Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Extendedunlimited.org and gameharbor.org opens Google Chrome on startup!


  • This topic is locked This topic is locked
6 replies to this topic

#1 Mazzaru

Mazzaru

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:13 AM

Posted 13 September 2014 - 05:34 AM

Hello, since 3 days I've been dealing with this stupid adware. I've already tried to scan my PC with malware bytes, Kaspersky and ADWCleaner but nothing seems to work. Could you guys kindly help me? This is making me feel unsafe, I've not been buying on internet since then. Thanks for your time and sorry for any grammar error.



BC AdBot (Login to Remove)

 


#2 Mazzaru

Mazzaru
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:13 AM

Posted 13 September 2014 - 05:52 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by marco (administrator) on EXTREMEPCGAMING on 13-09-2014 12:57:46
Running from C:\Users\marco\Desktop\Fix
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Italiano (Italia)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Razer Inc.) E:\giochi\Razer Game Booster\RzKLService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) D:\Giochi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn, Inc.) D:\Giochi\LMIGuardianSvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIVE.EXE
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe
(NOX) C:\Program Files (x86)\Ozone Gaming\Ozone Radon\Ozone_Radon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) D:\Giochi\hamachi-2-ui.exe
(LogMeIn, Inc.) D:\Giochi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\plugin-nm-server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7546472 2011-11-03] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe [1349632 2010-06-11] (Creative Technology Ltd)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe [286720 2011-09-14] (Intel Corporation)
HKLM-x32\...\Run: [Ozone Radon Gaming Mouse] => C:\Program Files (x86)\Ozone Gaming\Ozone Radon\Ozone_Radon.exe [25473024 2011-09-28] (NOX)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Giochi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKU\S-1-5-21-2905506877-594172100-1144992610-1000\...\Run: [DAEMON Tools Lite] => D:\Giochi\Daemon Tools\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2905506877-594172100-1144992610-1000\...\Run: [Xvid] => D:\film\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-2905506877-594172100-1144992610-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIVE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2905506877-594172100-1144992610-1000\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
HKU\S-1-5-21-2905506877-594172100-1144992610-1000\...\MountPoints2: H - H:\LaunchU3.exe -a
HKU\S-1-5-21-2905506877-594172100-1144992610-1000\...\MountPoints2: I - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2905506877-594172100-1144992610-1000\...\MountPoints2: {7721ebb7-8035-11e3-9fac-5404a64a825e} - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2905506877-594172100-1144992610-1000\...\MountPoints2: {7721ebdc-8035-11e3-9fac-5404a64a825e} - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2905506877-594172100-1144992610-1000\...\MountPoints2: {83d5a14f-7070-11e2-8960-806e6f6e6963} - F:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-2905506877-594172100-1144992610-1000\...\MountPoints2: {afbfc8ca-8e52-11e2-abcd-5404a64a825e} - G:\LaunchU3.exe -a
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC6FD2C538304CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Before = http://www.google.it/
SearchScopes: HKCU - {F97C7FF4-1D6D-4C7A-9F11-1C9D5F8FBD31} URL = http://www.google.com/search?hl=en&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Wondershare Player 1.6.0 -> {43D9786F-A485-683B-9B5B-ACC97ABC17FC} -> C:\ProgramData\Wondershare\Player\WSBrowserAppMgr.dll No File
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Giochi\Java\bin\ssv.dll (Oracle Corporation)
BHO-x32: Guida per l'accesso all'account Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Giochi\Java\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: WSIEChrome - {6D02ED5F-FD0D-4C4C -  No File
Handler-x32: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
Handler-x32: WSIEChrome - {6D02ED5F-FD0D-4C4C -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{91F3F1F6-0F13-4117-B76E-D0F733BB3B2D}: [NameServer] 8.8.8.8,8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\1xnmjn23.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0-git-20130221-0405 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> D:\Giochi\Java\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> D:\Giochi\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-it.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-it.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\hoepli.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-it.xml
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-04-03]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-04-03]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-04-03]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-04-03]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-04-03]
FF HKLM-x32\...\Firefox\Extensions: [Player@Wondershare.com] - C:\ProgramData\Wondershare\Player\Player@Wondershare.com
FF HKCU\...\Firefox\Extensions: [{751db90c-debb-4449-8afa-0bdc7b8e0202}] - C:\Program Files (x86)\Show-Password\136.xpi
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR StartupUrls: Default -> "hxxp://www.google.it/"
CHR DefaultSearchKeyword: Default -> A1A60A90E0A4BFDD8DE2D449D154DB5655F63EC4F38526AEED550165944C1510
CHR DefaultSearchProvider: Default -> 585632AAD673A41AF954B7FB074138B52008F115D55497BF76879F1E1C111599
CHR DefaultSearchURL: Default -> 8060DED021247E00C3A8DF7C70B1D838509833B8E9933C2969015D8A181B8951
CHR Profile: C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky Protection) - C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-04-03]
CHR Extension: (HTML5 video for YouTube™) - C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolajcekhnohkpncmhgledbmndjpblei [2014-08-19]
CHR Extension: (AdBlock) - C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-24]
CHR Extension: (Hatsune Miku) - C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\kigfdicgjnpjkhbnngdfgjfffmdaonfg [2014-09-12]
CHR Extension: (Google Play) - C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-03-25]
CHR Extension: (Google Wallet) - C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-25]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa []
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-15]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-15]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avp; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-15] (Kaspersky Lab ZAO)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-02-06] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-02-06] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2009-08-28] (Creative Technology Ltd) [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 Hamachi2Svc; D:\Giochi\hamachi-2.exe [2544976 2014-07-21] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe [7168 2011-09-14] (Intel Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RzKLService; E:\giochi\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S3 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [26048 2014-07-05] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [36448 2011-03-23] (Asmedia Technology)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1161216 2007-09-11] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-30] (Disc Soft Ltd)
S3 FanatecWheelFilterUsb; C:\Windows\System32\DRIVERS\FWFilterUsb.sys [63728 2012-11-23] (Windows ® Codename Longhorn DDK provider)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [23832 2011-09-14] (Intel Corporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-04-03] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-04-03] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-04-03] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-15] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-04-03] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-15] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-04-03] (Kaspersky Lab ZAO)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-13] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-07] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-07] ()
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)
R3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [39168 2014-06-17] (The OpenVPN Project)
S3 tmbulk; C:\Windows\System32\Drivers\tmbulk.sys [87920 2012-08-07] (© Guillemot R&D, 2011. All rights reserved.)
S3 tmhidusb; C:\Windows\System32\DRIVERS\tmhidusb.sys [127792 2013-04-25] (Thrustmaster)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2010-01-29] (C-Media Electronics Inc)
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 GPU-Z; \??\C:\Users\marco\AppData\Local\Temp\GPU-Z.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-13 12:11 - 2014-09-13 12:11 - 00001023 _____ () C:\Users\marco\Desktop\JRT.txt
2014-09-13 12:06 - 2014-09-13 12:06 - 01016261 _____ (Thisisu) C:\Users\marco\Downloads\JRT.exe
2014-09-13 12:06 - 2014-09-13 12:06 - 01016261 _____ (Thisisu) C:\Users\marco\Desktop\JRT.exe
2014-09-13 12:06 - 2014-09-13 12:06 - 00000000 ____D () C:\Windows\ERUNT
2014-09-13 12:02 - 2014-09-13 12:02 - 02105856 _____ (Farbar) C:\Users\marco\Downloads\FRST64.exe
2014-09-13 11:55 - 2014-09-13 11:56 - 00000000 ____D () C:\AdwCleaner
2014-09-13 11:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-13 11:44 - 2014-09-13 11:45 - 01373475 _____ () C:\Users\marco\Downloads\AdwCleaner.exe
2014-09-13 11:21 - 2014-09-13 11:21 - 00000149 _____ () C:\Users\marco\Downloads\fixlist.txt
2014-09-13 11:12 - 2014-09-13 12:57 - 00000000 ____D () C:\Users\marco\Desktop\Fix
2014-09-13 11:12 - 2014-09-13 12:57 - 00000000 ____D () C:\FRST
2014-09-12 18:56 - 2014-09-12 18:56 - 00000000 ____D () C:\Avenger
2014-09-12 14:51 - 2014-09-13 11:32 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 14:51 - 2014-09-12 14:51 - 00000726 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-12 14:51 - 2014-09-12 14:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-12 14:51 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-12 14:51 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-12 14:51 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-11 18:24 - 2014-09-11 18:24 - 01153792 _____ () C:\Windows\Minidump\091114-25974-01.dmp
2014-09-07 19:47 - 2014-09-07 19:47 - 00249860 _____ () C:\Users\marco\Desktop\nvidiaInspector.zip
2014-09-07 19:47 - 2014-09-07 19:47 - 00000000 ____D () C:\Users\marco\Desktop\Nvidia Inspector
2014-09-07 19:47 - 2013-07-19 22:04 - 00611840 _____ (Orbmu2k) C:\Users\marco\Desktop\nvidiaInspector.exe
2014-09-05 16:40 - 2014-09-03 21:48 - 01605022 _____ () C:\Users\marco\Desktop\Lichdom.Battlemage.+4.Trainer.Build02-403156253.rar
2014-09-05 03:51 - 2014-09-05 03:51 - 00000206 _____ () C:\Users\marco\Desktop\ESFECX RC2.url
2014-09-05 03:49 - 2014-09-05 03:49 - 00000215 _____ () C:\Users\marco\Desktop\ESF Open Beta final.url
2014-09-04 14:48 - 2014-09-04 14:48 - 00000008 _____ () C:\Users\marco\Desktop\Pass.txt
2014-09-02 14:11 - 2014-09-13 11:57 - 00289272 _____ () C:\Windows\PFRO.log
2014-09-02 02:32 - 2014-09-02 02:32 - 00000816 _____ () C:\Users\marco\Desktop\Lichdom Battlemage x86.lnk
2014-09-02 02:32 - 2014-09-02 02:32 - 00000816 _____ () C:\Users\marco\Desktop\Lichdom Battlemage x64.lnk
2014-09-02 02:32 - 2014-09-02 02:32 - 00000000 ____D () C:\Users\marco\AppData\Roaming\Lichdom Battlemage
2014-08-31 15:39 - 2014-08-31 15:39 - 00000000 ____D () C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-28 19:29 - 2014-08-28 19:29 - 00001092 _____ () C:\Users\marco\Desktop\AC4BFSP - collegamento.lnk
2014-08-28 19:29 - 2014-08-28 19:29 - 00000000 ____D () C:\Users\marco\Documents\Assassin's Creed IV Black Flag
2014-08-27 17:24 - 2014-08-27 18:08 - 00000000 ____D () C:\Users\marco\Documents\ProfileCache
2014-08-27 17:24 - 2014-08-27 18:00 - 00000000 ____D () C:\Users\marco\Documents\The Crew
2014-08-27 17:23 - 2014-08-27 17:23 - 00000000 ____D () C:\Users\marco\AppData\Local\Ubisoft
2014-08-27 17:08 - 2014-08-27 17:08 - 00024696 _____ () C:\Users\marco\Desktop\metal_gear_solid_5___big_boss_by_badillafloyd-d612kro.lnk
2014-08-25 12:55 - 2014-08-25 12:55 - 00002358 _____ () C:\Users\Public\Desktop\Epson Guida di rete WF-2530 Series.lnk
2014-08-25 12:55 - 2014-08-25 12:55 - 00000279 _____ () C:\Users\Public\Desktop\Epson Guida utente WF-2530 Series.url
2014-08-25 12:55 - 2014-08-25 12:55 - 00000256 _____ () C:\Users\Public\Desktop\Guida di Epson Connect.url
2014-08-25 12:54 - 2014-08-25 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2014-08-25 12:53 - 2014-08-25 12:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-08-25 12:53 - 2014-08-25 12:53 - 00000930 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2014-08-25 12:53 - 2014-08-25 12:53 - 00000000 ____D () C:\Program Files\EpsonNet
2014-08-25 12:53 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppui.dll
2014-08-25 12:53 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enppui.dll
2014-08-25 12:53 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\ensppmon.dll
2014-08-25 12:53 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enppmon.dll
2014-08-25 12:53 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enspres.dll
2014-08-25 12:53 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\enpres.dll
2014-08-25 12:53 - 2012-07-24 00:00 - 00466432 _____ (Seiko Epson Corporation) C:\Windows\system32\esxw2ud.dll
2014-08-25 12:53 - 2011-12-12 00:00 - 00135824 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc64.exe
2014-08-25 12:53 - 2011-04-19 03:03 - 00120320 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMIVE.DLL
2014-08-25 12:53 - 2011-03-14 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BIVE.DLL
2014-08-25 12:53 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2014-08-21 19:26 - 2014-08-21 19:26 - 00000756 _____ () C:\Users\marco\Desktop\play-TheForest - collegamento (2).lnk
2014-08-21 14:42 - 2014-09-12 23:13 - 00000000 ____D () C:\Users\marco\AppData\Local\Adobe
2014-08-21 14:40 - 2014-08-21 14:40 - 00000000 ____D () C:\Users\marco\AppData\Local\SKIDROW
2014-08-20 00:05 - 2014-08-20 00:05 - 00001121 _____ () C:\Users\marco\Desktop\Earth's Special Forces.lnk
2014-08-20 00:05 - 2014-08-20 00:05 - 00000000 ____D () C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Earth's Special Forces
2014-08-20 00:05 - 2014-08-20 00:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Earth's Special Forces
2014-08-19 22:46 - 2014-08-19 22:49 - 00000000 ____D () C:\Users\marco\Documents\Dolphin Emulator
2014-08-17 15:52 - 2014-08-17 15:52 - 00000000 ____D () C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-08-17 15:43 - 2014-08-17 15:43 - 00000972 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Utility Sierra.lnk
2014-08-17 15:43 - 2014-08-17 15:43 - 00000352 _____ () C:\Windows\SIERRA.INI
2014-08-17 15:43 - 2014-08-17 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2014-08-17 15:43 - 2014-08-17 15:43 - 00000000 ____D () C:\Program Files (x86)\Sierra On-Line
2014-08-17 15:43 - 1998-10-30 22:21 - 01022976 _____ (Cendant Software) C:\Windows\SysWOW64\SierraNW.dll
2014-08-17 15:43 - 1998-10-30 22:21 - 00231936 _____ (Cendant Software) C:\Windows\SysWOW64\SNWValid.dll
2014-08-17 15:42 - 1998-01-23 12:20 - 00305152 _____ (InstallShield Software Corporation, Inc.) C:\Windows\IsUn0410.exe
2014-08-16 19:50 - 2014-08-16 19:50 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-15 17:10 - 2014-08-15 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2014-08-15 17:10 - 2014-08-15 17:10 - 00000000 ____D () C:\ProgramData\Elcomsoft Password Recovery
2014-08-15 17:10 - 2014-08-15 17:10 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft Password Recovery
2014-08-15 17:10 - 2014-08-15 17:10 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft
2014-08-15 16:47 - 2014-08-15 16:48 - 00000000 ____D () C:\Users\marco\Desktop\Cark
2014-08-15 16:19 - 2014-08-18 15:22 - 00000000 ____D () C:\Users\marco\AppData\Roaming\TunnelBear
2014-08-15 16:18 - 2014-08-18 15:23 - 00000000 ____D () C:\Program Files (x86)\TunnelBear
2014-08-15 16:18 - 2014-08-15 16:18 - 00001877 _____ () C:\Users\Public\Desktop\TunnelBear.lnk
2014-08-15 16:18 - 2014-08-15 16:18 - 00000000 ____D () C:\Users\marco\AppData\Local\HockeyCrashes
2014-08-15 16:18 - 2014-08-15 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear
2014-08-15 13:10 - 2014-08-15 15:56 - 00000000 ____D () C:\Program Files (x86)\RAR Password Unlocker
2014-08-15 13:10 - 2014-08-15 13:10 - 00001163 _____ () C:\Users\Public\Desktop\RAR Password Unlocker.lnk
2014-08-15 13:10 - 2014-08-15 13:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Unlocker
2014-08-15 01:14 - 1997-11-19 14:49 - 00303616 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2014-08-14 22:07 - 2014-08-14 22:07 - 00000686 _____ () C:\Users\marco\Desktop\4K YouTube to MP3.lnk
2014-08-14 22:06 - 2014-08-14 22:08 - 00000000 ____D () C:\Users\marco\AppData\Local\4kdownload.com
2014-08-14 22:05 - 2014-08-14 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2014-08-14 22:05 - 2014-08-14 22:05 - 00001260 _____ () C:\Users\marco\Desktop\4K Video Downloader.lnk
2014-08-14 22:05 - 2014-08-14 22:05 - 00000000 ____D () C:\Program Files (x86)\4KDownload
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-13 12:57 - 2014-09-13 11:12 - 00000000 ____D () C:\Users\marco\Desktop\Fix
2014-09-13 12:57 - 2014-09-13 11:12 - 00000000 ____D () C:\FRST
2014-09-13 12:41 - 2014-03-25 13:06 - 00001148 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-13 12:23 - 2013-02-06 22:57 - 00000978 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-13 12:19 - 2011-04-12 12:49 - 11691094 _____ () C:\Windows\system32\perfh010.dat
2014-09-13 12:19 - 2011-04-12 12:49 - 03923070 _____ () C:\Windows\system32\perfc010.dat
2014-09-13 12:19 - 2009-07-14 07:13 - 00006462 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 12:19 - 2009-07-14 06:45 - 00028672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-13 12:19 - 2009-07-14 06:45 - 00028672 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-13 12:13 - 2014-07-27 05:57 - 00016612 _____ () C:\Windows\setupact.log
2014-09-13 12:13 - 2014-07-15 01:05 - 00000000 ____D () C:\Users\marco\AppData\Local\LogMeIn Hamachi
2014-09-13 12:13 - 2014-03-25 13:06 - 00001144 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-13 12:13 - 2013-02-06 18:54 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-13 12:13 - 2013-02-06 18:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-13 12:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-13 12:12 - 2013-02-06 17:26 - 01318476 _____ () C:\Windows\WindowsUpdate.log
2014-09-13 12:11 - 2014-09-13 12:11 - 00001023 _____ () C:\Users\marco\Desktop\JRT.txt
2014-09-13 12:06 - 2014-09-13 12:06 - 01016261 _____ (Thisisu) C:\Users\marco\Downloads\JRT.exe
2014-09-13 12:06 - 2014-09-13 12:06 - 01016261 _____ (Thisisu) C:\Users\marco\Desktop\JRT.exe
2014-09-13 12:06 - 2014-09-13 12:06 - 00000000 ____D () C:\Windows\ERUNT
2014-09-13 12:02 - 2014-09-13 12:02 - 02105856 _____ (Farbar) C:\Users\marco\Downloads\FRST64.exe
2014-09-13 11:57 - 2014-09-02 14:11 - 00289272 _____ () C:\Windows\PFRO.log
2014-09-13 11:56 - 2014-09-13 11:55 - 00000000 ____D () C:\AdwCleaner
2014-09-13 11:55 - 2013-02-10 21:50 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2905506877-594172100-1144992610-1000UA.job
2014-09-13 11:45 - 2014-09-13 11:44 - 01373475 _____ () C:\Users\marco\Downloads\AdwCleaner.exe
2014-09-13 11:32 - 2014-09-12 14:51 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-13 11:21 - 2014-09-13 11:21 - 00000149 _____ () C:\Users\marco\Downloads\fixlist.txt
2014-09-12 23:13 - 2014-08-21 14:42 - 00000000 ____D () C:\Users\marco\AppData\Local\Adobe
2014-09-12 23:13 - 2013-02-06 22:57 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-12 23:13 - 2013-02-06 22:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-12 23:13 - 2013-02-06 22:57 - 00003916 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-12 21:15 - 2014-03-25 13:07 - 00002181 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-12 21:12 - 2014-06-24 18:21 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-12 21:12 - 2013-02-10 21:50 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2905506877-594172100-1144992610-1000Core.job
2014-09-12 19:11 - 2013-10-04 01:47 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-12 18:56 - 2014-09-12 18:56 - 00000000 ____D () C:\Avenger
2014-09-12 14:59 - 2013-02-26 17:58 - 00000000 ____D () C:\Windows\PCHEALTH
2014-09-12 14:51 - 2014-09-12 14:51 - 00000726 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-12 14:51 - 2014-09-12 14:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-12 14:51 - 2013-12-02 14:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-12 14:47 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-11 18:24 - 2014-09-11 18:24 - 01153792 _____ () C:\Windows\Minidump\091114-25974-01.dmp
2014-09-11 18:24 - 2013-02-08 19:23 - 00000000 ____D () C:\Windows\Minidump
2014-09-08 02:34 - 2014-06-26 15:22 - 00000000 ____D () C:\Users\marco\AppData\Roaming\uTorrent
2014-09-07 20:18 - 2014-06-25 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2014-09-07 19:47 - 2014-09-07 19:47 - 00249860 _____ () C:\Users\marco\Desktop\nvidiaInspector.zip
2014-09-07 19:47 - 2014-09-07 19:47 - 00000000 ____D () C:\Users\marco\Desktop\Nvidia Inspector
2014-09-07 19:38 - 2014-06-17 15:55 - 00000000 ____D () C:\Users\marco\Documents\My Games
2014-09-05 03:51 - 2014-09-05 03:51 - 00000206 _____ () C:\Users\marco\Desktop\ESFECX RC2.url
2014-09-05 03:49 - 2014-09-05 03:49 - 00000215 _____ () C:\Users\marco\Desktop\ESF Open Beta final.url
2014-09-04 14:48 - 2014-09-04 14:48 - 00000008 _____ () C:\Users\marco\Desktop\Pass.txt
2014-09-03 21:48 - 2014-09-05 16:40 - 01605022 _____ () C:\Users\marco\Desktop\Lichdom.Battlemage.+4.Trainer.Build02-403156253.rar
2014-09-02 02:32 - 2014-09-02 02:32 - 00000816 _____ () C:\Users\marco\Desktop\Lichdom Battlemage x86.lnk
2014-09-02 02:32 - 2014-09-02 02:32 - 00000816 _____ () C:\Users\marco\Desktop\Lichdom Battlemage x64.lnk
2014-09-02 02:32 - 2014-09-02 02:32 - 00000000 ____D () C:\Users\marco\AppData\Roaming\Lichdom Battlemage
2014-09-02 02:26 - 2014-07-31 20:51 - 00018856 _____ () C:\Windows\DirectX.log
2014-08-31 15:39 - 2014-08-31 15:39 - 00000000 ____D () C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-28 19:29 - 2014-08-28 19:29 - 00001092 _____ () C:\Users\marco\Desktop\AC4BFSP - collegamento.lnk
2014-08-28 19:29 - 2014-08-28 19:29 - 00000000 ____D () C:\Users\marco\Documents\Assassin's Creed IV Black Flag
2014-08-28 19:29 - 2014-07-01 23:43 - 00000000 ____D () C:\ProgramData\Orbit
2014-08-27 18:08 - 2014-08-27 17:24 - 00000000 ____D () C:\Users\marco\Documents\ProfileCache
2014-08-27 18:00 - 2014-08-27 17:24 - 00000000 ____D () C:\Users\marco\Documents\The Crew
2014-08-27 17:23 - 2014-08-27 17:23 - 00000000 ____D () C:\Users\marco\AppData\Local\Ubisoft
2014-08-27 17:23 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-27 17:08 - 2014-08-27 17:08 - 00024696 _____ () C:\Users\marco\Desktop\metal_gear_solid_5___big_boss_by_badillafloyd-d612kro.lnk
2014-08-27 16:37 - 2014-07-01 23:08 - 00000697 _____ () C:\Users\marco\Desktop\Uplay.lnk
2014-08-27 16:37 - 2014-01-25 11:04 - 00000000 ____D () C:\Users\marco\AppData\Local\Ubisoft Game Launcher
2014-08-25 13:06 - 2013-02-13 21:08 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-08-25 12:58 - 2014-08-25 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-08-25 12:58 - 2013-11-19 15:19 - 00000000 ____D () C:\ProgramData\EPSON
2014-08-25 12:55 - 2014-08-25 12:55 - 00002358 _____ () C:\Users\Public\Desktop\Epson Guida di rete WF-2530 Series.lnk
2014-08-25 12:55 - 2014-08-25 12:55 - 00000279 _____ () C:\Users\Public\Desktop\Epson Guida utente WF-2530 Series.url
2014-08-25 12:55 - 2014-08-25 12:55 - 00000256 _____ () C:\Users\Public\Desktop\Guida di Epson Connect.url
2014-08-25 12:55 - 2014-08-25 12:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2014-08-25 12:55 - 2013-11-19 15:37 - 00000000 ____D () C:\Program Files (x86)\Epson Software
2014-08-25 12:55 - 2013-11-19 15:37 - 00000000 ____D () C:\Program Files (x86)\epson
2014-08-25 12:55 - 2013-02-06 17:39 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-25 12:53 - 2014-08-25 12:53 - 00000930 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2014-08-25 12:53 - 2014-08-25 12:53 - 00000000 ____D () C:\Program Files\EpsonNet
2014-08-21 20:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-21 19:26 - 2014-08-21 19:26 - 00000756 _____ () C:\Users\marco\Desktop\play-TheForest - collegamento (2).lnk
2014-08-21 14:40 - 2014-08-21 14:40 - 00000000 ____D () C:\Users\marco\AppData\Local\SKIDROW
2014-08-20 00:05 - 2014-08-20 00:05 - 00001121 _____ () C:\Users\marco\Desktop\Earth's Special Forces.lnk
2014-08-20 00:05 - 2014-08-20 00:05 - 00000000 ____D () C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Earth's Special Forces
2014-08-20 00:05 - 2014-08-20 00:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Earth's Special Forces
2014-08-19 22:49 - 2014-08-19 22:46 - 00000000 ____D () C:\Users\marco\Documents\Dolphin Emulator
2014-08-19 21:46 - 2013-02-06 19:00 - 00000000 ____D () C:\ProgramData\Origin
2014-08-19 19:36 - 2013-11-17 10:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-19 19:36 - 2013-02-06 18:03 - 00000000 ____D () C:\Users\marco\AppData\Roaming\Mozilla
2014-08-18 15:23 - 2014-08-15 16:18 - 00000000 ____D () C:\Program Files (x86)\TunnelBear
2014-08-18 15:22 - 2014-08-15 16:19 - 00000000 ____D () C:\Users\marco\AppData\Roaming\TunnelBear
2014-08-17 15:52 - 2014-08-17 15:52 - 00000000 ____D () C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-08-17 15:43 - 2014-08-17 15:43 - 00000972 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Utility Sierra.lnk
2014-08-17 15:43 - 2014-08-17 15:43 - 00000352 _____ () C:\Windows\SIERRA.INI
2014-08-17 15:43 - 2014-08-17 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2014-08-17 15:43 - 2014-08-17 15:43 - 00000000 ____D () C:\Program Files (x86)\Sierra On-Line
2014-08-16 20:32 - 2013-02-07 00:11 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-08-16 19:50 - 2014-08-16 19:50 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-15 23:52 - 2013-02-06 23:18 - 00000000 ____D () C:\Program Files\WinRAR
2014-08-15 17:10 - 2014-08-15 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2014-08-15 17:10 - 2014-08-15 17:10 - 00000000 ____D () C:\ProgramData\Elcomsoft Password Recovery
2014-08-15 17:10 - 2014-08-15 17:10 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft Password Recovery
2014-08-15 17:10 - 2014-08-15 17:10 - 00000000 ____D () C:\Program Files (x86)\Elcomsoft
2014-08-15 16:48 - 2014-08-15 16:47 - 00000000 ____D () C:\Users\marco\Desktop\Cark
2014-08-15 16:46 - 2013-02-06 23:19 - 00001124 _____ () C:\Users\Public\Desktop\WinRAR.lnk
2014-08-15 16:46 - 2013-02-06 23:19 - 00000000 ____D () C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-15 16:46 - 2013-02-06 23:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-15 16:18 - 2014-08-15 16:18 - 00001877 _____ () C:\Users\Public\Desktop\TunnelBear.lnk
2014-08-15 16:18 - 2014-08-15 16:18 - 00000000 ____D () C:\Users\marco\AppData\Local\HockeyCrashes
2014-08-15 16:18 - 2014-08-15 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear
2014-08-15 15:56 - 2014-08-15 13:10 - 00000000 ____D () C:\Program Files (x86)\RAR Password Unlocker
2014-08-15 15:46 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-15 13:10 - 2014-08-15 13:10 - 00001163 _____ () C:\Users\Public\Desktop\RAR Password Unlocker.lnk
2014-08-15 13:10 - 2014-08-15 13:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Unlocker
2014-08-15 01:07 - 2014-06-30 15:35 - 00000000 ____D () C:\Users\marco\AppData\Roaming\DAEMON Tools Lite
2014-08-14 22:08 - 2014-08-14 22:06 - 00000000 ____D () C:\Users\marco\AppData\Local\4kdownload.com
2014-08-14 22:07 - 2014-08-14 22:07 - 00000686 _____ () C:\Users\marco\Desktop\4K YouTube to MP3.lnk
2014-08-14 22:07 - 2014-08-14 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2014-08-14 22:05 - 2014-08-14 22:05 - 00001260 _____ () C:\Users\marco\Desktop\4K Video Downloader.lnk
2014-08-14 22:05 - 2014-08-14 22:05 - 00000000 ____D () C:\Program Files (x86)\4KDownload
 
Some content of TEMP:
====================
C:\Users\marco\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-07 19:23
 
==================== End Of Log ============================

This is my FRST.txt file.


Edited by Mazzaru, 13 September 2014 - 06:01 AM.


#3 Mazzaru

Mazzaru
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:13 AM

Posted 13 September 2014 - 06:03 AM

This is my addition.txt file. I would be glad to donate a few bucks to everyone will solve my problem. Thank you.

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014

Ran by marco at 2014-09-13 12:58:02
Running from C:\Users\marco\Desktop\Fix
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and$Destroy (Enabled - Out of date) {9BC38DF1-3CCA)732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
4K Video Downloader 3.4 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.4.1.1450 - Open Media LLC)
4K YouTube to MP3 2.9 (HKLM-x32\...\4K YouTube to MP3_is1) (Version: 2.9.1.1100 - Open Media LLC)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
8BitMMO (HKLM-x32\...\Steam App 250420) (Version:  - Archive Entertainment)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
Aggiornamenti NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.1.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.2.2.000 - Asmedia Technology)
ASUS Xonar D2X Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Awesomium Redistributable (HKLM-x32\...\{5BCB064B-9F65-4E15-BAFB-669E72E54FD9}) (Version: 1.7.4.2 - SIX Networks GmbH)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Big Pack 8.4 (HKLM-x32\...\Big Pack 8.4) (Version:  - )
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Chivalry: Medieval Warfare Beta (HKLM-x32\...\Steam App 232210) (Version:  - )
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D1C35197-B856-45E2-BA67-5ABB6B0CA9C2}) (Version:  - Microsoft)
DiRT 3 (HKLM-x32\...\GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}) (Version: 1.0.0000.130 - Codemasters)
DiRT 3 (x32 Version: 1.0.0000.130 - Codemasters) Hidden
Earth's Special Forces (HKLM-x32\...\ESF) (Version:  - )
Epson Connect Guide (HKLM-x32\...\Epson Connect Guide) (Version:  - )
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.31.00 - SEIKO EPSON CORPORATION)
Epson Guida di rete WF-2530 Series (HKLM-x32\...\WF-2530 Series Netg) (Version:  - )
Epson Guida utente WF-2530 Series (HKLM-x32\...\WF-2530 Series Useg) (Version:  - )
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WF-2530 Series Printer Uninstall (HKLM\...\EPSON WF-2530 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ESForces (HKLM-x32\...\ESForces) (Version: 1.3 OPENBETA FINAL - ESForces Team)
Fanatec Wheel (HKLM\...\{1212516D-C434-4A14-9107-CE271E186019}) (Version: 8.14.4 - Endor AG)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Half-Life (HKLM-x32\...\Half-Life) (Version:  - )
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
HAWKEN (HKLM-x32\...\Steam App 271290) (Version:  - Adhesive Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
I Am Alive (HKLM-x32\...\InstallShield_{62952508-8C6F-4D31-9802-099FC67B41C3}) (Version: 1.00.0 - Ubisoft)
I Am Alive (x32 Version: 1.00.0 - Ubisoft) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.21.1124 - Intel Corporation)
Intel® Network Connections 16.5.2.0 (HKLM\...\PROSetDX) (Version: 16.5.2.0 - Intel)
Intel® Network Connections 16.5.2.0 (Version: 16.5.2.0 - Intel) Hidden
Intel® Rapid Storage Technology enterprise (HKLM-x32\...\{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}) (Version: 3.0.0.1112 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Lichdom Battlemage (HKLM-x32\...\Lichdom Battlemage_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, ProZorg_tm)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware versione 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (ITA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (Italian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Italian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Italian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Groove MUI (Italian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Italian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Italian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Italian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Italian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Italian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Italian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Italian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Italian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Italian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Italian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Italian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{F03CB3EF-DC16-35CE-B3C1-C68EA09E5E97}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (Italian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 it) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 it)) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-bcd5cf79-86f3-4d43-81e5-b84391e9988b) (Version:  - Epic Games, Inc.)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.6 - Notepad++ Team)
NVIDIA Driver 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Driver audio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Driver del controller 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Driver grafico 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenITG (HKLM-x32\...\OpenITG) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.12.73 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ozone 5.1 Headphones (HKLM\...\C-Media CM106 Like Sound Driver) (Version:  - )
Ozone Radon (HKLM-x32\...\{B50AB875-64A2-4D12-BB48-B15611B48CE0}) (Version: 1.0.0 - Ozone Gaming)
Pacchetto driver Windows - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Pannello di controllo NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
Project CARS (HKLM-x32\...\{FD31AD0D-98ED-4D54-B2C3-03646C3545B8}_is1) (Version: 0515 - WMD)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
RAR Password Unlocker 4.2.0.0 (HKLM-x32\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version:  - Password Unlocker Studio)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6495 - Realtek Semiconductor Corp.)
Reus (HKLM-x32\...\GOGPACKREUS_is1) (Version: 2.0.0.10 - GOG.com)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Rodina Demo (HKLM-x32\...\Steam App 316050) (Version:  - Elliptic Games)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
SHIFT 2 UNLEASHED™ (HKLM-x32\...\{E8C37E27-5205-4C8A-BECB-B00533045AAE}) (Version: 1.0.0.0 - Electronic Arts)
Show-Password (HKLM-x32\...\{dbe20e7e-bb0b-448c-a2a5-89a7e10ef7a4}) (Version:  - Show-Password LTD) <==== ATTENTION
Sound Blaster X-Fi MB 2 (HKLM-x32\...\{89F922D6-E3E0-4303-AF8E-CE18412E3A18}) (Version: 1.0 - Creative Technology Limited)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
State of Decay (HKLM-x32\...\Steam App 241540) (Version:  - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Super Street Fighter IV: Arcade Edition (HKLM-x32\...\GFWL_{43430FA0-49F0-4B13-B4C5-611000008100}) (Version: 1.0.0000.129 - CAPCOM U.S.A., INC)
Super Street Fighter IV: Arcade Edition (x32 Version: 1.0.0000.129 - CAPCOM U.S.A., INC) Hidden
The Crew (Beta) (HKLM-x32\...\Uplay Install 750) (Version:  - Ubisoft)
The Stomping Land (HKLM-x32\...\Steam App 263440) (Version:  - SuperCrit)
TunnelBear (HKLM-x32\...\{24ab069f-4a6a-43db-a29a-ab0daf2e8f2e}) (Version: 2.2.25.0 - TunnelBear)
TunnelBear (x32 Version: 2.2.25.0 - TunnelBear) Hidden
Ufo-Wardriving (HKLM-x32\...\Ufo-Wardriving) (Version: 4 Invasion - UW-Team)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0016-0410-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0018-0410-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-001B-0410-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-00C1-0410-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition (HKLM\...\{90150000-012B-0410-1000-0000000FF1CE}_Office15.PROPLUS_{91B6AC92-F379-4C78-90FA-CB217C930A4D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0410-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0410-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-006E-0410-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0410-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881074) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9A479F9C-C1EC-4833-A115-A8B7A60480BD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{00BBBFFE-8889-4953-956A-77DDE975A947}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{3A12DFA2-3FF5-450E-BDB1-A742551A5D1A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{EA8072E8-E3CF-46DF-A5DE-9F5975344327}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{BF0D921F-E77E-4E03-BE71-46D9D2C7A36A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00BA-0410-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0410-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0410-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0410-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{90150000-0018-0410-1000-0000000FF1CE}_Office15.PROPLUS_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0410-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0410-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-001A-0410-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-001B-0410-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-012B-0410-1000-0000000FF1CE}_Office15.PROPLUS_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft)
Utility del client TP-LINK  (HKLM-x32\...\{C9B6010B-9201-4EB8-970B-4B82C86A3828}) (Version: 2.0 - TP-LINK)
Utility Sierra (HKLM-x32\...\Utility Sierra) (Version:  - )
Vegas Pro 13.0 (64-bit) (HKLM\...\{3814DB30-091D-11E4-BDE0-F04DA23A5C58}) (Version: 13.0.373 - Sony)
Video Enhancer 1.9.10 (HKLM-x32\...\Video Enhancer_is1) (Version:  - Infognition Co. Ltd.)
VLC media player 2.1.0-git-20130221-0405 (HKLM\...\VLC media player) (Version: 2.1.0-git-20130221-0405 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WATCH_DOGS Hotfix (HKLM-x32\...\V0FUQ0hfRE9HUw==_is1) (Version: 1 - )
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.11 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.1 - win.rar GmbH)
Wondershare MobileTrans ( Version 3.5.1 ) (HKLM-x32\...\{18CDCEAA-A9E4-4A4C-AC0E-C15E87C30EA5}_is1) (Version: 3.5.1 - Wondershare)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
12-09-2014 13:24:50 Punto di controllo pianificato
12-09-2014 17:11:27 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
12-09-2014 17:11:38 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0591F47A-FFA2-49E1-ABE6-C476A4742827} - \AutoKMS No Task File <==== ATTENTION
Task: {0EDDAFDA-CFA5-4F89-B003-7EABFEE3CDFD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {227C335F-F077-43B6-BC2A-6E9CF7363904} - System32\Tasks\{37F132B5-00FC-47EE-9BCD-FD0D76361D73} => D:\Giochi\Dirt\dirt3.exe [2011-04-15] (Sony DADC Austria AG)
Task: {2BB05A61-1F61-484E-BE3B-86D6E8C93E0B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {34DFA6FC-AECC-4C85-90B2-AE5B742EFCEE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {39726F86-46F0-4FB1-942D-992A95BE73AC} - System32\Tasks\{251E03FF-DA99-4584-9F0A-3DBE8AC30E4B} => Firefox.exe http://ui.skype.com/ui/0/6.3.0.105/it/abandoninstall?source=lightinstaller&amp;page=tsMain
Task: {44562585-19CE-493C-8C15-243AE9F3B2FF} - System32\Tasks\CCleanerSkipUAC => C:\Users\marco\Ccleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {54F1C599-32D3-4A00-B4A1-58043BB314F6} - System32\Tasks\{F694DD57-9D4C-4491-A74D-AA9553072913} => D:\Giochi\Dirt\dirt3.exe [2011-04-15] (Sony DADC Austria AG)
Task: {574CB814-16E9-43BF-B895-72DDE6526B4D} - System32\Tasks\{715DFEA9-C107-4B99-878B-A774B301080F} => D:\Nuova cartella\Sbk2011.exe
Task: {61C7847A-B471-494A-BDE5-48D4266FA7AE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2905506877-594172100-1144992610-1000Core => C:\Users\marco\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {72EB558F-0394-452A-B087-DF09537A1963} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2905506877-594172100-1144992610-1000UA => C:\Users\marco\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {8C91CDD9-C0BD-49B9-86AD-AC8BA9B49FFD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A49E9D89-0EBA-45F3-B211-F5BCEEC11F8E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-25] (Google Inc.)
Task: {AAB61522-DB7D-4A76-BC7B-3B25D0666607} - System32\Tasks\{D2D44DB0-60AE-49FD-89D6-8C11D897BE81} => Firefox.exe http://ui.skype.com/ui/0/6.3.0.105/it/abandoninstall?source=lightinstaller&amp;page=tsMain
Task: {C46912E0-2A66-4667-B102-3170789C1D34} - System32\Tasks\{591BF16C-102E-457E-B637-F3C25BC3E722} => Firefox.exe http://ui.skype.com/ui/0/6.3.0.105/it/abandoninstall?source=lightinstaller&amp;page=tsBing
Task: {F861BE5F-43C2-4AB9-AAD2-E1A1C364A813} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-25] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2905506877-594172100-1144992610-1000Core.job => C:\Users\marco\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2905506877-594172100-1144992610-1000UA.job => C:\Users\marco\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-02-06 18:09 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-12-07 19:27 - 2012-12-07 19:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () D:\film\Notepad++\NppShell_06.dll
2014-06-25 11:33 - 2014-07-25 15:51 - 00699680 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2014-06-25 11:33 - 2014-07-25 15:51 - 00855328 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2014-02-16 18:14 - 2014-02-16 18:14 - 00019968 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\PSIClient\bac63b83b24a39cfbca7218bed452017\PSIClient.ni.dll
2014-09-12 21:15 - 2014-09-04 05:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-12 21:15 - 2014-09-04 05:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-12 21:15 - 2014-09-04 05:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-12 21:15 - 2014-09-04 05:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-12 21:15 - 2014-09-04 05:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Cm106Sound => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
MSCONFIG\startupreg: Cmaudio8788 => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.cpl,CMICtrlWnd
MSCONFIG\startupreg: Cmaudio8788Hook => C:\Windows\system\ComHookMonitor.exe
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Player\DelayPluginI.exe
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: Facebook Update => "C:\Users\marco\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FUFAXRCV => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
MSCONFIG\startupreg: FUFAXSTM => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: PowerDVD13Agent => "C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe"
MSCONFIG\startupreg: RunDLLEntry => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
MSCONFIG\startupreg: THXCfg64 => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
MSCONFIG\startupreg: WrtMon.exe => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe
MSCONFIG\startupreg: WSHelperSetup.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
 
==================== Faulty Device Manager Devices =============
 
Name: NETGEAR DGND3700v2 Router
Description: NETGEAR DGND3700v2 Router
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/13/2014 00:19:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Scaricamento delle stringhe dei contatori delle prestazioni per il servizio WmiApRpl (WmiApRpl) non riuscito. Il primo valore DWORD nella sezione Data contiene il codice di errore.
 
Error: (09/13/2014 00:19:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Le stringhe relative alle prestazioni nel valore Performance del Registro di sistema sono state danneggiate durante l'elaborazione dell'estensione del provider contatori Performance. Il valore BaseIndex è il primo valore DWORD della sezione Data, il valore LastCounter è il secondo valore DWORD della sezione Data e il valore LastHelp è il terzo valore DWORD della sezione Data.
 
Error: (09/13/2014 00:19:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Le stringhe relative alle prestazioni nel valore Performance del Registro di sistema sono state danneggiate durante l'elaborazione dell'estensione del provider contatori Performance. Il valore BaseIndex è il primo valore DWORD della sezione Data, il valore LastCounter è il secondo valore DWORD della sezione Data e il valore LastHelp è il terzo valore DWORD della sezione Data.
 
Error: (09/13/2014 00:15:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (09/13/2014 00:38:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Il servizio Gruppi reti peer dipende dal servizio Protocollo PNRP che non è stato avviato per il seguente errore: 
%%-2140993535
 
Error: (09/13/2014 00:38:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Protocollo PNRP terminato con l'errore: 
%%-2140993535
 
Error: (09/13/2014 00:38:50 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
Error: (09/13/2014 00:38:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Protocollo PNRP terminato con l'errore: 
%%-2140993535
 
Error: (09/13/2014 00:38:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Il servizio Gruppi reti peer dipende dal servizio Protocollo PNRP che non è stato avviato per il seguente errore: 
%%-2140993535
 
Error: (09/13/2014 00:38:45 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
Error: (09/13/2014 00:38:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Il servizio Gruppi reti peer dipende dal servizio Protocollo PNRP che non è stato avviato per il seguente errore: 
%%-2140993535
 
Error: (09/13/2014 00:38:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Protocollo PNRP terminato con l'errore: 
%%-2140993535
 
Error: (09/13/2014 00:38:42 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
Error: (09/13/2014 00:17:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Il servizio Gruppi reti peer dipende dal servizio Protocollo PNRP che non è stato avviato per il seguente errore: 
%%-2140993535
 
 
Microsoft Office Sessions:
=========================
Error: (09/13/2014 00:19:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
 
Error: (09/13/2014 00:19:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (09/13/2014 00:19:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
 
Error: (09/13/2014 00:15:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-09-13 11:54:02.459
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-09-13 11:54:02.458
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-09-13 11:54:02.457
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-09-13 11:35:01.592
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-09-13 11:35:01.591
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-09-13 11:35:01.590
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-07-31 19:13:01.623
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-07-31 19:13:01.622
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-07-31 19:13:01.621
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2014-07-31 19:13:01.618
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3820 CPU @ 3.60GHz
Percentage of memory in use: 18%
Total physical RAM: 16360.36 MB
Available physical RAM: 13407.89 MB
Total Pagefile: 32718.9 MB
Available Pagefile: 29361.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:119.14 GB) (Free:18.41 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:623.88 GB) NTFS
Drive e: () (Fixed) (Total:931.41 GB) (Free:774.68 GB) NTFS
Drive g: (20140703_1159) (CDROM) (Total:6.54 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 320B4B00)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: F5AE3269)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F825EC58)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 



#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:13 AM

Posted 13 September 2014 - 06:47 AM

Ciao,

does this fix solve the problem?


Please download this attached Attached File  fixlist.txt   459bytes   15 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


#5 Mazzaru

Mazzaru
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:02:13 AM

Posted 13 September 2014 - 07:11 AM

It does, thanks man! You are the best, grazie mille!



#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:13 AM

Posted 13 September 2014 - 07:30 AM

Prego. :)
Update Java.

My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif.
Thank you!

#7 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:13 AM

Posted 19 September 2014 - 03:26 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users