07/04 21:15:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2014/07/04 21:15:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2014/07/04 21:15:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware
[2014/07/04 21:15:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2014/06/27 19:52:00 | 000,000,000 | ---D | C] -- C:\Users\Alessandro\AppData\Local\Adobe
[2014/06/26 22:42:13 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2014/06/26 19:49:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Popcorn Time
[2014/06/26 00:38:53 | 000,000,000 | ---D | C] -- C:\FRST
[2014/06/26 00:33:09 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/06/21 16:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/06/20 22:26:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/06/18 23:30:56 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/18 23:30:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/06/18 23:30:49 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/06/18 23:30:49 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/06/18 23:30:49 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/06/18 23:30:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/06/18 23:13:54 | 000,000,000 | ---D | C] -- C:\Users\Alessandro\AppData\Roaming\Oracle
[2014/06/18 23:00:34 | 000,000,000 | ---D | C] -- C:\Users\Alessandro\AppData\Local\CrashDumps
[2014/06/18 22:58:06 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/06/18 22:53:14 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/18 22:45:47 | 005,207,168 | R--- | C] (Swearware) -- C:\Users\Alessandro\Desktop\ComboFix.exe
[2014/06/18 22:44:56 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2014/06/18 21:33:06 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2014/06/16 22:52:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/06/12 18:22:02 | 000,080,464 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vmnetbridge.dll
[2014/06/12 18:22:02 | 000,049,232 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetinst.dll
[2014/06/12 18:22:02 | 000,046,160 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetbridge.sys
[2014/06/12 18:22:02 | 000,024,656 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnet.sys
[2014/06/12 18:22:02 | 000,020,560 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetadapter.sys
[2014/06/06 20:29:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/04/13 01:11:22 | 002,869,264 | ---- | C] (Microsoft Corporation) -- C:\Users\Alessandro\AppData\Roaming\dotNetFx35setup.exe
[2011/03/20 14:20:35 | 000,075,264 | ---- | C] (Zlib) -- C:\Program Files (x86)\zlib1.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/04 21:29:03 | 001,669,530 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/04 21:29:03 | 000,744,124 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2014/07/04 21:29:03 | 000,656,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/04 21:29:03 | 000,148,704 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2014/07/04 21:29:03 | 000,123,390 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/04 21:25:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alessandro\Desktop\OTL.exe
[2014/07/04 21:23:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/04 21:23:03 | 2107,875,327 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/04 21:22:39 | 000,029,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/04 21:22:39 | 000,029,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/04 21:15:32 | 001,688,772 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/07/04 20:52:00 | 000,001,180 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1705343076-1886983112-3339584442-1000UA.job
[2014/07/04 20:47:00 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/03 22:52:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1705343076-1886983112-3339584442-1000Core.job
[2014/07/01 22:37:33 | 000,000,600 | ---- | M] () -- C:\Users\Alessandro\AppData\Roaming\winscp.rnd
[2014/06/26 22:08:37 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/26 19:49:52 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\Popcorn Time.lnk
[2014/06/20 22:18:20 | 005,207,168 | R--- | M] (Swearware) -- C:\Users\Alessandro\Desktop\ComboFix.exe
[2014/06/18 23:30:50 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/18 23:07:56 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/06/18 21:33:06 | 000,000,030 | ---- | M] () -- C:\AVScanner.ini
[2014/06/16 22:28:02 | 006,114,139 | ---- | M] () -- C:\Users\Alessandro\AppData\Local\census.cache
[2014/06/16 22:27:55 | 000,000,000 | ---- | M] () -- C:\Users\Alessandro\AppData\Local\ars.cache
[2014/06/12 18:23:08 | 000,359,128 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe
[2014/06/12 18:23:04 | 000,064,728 | ---- | M] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys
[2014/06/12 18:22:50 | 000,031,448 | ---- | M] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys
[2014/06/12 18:22:40 | 000,437,976 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe
[2014/06/12 18:22:32 | 000,931,032 | ---- | M] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll
[2014/06/12 18:22:02 | 000,080,464 | ---- | M] (VMware, Inc.) -- C:\Windows\SysNative\vmnetbridge.dll
[2014/06/12 18:22:02 | 000,049,232 | ---- | M] (VMware, Inc.) -- C:\Windows\SysNative\vnetinst.dll
[2014/06/12 18:22:02 | 000,046,160 | ---- | M] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetbridge.sys
[2014/06/12 18:22:02 | 000,024,656 | ---- | M] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnet.sys
[2014/06/12 18:22:02 | 000,020,560 | ---- | M] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetadapter.sys
[2014/06/12 18:21:58 | 000,033,496 | ---- | M] (VMware, Inc.) -- C:\Windows\SysNative\drivers\VMkbd.sys
[2014/06/10 21:16:13 | 005,474,089 | ---- | M] () -- C:\Users\Alessandro\Desktop\Portami_a_ballare_-_Luca_Barbarossa.mp3
[2014/06/06 11:16:37 | 000,570,954 | ---- | M] () -- C:\Users\Alessandro\Desktop\lettera dimissioni e certificato.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/06/26 20:20:16 | 000,096,187 | ---- | C] () -- C:\Users\Alessandro\Desktop\Parker 2013 TS XViD-26k 1h 51m 01s [SRT project].srt
[2014/06/26 19:49:52 | 000,001,085 | ---- | C] () -- C:\Users\Public\Desktop\Popcorn Time.lnk
[2014/06/18 23:30:50 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/18 22:55:11 | 000,000,030 | ---- | C] () -- C:\AVScanner.ini
[2014/06/10 21:12:42 | 005,474,089 | ---- | C] () -- C:\Users\Alessandro\Desktop\Portami_a_ballare_-_Luca_Barbarossa.mp3
[2014/06/06 11:19:25 | 000,570,954 | ---- | C] () -- C:\Users\Alessandro\Desktop\lettera dimissioni e certificato.pdf
[2013/04/25 03:27:44 | 000,000,110 | ---- | C] () -- C:\Users\Alessandro\VOIPAgent.prefs.properties
[2013/04/15 03:26:15 | 000,000,351 | ---- | C] () -- C:\Users\Alessandro\SciTE.session
[2013/03/28 13:01:48 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/03/28 13:01:48 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/03/28 13:01:48 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/03/28 13:01:48 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/03/28 13:01:48 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/03/27 14:33:07 | 001,688,772 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/03/08 01:10:32 | 000,000,016 | ---- | C] () -- C:\Users\Alessandro\AppData\Roaming\sd.bat
[2012/12/15 15:15:57 | 000,000,052 | ---- | C] () -- C:\Windows\WebConfig.ini
[2012/12/15 15:12:39 | 000,798,720 | ---- | C] () -- C:\Windows\SysWow64\SEPlayerPlus.dll
[2012/12/15 15:12:39 | 000,294,912 | ---- | C] () -- C:\Windows\SysWow64\SEPlayer.exe
[2012/12/15 15:12:39 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\SENetLibPlus.dll
[2012/12/15 15:12:39 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\SESDKPlus.dll
[2012/11/05 18:24:33 | 000,000,600 | ---- | C] () -- C:\Users\Alessandro\PUTTY.RND
[2012/09/28 21:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2011/10/22 23:49:33 | 006,114,139 | ---- | C] () -- C:\Users\Alessandro\AppData\Local\census.cache
[2011/10/22 23:48:55 | 000,000,000 | ---- | C] () -- C:\Users\Alessandro\AppData\Local\ars.cache
[2011/10/22 01:57:07 | 000,000,036 | ---- | C] () -- C:\Users\Alessandro\AppData\Local\housecall.guid.cache
[2011/10/19 23:52:12 | 000,001,456 | ---- | C] () -- C:\Users\Alessandro\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/05/25 13:20:12 | 000,000,693 | ---- | C] () -- C:\Users\Alessandro\.jscreenfix.licence
[2011/04/20 04:36:49 | 000,000,600 | ---- | C] () -- C:\Users\Alessandro\AppData\Local\PUTTY.RND
[2011/03/24 21:10:34 | 000,044,032 | ---- | C] () -- C:\Users\Alessandro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/20 14:20:35 | 000,081,408 | ---- | C] () -- C:\Program Files (x86)\Simpack.exe
[2011/03/20 14:20:35 | 000,016,755 | ---- | C] () -- C:\Program Files (x86)\GCFFILES.DAT
[2011/03/19 20:36:41 | 000,000,600 | ---- | C] () -- C:\Users\Alessandro\AppData\Roaming\winscp.rnd
[2011/03/12 10:10:16 | 000,007,602 | ---- | C] () -- C:\Users\Alessandro\AppData\Local\resmon.resmoncfg
 
========== ZeroAccess Check ==========
 
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/12/12 04:27:08 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\.mono
[2013/08/26 17:50:50 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\2K Sports
[2014/06/03 21:04:10 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Audacity
[2014/05/10 14:39:38 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Awesomium
[2012/06/24 03:53:47 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\BANDISOFT
[2013/08/26 17:52:02 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Bitcoin
[2014/01/22 21:35:20 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014/06/16 23:35:37 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\DAEMON Tools Pro
[2013/01/01 21:19:40 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Darkfall
[2014/05/30 21:44:44 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Dashlane
[2013/01/12 02:26:41 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Downloaded Installations
[2014/03/17 18:56:28 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\EPSON
[2012/11/01 16:57:39 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\FileZilla
[2014/06/24 00:21:37 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\foobar2000
[2011/08/21 02:15:07 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Gyration
[2014/05/20 21:54:06 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\HandBrake
[2011/03/12 11:52:00 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Leadertech
[2011/09/11 22:48:35 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\LolClient
[2012/05/25 01:38:39 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\LolClient2
[2012/06/05 03:43:29 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\MetaQuotes
[2011/07/29 01:11:34 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\MotioninJoy
[2014/05/30 23:33:42 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Mumble
[2014/01/23 16:54:32 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\No Company Name
[2011/03/12 18:08:59 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Notepad++
[2014/06/18 23:13:54 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Oracle
[2013/08/09 22:28:53 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Origin
[2014/04/10 14:50:41 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Popcorn Time
[2011/12/29 12:45:55 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\redsn0w
[2012/03/08 18:54:01 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Shark007
[2014/03/10 23:16:21 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\SitenApp
[2011/12/20 20:23:04 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Stereoscopic Player
[2011/06/18 18:02:57 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Sytexis Software
[2013/04/12 21:37:28 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\TeamViewer
[2014/06/16 23:35:36 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\TS3Client
[2013/03/11 01:50:28 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Unity
[2012/03/08 18:32:51 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Win7codecs
[2011/03/17 10:32:28 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\Windows Live Writer
[2013/10/15 20:31:11 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\WizardWars
[2014/05/06 00:26:32 | 000,000,000 | ---D | M] -- C:\Users\Alessandro\AppData\Roaming\XBMC
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
========== Base Services ==========
SRV:64bit: - [2009/07/14 03:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/02/27 07:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/14 03:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/21 05:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/21 05:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/14 03:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/05 00:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/21 05:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/21 05:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/03/03 08:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/14 03:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/14 03:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/14 03:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/21 05:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/14 03:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/14 03:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/14 03:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/14 03:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 19:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/14 03:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 13:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 08:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/14 03:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/21 05:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/21 05:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2014/04/12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/14 03:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/21 05:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/21 05:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/21 05:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/21 05:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/21 05:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/21 05:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/01 07:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/21 05:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/21 05:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/21 05:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/21 05:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
No service found with a name of WinDefend
SRV:64bit: - [2010/11/21 05:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/21 05:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/21 05:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/21 05:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/21 05:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/14 03:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/03 00:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/21 05:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/14 03:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/21 05:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
 
< %SYSTEMDRIVE%\*.exe >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Il volume nell'unit… C non ha etichetta.
 Numero di serie del volume: 08A6-7D88
 Directory di C:\
14/07/2009  07:08    <JUNCTION>     Documents and Settings [C:\Users]
11/03/2011  22:59    <JUNCTION>     Programmi [C:\Program Files]
               0 File              0 byte
 Directory di C:\Program Files
11/03/2011  22:59    <JUNCTION>     File comuni [C:\Program Files\Common Files]
               0 File              0 byte
 Directory di C:\Program Files\Windows NT
11/03/2011  22:59    <JUNCTION>     Accessori [C:\Program Files\Windows NT\Accessories]
               0 File              0 byte
 Directory di C:\ProgramData
14/07/2009  07:08    <JUNCTION>     Application Data [C:\ProgramData]
11/03/2011  22:59    <JUNCTION>     Dati applicazioni [C:\ProgramData]
14/07/2009  07:08    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/03/2011  22:59    <JUNCTION>     Documenti [C:\Users\Public\Documents]
14/07/2009  07:08    <JUNCTION>     Documents [C:\Users\Public\Documents]
14/07/2009  07:08    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/03/2011  22:59    <JUNCTION>     Menu Avvio [C:\ProgramData\Microsoft\Windows\Start Menu]
11/03/2011  22:59    <JUNCTION>     Modelli [C:\ProgramData\Microsoft\Windows\Templates]
11/03/2011  22:59    <JUNCTION>     Preferiti [C:\Users\Public\Favorites]
14/07/2009  07:08    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009  07:08    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File              0 byte
 Directory di C:\ProgramData\Microsoft\Windows\Start Menu
11/03/2011  22:59    <JUNCTION>     Programmi [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
               0 File              0 byte
 Directory di C:\Users
14/07/2009  07:08    <SYMLINKD>     All Users [C:\ProgramData]
14/07/2009  07:08    <JUNCTION>     Default User [C:\Users\Default]
               0 File              0 byte
 Directory di C:\Users\Alessandro
11/03/2011  22:59    <JUNCTION>     Cookies [C:\Users\Alessandro\AppData\Roaming\Microsoft\Windows\Cookies]
11/03/2011  22:59    <JUNCTION>     Dati applicazioni [C:\Users\Alessandro\AppData\Roaming]
11/03/2011  22:59    <JUNCTION>     Documenti [C:\Users\Alessandro\Documents]
11/03/2011  22:59    <JUNCTION>     Impostazioni locali [C:\Users\Alessandro\AppData\Local]
11/03/2011  22:59    <JUNCTION>     Menu Avvio [C:\Users\Alessandro\AppData\Roaming\Microsoft\Windows\Start Menu]
11/03/2011  22:59    <JUNCTION>     Modelli [C:\Users\Alessandro\AppData\Roaming\Microsoft\Windows\Templates]
11/03/2011  22:59    <JUNCTION>     Recenti [C:\Users\Alessandro\AppData\Roaming\Microsoft\Windows\Recent]
11/03/2011  22:59    <JUNCTION>     Risorse di rete [C:\Users\Alessandro\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
11/03/2011  22:59    <JUNCTION>     Risorse di stampa [C:\Users\Alessandro\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
11/03/2011  22:59    <JUNCTION>     SendTo [C:\Users\Alessandro\AppData\Roaming\Microsoft\Windows\SendTo]
               0 File              0 byte
 Directory di C:\Users\Alessandro\AppData\Local
11/03/2011  22:59    <JUNCTION>     Cronologia [C:\Users\Alessandro\AppData\Local\Microsoft\Windows\History]
11/03/2011  22:59    <JUNCTION>     Dati applicazioni [C:\Users\Alessandro\AppData\Local]
11/03/2011  22:59    <JUNCTION>     Temporary Internet Files [C:\Users\Alessandro\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File              0 byte
 Directory di C:\Users\Alessandro\AppData\Roaming\Microsoft\Windows\Start Menu
11/03/2011  22:59    <JUNCTION>     Programmi [C:\Users\Alessandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
               0 File              0 byte
 Directory di C:\Users\Alessandro\Documents
11/03/2011  22:59    <JUNCTION>     Immagini [C:\Users\Alessandro\Pictures]
11/03/2011  22:59    <JUNCTION>     Musica [C:\Users\Alessandro\Music]
11/03/2011  22:59    <JUNCTION>     Video [C:\Users\Alessandro\Videos]
               0 File              0 byte
 Directory di C:\Users\All Users
14/07/2009  07:08    <JUNCTION>     Application Data [C:\ProgramData]
11/03/2011  22:59    <JUNCTION>     Dati applicazioni [C:\ProgramData]
14/07/2009  07:08    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/03/2011  22:59    <JUNCTION>     Documenti [C:\Users\Public\Documents]
14/07/2009  07:08    <JUNCTION>     Documents [C:\Users\Public\Documents]
14/07/2009  07:08    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/03/2011  22:59    <JUNCTION>     Menu Avvio [C:\ProgramData\Microsoft\Windows\Start Menu]
11/03/2011  22:59    <JUNCTION>     Modelli [C:\ProgramData\Microsoft\Windows\Templates]
11/03/2011  22:59    <JUNCTION>     Preferiti [C:\Users\Public\Favorites]
14/07/2009  07:08    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
14/07/2009  07:08    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File              0 byte
 Directory di C:\Users\All Users\Microsoft\Windows\Start Menu
11/03/2011  22:59    <JUNCTION>     Programmi [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
               0 File              0 byte
 Directory di C:\Users\Default
14/07/2009  07:08    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
11/03/2011  22:59    <JUNCTION>     Dati applicazioni [C:\Users\Default\AppData\Roaming]
11/03/2011  22:59    <JUNCTION>     Documenti [C:\Users\Default\Documents]
11/03/2011  22:59    <JUNCTION>     Impostazioni locali [C:\Users\Default\AppData\Local]
14/07/2009  07:08    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
11/03/2011  22:59    <JUNCTION>     Menu Avvio [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
11/03/2011  22:59    <JUNCTION>     Modelli [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
14/07/2009  07:08    <JUNCTION>     My Documents [C:\Users\Default\Documents]
14/07/2009  07:08    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
14/07/2009  07:08    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14/07/2009  07:08    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
11/03/2011  22:59    <JUNCTION>     Recenti [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
11/03/2011  22:59    <JUNCTION>     Risorse di rete [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
11/03/2011  22:59    <JUNCTION>     Risorse di stampa [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14/07/2009  07:08    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
14/07/2009  07:08    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
14/07/2009  07:08    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File              0 byte
 Directory di C:\Users\Default\AppData\Local
14/07/2009  07:08    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
11/03/2011  22:59    <JUNCTION>     Cronologia [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
11/03/2011  22:59    <JUNCTION>     Dati applicazioni [C:\Users\Default\AppData\Local]
14/07/2009  07:08    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14/07/2009  07:08    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File              0 byte
 Directory di C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu
11/03/2011  22:59    <JUNCTION>     Programmi [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
               0 File              0 byte
 Directory di C:\Users\Default\Documents
11/03/2011  22:59    <JUNCTION>     Immagini [C:\Users\Default\Pictures]
11/03/2011  22:59    <JUNCTION>     Musica [C:\Users\Default\Music]
14/07/2009  07:08    <JUNCTION>     My Music [C:\Users\Default\Music]
14/07/2009  07:08    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
14/07/2009  07:08    <JUNCTION>     My Videos [C:\Users\Default\Videos]
11/03/2011  22:59    <JUNCTION>     Video [C:\Users\Default\Videos]
               0 File              0 byte
 Directory di C:\Users\Public\Documents
11/03/2011  22:59    <JUNCTION>     Immagini [C:\Users\Public\Pictures]
11/03/2011  22:59    <JUNCTION>     Musica [C:\Users\Public\Music]
14/07/2009  07:08    <JUNCTION>     My Music [C:\Users\Public\Music]
14/07/2009  07:08    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
14/07/2009  07:08    <JUNCTION>     My Videos [C:\Users\Public\Videos]
11/03/2011  22:59    <JUNCTION>     Video [C:\Users\Public\Videos]
               0 File              0 byte
 Directory di C:\Windows\System32\config\systemprofile
06/01/2012  21:56    <JUNCTION>     Dati applicazioni [C:\Windows\system32\config\systemprofile\AppData\Roaming]
06/01/2012  21:56    <JUNCTION>     Documenti [C:\Windows\system32\config\systemprofile\Documents]
06/01/2012  21:56    <JUNCTION>     Impostazioni locali [C:\Windows\system32\config\systemprofile\AppData\Local]
06/01/2012  21:56    <JUNCTION>     Menu Avvio [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
06/01/2012  21:56    <JUNCTION>     Modelli [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
06/01/2012  21:56    <JUNCTION>     Recenti [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
06/01/2012  21:56    <JUNCTION>     Risorse di rete [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
06/01/2012  21:56    <JUNCTION>     Risorse di stampa [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
06/01/2012  21:56    <JUNCTION>     SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
               0 File              0 byte
 Directory di C:\Windows\System32\config\systemprofile\AppData\Local
06/01/2012  21:56    <JUNCTION>     Cronologia [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
06/01/2012  21:56    <JUNCTION>     Dati applicazioni [C:\Windows\system32\config\systemprofile\AppData\Local]
06/01/2012  21:56    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File              0 byte
 Directory di C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu
06/01/2012  21:56    <JUNCTION>     Programmi [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
               0 File              0 byte
 Directory di C:\Windows\System32\config\systemprofile\Documents
06/01/2012  21:56    <JUNCTION>     Immagini [C:\Windows\system32\config\systemprofile\Pictures]
06/01/2012  21:56    <JUNCTION>     Musica [C:\Windows\system32\config\systemprofile\Music]
06/01/2012  21:56    <JUNCTION>     Video [C:\Windows\system32\config\systemprofile\Videos]
               0 File              0 byte
 Directory di C:\Windows\SysWOW64\config\systemprofile
06/01/2012  21:56    <JUNCTION>     Dati applicazioni [C:\Windows\system32\config\systemprofile\AppData\Roaming]
06/01/2012  21:56    <JUNCTION>     Documenti [C:\Windows\system32\config\systemprofile\Documents]
06/01/2012  21:56    <JUNCTION>     Impostazioni locali [C:\Windows\system32\config\systemprofile\AppData\Local]
06/01/2012  21:56    <JUNCTION>     Menu Avvio [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
06/01/2012  21:56    <JUNCTION>     Modelli [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
06/01/2012  21:56    <JUNCTION>     Recenti [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
06/01/2012  21:56    <JUNCTION>     Risorse di rete [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
06/01/2012  21:56    <JUNCTION>     Risorse di stampa [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
06/01/2012  21:56    <JUNCTION>     SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
               0 File              0 byte
 Directory di C:\Windows\SysWOW64\config\systemprofile\AppData\Local
06/01/2012  21:56    <JUNCTION>     Cronologia [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
06/01/2012  21:56    <JUNCTION>     Dati applicazioni [C:\Windows\system32\config\systemprofile\AppData\Local]
06/01/2012  21:56    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File              0 byte
 Directory di C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu
06/01/2012  21:56    <JUNCTION>     Programmi [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
               0 File              0 byte
 Directory di C:\Windows\SysWOW64\config\systemprofile\Documents
06/01/2012  21:56    <JUNCTION>     Immagini [C:\Windows\system32\config\systemprofile\Pictures]
06/01/2012  21:56    <JUNCTION>     Musica [C:\Windows\system32\config\systemprofile\Music]
06/01/2012  21:56    <JUNCTION>     Video [C:\Windows\system32\config\systemprofile\Videos]
               0 File              0 byte
     Totale file elencati:
               0 File              0 byte
             114 Directory  22.737.502.208 byte disponibili
 
< MD5 for: EXPLORER.EXE  >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Program Files (x86)\Realtek\Audio\Drivers\HDADrv\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
< MD5 for: RPCSS.DLL  >
[2010/11/21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\erdnt\cache64\rpcss.dll
[2010/11/21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\SysNative\rpcss.dll
[2010/11/21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
 
< MD5 for: SERVICES  >
[2009/06/10 23:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services
 
< MD5 for: SERVICES.ASFX  >
[2014/05/08 13:22:06 | 000,002,654 | ---- | M] () MD5=E15FCF2BC37B006CBF09EE64C0263C24 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT\Services\Services.asfx
 
< MD5 for: SERVICES.ASFX15  >
[2011/06/06 13:55:32 | 000,000,614 | R--- | M] () MD5=DCAF5E14A41328B2A5976377D7DDD969 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B744AA0100000010\10.1.0\services.asfx15
 
< MD5 for: SERVICES.CFG  >
[2011/06/06 13:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA70401B744AA0100000010\10.1.0\services.cfg
[2014/05/08 13:21:20 | 000,559,489 | ---- | M] () MD5=E829329E4886E9A3540C62114FC8E145 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
 
< MD5 for: SERVICES.DAT  >
[2014/04/06 06:32:27 | 000,004,173 | ---- | M] () MD5=ED018DB6916ACAB46011A330B4B116AA -- C:\Users\Alessandro\AppData\Local\Temp\jrt\services.dat
 
< MD5 for: SERVICES.EXE  >
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
 
< MD5 for: SERVICES.EXE.MUI  >
[2010/11/21 17:30:10 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=2DB09CB5CC5E025D1381123F00AAA71D -- C:\Windows\SysNative\it-IT\services.exe.mui
[2010/11/21 17:30:10 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=2DB09CB5CC5E025D1381123F00AAA71D -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_it-it_529d01e809d121ed\services.exe.mui
 
< MD5 for: SERVICES.LNK  >
[2009/07/14 06:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 06:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
 
< MD5 for: SERVICES.MOF  >
[2009/06/10 22:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 22:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof
 
< MD5 for: SERVICES.MSC  >
[2010/11/21 17:30:17 | 000,092,755 | ---- | M] () MD5=1452B2812DA789ABB1998CB07F97524A -- C:\Windows\SysNative\it-IT\services.msc
[2010/11/21 17:30:11 | 000,092,755 | ---- | M] () MD5=1452B2812DA789ABB1998CB07F97524A -- C:\Windows\SysWOW64\it-IT\services.msc
[2010/11/21 17:30:17 | 000,092,755 | ---- | M] () MD5=1452B2812DA789ABB1998CB07F97524A -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_it-it_8cded1d3e03abbe0\services.msc
[2010/11/21 17:30:11 | 000,092,755 | ---- | M] () MD5=1452B2812DA789ABB1998CB07F97524A -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_it-it_30c0365027dd4aaa\services.msc
[2009/06/10 23:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Program Files (x86)\Realtek\Audio\Drivers\HDADrv\services.msc
[2009/06/10 22:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2009/06/10 23:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009/06/10 22:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/06/10 23:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
 
< MD5 for: SERVICES.PTXML  >
[2009/07/13 22:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 22:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml
 
< MD5 for: SVCHOST.EXE  >
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Program Files (x86)\Realtek\Audio\Drivers\HDADrv\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
 
< MD5 for: USERINIT.EXE  >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Program Files (x86)\Realtek\Audio\Drivers\HDADrv\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\erdnt\cache64\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:42DC4246
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:B755D674

< End of report >
 



#6 ale27

ale27
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:39 AM

Posted 04 July 2014 - 02:46 PM

Extras.txt

 

OTL Extras logfile created on: 04/07/2014 21:27:45 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Alessandro\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
 
7,95 Gb Total Physical Memory | 6,03 Gb Available Physical Memory | 75,84% Memory free
15,90 Gb Paging File | 13,79 Gb Available in Paging File | 86,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,15 Gb Total Space | 21,20 Gb Free Space | 17,79% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 329,58 Gb Free Space | 35,38% Space Free | Partition Type: NTFS
Drive H: | 5542,04 Gb Total Space | 2901,89 Gb Free Space | 52,36% Space Free | Partition Type: NTFS
Drive K: | 5542,04 Gb Total Space | 2901,89 Gb Free Space | 52,36% Space Free | Partition Type: NTFS
Drive M: | 5542,04 Gb Total Space | 2901,89 Gb Free Space | 52,36% Space Free | Partition Type: NTFS
Drive P: | 5542,04 Gb Total Space | 2901,89 Gb Free Space | 52,36% Space Free | Partition Type: NTFS
Drive S: | 5542,04 Gb Total Space | 2901,89 Gb Free Space | 52,36% Space Free | Partition Type: NTFS
Drive V: | 25,00 Gb Total Space | 9,25 Gb Free Space | 37,00% Space Free | Partition Type: NTFS
Drive Z: | 5542,04 Gb Total Space | 2901,89 Gb Free Space | 52,36% Space Free | Partition Type: NTFS
 
Computer Name: OMBROMANTO | User Name: Alessandro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe" = C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe:*:Enabled:Windows Messanger -- (Microsoft Corporation)
"C:\Users\ALESSA~1\AppData\Local\Temp\4STXSJGIO3.exe" = C:\Users\ALESSA~1\AppData\Local\Temp\4STXSJGIO3.exe:*:Enabled:Windows Messanger
"C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe" = C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe:*:Enabled:Windows Messanger -- (Microsoft Corporation)
"C:\Users\ALESSA~1\AppData\Local\Temp\4STXSJGIO3.exe" = C:\Users\ALESSA~1\AppData\Local\Temp\4STXSJGIO3.exe:*:Enabled:Windows Messanger
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006A4CA4-BCE0-49BC-9C70-DA125A533020}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{09A67010-2394-4F1B-8DFF-C869C7C0AAA6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0C804DAF-C8F8-40D5-B511-2222950B585F}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{13BDA2A8-0BB3-4A4A-AD8E-69EB17B464D2}" = rport=137 | protocol=17 | dir=out | app=system |
"{140D5E1F-EEF6-44D5-B649-96F96865C96C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{220A45FE-2C68-40C0-A730-4D8D996A23F2}" = lport=445 | protocol=6 | dir=in | app=system |
"{221EA8A3-953C-4F6F-AF0B-7E07A050B9D0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{274FA621-4E87-4603-9754-F0F497B85A0D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2DFD3879-86FD-447F-9132-836770B69015}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{2FCAC3DC-3494-427D-B016-ED90E2240BBF}" = rport=139 | protocol=6 | dir=out | app=system |
"{3161D634-B872-44C5-A200-1626302E02FD}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{32E8CF2D-33F8-4817-8357-1DACB51A83E2}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{34FF0F59-4071-454B-B0D7-E84533239A5D}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{3514E286-222F-4EAF-8A60-D7514815B0BF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3544E94A-E94F-4EF4-A2DE-CC28B8F5F8ED}" = rport=10243 | protocol=6 | dir=out | app=system |
"{37F7C459-4A03-4AF4-A164-3FB6B2765030}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{3A9009BB-3597-4CB4-8BCB-FDC6E54F5FE1}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{3CB12E3A-3AC0-4357-82BC-DDF45B028CD6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3FC2B1DB-FF62-4A0F-AE8C-D77BBFC5FF8C}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{409D9391-BFC5-4941-80A7-A50891F6FFDB}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{43A1C9B4-9324-47FA-A8C7-3B57FF02CEEB}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{4415B7C6-DB32-4075-8B61-5C248C0467B2}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{4568EE2F-98F7-4F07-B5F3-B5A68D1A04CE}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{4AF25DDF-C77C-4660-8FA6-73480A4C3787}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{5884CDE9-53E0-4F9D-A694-11F1554D701A}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{5C872F6B-6239-4CD3-9945-53C14C6DAFE6}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{614C173C-778D-4B50-B98C-653A913CA6BD}" = lport=137 | protocol=17 | dir=in | app=system |
"{64C21853-97F6-467B-A8F9-710844C523D1}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{65A47D1E-63F6-416D-A707-AB020466858D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{66FBC094-116A-40F0-8FE7-A5EC7144CFBC}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{705F028A-7CDB-4876-8164-924C4D47A087}" = lport=139 | protocol=6 | dir=in | app=system |
"{7064DFBC-4B6A-420A-AECB-BA2E7CD3A440}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{787D8530-F637-4E41-9DAE-97621C078DCB}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{7A3504B4-7473-4B48-A4F6-66DF38E6A597}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{826D54BD-66C9-44CC-802F-770E73990AE1}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{844B1DD1-6002-4B3D-A488-1510EAA8727D}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{89272A2D-4DE5-48E4-AFAB-E7CACBE54A0E}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{8B1C0B7D-06DD-42D9-82B0-3DE5742C302C}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{8C2761FC-C66B-43D7-BDC9-9BB114F5A83E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8CA0AA46-2BB6-41F2-9985-3E69A47B192A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{8DA80D52-29A5-4A30-ABF0-91CEC6F9A5F0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8F67AE97-A15C-4E86-A3DB-99B8F92316A1}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{9124990A-A49D-4819-B293-357F7FB1DF8C}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{9251FD7B-8339-4B1B-A0DA-7EE1939695E7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{93688676-A42A-4AD9-A796-0CAB71F98866}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{95A2963A-E3B6-48A2-9B95-2A8D176EEE93}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9C18D31D-C144-4B0A-837C-BE542F5F8E41}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{9CA126D3-9060-4E64-B257-86B0369A4E73}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{A42A0441-3F7F-4175-BB48-1E1C78834488}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{AA6A39D5-1EFE-469A-BE6E-E4B315382B66}" = rport=445 | protocol=6 | dir=out | app=system |
"{B2F1E307-B55D-4DA8-85E8-0583167F8E64}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B6A00B69-2A1E-42A7-9748-32A2DC80E5A0}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{B7CF4D02-37F7-4D9C-BD42-1B37E4A45F45}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{BC949CD6-409B-4790-A1C0-564C0C8E0E19}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{BFB6F22B-CAE0-4E0B-9D4E-436B6DF56DE1}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{C35AE453-E35A-4318-9CF9-F588F1155451}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{C53CF284-936A-4195-93C3-BE603DA55A9A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{CC6CA18F-1B98-427F-81DD-419F222A2EA6}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{D3C06026-C657-4405-AD56-6BE37CE9246C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D55BAC8E-BE1C-467D-A256-D68C1B4C7201}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DAC05486-F487-46FC-AA5B-D8B8020640F3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{DAD8BC58-F7EA-4360-9423-A5D02F101302}" = rport=138 | protocol=17 | dir=out | app=system |
"{DB7C65B1-225E-4428-9C59-1301CBA9E256}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{DC25DD16-0EB2-4CB9-B30D-398597A67E59}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{DD7665D1-A8F8-4846-97D9-B28EF217E299}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{E68FCF75-DE96-43EE-B5C2-F290B63EB615}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{EA61C95B-4DEF-4015-97FD-B5E7E9972BE2}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{EA8F56F7-ACCB-45AC-9165-F4AF6B1F9DC8}" = lport=138 | protocol=17 | dir=in | app=system |
"{EBC1F59C-C9E6-4B4C-BF78-90E10A489A3A}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{EE95A66F-C68B-4A22-B509-A53B02375C4D}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F2D88D43-E58D-4A96-9162-018FDEA930D8}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F38978A7-B260-4FCA-8B63-B232C06FE299}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{FADC1634-929D-4EB6-9B5E-F95A2793B982}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{FBE32DD1-9AD6-459A-9027-80646DBC5ABA}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{FFD149C5-D588-4696-8E04-2045C3A629D5}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04915752-DDAB-4A86-98F9-153E3E33461D}" = protocol=6 | dir=in | app=d:\giochi\origin\battlefield 4\bf4.exe |
"{049E224F-7DD4-481D-ABDF-60C5C3907DC3}" = protocol=6 | dir=in | app=d:\giochi\virtuatennis4\vt4.exe |
"{04C33186-F57A-443A-A25D-EC6F7509849A}" = protocol=17 | dir=in | app=\\ghimli\public\driver ip camera\hsearch_en.exe |
"{05C0C2A3-E411-47C4-B414-B5F5D2E85BEB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{075B820E-D7B4-4663-A394-DA791D18F052}" = protocol=6 | dir=in | app=d:\giochi\far cry 3\bin\farcry3.exe |
"{075E356B-0B63-4FAB-AFEF-9006B552C9A9}" = protocol=6 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\war thunder\launcher.exe |
"{0868BB3B-F0E9-49B4-9B48-AF97615A42F9}" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"{092436A2-B3FB-4989-991E-C5D74B169802}" = protocol=6 | dir=in | app=c:\program files (x86)\bf3 alpha trial web plugins\sonar\sonarhost.exe |
"{0B2123FF-509C-4E36-92AA-1607C5CD7995}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{0D3C419E-5CF6-4EDF-89D4-236F0F7D00C2}" = protocol=6 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\war thunder\aces.exe |
"{0D4303C3-33C7-4655-B115-90C6B7C17717}" = protocol=6 | dir=in | app=d:\giochi\kingdoms of amalur - reckoning\reckoning.exe |
"{0F161DB3-9FE5-4120-8F6C-17BF6CE45CFF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{10513FCC-4C01-4615-83B2-CA2987B9EF22}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{113C1BAA-E134-4FB5-8D43-CFB6DDA77092}" = protocol=17 | dir=in | app=d:\giochi\star citizen\citizenclient\bin64\starcitizen.exe |
"{1142414A-1A91-4ADD-9D17-3E1EF59C3433}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1232F70C-F08A-4FB0-BFF9-9FDCFE45AFF5}" = protocol=17 | dir=in | app=d:\giochi\origin\battlefield 4\bf4.exe |
"{12CAD99A-9888-4C00-8A93-5DCC26FB551E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{13E742C4-AFFE-4EEE-B072-6228F06D6757}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{146BE883-5FD8-465F-B968-6880B5BF5AC9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{17DC14CF-2488-463D-88AB-A33CF116FC75}" = protocol=17 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\war thunder\aces.exe |
"{18C1E2EC-EFA9-4B84-8324-B6C5479D9FC4}" = protocol=17 | dir=in | app=c:\program files (x86)\xbmc\xbmc.exe |
"{198FF299-BCCC-4B5D-8D37-6526B820FFA2}" = protocol=17 | dir=in | app=d:\giochi\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{1E6A02ED-AE76-4CCE-9076-062215A308BA}" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"{230B8FEB-AB91-4E28-A3C4-CBC03068ECF7}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{2445A917-78CD-4043-8156-7BF5025E5C82}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{2504D8F7-1035-4310-9C1C-7747BCA2E8EA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{25114204-3695-40B3-AD3A-7FC4045686C0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{260443B9-4815-46A5-BC18-24664F0E27FF}" = protocol=6 | dir=in | app=d:\giochi\dirt3\dirt3_game.exe |
"{276FD628-ACF0-4A4B-84F2-2066D4FF6B42}" = protocol=6 | dir=in | app=d:\giochi\age of empires online\spartan.exe |
"{280A9590-7AC6-4986-81B6-225E648E3E9C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"{2A9E60A5-ED01-442F-8321-6049C30C4773}" = protocol=6 | dir=in | app=d:\giochi\diablo 3\diablo iii\diablo iii.exe |
"{2C5D9A97-05AE-45CE-832C-48BAF46CDCAC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{2C808EE8-F229-4CB0-899D-10F1E795CA6C}" = protocol=17 | dir=in | app=d:\giochi\far cry 3\bin\farcry3.exe |
"{2C8A4735-CAD9-4702-A0C7-0CC5291BD0B8}" = protocol=6 | dir=in | app=d:\giochi\origin\fifa 13\game\fifa13.exe |
"{2CF43FAF-9E83-4C46-9BCD-5236DD672DCB}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{2D1E2A6C-5665-4E90-8B95-47994E596D13}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{2E7C13B6-BBB5-48A5-9B0F-5049B281BBC8}" = protocol=6 | dir=in | app=g:\hsearch_en.exe |
"{2F67D08B-C14F-488C-89DD-F75A75C91881}" = protocol=6 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\magickawizardwars\wizardwars.bat |
"{2FF7301A-1128-4689-8510-BCD177F3E96D}" = protocol=17 | dir=in | app=d:\giochi\far cry 3\bin\fc3editor.exe |
"{31FE29BB-F561-43E7-9578-347412ED7CA0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{32DE0497-A56C-414A-99C6-7421BC8434D7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{36DA6534-478B-401E-8431-EFD6CE2B81C4}" = protocol=17 | dir=in | app=d:\giochi\origin\fifa 13\game\fifa13.exe |
"{37324C70-0419-46EA-9261-30D1548296AD}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{38789C62-3355-45B3-9055-EFC1C2615039}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{3AB81E0E-08A4-4F54-A786-1DC395D0EB0C}" = protocol=6 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\magickawizardwars\wizardwars.bat |
"{3BE23673-F35B-433D-81F8-5FA756E1027D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{3FA32442-C2CA-49CE-B5E0-367D83E9086A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3FEF3F5A-E3E7-4623-A2B9-D0BB70F80A26}" = protocol=17 | dir=in | app=d:\giochi\leagueoflegends\league of legends\lol.launcher.exe |
"{4131D3F8-33E8-47A4-BDAE-8D7EDD8C3040}" = protocol=17 | dir=in | app=d:\giochi\world of warcraft\launcher.exe |
"{44847328-A7B2-474E-B11D-6E846490F1BB}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{4579AB5A-0AB2-430B-B80B-9A0F95839D4A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{46506749-1C0F-4D6D-B660-A5614F6563A8}" = protocol=6 | dir=in | app=c:\program files (x86)\popcorn time\popcorntimeupdater.exe |
"{470CC61C-6866-4F7D-B639-1E1417FABE28}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{4869E1E1-9089-448F-B3FF-C06A2029CCD4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{495D773B-015E-4785-9B3F-1DF6C2D7219B}" = protocol=6 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\dota 2 beta\dota.exe |
"{4A62D4BC-988E-4EA1-BAAE-E1826679E0AD}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{4C2E11E8-E5C6-4C00-A702-2F6476D478DA}" = protocol=6 | dir=in | app=d:\giochi\nba 2k12\nba2k12.exe |
"{4D64F369-C996-49A0-B2AC-1C66B41B5DA9}" = protocol=6 | dir=out | app=c:\program files (x86)\airvideoserver\airvideoserver.exe |
"{4DCC07AA-B215-4506-A8BA-78A3DC8F30CF}" = protocol=17 | dir=in | app=d:\giochi\ssf4\ssfiv.exe |
"{54188C17-6CC4-45CE-A2B6-032C7BD3F35E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5875EBFF-7091-4DB5-B971-D3FC9A0FB00C}" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"{5978D660-6064-41AE-9934-308729FCD5AD}" = protocol=17 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\magickawizardwars\wizardwars.bat |
"{5A1E7EA4-0D5D-4E82-8ECE-0021B3E588E0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5AA24258-2047-4182-A5B8-7878A1CE008C}" = protocol=6 | dir=in | app=c:\program files (x86)\airvideoserver\airvideoserver.exe |
"{5BF0B189-6600-47C3-9693-5AF1E1F12A97}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{5C622CDA-7D98-4D6E-BC60-8D3B1A6D88CB}" = protocol=17 | dir=in | app=c:\users\alessandro\appdata\roaming\popcorn time\node-webkit\nw.exe |
"{5D13D4E5-514E-4E84-9B18-C6464835117A}" = protocol=6 | dir=in | app=d:\giochi\world of warcraft\launcher.exe |
"{5EC5A4CF-88E4-42C5-9EA3-A0D2EC57385C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{6042DD53-AED6-4811-B100-221EFDF3C119}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{60706C07-49BD-46CD-9C64-A860459377B1}" = protocol=6 | dir=in | app=d:\giochi\ssf4\ssfiv.exe |
"{60CB3990-C1BE-495B-B06B-39003852911C}" = protocol=17 | dir=in | app=g:\hsearch_en.exe |
"{621760E6-0E39-4CF9-B9EF-C926149413E2}" = protocol=6 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\magickawizardwars\wizardwars.bat |
"{626BCECF-BD6E-4BE9-AD33-CE729EC302F0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{63ACB0F9-2C0B-4F83-A33A-AAF7664E2DA7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{63DA7EEB-7443-4D3D-AC9E-2C7B20CED276}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{666AE52F-34A0-4A78-BF20-2A4FFA553878}" = protocol=17 | dir=in | app=d:\giochi\nba 2k12\nba2k12.exe |
"{66E31196-1F7C-4ECF-9431-89454754CF4C}" = protocol=6 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe |
"{69ABFA1D-BC34-4E57-8EBF-EE8B451E695B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{6AECEBB4-56E2-4F9B-B65C-124A93CB6437}" = protocol=17 | dir=in | app=c:\program files (x86)\popcorn time\popcorntimeupdater.exe |
"{6D1697A4-96E7-43C1-AB5B-E92D43B7C932}" = protocol=6 | dir=in | app=c:\program files (x86)\popcorn time\popcorntimedesktop.exe |
"{6E730E17-5EF1-4A3D-99D3-7DEFC4378D0D}" = protocol=17 | dir=in | app=c:\program files (x86)\relevantknowledge\rlvknlg.exe |
"{702C4462-B238-4562-B9BA-A327FD64614C}" = protocol=6 | dir=in | app=d:\giochi\leagueoflegends\league of legends\lol.launcher.exe |
"{708C0FC9-A38A-420C-9CF5-FB41DE571792}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{74DFAD8A-571A-4C6F-8B32-6996F581FF3F}" = protocol=6 | dir=in | app=d:\giochi\sota\launcher.exe |
"{77117167-76C5-4C58-844C-C79D10CC2B3E}" = protocol=17 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\dota 2 beta\dota.exe |
"{7798788D-7F2A-4008-BEC9-2A85CA71FB7E}" = protocol=6 | dir=in | app=c:\program files (x86)\ipcmonitor_en\ipcmonitor.exe |
"{7A15D53A-EBF1-46B1-99DA-535A37FB828D}" = protocol=6 | dir=in | app=d:\giochi\leagueoflegends\league of legends\rads\solutions\lol_game_client_sln\releases\0.0.0.238\deploy\league of legends.exe |
"{7AEC8370-780C-47BD-9B7F-359D404E2DA4}" = protocol=6 | dir=in | app=c:\program files (x86)\xbmc\xbmc.exe |
"{7B2DEBAD-CAD7-4FFD-921E-8FC9042D3CB8}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{7DC8E858-8C94-4CDA-B0D6-0F72EB502FF0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{7DD30598-32D9-4CCB-830D-A54FB49E6559}" = protocol=17 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\magickawizardwars\wizardwars.bat |
"{7F29A848-056A-4197-BD2E-C4D38E0302F7}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{82071092-A8B8-43CF-ABC1-FB2E55776141}" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"{828C4894-B7F9-48CE-8137-DF9F8FAD2BCA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{82B84E44-352D-49C3-8785-6B427AC3CE9C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8351A8B1-33B2-401A-BC56-ED920A6B04AA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{8360649C-2DA8-40B1-8F2A-3839C993260A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"{845F6644-23FD-4E77-B655-F8367060A199}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{85CF9429-076B-4631-A695-524D83C46FA5}" = protocol=6 | dir=in | app=d:\giochi\pes 2014\pes2014.exe |
"{8678557A-3123-49AE-B38B-9FB721332DCA}" = protocol=6 | dir=in | app=c:\program files (x86)\time4popcorn\popcorn time\popcorn-time.exe |
"{8BA610E6-F9D4-4C05-83DF-BEDAB3E653C9}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{8E8B3295-F1DA-4B98-AD02-ACA41C493C5F}" = protocol=6 | dir=in | app=d:\giochi\far cry 3\bin\farcry3_d3d11.exe |
"{8F44BB33-2B4A-410E-ACA6-EA6E5B651F6B}" = protocol=17 | dir=in | app=d:\giochi\pes 2014\pes2014.exe |
"{902F4A6A-04C1-4AC8-9DB6-BBE066BC5707}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{9098F95A-A1BC-4087-AA9B-D65AC99CA4CB}" = protocol=17 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\magickawizardwars\wizardwars.bat |
"{92208E5D-1548-4F05-B1D7-4987BC8E3020}" = protocol=17 | dir=in | app=d:\giochi\far cry 3\bin\fc3updater.exe |
"{956C4769-E64C-4575-B12B-69D8BE3F4D11}" = protocol=17 | dir=in | app=c:\program files (x86)\popcorn time\popcorntimedesktop.exe |
"{95F90450-B235-46A1-82C9-B7BE5626E4DA}" = protocol=17 | dir=in | app=c:\program files (x86)\bf3 alpha trial web plugins\sonar\sonarhost.exe |
"{96735492-7B42-43D5-8EA5-8171290C15C3}" = protocol=17 | dir=in | app=c:\program files (x86)\ipcmonitor_en\ipcmonitor.exe |
"{96C0C166-8662-4538-9DA0-3B57A4E2B324}" = protocol=6 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\magickawizardwars\wizardwars.bat |
"{97BCCACD-BAEF-403D-93DB-59B3872608EB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{9911C817-E225-4EDD-B1C0-E51FFFD1105F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{99CEB6ED-0619-4504-B2F7-2946A84D01A0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{9C66D3A7-7C73-4C69-8834-A0DB69CC1542}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{9EDD1C02-CA9D-4DA8-8673-163D00A25043}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A225A55B-451C-4824-BD3F-7342511CF800}" = protocol=17 | dir=in | app=d:\giochi\sota\launcher.exe |
"{A4BF8192-5260-4269-847D-8E42E8DDC734}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A72DCD7B-BB07-456E-9477-83C2CF73C2A9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{A7913BA8-D613-49AA-B493-A02B017677E0}" = protocol=6 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\magickawizardwars\wizardwars.bat |
"{A7E15FB0-08F4-4A46-A332-1AC1ADBF82A8}" = protocol=17 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\magickawizardwars\wizardwars.bat |
"{A90F0436-5863-45F9-8F94-268445362AC9}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{A9DDC1F7-73EC-4E6A-8A75-06414DCCF6DD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AA34C89B-BF52-4FD2-871E-0089CAEE62F8}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe |
"{AAEF04E9-0429-4411-86A7-52C812DC016C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AB91C592-2FE2-44F8-B15B-A1A9AADD782A}" = protocol=17 | dir=in | app=d:\giochi\origin\battlefield 3\bf3.exe |
"{AC8A0FFE-DCAA-4E77-A717-ED374DD748F3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{B3387C2A-DC8B-4518-BC1C-093A144D7EC5}" = protocol=6 | dir=in | app=d:\giochi\origin\battlefield 4\bf4_x86.exe |
"{B4B26E8E-2B60-41BB-B958-CA54D5DCE1C2}" = protocol=6 | dir=in | app=c:\program files (x86)\popcorn time\popcorntimedesktop.exe |
"{B59E1392-181E-4182-8558-1506D4F96EDB}" = protocol=6 | dir=in | app=c:\program files (x86)\ipcmonitor_en\ipcmonitor.exe |
"{B65E37C0-288E-42EC-9A7B-87315B223FD6}" = protocol=17 | dir=in | app=d:\giochi\leagueoflegends\league of legends\rads\solutions\lol_game_client_sln\releases\0.0.0.238\deploy\league of legends.exe |
"{B670ED44-C7F7-43FF-BD89-B6DA01955FA8}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B6ADDC6C-BD09-4100-A764-17B535BD28B5}" = protocol=6 | dir=out | app=system |
"{BDDBEE0F-29E4-41AF-B0FC-51D30F5761C0}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{BDF331AD-5936-4952-88AA-87A2943738C3}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{C0AEFAE2-8AAF-4E4D-9DB0-07D36EA6C5FC}" = protocol=17 | dir=in | app=d:\giochi\virtuatennis4\vt4.exe |
"{C1ECF257-BB32-4DE2-A09B-B44BC5C603A8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C32281ED-3D49-4414-A70F-ED63097371D4}" = protocol=17 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\war thunder\launcher.exe |
"{C5854D0A-5E93-4B32-A2AE-542064F9898C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{C65852CB-1A39-4965-B09B-6AAF42EF5A48}" = protocol=17 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe |
"{C6941C9F-642F-42A8-93BC-7601488AC153}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6D75557-0177-4562-9CDE-F96CAF9F3525}" = protocol=17 | dir=in | app=d:\giochi\diablo 3\diablo iii\diablo iii.exe |
"{C96A953A-2F3D-43A9-95ED-11496F24A8BD}" = protocol=17 | dir=in | app=c:\program files (x86)\popcorn time\popcorntimedesktop.exe |
"{CC29F3F1-2416-4083-9B43-373F2E7684EF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{CC408744-8972-43C8-948F-34C09F36328A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\{7e0e61cc-1c99-429d-bea7-c4dd5b898d2a}\setup\hpznui40.exe |
"{CDF1D52B-68AE-4CEE-9517-00AE1D115258}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{CE2EBF8A-BA6A-41ED-8BD7-343322E821A1}" = protocol=17 | dir=in | app=c:\program files (x86)\popcorn time\popcorntimeupdater.exe |
"{CEDF7A71-C227-4956-920D-B35796590947}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D0351AA8-6FD5-4ACA-BC16-F5A02B547924}" = protocol=6 | dir=in | app=c:\program files (x86)\popcorn time\popcorntimeupdater.exe |
"{D0F3582C-EF6B-4BCD-964F-5F41A3B6CF4F}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{D1A0E97B-CAE7-4579-862C-9D3949F6F4DE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D7D782C4-8479-4011-AFD1-2E3AA46291EA}" = protocol=17 | dir=in | app=c:\program files (x86)\ipcmonitor_en\ipcmonitor.exe |
"{DD020BB6-73EB-4A80-A768-D39D499729A0}" = protocol=17 | dir=in | app=d:\giochi\far cry 3\bin\farcry3_d3d11.exe |
"{E0ED4F8F-7186-499E-A83F-E3E8528B53CD}" = protocol=6 | dir=in | app=d:\giochi\origin\battlefield 3\bf3.exe |
"{E1766250-9082-45A6-884F-FE2724FF24CA}" = protocol=17 | dir=in | app=d:\giochi\age of empires online\spartan.exe |
"{E22E31E1-03DF-4B01-8A48-8001C2C44A8A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E2AB381A-6AFA-4743-9056-286EAA423738}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{E390C18C-C933-4DAB-B4DA-200E32EA9FA7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{E419C2B2-989A-4575-B3C9-A270D4030502}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{E4FFEF82-3660-42D3-B37F-E63FC8360D0D}" = protocol=17 | dir=in | app=d:\giochi\kingdoms of amalur - reckoning\reckoning.exe |
"{E59ECB3B-A029-4393-B2E0-DC9949876E05}" = protocol=6 | dir=in | app=d:\giochi\star citizen\citizenclient\bin64\starcitizen.exe |
"{E5E27BDE-4D74-4C36-94FA-7B41652F8E03}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-2.1.1.1897-engb-tools-downloader.exe |
"{E826D7EB-2E2D-4C55-B083-AE7733A9887E}" = protocol=17 | dir=in | app=d:\giochi\origin\battlefield 4\bf4_x86.exe |
"{E8A480AA-5B7C-449C-AD9A-170F4C20BD97}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{E95BC060-18B1-46E6-A6B6-02BD8A221448}" = protocol=6 | dir=in | app=d:\giochi\far cry 3\bin\fc3updater.exe |
"{EA54968A-0047-4302-9C30-F3CC4536AD36}" = protocol=6 | dir=in | app=d:\giochi\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{EB9A1BD6-9ACE-45A5-A1E2-AE83A1DE176B}" = protocol=17 | dir=in | app=d:\giochi\dirt3\dirt3_game.exe |
"{ED1070C5-07D6-45D1-B94A-5E38DD198533}" = protocol=6 | dir=in | app=c:\users\alessandro\appdata\roaming\popcorn time\node-webkit\nw.exe |
"{EE492F1E-6618-442C-87A4-DF208425C72C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F0BBC2CB-3304-4E3B-94D5-8E4FF115A5BC}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{F1D15885-F0B0-4CEB-9D8A-B2A2A40696E0}" = protocol=6 | dir=in | app=c:\program files (x86)\relevantknowledge\rlvknlg.exe |
"{F24FA70B-3BED-4870-BAAE-9078E9A7EB1B}" = protocol=6 | dir=in | app=\\ghimli\public\driver ip camera\hsearch_en.exe |
"{F3AD53A2-8E46-43AA-B6B2-22E11AD74D2E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F8DE4E3A-D0CA-473B-9158-648E2755885E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FBB3134C-5163-4257-8003-508E0ECB3116}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{FE4F3226-B699-41CB-8297-5B9B03B8FD23}" = protocol=6 | dir=in | app=d:\giochi\far cry 3\bin\fc3editor.exe |
"{FE6CB2BC-00A6-44E2-81B6-63300AE082E4}" = protocol=17 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\magickawizardwars\wizardwars.bat |
"{FFB50DDB-9089-4263-AEE8-643FA713AAC8}" = protocol=17 | dir=in | app=c:\program files (x86)\time4popcorn\popcorn time\popcorn-time.exe |
"TCP Query User{03B6375E-ACFA-475D-9198-C4A9597F5746}D:\giochi\mortal online\mortal online launcher.exe" = protocol=6 | dir=in | app=d:\giochi\mortal online\mortal online launcher.exe |
"TCP Query User{09653EBD-4C06-40F3-81B5-6E59DA04530A}D:\giochi\witcher2\bin\witcher2.exe" = protocol=6 | dir=in | app=d:\giochi\witcher2\bin\witcher2.exe |
"TCP Query User{1529C107-113B-49D1-859E-C6C3ED9CE856}D:\giochi\pes 2014\pes2014.exe" = protocol=6 | dir=in | app=d:\giochi\pes 2014\pes2014.exe |
"TCP Query User{222B4DCB-3981-4E57-B04E-8DC2901DF39B}D:\giochi\uo ml\4.0.11_no_crypt_client_2d.exe" = protocol=6 | dir=in | app=d:\giochi\uo ml\4.0.11_no_crypt_client_2d.exe |
"TCP Query User{25383132-DE4B-4020-A516-7CEDF13DE674}D:\giochi\batman arkham city\batman2\binaries\win32\batmanac.exe" = protocol=6 | dir=in | app=d:\giochi\batman arkham city\batman2\binaries\win32\batmanac.exe |
"TCP Query User{38553505-AFF6-496E-A7E6-0D5B35DB5AA3}D:\udk\udk beta ago-11\binaries\win32\udk.exe" = protocol=6 | dir=in | app=d:\udk\udk beta ago-11\binaries\win32\udk.exe |
"TCP Query User{3A5403AE-7108-47A6-9EE4-6B51AF16B7C1}C:\utility\winscp419.exe" = protocol=6 | dir=in | app=c:\utility\winscp419.exe |
"TCP Query User{44EDB24F-3647-4B80-8B5B-57B2C8304595}D:\giochi\steamlibrary\steamapps\common\dota 2 beta\dota.exe" = protocol=6 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\dota 2 beta\dota.exe |
"TCP Query User{4943F9C1-12C8-43EA-880C-786733760611}D:\cryengine\bin64\launcher.exe" = protocol=6 | dir=in | app=d:\cryengine\bin64\launcher.exe |
"TCP Query User{49C194D7-B8BB-4B16-825C-708A20D9955C}D:\giochi\neverwinter\neverwinter\live\gameclient.exe" = protocol=6 | dir=in | app=d:\giochi\neverwinter\neverwinter\live\gameclient.exe |
"TCP Query User{4AB9566A-5C48-43F6-9478-897079DA1A5B}D:\giochi\sota\launcher.exe" = protocol=6 | dir=in | app=d:\giochi\sota\launcher.exe |
"TCP Query User{4ACD7BA0-5C10-42C2-B224-76179265F1EF}D:\giochi\darkfall\lobby.exe" = protocol=6 | dir=in | app=d:\giochi\darkfall\lobby.exe |
"TCP Query User{5DF308E9-F346-4169-9DA5-2F6A59685AAF}D:\giochi\nfs-shift2\shift2u.exe" = protocol=6 | dir=in | app=d:\giochi\nfs-shift2\shift2u.exe |
"TCP Query User{6048F58D-2592-499A-B7D2-BBD2C44F1A2D}D:\eclipse 64bit\eclipse\eclipse.exe" = protocol=6 | dir=in | app=d:\eclipse 64bit\eclipse\eclipse.exe |
"TCP Query User{61F568A4-7373-4052-B665-DE3FC86BC7DB}C:\users\alessandro\desktop\nuova cartella\sge.exe" = protocol=6 | dir=in | app=c:\users\alessandro\desktop\nuova cartella\sge.exe |
"TCP Query User{7073B3EA-F9A5-4B6E-82AE-E60584FC9EA1}C:\users\alessandro\appdata\local\microsoft\age of empires online\spartan.exe" = protocol=6 | dir=in | app=c:\users\alessandro\appdata\local\microsoft\age of empires online\spartan.exe |
"TCP Query User{73327BCA-3D78-4D3A-B921-6C8D55CCC350}D:\giochi\star citizen\citizenclient\bin64\starcitizen.exe" = protocol=6 | dir=in | app=d:\giochi\star citizen\citizenclient\bin64\starcitizen.exe |
"TCP Query User{77763C7D-3837-4A75-8D4E-5BDAB25C58AB}C:\users\alessandro\appdata\roaming\gyration\motiontools\updater\gyrationwebupdater.exe" = protocol=6 | dir=in | app=c:\users\alessandro\appdata\roaming\gyration\motiontools\updater\gyrationwebupdater.exe |
"TCP Query User{88075875-0F54-438C-AA1E-0BB91FE65A4C}D:\giochi\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=d:\giochi\world of warcraft\backgrounddownloader.exe |
"TCP Query User{90096C9A-E19D-4D8F-9716-091F53B04485}C:\program files (x86)\qnap\finder\finder.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qnap\finder\finder.exe |
"TCP Query User{92D4096C-6876-4131-A1BE-DB12E12317EA}C:\users\alessandro\appdata\roaming\popcorn time\node-webkit\nw.exe" = protocol=6 | dir=in | app=c:\users\alessandro\appdata\roaming\popcorn time\node-webkit\nw.exe |
"TCP Query User{95485EEB-A34D-4E28-95D2-76E8E75A160D}C:\users\alessandro\desktop\neverwinter_nw.1.20130416a.6.exe" = protocol=6 | dir=in | app=c:\users\alessandro\desktop\neverwinter_nw.1.20130416a.6.exe |
"TCP Query User{96F561F8-7A2B-4FD6-A985-E949BAF3B105}C:\utility\winscp419.exe" = protocol=6 | dir=in | app=c:\utility\winscp419.exe |
"TCP Query User{99AE35BC-EA99-4BBE-B3CF-A5F664D72F48}D:\unity\editor\unity.exe" = protocol=6 | dir=in | app=d:\unity\editor\unity.exe |
"TCP Query User{9A805323-CC52-4E08-B5DB-4AA73EB3E22D}D:\udk\udk beta ago-11\binaries\win64\udk.exe" = protocol=6 | dir=in | app=d:\udk\udk beta ago-11\binaries\win64\udk.exe |
"TCP Query User{9B9AF7CA-9F48-410E-A018-92392FE283AB}C:\users\alessandro\appdata\local\aptana studio 3\aptanastudio3.exe" = protocol=6 | dir=in | app=c:\users\alessandro\appdata\local\aptana studio 3\aptanastudio3.exe |
"TCP Query User{9CEC38B0-0B7F-4EFD-8AFE-D6E7C4050AB6}C:\users\alessandro\desktop\ipcam\search ip camera\search ip camera.exe" = protocol=6 | dir=in | app=c:\users\alessandro\desktop\ipcam\search ip camera\search ip camera.exe |
"TCP Query User{ADE9DFFA-DAC1-4AE2-B0EE-12E47C64F745}D:\giochi\bf.play4free\bfp4f.exe" = protocol=6 | dir=in | app=d:\giochi\bf.play4free\bfp4f.exe |
"TCP Query User{AE491691-6905-4DC3-ADC9-348E920BA9BD}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{B2C49585-F836-4814-8921-BE82D297E60F}D:\giochi\steamlibrary\steamapps\common\war thunder\aces.exe" = protocol=6 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\war thunder\aces.exe |
"TCP Query User{B7A9BFDE-D0F6-4CE9-A6AF-AA35835E5E50}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{B7DF0E89-0BD6-46F2-BA5E-B11A05603E88}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{C0D2AC8D-41DB-43BC-B40E-579CFAC3FB0B}D:\iso\iso giochi\need for speed the run limited edition - multi 8 - optimus-games.net\need for speed the run.exe" = protocol=6 | dir=in | app=d:\iso\iso giochi\need for speed the run limited edition - multi 8 - optimus-games.net\need for speed the run.exe |
"TCP Query User{C87DE099-685C-42A3-920B-B41CD5067BF5}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{C9BC907A-A64D-407E-9FA3-746E1C3C1A86}C:\users\alessandro\appdata\roaming\gyration\motiontools\motiontools.exe" = protocol=6 | dir=in | app=c:\users\alessandro\appdata\roaming\gyration\motiontools\motiontools.exe |
"TCP Query User{CBD16310-2DD5-4DA7-A8FE-51CB042F42A0}C:\users\alessandro\appdata\roaming\gyration\motiontools\motiontools.exe" = protocol=6 | dir=in | app=c:\users\alessandro\appdata\roaming\gyration\motiontools\motiontools.exe |
"TCP Query User{CE8A3FB5-1B26-4C52-B9A4-4E42685FC330}C:\program files (x86)\xbmc\xbmc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xbmc\xbmc.exe |
"TCP Query User{D1B9E447-B3AF-4A70-91FC-CA88FF561CC1}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{D1CBF020-D2B5-4979-8032-D42BF76A2DD5}C:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitcoin\bitcoin-qt.exe |
"TCP Query User{D64E0239-CE33-4004-BF14-45234D2DAFF4}D:\giochi\mortal online\mortalonline\unrealengine3\binaries\win32\mortalonline.exe" = protocol=6 | dir=in | app=d:\giochi\mortal online\mortalonline\unrealengine3\binaries\win32\mortalonline.exe |
"TCP Query User{E2EDE004-A99D-49AC-9042-E003A098AC47}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{E6BD6E32-E660-4F47-8423-7164634D8738}C:\program files (x86)\mseven software\mbackup\mbackup.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mseven software\mbackup\mbackup.exe |
"TCP Query User{EA5082E7-51BB-4AE4-B3E3-1E7999AD7EDF}C:\program files (x86)\time4popcorn\popcorn time\popcorn-time.exe" = protocol=6 | dir=in | app=c:\program files (x86)\time4popcorn\popcorn time\popcorn-time.exe |
"TCP Query User{EAEA0BD5-B5B1-4C3E-BCC7-8D8699ED5FA0}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{EF330400-89A5-4E96-B0C1-6E2A20F4747F}C:\users\alessandro\downloads\diablo-iii-8370-itit-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\alessandro\downloads\diablo-iii-8370-itit-installer-downloader.exe |
"TCP Query User{F32CD6AD-EE22-418D-88F6-656A2EA86F95}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"TCP Query User{F524E3D3-DE30-47DC-B152-611723D7C477}C:\program files (x86)\realterm\realterm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\realterm\realterm.exe |
"TCP Query User{FBD54C2C-AF7F-4D78-BEA8-D160A836575A}D:\giochi\steamlibrary\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe" = protocol=6 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe |
"TCP Query User{FD6236AC-B7C3-4547-B043-35755AFEFCDA}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{05A19B56-BDD1-46AF-89CF-08E60D31223E}D:\giochi\neverwinter\neverwinter\live\gameclient.exe" = protocol=17 | dir=in | app=d:\giochi\neverwinter\neverwinter\live\gameclient.exe |
"UDP Query User{16E00ADC-B82A-4CAE-A530-3D972CB6496B}C:\utility\winscp419.exe" = protocol=17 | dir=in | app=c:\utility\winscp419.exe |
"UDP Query User{18394854-2BF3-471C-81A6-DD6AFE6434F1}C:\users\alessandro\desktop\neverwinter_nw.1.20130416a.6.exe" = protocol=17 | dir=in | app=c:\users\alessandro\desktop\neverwinter_nw.1.20130416a.6.exe |
"UDP Query User{1C112785-D965-4FC2-9DDE-65ECEABDE54E}C:\users\alessandro\appdata\roaming\gyration\motiontools\motiontools.exe" = protocol=17 | dir=in | app=c:\users\alessandro\appdata\roaming\gyration\motiontools\motiontools.exe |
"UDP Query User{26520B91-A1BE-4BAF-96C4-D6366537B0FF}D:\giochi\uo ml\4.0.11_no_crypt_client_2d.exe" = protocol=17 | dir=in | app=d:\giochi\uo ml\4.0.11_no_crypt_client_2d.exe |
"UDP Query User{29081C8E-0BA7-4E18-9A12-8C8371180960}D:\giochi\pes 2014\pes2014.exe" = protocol=17 | dir=in | app=d:\giochi\pes 2014\pes2014.exe |
"UDP Query User{2A12422D-B33C-49FC-940B-43D9010F3C01}C:\users\alessandro\desktop\ipcam\search ip camera\search ip camera.exe" = protocol=17 | dir=in | app=c:\users\alessandro\desktop\ipcam\search ip camera\search ip camera.exe |
"UDP Query User{306B191D-CDC1-4930-82C9-C4F06769F4AB}C:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitcoin\bitcoin-qt.exe |
"UDP Query User{321A29BD-C7E6-4D1B-B5FD-8D20423BFD71}D:\giochi\batman arkham city\batman2\binaries\win32\batmanac.exe" = protocol=17 | dir=in | app=d:\giochi\batman arkham city\batman2\binaries\win32\batmanac.exe |
"UDP Query User{3A3D3B1B-7844-4E8F-83BD-AA44B3F7087F}D:\giochi\sota\launcher.exe" = protocol=17 | dir=in | app=d:\giochi\sota\launcher.exe |
"UDP Query User{411B3C11-0906-4C4A-9A4B-20B8077A8FCC}D:\giochi\darkfall\lobby.exe" = protocol=17 | dir=in | app=d:\giochi\darkfall\lobby.exe |
"UDP Query User{451FEB0E-F6B8-4FBF-8D73-8B8995559B57}C:\program files (x86)\xbmc\xbmc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xbmc\xbmc.exe |
"UDP Query User{4FE38ACB-6C6F-4257-BB4B-9C1A7C18977B}D:\giochi\witcher2\bin\witcher2.exe" = protocol=17 | dir=in | app=d:\giochi\witcher2\bin\witcher2.exe |
"UDP Query User{4FE63D1D-46B2-4C5E-B2E9-A58BC2487E31}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{55C33B36-8E69-4CD9-94C2-A820807F92D7}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{5722C962-7882-4103-85C6-845CFF0CE167}D:\giochi\bf.play4free\bfp4f.exe" = protocol=17 | dir=in | app=d:\giochi\bf.play4free\bfp4f.exe |
"UDP Query User{599DCDEA-4670-4592-9E4D-410B501C4A79}D:\cryengine\bin64\launcher.exe" = protocol=17 | dir=in | app=d:\cryengine\bin64\launcher.exe |
"UDP Query User{60A1071B-C1B8-4547-9844-FC59BF52F868}D:\giochi\nfs-shift2\shift2u.exe" = protocol=17 | dir=in | app=d:\giochi\nfs-shift2\shift2u.exe |
"UDP Query User{6210BC9A-C33B-4243-ACCF-0925D2C491A5}C:\users\alessandro\appdata\roaming\gyration\motiontools\updater\gyrationwebupdater.exe" = protocol=17 | dir=in | app=c:\users\alessandro\appdata\roaming\gyration\motiontools\updater\gyrationwebupdater.exe |
"UDP Query User{68121BDB-3070-446F-ADA0-AEF74FED9657}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{6E4DBE7A-D45B-4EB4-ADE1-CF2FA04D5D32}D:\giochi\star citizen\citizenclient\bin64\starcitizen.exe" = protocol=17 | dir=in | app=d:\giochi\star citizen\citizenclient\bin64\starcitizen.exe |
"UDP Query User{7ABDC4DA-7A82-4F2C-BD31-40F33FCD3C7C}D:\giochi\mortal online\mortal online launcher.exe" = protocol=17 | dir=in | app=d:\giochi\mortal online\mortal online launcher.exe |
"UDP Query User{863604A1-D425-48DE-93B7-F8DC96F01B78}C:\users\alessandro\appdata\local\microsoft\age of empires online\spartan.exe" = protocol=17 | dir=in | app=c:\users\alessandro\appdata\local\microsoft\age of empires online\spartan.exe |
"UDP Query User{88582CEC-FAED-4651-B992-AE994DB75D96}C:\program files (x86)\time4popcorn\popcorn time\popcorn-time.exe" = protocol=17 | dir=in | app=c:\program files (x86)\time4popcorn\popcorn time\popcorn-time.exe |
"UDP Query User{889B1C16-8B01-4739-9808-D5C4EF7AC964}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"UDP Query User{88C18EBE-15F8-4CC9-B0B8-6F12E451DCDE}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{8B8BEB86-27F1-40DD-AA67-497A3247CED9}C:\utility\winscp419.exe" = protocol=17 | dir=in | app=c:\utility\winscp419.exe |
"UDP Query User{93FD043B-A61D-422F-9D69-3D72FA13C75E}D:\udk\udk beta ago-11\binaries\win32\udk.exe" = protocol=17 | dir=in | app=d:\udk\udk beta ago-11\binaries\win32\udk.exe |
"UDP Query User{9B4CFE9C-BC7A-414E-A3C0-D6783C9B80EC}D:\unity\editor\unity.exe" = protocol=17 | dir=in | app=d:\unity\editor\unity.exe |
"UDP Query User{A2A41AF5-E371-4734-AFB4-224BCFF09B1C}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{A6872C0D-6B65-4F88-974C-7DCD9E96CE87}C:\program files (x86)\qnap\finder\finder.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qnap\finder\finder.exe |
"UDP Query User{A9B940C2-9FF8-4EF7-A67E-D34F3F189C43}D:\eclipse 64bit\eclipse\eclipse.exe" = protocol=17 | dir=in | app=d:\eclipse 64bit\eclipse\eclipse.exe |
"UDP Query User{AD8B1044-F53E-4410-B9C4-A3D554800EBB}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{B92F1185-A3EE-451C-A91F-C4B77C24C41C}C:\users\alessandro\appdata\roaming\gyration\motiontools\motiontools.exe" = protocol=17 | dir=in | app=c:\users\alessandro\appdata\roaming\gyration\motiontools\motiontools.exe |
"UDP Query User{BBDC6039-449D-4A53-8F86-B6E603CC85C4}D:\iso\iso giochi\need for speed the run limited edition - multi 8 - optimus-games.net\need for speed the run.exe" = protocol=17 | dir=in | app=d:\iso\iso giochi\need for speed the run limited edition - multi 8 - optimus-games.net\need for speed the run.exe |
"UDP Query User{C01C97F9-4E49-4A9E-B47C-4C26F1C2AA37}D:\giochi\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=d:\giochi\world of warcraft\backgrounddownloader.exe |
"UDP Query User{D19C0C65-FE5D-4CF3-9A74-BD21D1280218}D:\udk\udk beta ago-11\binaries\win64\udk.exe" = protocol=17 | dir=in | app=d:\udk\udk beta ago-11\binaries\win64\udk.exe |
"UDP Query User{D8D00977-1039-461C-80EA-56D1CE3211F1}C:\users\alessandro\appdata\roaming\popcorn time\node-webkit\nw.exe" = protocol=17 | dir=in | app=c:\users\alessandro\appdata\roaming\popcorn time\node-webkit\nw.exe |
"UDP Query User{DCDEA6EC-EBE4-4DAE-BC49-970E477053DA}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{DEB96F7B-B33E-4E61-A2A6-EF92525AE024}C:\users\alessandro\downloads\diablo-iii-8370-itit-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\alessandro\downloads\diablo-iii-8370-itit-installer-downloader.exe |
"UDP Query User{DEBB8649-A6E1-42A2-8B9D-76186531DD31}D:\giochi\mortal online\mortalonline\unrealengine3\binaries\win32\mortalonline.exe" = protocol=17 | dir=in | app=d:\giochi\mortal online\mortalonline\unrealengine3\binaries\win32\mortalonline.exe |
"UDP Query User{E5CEF86A-C5E3-43B0-B294-3CC1F7FD2820}C:\program files (x86)\mseven software\mbackup\mbackup.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mseven software\mbackup\mbackup.exe |
"UDP Query User{EF4D68B8-EF67-4E66-AD66-ACFD9E81DD80}D:\giochi\steamlibrary\steamapps\common\war thunder\aces.exe" = protocol=17 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\war thunder\aces.exe |
"UDP Query User{F4473D01-808E-46E4-9170-5C64A7F2E857}D:\giochi\steamlibrary\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe" = protocol=17 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\magickawizardwars\bitsquid_win32_dev.exe |
"UDP Query User{F50E741F-DF16-42AE-9B02-178C22D82B6E}C:\users\alessandro\desktop\nuova cartella\sge.exe" = protocol=17 | dir=in | app=c:\users\alessandro\desktop\nuova cartella\sge.exe |
"UDP Query User{F684BB85-16FA-4EE0-9679-9E3D7A18C737}C:\users\alessandro\appdata\local\aptana studio 3\aptanastudio3.exe" = protocol=17 | dir=in | app=c:\users\alessandro\appdata\local\aptana studio 3\aptanastudio3.exe |
"UDP Query User{FC2BC8DD-AEE7-4492-97F1-A9CD1E15B9E4}C:\program files (x86)\realterm\realterm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\realterm\realterm.exe |
"UDP Query User{FEFE34D7-81B3-47B0-97E0-B1FC6CCFA346}D:\giochi\steamlibrary\steamapps\common\dota 2 beta\dota.exe" = protocol=17 | dir=in | app=d:\giochi\steamlibrary\steamapps\common\dota 2 beta\dota.exe |
"UDP Query User{FF8A0566-31CA-4522-AA37-43B8D1B17705}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}" = iTunes
"{0DA20600-6130-443B-9D4B-F30520315FA6}" = Servizi di stampa Bonjour
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}" = Centro gestione Mouse e Tastiere Microsoft
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{394CEF49-65D3-4851-863A-84CEF6C60906}" = Pacchetto di codec della fotocamera Microsoft
"{3AED9DC1-F17E-4DF2-80F4-D577DFBCEE9D}" = Microsoft Xbox 360 Accessories 1.2
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{537056B7-32A4-4408-9B54-0341963C7C9C}" = UltraMon
"{5E94829C-D2B9-3779-BA6C-1ACCDED3800E}" = Microsoft .NET Framework 4.5.1 (ITA)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170170}" = Java SE Development Kit 7 Update 17 (64-bit)
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0410-1000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2010
"{90140000-0016-0410-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2010
"{90140000-0018-0410-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2010
"{90140000-0019-0410-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2010
"{90140000-001A-0410-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2010
"{90140000-001B-0410-1000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0410-1000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0410-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Italian) 2010
"{90140000-0044-0410-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2010
"{90140000-006E-0410-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2010
"{90140000-00A1-0410-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2010
"{90140000-00BA-0410-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2010
"{90140000-00D1-0410-1000-0000000FF1CE}" = Microsoft Access database engine 2010 (Italian)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040" = Microsoft .NET Framework 4.5.1 (Italiano)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Driver 3D Vision 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Pannello di controllo NVIDIA 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver grafico 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.0.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Driver del controller 3D Vision 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aggiornamenti NVIDIA 12.4.67
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Driver audio HD 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 12.4.67
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}" = Apple Mobile Device Support
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.57
"EPSON BX925 Series" = Disinstalla EPSON BX925 Series Printer
"ffdshow64_is1" = ffdshow x64 v1.1.4342 [2012-02-28]
"Logitech Gaming Software" = Logitech Gaming Software 8.20
"Logitech Unifying" = Software Logitech Unifying 2.10
"Microsoft Mouse and Keyboard Center" = Centro gestione Mouse e Tastiere Microsoft
"nbi-nb-base-7.3.0.0.201302132200" = NetBeans IDE 7.3
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"sp6" = Logitech SetPoint 6.61
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 5.01 (64-bit)
"x64 Components_is1" = x64 Components v3.5.4
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 2.5.0
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{244FB715-13C4-4C85-BEB6-6C1ABB29D8B1}" = NVIDIA 3D Vision Video Player
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 60
"{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}" = Windows 7 USB/DVD Download Tool
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{43430FA0-49F0-4B13-B4C5-611000008100}" = Super Street Fighter IV: Arcade Edition
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{43AC78D1-3BE9-405F-AE04-6FE679885E2A}" = mBackup
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{52291FC0-33D3-4A18-9587-5115225545D8}_is1" = Google Chrome Backup 1.8.0.141
"{53450FA2-E900-456E-9715-501000008200}" = Virtua Tennis 4™
"{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1" = Driver Sweeper versione 3.2.0
"{5ADEA01F-B84E-4CB2-95F6-452ED9B45DDE}" = SketchUp 8
"{5EFD3544-2371-4900-8ACA-F157BA80FB0C}" = Pro Evolution Soccer 2014
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69764F1C-55E1-4219-BDC5-299CD95FF004}_is1" = Mortal Online
"{698B7D8B-0F43-4A19-8B9B-47F1EFEB858F}_is1" = ControlCenter
"{6B43EE06-8134-4E1B-A252-B900BB21CAB8}" = ClientOCX_Setup
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{717BD14A-BE61-40A4-9865-17AACF611FE0}" = Ragnarok Online 2
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EC13308-5065-43FA-A5E8-E225F18DAB89}_is1" = IPCMonitor_en version 1.0.1.4
"{90120000-00D1-0409-0000-0000000FF1CE}" = Microsoft Office Access database engine 2007 (English)
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DD8D985-599C-4C0B-BB39-53121DCD9C27}" = Mumble 1.2.6
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A5B91E0E-921A-4A2A-959F-71F4610E122E}" = Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}" = Supporto applicazioni Apple
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4™
"{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.10) - Italiano
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C9A7E6A6-110D-4DBC-A8E2-F634613B5A8C}_is1" = ONE TOUCH Upgrade S 2.7.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9C4202E-6D51-4B06-A8F1-22316E654BCA}" = Universal Adb Driver
"{DE46417A-9E9E-4BCD-BBDD-DA21943193BB}_is1" = Minimal ADB and Fastboot version 1.1.3
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E8334E02-EE1F-4DAF-960D-7AF5D8E829DF}" = Shroud of the Avatar
"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™
"{F03CB3EF-DC16-35CE-B3C1-C68EA09E5E97}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Afterburner" = MSI Afterburner 2.3.1
"Audacity_is1" = Audacity 2.0
"AutoHotkey" = AutoHotkey 1.0.48.05.L61
"AutoItv3" = AutoIt v3.3.6.1
"Batman Arkham City 1.00" = Batman Arkham City 1.00
"Battlelog Web Plugins" = Battlelog Web Plugins
"DAEMON Tools Pro" = DAEMON Tools Pro
"Diablo III" = Diablo III
"emgucv-windows-universal-cuda 2.9.0.1922" = emgucv-windows-universal-cuda 2.9.0.1922
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"ESN Sonar" = ESN Sonar
"ESN Sonar-0.70.0" = ESN Sonar
"ESN Sonar-0.70.4" = ESN Sonar
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"foobar2000" = foobar2000 v1.1.10
"GFWL_{43430FA0-49F0-4B13-B4C5-611000008100}" = Super Street Fighter IV: Arcade Edition
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"GFWL_{4D530FA3-9B89-4186-98B7-F51000008100}" = Age of Empires Online
"GFWL_{53450FA2-E900-456E-9715-501000008200}" = Virtua Tennis 4™
"HandBrake" = HandBrake 0.9.9.1
"JetDownloader" = Jet Downloader
"Kingdoms of Amalur: Reckoning_is1" = Kingdoms of Amalur: Reckoning
"LOLReplay" = LOLReplay
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware versione 2.0.2.1012
"Mozilla Firefox 30.0 (x86 it)" = Mozilla Firefox 30.0 (x86 it)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSIHQ USB Bootable Tool & BIOS Helper_is1" = MSIHQ USB Bootable Tool and BIOS Helper 1.19R9 2011
"NetBak" = QNAP NetBak Replicator
"Neverwinter" = Neverwinter
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"PDFTools_is1" = PDFTools Version 1.3 (08/26/2007)
"Popcorn Time_is1" = Popcorn Time
"QNAP_FINDER" = QNAP Finder
"R1JJRDI=_is1" = GRID 2 © Codemasters version 1
"RTSS" = RivaTuner Statistics Server 5.4.1
"Samsung ML-2010 Series" = Samsung ML-2010 Series
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"Steam App 202090" = Magicka: Wizard Wars Early Access
"Steam App 236390" = War Thunder
"Steam App 570" = Dota 2
"The Elder Scrolls Online Beta_is1" = The Elder Scrolls Online Beta
"Torchlight II © Runic Games_is1" = Torchlight II © Runic Games version 1
"UltraISO_is1" = UltraISO Premium V9.36
"Uplay" = Uplay
"VirusTotalUploader2.0" = VirusTotal Uploader 2.0
"VLC media player" = VLC media player 2.0.1
"VLC Setup Helper_is1" = VLC Setup Helper
"VMidi" = vanBasco's Karaoke Player
"VMware_Player" = VMware Player
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{D70561DB-AF1A-4F40-8874-54BD50603993}" = MotionTools 2.1.1
"Bitcoin" = Bitcoin
"Dashlane" = Dashlane
"Google Chrome" = Google Chrome
"MusicManager" = Music Manager
"XBMC" = XBMC
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 04/07/2014 15:25:00 | Computer Name = Ombromanto | Source = WinMgmt | ID = 10
Description =
 
 
< End of report >

 

 

 

 

 

 

Hope to have done all well.

The problem is still here.

Waiting for further instructions.

Thanks.



#7 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,767 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:39 AM

Posted 05 July 2014 - 01:08 PM

Are you having any re-directions?

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 


#8 ale27

ale27
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:39 AM

Posted 06 July 2014 - 05:21 AM

Yes, the same problem as before. I can click in any part of the screen, while in Chrome, and i get a new tab redirected to "tracking.syncedvision.com/...."



#9 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,767 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:39 AM

Posted 06 July 2014 - 11:23 AM

Did you install Bitcoin? If not, remove it. If you choose to keep it,make a backup of your wallet as many removal tool will mark it as a threat and remove it. Why did you run FRST and Combofix? Please reset Google Chrome by reading this. It will remove all your extensions too.
  • Step #5 Fix with OTL
    • Re-run OTL by right clicking and choosing Run as administrator;
    • Under the Custom Scans/Fixes Box copy and paste the following contents inside the quote box. (Do not include the word 'quote').

      :Commands
      [createrestorepoint]

      :OTL
      FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
      O4 - HKLM..\Run: [] File not found
      [2014/06/20 22:26:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
      [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

      :Files
      ipconfig /flushdns /c
      netsh advfirewall reset /c
      netsh advfirewall set allprofiles state on /c

      :Commands
      [emptytemp]

    • Click on "Run Fix" and let the program run unhindered;
    • Your PC will reboot automatically and a log will be opened;
    • Please post it in your next reply.
 
  • Required Log(s):
    • OTL Fix Log
Regards,
Valinorum

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 


#10 ale27

ale27
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:39 AM

Posted 06 July 2014 - 01:04 PM

I run FRST and Combofix before posting in this forum.. when I was trying everything to resolve my issue.

I have reset Google Chrome as indicated.

OTL with the Run Fix command crashed, and closed itself.

I didn't re-run it.

Waiting for your instructions.

(anyway the problem in Google Chrome seems resolved)

 

Thanks.


Edited by ale27, 06 July 2014 - 01:09 PM.


#11 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,767 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:39 AM

Posted 08 July 2014 - 08:57 AM

Good news with Google Chrome. Just to be sure by "crash", did you mean OTL had gone unresponsive. If that was the case, can you please redo the step and let it be for like 20 minutes. If it stays unresponsive for more than the said time, please report back and we will another method to rectify the situation.

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 


#12 ale27

ale27
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:39 AM

Posted 08 July 2014 - 01:36 PM

All ok. Here's the log:

 

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
C:\$RECYCLE.BIN\S-1-5-21-1705343076-1886983112-3339584442-1000 folder moved successfully.
C:\$RECYCLE.BIN folder moved successfully.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP folder deleted successfully.
C:\Program Files (x86)\68dce621.tmp deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Configurazione IP di Windows
Cache del resolver DNS svuotata.
C:\Users\Alessandro\Desktop\cmd.bat deleted successfully.
C:\Users\Alessandro\Desktop\cmd.txt deleted successfully.
< netsh advfirewall reset /c >
OK.
C:\Users\Alessandro\Desktop\cmd.bat deleted successfully.
C:\Users\Alessandro\Desktop\cmd.txt deleted successfully.
< netsh advfirewall set allprofiles state on /c >
OK.
C:\Users\Alessandro\Desktop\cmd.bat deleted successfully.
C:\Users\Alessandro\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Alessandro
->Temp folder emptied: 580546369 bytes
->Temporary Internet Files folder emptied: 40639402 bytes
->Java cache emptied: 4995343 bytes
->FireFox cache emptied: 272237782 bytes
->Google Chrome cache emptied: 52962039 bytes
->Flash cache emptied: 62258 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 57472 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10622285 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 95433 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 918,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 07082014_195810

Files\Folders moved on Reboot...
File move failed. C:\Users\Alessandro\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8395f8fd8a84b_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\Alessandro\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8395f8fd8a84b_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\Users\Alessandro\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Alessandro\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\vmware-SYSTEM\vmauthd.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\vmware-SYSTEM\vmware-usbarb-2684.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

 

 

 

I confirm that, for now, chrome is going good..

Thx



#13 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,767 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:39 AM

Posted 08 July 2014 - 02:55 PM

That's great. Let's check for remnants.
  • Step #6 Scan with Malwarebytes' Anti-Malware
    • Download Malwarebytes' Anti-Malware from the suitable link below --
    • Double-click mbam-setup.exe to install the application.
    • Before clicking Finish perform the following actions --
      • Un-check the box beside Enable free trial of Malwarebytes Anti-Malware Premium.
      • Check the box beside Launch Malwarebytes Anti-Malware
    • Once the program has loaded, The MBAM dashboard will appear with an alert to update - click the green button Update Now;
    • Click on Setting--
      • Navigate to the tab Detection and Protection and check all the boxes under Detection Options
    • From the Dashboard click on Scan Now;
    • If threats are detected click on Apply actions. If the program asks to reboot your PC, let it do so;
    • On completion of the scan click on View Detailed Log after that click on Export Button, select Text File and save the log to your Desktop;
    • Copy and Paste the contents of the log in your next reply.
 
  • Step #7 ESET Online Scanner
    Disable your security programs which includes but not limited to anti-virus, anti-malware, anti-spyware et cetera. Peruse this for additional information.
    • Download esetsmartinstaller_enu.exe by clicking here.
    • Right-click on the program and choose Run as administrator.
    • Accept their terms and condition and proceed.
    • Install Add-On/Active X if prompted.
    • From the Computer Scan Setting check the following box --
      • Enable detection for potentially unwanted programs
    • Click on Advanced Setting --
      • Uncheck the box beside Remove Found Threats;
      • Check the box beside Scan archives
      • Check the box beside Scan for potentially unsafe applications
      • Check the box beside Enable Anti-Stealth Technology
    • Click on Start and wait for the virus signature database to update.
    • The online scan will begin automatically and can take several hours.
      • Note: Do not touch either the Mouse or keyboard during the scan. Otherwise it may stall.
    • After the Scan finishes --
      • If no threats were found:
        • Put a checkmark in Uninstall application on close.
        • Close the program and report that nothing was found
      • If threats were found:
        • Open the file located in C:\Program Files\ESET\ESET Online Scanner\log.txt (32-bit) or C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt (64-bit).
        • Copy and Paste contents of the log file in your next reply.
    Note: Enable your security programs afterwards.
 
  • Required Log(s):
    • Malwarebytes' Anti-Malware Log
    • ESET Scan Log
Regards,
Valinorum

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 


#14 ale27

ale27
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:39 AM

Posted 09 July 2014 - 04:29 PM

Here's the logs:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Data scansione: 09/07/2014
Ora scansione: 19:49:49
File di log: log.txt
Amministratore: Si

Versione: 2.00.2.1012
Database malware: v2014.07.09.07
Database rootkit: v2014.07.07.01
Licenza: Free
Protezione da malware: Disattivata
Protezione da siti web nocivi: Disattivata
Self-protection: Disattivata

SO: Windows 7 Service Pack 1
CPU: x64
File system: NTFS
Utente: Alessandro

Tipo di scansione: Scansione elementi nocivi
Risultati: Completata
Elementi analizzati: 363736
Tempo impiegato: 5 min, 16 sec

Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Scansione rootkit approfondita: Attivata
Heuristics: Attivata
PUP: Attivata
PUM: Attivata

Processi: 0
(No malicious items detected)

Moduli: 0
(No malicious items detected)

Chiavi di registro: 0
(No malicious items detected)

Valori di registro: 0
(No malicious items detected)

Dati di registro: 0
(No malicious items detected)

Cartelle: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Settori fisici: 0
(No malicious items detected)


(end)

 

 

 

 

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=c4bc6c3ecc35624d99fa1d07664ba3c2
# engine=19097
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-09 07:04:59
# local_time=2014-07-09 09:04:59 (+0100, ora legale Europa occidentale)
# country="Italy"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 58115 156562549 0 0
# scanned=417622
# found=10
# cleaned=10
# scan_time=3890
sh=014F8C4C15BA3762418D93CE86FB233D778CFDB5 ft=1 fh=1e151b8de353faa3 vn="probably a variant of Win32/Complitly.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Google Hacks\AcPro.exe"
sh=0224CEC59308D0091109E39B3B5FAF2EA8BE52F4 ft=1 fh=b671b8e7772f5642 vn="probably a variant of Win32/Complitly.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Qoobox\Quarantine\C\Program Files (x86)\AutocompletePro\AutocompletePro.dll.vir"
sh=39EBD3F7B064E3CEE471603B5C1BAA08CD4AE630 ft=1 fh=1cd63a4cdac3ac27 vn="probably a variant of Win32/Complitly.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Alessandro\Downloads\GoogleHacksSetup1.6.2.exe"
sh=A7F9B0829BBF096C58DF66A2CFFC1C9020E96CDF ft=1 fh=7fe7f88ad0598577 vn="Win32/InstallMonetizer.AF potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Alessandro\Downloads\Pazera_Free_MP4_to_AVI_Converter.exe"
sh=4684D104CDED068EEA597ACC7FE9085FF7744E8D ft=1 fh=3a31070e908caf74 vn="a variant of Win32/Packed.VMProtect.AAM trojan (cleaned by deleting - quarantined)" ac=C fn="D:\giochi\call of duty modern warfare 3\iw5sp.exe"
sh=4BC235E344A9155A40E0163A33A37EA53E054AA5 ft=1 fh=a717f41479bfe37d vn="a variant of Win32/Packed.VMProtect.ABD trojan (cleaned by deleting - quarantined)" ac=C fn="D:\giochi\THIEF\Binaries\Win32\steam_api.dll"
sh=7DFA8C65C490ACA6C8E848F530E8BF3948C23DEE ft=1 fh=8f9e2f350766dc1f vn="a variant of Win32/Packed.VMProtect.ABD trojan (cleaned by deleting - quarantined)" ac=C fn="D:\giochi\THIEF\Binaries\Win64\steam_api64.dll"
sh=8871E6FA32DFAA68F84F8E87D81C3222996D41A9 ft=1 fh=9527eda5fc81439a vn="a variant of Win32/Packed.VMProtect.ABD trojan (cleaned by deleting - quarantined)" ac=C fn="D:\giochi\Watch_Dogs\bin\Watch_Dogs_3dm.exe"
sh=8871E6FA32DFAA68F84F8E87D81C3222996D41A9 ft=1 fh=9527eda5fc81439a vn="a variant of Win32/Packed.VMProtect.ABD trojan (cleaned by deleting - quarantined)" ac=C fn="D:\giochi\Watch_Dogs\Watch.Dogs.No.Uplay.Crack.Only.v2.0a-3DM\Crack\Watch_Dogs_3dm.exe"
sh=BA27319705A611CF42F92A851A2B255317B03233 ft=1 fh=747b56ee11c81286 vn="a variant of Win32/Packed.VMProtect.AAA trojan (cleaned by deleting - quarantined)" ac=C fn="D:\giochi\witcher2\bin\paul.dll"

 

 



#15 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,767 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:39 AM

Posted 10 July 2014 - 12:34 AM

Log looks good. How is your PC?

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users