Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bitdefender says i have a Trojan!


  • This topic is locked This topic is locked
2 replies to this topic

#1 deimosd

deimosd

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:47 PM

Posted 17 March 2015 - 09:30 AM

BitDefender
Risultati scansione
Virus Shield ha rilevato un elemento infetto.
Risultati scansione
Nome file Infezione Azione
C:\ProgramData\Microsoft\Security\Client\SecurityHelper.dll Trojan.Generic.12837240 Eliminato
 
Salve, oggi ho trovato questa notifica sul mio antivirus e volevo sapere se finalmente è riuscito a disinfettare il mio portatile o se appena riavvio mi ritroverò ancora virus!
Vi prego aiutatemi... 
 
Fatemi sapere cosa devo fare... o se è tutto risolto... grazie in anticipo!
 

Ho già fatto la scansione con FRST ... vi allego i file...

 

 


FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015

Ran by Dario (administrator) on MAREDENTRO on 17-03-2015 14:46:57
Running from D:\Download
Loaded Profiles: Dario (Available profiles: Dario)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-09-24] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-09-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [208384 2009-09-25] (Alps Electric Co., Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [127792 2015-02-12] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1839114821-66284644-2445751584-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1839114821-66284644-2445751584-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-1839114821-66284644-2445751584-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-1839114821-66284644-2445751584-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [26232152 2015-02-19] (Google)
HKU\S-1-5-21-1839114821-66284644-2445751584-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-1839114821-66284644-2445751584-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [0WinSecurityProvider] -> {F76FA5C2-3B6A-451E-8CA5-34C8D0AE0637} => C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll ()
BootExecute: autocheck autochk * bddel.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1839114821-66284644-2445751584-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1839114821-66284644-2445751584-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-1839114821-66284644-2445751584-1000 -> DefaultScope {4CA47F58-2594-45D9-B35C-70725D6EAFB5} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1839114821-66284644-2445751584-1000 -> {4CA47F58-2594-45D9-B35C-70725D6EAFB5} URL = https://www.google.com/search?q={searchTerms}
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\0edfvhz7.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-03-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-03-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-11-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-11-12] (Microsoft Corporation)
FF Extension: Avira Browser Safety - C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\0edfvhz7.default\Extensions\abs@avira.com [2015-02-26]
FF Extension: Adblock Plus - C:\Users\Dario\AppData\Roaming\Mozilla\Firefox\Profiles\0edfvhz7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-15]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-06-06]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> https://www.google.it/
CHR StartupUrls: Default -> "https://www.google.it/"
CHR DefaultSearchKeyword: Default -> google
CHR DefaultSearchURL: Default -> http://www.google.com/search?q={searchTerms}
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-06-05]
CHR Extension: (Google Docs) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-05]
CHR Extension: (Google Drive) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-05]
CHR Extension: (YouTube) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-05]
CHR Extension: (Wave Aero theme) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnkfeamgicaplkejpeafpffpkcmiolck [2014-06-05]
CHR Extension: (Adblock Plus) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-05]
CHR Extension: (Google Search) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-05]
CHR Extension: (No Name) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2014-11-15]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-06-06]
CHR Extension: (Avira SafeSearch) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\eglgfnfolcgijipffhlhbbnefdcbjbml [2014-10-17]
CHR Extension: (Avira Browser Safety) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-06-05]
CHR Extension: (Highlight to Search) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\floipahigmmkfhkoapmnijnlnboniglg [2014-06-06]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2015-01-29]
CHR Extension: (New Tab Redirect Plus!) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnpoebddognhfcnfbfjdbgmgadkmmdkj [2014-12-12]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-01-25]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-06-06]
CHR Extension: (Google Wallet) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-05]
CHR Extension: (Gmail) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-05]
CHR HKU\S-1-5-21-1839114821-66284644-2445751584-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [184056 2015-02-12] (Avira Operations GmbH & Co. KG)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [189984 2009-09-24] (Realtek Semiconductor)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2015-02-28] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-19] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [84992 2015-01-30] (Intel  Corporation)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-15] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-15] (Visicom Media Inc.)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-10] (Realtek Semiconductor Corporation                           )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-06] (Duplex Secure Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
U3 ae2pzv9s; C:\Windows\System32\Drivers\ae2pzv9s.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 atikmdag; system32\DRIVERS\atikmdag.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 clwvd6; system32\DRIVERS\clwvd6.sys [X]
S3 cpuz134; \??\C:\Users\Dario\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
 
========================== Drivers MD5 =======================
 
C:\Windows\System32\DRIVERS\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\DRIVERS\Apfiltr.sys 56BD886820C4AEDF493CFCDF1CCFB004
C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys C130BC4A51B1382B2BE8E44579EC4C0A
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avc3.sys AAE1DAE483DD57D0E267FCA42FCB5133
C:\Windows\System32\DRIVERS\avckf.sys 8183B715BD56561C27BEBB68B1192B7A
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys C0247341C1BCD7FF2742821D0AD7AFBC
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys E0FB647661B59632E3987D40D6F75281
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 33F90B202E9DD9B7D489EB59310FDC34
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\epmntdrv.sys 6106653B08F4F72EEAA7F099E7C408A4
C:\Windows\SysWOW64\epmntdrv.sys F17F09BA097D8EC3CE2084FA97886B85
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\system32\EuGdiDrv.sys 991C04A31777ED77CB92A4F96F14C2E2
C:\Windows\SysWOW64\EuGdiDrv.sys F1DE3EEF501DDA7DDF99F2EDF0C5540E
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\DRIVERS\gzflt.sys 408B664926675C270D911160F1631D6B
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys B16FC828CE7A76A8F1CE682E6EAD2627
C:\Windows\System32\DRIVERS\IntelHaxm.sys C02FD35184CEA3A65DEE7DE278699BBC
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 56ED3EE5FED6BF2FC1305CF872042868
C:\Windows\System32\Drivers\ksecpkg.sys 8BA90F480705D7153AD0060CCA62222A
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mcvidrv.sys 12E12418F47DEC97012927C428C88D76
C:\Windows\System32\drivers\mcaudrv_x64.sys 1F75140F289D8D6F09B3F78EA68FADEE
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netaapl64.sys EE00C544C025958AF50C7B199F3C8595
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETw5s64.sys 4D85A450EDEF10C38882182753A49AAE
C:\Windows\System32\DRIVERS\netw5v64.sys 64428DFDAF6E88366CB51F45A79C5F69
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\drivers\RtHDMIVX.sys 34F05C417F038FFA3BEF69B798D7D7DD
C:\Windows\System32\DRIVERS\RTL8187B.sys F70A9384917659A4C5EF30F0F4EC484D
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SFEP.sys 70F9C476B62DE4F2823E918A6C181ADE
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys 74D30C2EF66C2EB19F17ED5423AA8038
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssudmdm.sys 6A87E01028D7594BD58EB47DABD8CEAE
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\trufos.sys 132C0E39AF0312E6B9611E2E1B344D41
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys 5C3BE22E485B9BF11FCEFDC676C728D0
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\DRIVERS\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\yk62x64.sys B3EEACF62445E24FBB2CD4B0FB4DB026
C:\Windows\System32\Drivers\ae2pzv9s.sys 
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== Three Months Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-17 14:46 - 2015-03-17 14:47 - 00000000 ____D () C:\FRST
2015-03-17 14:45 - 2015-03-17 14:45 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-03-17 14:40 - 2015-03-17 14:40 - 00000056 _____ () C:\Windows\setupact.log
2015-03-17 14:40 - 2015-03-17 14:40 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-17 14:05 - 2015-03-17 14:43 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-03-16 10:42 - 2015-03-16 10:42 - 00000000 ____D () C:\Users\Dario\.tu
2015-03-15 13:00 - 2015-03-15 13:00 - 00005010 _____ () C:\Windows\system32\bddel.dat
2015-03-15 01:27 - 2015-03-17 14:45 - 00058197 _____ () C:\Windows\WindowsUpdate.log
2015-03-14 01:18 - 2015-03-14 01:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-03-14 01:18 - 2008-08-18 18:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2015-03-11 12:06 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 12:06 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 12:06 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 12:06 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 12:06 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 12:06 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 12:06 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 12:06 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 12:06 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 12:06 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 12:06 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 12:06 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 12:06 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 12:06 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 12:06 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 12:06 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 12:06 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 12:06 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 12:06 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 12:06 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 12:06 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 12:06 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 12:06 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 12:06 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 12:06 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 12:06 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 12:06 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 12:06 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 12:06 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 12:06 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 12:06 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 12:06 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 12:06 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 12:06 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 12:06 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 12:06 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 12:06 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 12:06 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 12:06 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 12:06 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 12:06 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 12:06 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 12:06 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 12:06 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 12:06 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 12:06 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 12:06 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 12:06 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 12:06 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 12:06 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 12:06 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 12:06 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 12:06 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 12:06 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 12:06 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 12:06 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 12:06 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 12:06 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 12:06 - 2015-01-31 04:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 12:06 - 2015-01-31 04:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 12:06 - 2015-01-31 00:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 12:06 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 12:06 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 12:06 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 12:05 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 12:05 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 12:04 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 12:04 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 12:01 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 12:01 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 12:01 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 12:01 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 12:01 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 12:01 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 12:01 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 12:01 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 12:01 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 12:01 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 12:01 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 12:01 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 12:01 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 12:01 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 12:01 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 12:01 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 12:01 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 12:01 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 12:01 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 12:01 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 12:01 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 12:01 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 12:01 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 12:01 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 12:01 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 12:01 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 12:00 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 12:00 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 12:00 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 12:00 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 12:00 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 12:00 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 11:55 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 11:55 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 11:55 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 11:55 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 11:55 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 11:55 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 11:55 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 11:55 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 11:55 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 11:55 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 11:55 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 11:55 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 11:55 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 11:55 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 11:55 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 11:55 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 11:55 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 11:55 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 11:55 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 11:55 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 11:55 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 11:55 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 11:55 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 11:55 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 11:55 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 11:55 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 11:55 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 11:55 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 11:55 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 11:55 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 11:55 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 11:55 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 11:55 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 11:55 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 11:55 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 11:55 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 11:55 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 11:55 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 11:55 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 11:55 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 11:55 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 11:55 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 11:55 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 11:55 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 11:55 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 11:55 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 11:55 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 11:55 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 11:55 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 11:55 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 11:55 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 11:55 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 11:55 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 11:55 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 11:55 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 11:55 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 11:55 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 11:55 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 11:55 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 11:55 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 11:55 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 11:53 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 11:53 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-10 15:48 - 2015-03-10 15:48 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2015-03-10 15:48 - 2015-03-10 15:48 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2015-03-07 14:00 - 2015-03-07 14:01 - 00000978 ____H () C:\Windows\EPMBatch.ept
2015-03-05 20:58 - 2015-03-05 20:58 - 00002960 _____ () C:\Windows\System32\Tasks\{A12909C4-0C54-4FB5-9FFD-CA0F8F0E2162}
2015-03-05 20:58 - 2015-03-05 20:58 - 00002960 _____ () C:\Windows\System32\Tasks\{8723ECC8-0A75-4526-BC41-F32CA695E45A}
2015-03-05 20:30 - 2015-03-05 20:30 - 00000986 _____ () C:\Users\Dario\Desktop\eclipse.exe.lnk
2015-03-02 16:18 - 2015-03-02 16:18 - 00000000 ____D () C:\Users\Dario\.gradle
2015-03-02 16:17 - 2015-03-02 16:17 - 00000000 ____D () C:\Users\Dario\AndroidStudioProjects
2015-03-02 16:13 - 2015-03-16 22:12 - 00001158 _____ () C:\Users\Dario\Desktop\Android Studio.lnk
2015-03-02 16:13 - 2015-03-02 16:13 - 00000000 ____D () C:\Users\Dario\AppData\Roaming\JetBrains
2015-03-02 16:12 - 2015-03-02 16:12 - 00000000 ____D () C:\Users\Dario\.AndroidStudio
2015-03-02 16:11 - 2015-03-02 16:14 - 00000000 ____D () C:\Users\Dario\.android
2015-03-02 16:11 - 2015-03-02 16:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
2015-03-02 16:11 - 2015-01-30 10:02 - 00084992 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelHaxm.sys
2015-03-02 16:07 - 2015-03-02 16:07 - 00000000 ____D () C:\Users\Dario\AppData\Local\Android
2015-03-02 16:06 - 2015-03-02 16:06 - 00000000 ____D () C:\Program Files\Android
2015-02-28 11:42 - 2015-02-28 11:47 - 00000165 _____ () C:\Windows\Reimage.ini
2015-02-28 11:25 - 2015-02-28 11:25 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-02-28 11:14 - 2015-02-28 11:15 - 00000000 ____D () C:\Users\Dario\AppData\OICE_15_974FA576_32C1D314_54F
2015-02-26 18:52 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-26 18:52 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-26 16:48 - 2015-02-28 11:19 - 00000000 ____D () C:\ProgramData\Avira
2015-02-26 16:48 - 2015-02-28 11:19 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-26 16:48 - 2015-02-28 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-26 15:57 - 2015-02-26 15:57 - 00211444 _____ () C:\ProgramData\1424962421.bdinstall.bin
2015-02-26 15:55 - 2015-02-26 15:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2015-02-26 15:55 - 2013-04-17 14:59 - 00718840 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-02-26 15:55 - 2013-04-17 14:59 - 00593144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-02-26 15:54 - 2015-02-26 15:55 - 00000000 ____D () C:\Program Files\Bitdefender
2015-02-26 15:54 - 2013-05-28 12:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-02-26 15:54 - 2013-04-22 13:21 - 00148696 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-02-26 15:44 - 2015-02-26 15:44 - 00097770 _____ () C:\ProgramData\1424961768.bdinstall.bin
2015-02-26 15:40 - 2015-02-26 15:40 - 00060793 _____ () C:\ProgramData\1424961596.bdinstall.bin
2015-02-26 15:39 - 2015-02-26 15:39 - 00037842 _____ () C:\ProgramData\1424961594.bdinstall.bin
2015-02-26 15:28 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-26 15:28 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-26 15:28 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-26 15:28 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-26 15:28 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-26 15:28 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-26 15:28 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-26 15:28 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-26 15:20 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-26 15:20 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-26 15:20 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-26 15:20 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-26 15:09 - 2015-02-26 15:09 - 00003132 _____ () C:\Windows\System32\Tasks\{1B68B11A-7E75-4706-9033-8795A66B1F43}
2015-02-25 23:31 - 2015-02-25 23:31 - 00480650 _____ () C:\ProgramData\1424902245.bdinstall.bin
2015-02-25 23:08 - 2015-02-25 23:08 - 00042856 _____ () C:\ProgramData\1424902094.6192.bin
2015-02-25 23:08 - 2015-02-25 23:08 - 00002052 _____ () C:\ProgramData\1424902094.3000.bin
2015-02-25 23:08 - 2015-02-25 23:08 - 00000189 _____ () C:\ProgramData\1424902094.5620.bin
2015-02-25 23:07 - 2015-02-25 23:07 - 00043948 _____ () C:\ProgramData\1424902017.bdinstall.bin
2015-02-25 23:03 - 2015-02-25 23:03 - 00044299 _____ () C:\ProgramData\1424901777.bdinstall.bin
2015-02-25 23:02 - 2015-02-26 15:54 - 00000000 ____D () C:\Users\Dario\AppData\Roaming\QuickScan
2015-02-25 20:21 - 2015-02-25 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-25 20:21 - 2015-02-25 20:21 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-25 20:21 - 2015-02-25 20:21 - 00000000 ____D () C:\Program Files\iTunes
2015-02-25 20:21 - 2015-02-25 20:21 - 00000000 ____D () C:\Program Files\iPod
2015-02-25 20:21 - 2015-02-25 20:21 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-02-25 19:02 - 2015-02-25 19:04 - 00000000 ____D () C:\Users\Dario\AppData\OICE_15_974FA576_32C1D314_260C
2015-02-25 19:02 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-25 19:02 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-24 12:08 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-24 12:08 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-23 11:41 - 2015-02-23 11:41 - 00000000 ____D () C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-Fi Password Key
2015-02-23 11:41 - 2015-02-23 11:41 - 00000000 ____D () C:\Program Files (x86)\Wi-Fi Password Key
2015-02-20 12:04 - 2015-02-20 12:04 - 00000000 ____D () C:\Users\Dario\AppData\OICE_15_974FA576_32C1D314_F66
2015-02-17 15:30 - 2015-02-17 15:30 - 01691808 _____ (Microsoft Corporation) C:\Windows\system32\FM20.DLL
2015-02-16 19:23 - 2015-02-16 19:23 - 00000000 ____D () C:\Users\Dario\AppData\OICE_15_974FA576_32C1D314_3005
2015-01-30 16:02 - 2015-01-30 16:03 - 00000000 ____D () C:\Users\Dario\AppData\OICE_15_974FA576_32C1D314_AE4
2015-01-30 10:41 - 2015-01-30 10:41 - 00000132 _____ () C:\Users\Dario\AppData\Roaming\Preferenze Adobe Formato BMP CC
2015-01-24 14:07 - 2015-03-10 15:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-01-14 10:06 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 10:06 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 10:06 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 10:06 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 10:06 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 10:06 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-04 02:16 - 2015-01-04 02:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2015-01-04 02:14 - 2015-01-04 02:14 - 00000000 ____D () C:\ProgramData\ManyCam
2015-01-04 02:14 - 2015-01-04 02:14 - 00000000 ____D () C:\ProgramData\EmailNotifier
2014-12-20 12:15 - 2015-02-05 15:13 - 00000000 ____D () C:\Users\Dario\AppData\Roaming\Dropbox
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-17 14:47 - 2009-07-14 05:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-17 14:47 - 2009-07-14 05:45 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-17 14:41 - 2014-11-09 17:04 - 00005114 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MareDentro-Dario MareDentro
2015-03-17 14:41 - 2014-06-06 14:19 - 00000546 ____H () C:\Windows\Tasks\MATLAB R2014a Startup Accelerator.job
2015-03-17 14:41 - 2014-06-05 21:01 - 00001146 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-17 14:40 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-17 09:41 - 2014-08-29 15:23 - 00000000 ____D () C:\Users\Dario\AppData\Local\Adobe
2015-03-16 19:08 - 2014-06-06 11:12 - 00000000 ____D () C:\Users\Dario\AppData\Roaming\vlc
2015-03-16 10:42 - 2014-06-05 20:44 - 00000000 ____D () C:\Users\Dario
2015-03-15 16:09 - 2010-11-21 16:30 - 00740896 _____ () C:\Windows\system32\perfh010.dat
2015-03-15 16:09 - 2010-11-21 16:30 - 00146918 _____ () C:\Windows\system32\perfc010.dat
2015-03-15 16:09 - 2009-07-14 06:13 - 01658888 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-15 12:54 - 2014-06-06 23:28 - 00000978 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-15 12:45 - 2014-06-05 21:01 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-14 11:30 - 2014-06-11 23:51 - 00000000 ____D () C:\Users\Dario\AppData\Local\CrashDumps
2015-03-14 11:28 - 2014-06-06 10:14 - 00000000 ____D () C:\Program Files (x86)\ArcSoft
2015-03-14 01:26 - 2014-06-06 17:02 - 00000000 ____D () C:\Users\Dario\AppData\Local\ManyCam
2015-03-14 01:18 - 2014-09-18 22:59 - 00000049 _____ () C:\Windows\SysWOW64\ScrRecX.log
2015-03-14 01:18 - 2014-06-06 10:58 - 00000000 ____D () C:\Program Files (x86)\DsNET Corp
2015-03-13 10:12 - 2014-06-06 11:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-13 10:11 - 2014-06-06 03:55 - 00000000 ____D () C:\Users\Dario\AppData\Roaming\Adobe
2015-03-13 10:01 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-12 14:47 - 2014-06-06 11:01 - 00000000 ____D () C:\Users\Dario\AppData\Roaming\BitComet
2015-03-12 13:36 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-11 20:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-11 16:01 - 2014-06-06 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
2015-03-11 16:01 - 2014-06-06 19:11 - 00000000 ____D () C:\Program Files (x86)\i-Funbox DevTeam
2015-03-11 15:55 - 2014-07-08 07:54 - 00000000 ____D () C:\Users\Dario\AppData\Roaming\iFunbox_UserCache
2015-03-11 14:41 - 2009-07-14 05:45 - 05045568 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 14:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-11 14:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 14:24 - 2014-06-06 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-11 14:24 - 2014-06-06 15:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 14:13 - 2014-06-05 21:27 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 14:05 - 2014-06-05 21:27 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-07 20:51 - 2014-06-07 12:00 - 00000000 ____D () C:\Users\Dario\AppData\Local\Eclipse
2015-03-02 16:11 - 2014-09-29 14:47 - 00000000 ____D () C:\Program Files\Intel
2015-02-28 11:30 - 2014-10-08 19:25 - 00000000 ____D () C:\Users\Dario\AppData\Roaming\TeamViewer
2015-02-27 12:39 - 2014-06-17 10:46 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-02-27 00:48 - 2014-12-11 11:21 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-27 00:48 - 2014-06-06 03:50 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-27 00:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-26 17:25 - 2014-06-06 19:13 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-02-26 16:48 - 2014-06-06 15:55 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-25 20:21 - 2014-06-06 14:20 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-25 19:01 - 2014-06-06 11:08 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-23 11:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
 
==================== Files in the root of some directories =======
 
2015-01-30 10:41 - 2015-01-30 10:41 - 0000132 _____ () C:\Users\Dario\AppData\Roaming\Preferenze Adobe Formato BMP CC
2014-06-25 10:32 - 2014-06-25 10:32 - 0000132 _____ () C:\Users\Dario\AppData\Roaming\Preferenze Adobe Formato PNG CC
2014-11-01 19:38 - 2014-11-01 19:38 - 0000600 _____ () C:\Users\Dario\AppData\Local\PUTTY.RND
2014-06-05 21:08 - 2014-06-05 21:08 - 0007609 _____ () C:\Users\Dario\AppData\Local\Resmon.ResmonCfg
2015-02-25 23:03 - 2015-02-25 23:03 - 0044299 _____ () C:\ProgramData\1424901777.bdinstall.bin
2015-02-25 23:07 - 2015-02-25 23:07 - 0043948 _____ () C:\ProgramData\1424902017.bdinstall.bin
2015-02-25 23:08 - 2015-02-25 23:08 - 0002052 _____ () C:\ProgramData\1424902094.3000.bin
2015-02-25 23:08 - 2015-02-25 23:08 - 0000189 _____ () C:\ProgramData\1424902094.5620.bin
2015-02-25 23:08 - 2015-02-25 23:08 - 0042856 _____ () C:\ProgramData\1424902094.6192.bin
2015-02-25 23:31 - 2015-02-25 23:31 - 0480650 _____ () C:\ProgramData\1424902245.bdinstall.bin
2015-02-26 15:39 - 2015-02-26 15:39 - 0037842 _____ () C:\ProgramData\1424961594.bdinstall.bin
2015-02-26 15:40 - 2015-02-26 15:40 - 0060793 _____ () C:\ProgramData\1424961596.bdinstall.bin
2015-02-26 15:44 - 2015-02-26 15:44 - 0097770 _____ () C:\ProgramData\1424961768.bdinstall.bin
2015-02-26 15:57 - 2015-02-26 15:57 - 0211444 _____ () C:\ProgramData\1424962421.bdinstall.bin
2014-06-06 12:01 - 2014-06-06 12:01 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
 
Some content of TEMP:
====================
C:\Users\Dario\AppData\Local\Temp\{0CCEC090-B840-4476-AA5D-5D3D2ACAA60C}.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identificatore          {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  it-IT
inherit                 {globalsettings}
default                 {current}
resumeobject            {bd02cdd4-ece8-11e3-aa06-c2c435d2c7bb}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
 
Caricatore di avvio di Windows
-------------------
identificatore          {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  it-IT
inherit                 {bootloadersettings}
recoverysequence        {bd02cdd6-ece8-11e3-aa06-c2c435d2c7bb}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {bd02cdd4-ece8-11e3-aa06-c2c435d2c7bb}
nx                      OptIn
 
Caricatore di avvio di Windows
-------------------
identificatore          {bd02cdd6-ece8-11e3-aa06-c2c435d2c7bb}
device                  ramdisk=[C:]\Recovery\bd02cdd6-ece8-11e3-aa06-c2c435d2c7bb\Winre.wim,{bd02cdd7-ece8-11e3-aa06-c2c435d2c7bb}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\bd02cdd6-ece8-11e3-aa06-c2c435d2c7bb\Winre.wim,{bd02cdd7-ece8-11e3-aa06-c2c435d2c7bb}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Ripresa da modalit… di ibernazione
---------------------
identificatore          {bd02cdd4-ece8-11e3-aa06-c2c435d2c7bb}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  it-IT
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Tester memoria di Windows
---------------------
identificatore          {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Diagnostica memoria Windows
locale                  it-IT
inherit                 {globalsettings}
badmemoryaccess         Yes
 
Impostazioni Servizi di gestione emergenze
------------
identificatore          {emssettings}
bootems                 Yes
 
Impostazioni debugger
-----------------
identificatore          {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
Problemi RAM
-----------
identificatore          {badmemory}
 
Impostazioni globali
---------------
identificatore          {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Impostazioni caricatore di avvio
-------------------
identificatore          {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Impostazioni hypervisor
-------------------
identificatore          {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Impostazioni Resume Loader
----------------------
identificatore          {resumeloadersettings}
inherit                 {globalsettings}
 
Opzioni dispositivo
--------------
identificatore          {bd02cdd7-ece8-11e3-aa06-c2c435d2c7bb}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\bd02cdd6-ece8-11e3-aa06-c2c435d2c7bb\boot.sdi
 
 
 
LastRegBack: 2015-03-15 02:51
 
==================== End Of Log ============================

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015

Ran by Dario at 2015-03-17 14:48:13
Running from D:\Download
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{AC5253C5-E282-4017-9740-DDA6ECF5C203}) (Version: 4.0.0.374 - ArcSoft)
aTube Catcher versione 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avira (HKLM-x32\...\{d9ed6dcf-6bfc-4fbb-802e-81dd5b767d6e}) (Version: 1.1.32.25147 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.32.25147 - Avira Operations & Co. KG) Hidden
BitComet 1.37 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.37 - CometNetwork)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
Dolby Control Center (HKLM\...\{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}) (Version: 1.2.0702 - Dolby)
EaseUS Partition Master 10.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Gestione alimentazione VAIO (HKLM-x32\...\{5F5867F0-2D23-4338-A206-01A76C823924}) (Version: 4.0.0.08240 - Sony Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Drive (HKLM-x32\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HxD Hex Editor versione 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
iFunbox (v2.94.2520.758), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.94.2520.758 - )
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
ManyCam 4.1.0 (HKLM-x32\...\ManyCam) (Version: 4.1.0 - Visicom Media Inc.)
MATLAB R2014a (HKLM\...\Matlab R2014a) (Version: 8.3 - The MathWorks, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mp3tag v2.65a (HKLM-x32\...\Mp3tag) (Version: v2.65a - Florian Heidenreich)
MPC-HC 1.7.7 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.7 - MPC-HC Team)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3 - MusicBrainz)
Nero 2014 (HKLM-x32\...\{F384C1E1-3A16-4073-95C3-7271FE0ED4C2}) (Version: 15.0.02200 - Nero AG)
Ontrack EasyRecovery Professional (HKLM-x32\...\{668CC71A-C2AD-4D56-866D-CF300BD1D5BE}_is1) (Version: 11.0.1.0 - Kroll Ontrack Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PhoneClean 3.4.0 (HKLM-x32\...\{2FAFFE02-4D6B-4C0A-906B-1B33DAF0DD14}}_is1) (Version: 3.4.0 - iMobie Inc.)
plist Editor Pro 2.1.0 (HKLM-x32\...\plist Editor Pro) (Version: 2.1.0 - VOWSoft, Ltd.)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5897 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5886 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.0.0.07300 - Sony Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Software Intel® PROSet/Wireless WiFi (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
Supporto applicazioni Apple (32 bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Supporto applicazioni Apple (64 bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Tansee iPhone Transfer SMS 6.5.1.0 (HKLM-x32\...\Tansee iPhone Transfer SMS_is1) (Version: 6.5.1.0 - Tansee, Inc.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer)
Ufo-Wardriving (HKLM-x32\...\Ufo-Wardriving) (Version: 4 Invasion - UW-Team)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.0.0.06120 - Sony Corporation)
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.0.0.07010 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.0.06210 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.1.08110 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VueScan x64 (HKLM\...\VueScan x64) (Version:  - )
Wi-Fi Password Key  (HKLM-x32\...\Wi-Fi Password Key) (Version:  - Tenorshare, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2014-10-13 07:56 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {053BB554-8266-40B3-8546-13D403769564} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-05] (Google Inc.)
Task: {09D71094-5901-4B0F-9EF4-60C735EB3E6C} - System32\Tasks\{8723ECC8-0A75-4526-BC41-F32CA695E45A} => C:\ProgramData\Oracle\Java\javapath\javaw.exe [2014-10-18] (Oracle Corporation)
Task: {33C7CF59-5404-4F52-91B3-0A6BFB2EAF85} - System32\Tasks\{1B68B11A-7E75-4706-9033-8795A66B1F43} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {37302ACE-770D-4EE3-B466-D87F0F82979C} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-06-06] ()
Task: {60C6C459-4685-4F70-8E0E-3C6A3A733931} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {6A2DF940-E8A0-43E9-85BF-5D62D0B5C44C} - System32\Tasks\{A12909C4-0C54-4FB5-9FFD-CA0F8F0E2162} => C:\ProgramData\Oracle\Java\javapath\javaw.exe [2014-10-18] (Oracle Corporation)
Task: {727AB245-B0E9-4AC3-B48B-EB42BF3A3D93} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7760CD4C-7796-45AA-9523-D544AEFA2EFE} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {7B759D8F-34AE-40FA-8FD7-315C1EB27043} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {7F93E0F6-07C6-4BC9-A2E5-E94344CB235E} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {821F2C11-A0F4-401E-A1CF-5FBC05DB120C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {8F67E4DF-1C8F-489E-B652-6F8C2DC84931} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {91318B67-4428-4D96-A36F-1CD9EBEBFAC6} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1839114821-66284644-2445751584-1000
Task: {A7C90F67-72AE-4B1F-9202-C84565735FB0} - System32\Tasks\MATLAB R2014a Startup Accelerator => C:\Program Files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe [2014-01-29] ()
Task: {A9C46258-9E38-48FD-A47E-6E584249829B} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)
Task: {BD09EC91-A3D6-4E07-875C-40716587DFA3} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-08-20] (Nero AG)
Task: {D674771E-BDE8-4394-9EAE-AACCE4FEE5D3} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {DC243B8B-EBA8-4101-B73B-D98E265A7686} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E2729F7F-662B-4B67-903D-25BDAADD7C88} - System32\Tasks\AdobeAAMUpdater-1.0-MareDentro-Dario => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {E777D3A2-E5CE-4F86-8F4A-39AFFC4DDDFF} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MareDentro-Dario MareDentro => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation)
Task: {F522F101-A4BD-4C44-9757-78AB8ED6D702} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {FA0FA836-2419-4BE8-A752-E52BE3FB6FC9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {FAD99E77-1E54-4DD9-8307-D60F29418846} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-05] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => 
Task: C:\Windows\Tasks\MATLAB R2014a Startup Accelerator.job => 
 
==================== Loaded Modules (whitelisted) ==============
 
2015-02-26 15:55 - 2013-03-19 12:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2015-02-26 15:55 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2009-09-21 14:04 - 2009-09-21 14:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2015-02-28 12:13 - 2015-02-28 12:13 - 02623488 _____ () C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-23 20:19 - 2014-10-23 20:19 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1040.dll
2014-04-14 20:41 - 2014-04-14 20:41 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll
2014-06-06 11:32 - 2009-07-01 10:49 - 00010752 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2014-06-06 11:32 - 2009-07-01 10:49 - 00009728 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2015-03-17 14:42 - 2015-03-17 14:42 - 00098816 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\win32api.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00110080 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\pywintypes27.dll
2015-03-17 14:42 - 2015-03-17 14:42 - 00364544 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\pythoncom27.dll
2015-03-17 14:42 - 2015-03-17 14:42 - 00045568 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\_socket.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 01161216 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\_ssl.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00320512 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\win32com.shell.shell.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00713216 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\_hashlib.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 01175040 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\wx._core_.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00805888 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\wx._gdi_.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00811008 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\wx._windows_.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 01062400 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\wx._controls_.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00735232 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\wx._misc_.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00682496 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\pysqlite2._sqlite.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00128512 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\_elementtree.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00127488 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\pyexpat.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00087552 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\_ctypes.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00119808 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\win32file.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00108544 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\win32security.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00007168 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\hashobjs_ext.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00167936 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\win32gui.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00018432 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\win32event.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00038912 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\win32inet.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00011264 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\win32crypt.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00070656 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\wx._html2.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00027136 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\_multiprocessing.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00020480 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\_yappi.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00035840 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\win32process.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00686080 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\unicodedata.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00122368 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\wx._wizard.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00024064 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\win32pipe.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00010240 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\select.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00025600 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\win32pdh.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00525640 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\windows._lib_cacheinvalidation.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00017408 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\win32profile.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00022528 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\win32ts.pyd
2015-03-17 14:42 - 2015-03-17 14:42 - 00078336 _____ () C:\Users\Dario\AppData\Local\Temp\_MEI28282\wx._animate.pyd
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\17399177.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\17399177.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1839114821-66284644-2445751584-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1839114821-66284644-2445751584-500 - Administrator - Disabled)
Dario (S-1-5-21-1839114821-66284644-2445751584-1000 - Administrator - Enabled) => C:\Users\Dario
Guest (S-1-5-21-1839114821-66284644-2445751584-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1839114821-66284644-2445751584-1002 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
Name: Periferica sistema di base
Description: Periferica sistema di base
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: ATI Mobility Radeon HD 4650
Description: ATI Mobility Radeon HD 4650
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: ATI Technologies Inc.
Service: atikmdag
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/17/2015 02:42:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Errore nel file manifesto o dei criteri "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2", alla riga C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (03/17/2015 02:42:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/17/2015 02:40:27 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error
 
Error: (03/17/2015 02:02:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma gziface.exe versione 1.0.21.1099 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.
 
ID processo: 7b8
 
Ora di avvio: 01d060b1cfc8a8d4
 
Ora di chiusura: 5
 
Percorso applicazione: C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
 
ID segnalazione: d6a3e6d0-cca5-11e4-a372-0024be3df749
 
 
System errors:
=============
Error: (03/17/2015 02:41:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della connessione del servizio Adobe Acrobat Update Service.
 
Error: (03/17/2015 02:02:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Servizio Windows Update bloccato in partenza.
 
 
Microsoft Office Sessions:
=========================
Error: (03/17/2015 02:42:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Dreamweaver.exe
 
Error: (03/17/2015 02:42:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/17/2015 02:40:27 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: 
 
Error: (03/17/2015 02:02:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: gziface.exe1.0.21.10997b801d060b1cfc8a8d45C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exed6a3e6d0-cca5-11e4-a372-0024be3df749
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-10-13 08:56:10.393
  Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.
 
  Date: 2014-10-13 08:56:10.346
  Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.
 
  Date: 2014-10-13 08:56:10.299
  Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.
 
  Date: 2014-10-13 08:56:10.252
  Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.
 
  Date: 2014-10-11 08:30:23.636
  Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.
 
  Date: 2014-10-11 08:30:23.590
  Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU T9600 @ 2.80GHz
Percentage of memory in use: 35%
Total physical RAM: 4063.02 MB
Available physical RAM: 2601.23 MB
Total Pagefile: 8124.23 MB
Available Pagefile: 6248.4 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:165.62 GB) (Free:58.27 GB) NTFS
Drive d: (DeImOs) (Fixed) (Total:300.03 GB) (Free:200.15 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CFD7CF9A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=165.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=300 GB) - (Type=OF Extended)
 
==================== End Of Log ============================

Shortcut.txt

 

Users shortcut scan result (x64) Version: 11-03-2015

Ran by Dario at 2015-03-17 14:50:59
Running from D:\Download
Boot Mode: Normal
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
 
 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk -> C:\Program Files\VueScan\vuescan.exe (Hamrick Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrodist.exe (Adobe Systems Incorporated.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk -> C:\Windows\Installer\{AC76BA86-1033-FFFF-7760-000000000006}\_SC_Acrobat.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CC.lnk -> C:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Dreamweaver.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk -> C:\Program Files (x86)\Adobe\Acrobat 11.0\FormsCentral\FormsCentralForAcrobat.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC (64 Bit).lnk -> C:\Program Files\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC.lnk -> C:\Program Files (x86)\Adobe\Adobe Photoshop CC\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby Control Center.lnk -> C:\Windows\Installer\{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}\_DF30B6672BAD027FB62666.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2014a.lnk -> C:\Program Files\MATLAB\R2014a\bin\matlab.exe (The MathWorks Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicBrainz Picard.lnk -> C:\Program Files (x86)\MusicBrainz Picard\picard.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk -> C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Gate.lnk -> C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk -> C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\Uninstall XAMPP.lnk -> C:\xampp\uninstall.exe (Bitnami)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\XAMPP Control Panel.lnk -> C:\xampp\xampp-control.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\XAMPP htdocs folder.lnk -> C:\xampp\htdocs ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\Dr.Fone for iOS\HomePage.lnk -> C:\Program Files\Wondershare\Wondershare Dr.Fone for iOS (CPC)\Wondershare Dr.Fone for iOS.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\Dr.Fone for iOS\How to use.lnk -> C:\Program Files\Wondershare\Wondershare Dr.Fone for iOS (CPC)\Wondershare Dr.Fone for iOSOnlineHelp.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\Dr.Fone for iOS\Order Online.lnk -> C:\Program Files\Wondershare\Wondershare Dr.Fone for iOS (CPC)\Wondershare Dr.Fone for iOSOrder.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\Dr.Fone for iOS\Uninstall Wondershare Dr.Fone for iOS.lnk -> C:\Program Files\Wondershare\Wondershare Dr.Fone for iOS (CPC)\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\Dr.Fone for iOS\Wondershare Dr.Fone for iOS.lnk -> C:\Program Files\Wondershare\Wondershare Dr.Fone for iOS (CPC)\iphoneRecovery_DrFoneForiOS.exe (Wondershare)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Guida a WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manuale di RAR in modalità carattere.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Novità dell'ultima versione.lnk -> C:\Program Files\WinRAR\Novità.Txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VOWSoft iPod Software\plist Editor Pro\plist Editor Pro.lnk -> C:\Program Files (x86)\VOWSoft iPod Software\plist Editor Pro\plistEditor.exe (VOWSoft, Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VOWSoft iPod Software\plist Editor Pro\Uninstall.lnk -> C:\Program Files (x86)\VOWSoft iPod Software\plist Editor Pro\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VOWSoft iPod Software\plist Editor Pro\Website.lnk -> C:\Program Files (x86)\VOWSoft iPod Software\plist Editor Pro\plist Editor Pro.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ufo-Wardriving\Ufo-Wardriving.lnk -> C:\Program Files (x86)\Ufo-Wardriving\ufo.exe (Ufo-Wardriving)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ufo-Wardriving\Uninstall Ufo-Wardriving.lnk -> C:\Program Files (x86)\Ufo-Wardriving\uninstall.exe (UW-Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ufo-Wardriving\UW Network Manager.lnk -> C:\Program Files (x86)\Ufo-Wardriving\ufonm.exe (Ufo-Wardriving)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tansee iPhone Transfer SMS\Tansee iPhone Transfer SMS.lnk -> C:\Program Files (x86)\Tansee iPhone Transfer SMS\iphonetransfersms.exe (Tansee, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tansee iPhone Transfer SMS\Uninstall Tansee iPhone Transfer SMS.lnk -> C:\Program Files (x86)\Tansee iPhone Transfer SMS\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan\Help and HOW-TO.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.chm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan\Release info.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan\SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan\Uninstall SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies.lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ontrack EasyRecovery Professional\Disinstalla Ontrack EasyRecovery Professional.lnk -> C:\Program Files (x86)\Kroll Ontrack\Ontrack EasyRecovery11 Professional\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ontrack EasyRecovery Professional\Ontrack EasyRecovery Professional.lnk -> C:\Program Files (x86)\Kroll Ontrack\Ontrack EasyRecovery11 Professional\ERPro64.exe (LC Technology International, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero Blu-ray Player.lnk -> C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe (Nero AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero ControlCenter.lnk -> C:\Windows\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ScControlCenterSta_FC2653898C5047A6A872CAF6433C43A8.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 2014\Nero 2014.lnk -> C:\Windows\Installer\{D5115C78-2D22-4668-A5E2-6C87DED3ED1B}\NeroLauncher.ex_2882597C6E684EBDA23F3CF2CA0CBC30.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 2014\Nero Burning ROM.lnk -> C:\Windows\Installer\{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA}\ARPPRODUCTICON.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 2014\Nero Express.lnk -> C:\Windows\Installer\{ED7943A4-2FF0-4096-BBEA-DE3CC206E3D4}\ARPPRODUCTICON.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 2014\Nero Recode.lnk -> C:\Windows\Installer\{40E51513-D917-4563-84F6-4EF6ADD46E2F}\ScRecodeStartMenu_563A75F05683422E8C558ED3B6DA617D.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 2014\Nero Video.lnk -> C:\Windows\Installer\{511B5F54-CB1D-4F5B-BE0E-09B1D86BE586}\ScVisionStartMenu_88036A9DCD1D412A84701A23A35FB37B.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\Changelog.lnk -> C:\Program Files\MPC-HC\Changelog.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\Disinstalla MPC-HC.lnk -> C:\Program Files\MPC-HC\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\MPC-HC x64.lnk -> C:\Program Files\MPC-HC\mpc-hc64.exe (MPC-HC Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag Help (english).lnk -> C:\Program Files (x86)\Mp3tag\help\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag.lnk -> C:\Program Files (x86)\Mp3tag\Mp3tag.exe (Florian Heidenreich)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Uninstall Mp3tag.lnk -> C:\Program Files (x86)\Mp3tag\Mp3tagUninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Version history (english).lnk -> C:\Program Files (x86)\Mp3tag\Mp3tagVersion.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Strumenti di Office 2013\Dashboard di telemetria per Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmadminicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Strumenti di Office 2013\Database Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\dbcicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Strumenti di Office 2013\Gestione registrazioni di Lync.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Strumenti di Office 2013\Log di telemetria per Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\osmclienticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Strumenti di Office 2013\Office 2013 Upload Center.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Strumenti di Office 2013\Preferenze lingua di Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Strumenti di Office 2013\Spreadsheet Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\sscicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB\R2014a\Activate MATLAB R2014a.lnk -> C:\Program Files\MATLAB\R2014a\bin\win64\activate_matlab.exe (The MathWorks, Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB\R2014a\Deactivate MATLAB R2014a.lnk -> C:\Program Files\MATLAB\R2014a\uninstall\bin\win64\deactivate_matlab.exe (The MathWorks, Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB\R2014a\MATLAB R2014a.lnk -> C:\Program Files\MATLAB\R2014a\bin\matlab.exe (The MathWorks Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB\R2014a\Polyspace Bug Finder R2014a.lnk -> C:\Program Files\MATLAB\R2014a\polyspace\bin\polyspace-bug-finder.exe (The MathWorks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB\R2014a\Polyspace Code Prover R2014a.lnk -> C:\Program Files\MATLAB\R2014a\polyspace\bin\polyspace-code-prover.exe (The MathWorks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam\ManyCam.lnk -> C:\Program Files (x86)\ManyCam\ManyCam.exe (Visicom Media Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam\Uninstall ManyCam.lnk -> C:\Program Files (x86)\ManyCam\uninstall.exe (Visicom Media Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Java Mission Control.lnk -> C:\Program Files\Java\jdk1.8.0_05\bin\jmc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configura Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Informazioni su iTunes.lnk -> C:\Program Files\iTunes\iTunes.Resources\it.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie\PhoneClean\PhoneClean.lnk -> C:\Program Files (x86)\iMobie\PhoneClean\PhoneClean.exe (iMobie Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie\PhoneClean\Uninstall PhoneClean.lnk -> C:\Program Files (x86)\iMobie\PhoneClean\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\Check New Update.lnk -> C:\Program Files (x86)\i-Funbox DevTeam\links\ifunbox.win32.checkupdate.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\iFunbox x64.lnk -> C:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe (i-Funbox.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\iFunbox.lnk -> C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe (i-Funbox.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\Online Tutorial.lnk -> C:\Program Files (x86)\i-Funbox DevTeam\links\ifunbox.win32.tutorial.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam\Uninstall iFunbox.lnk -> C:\Program Files (x86)\i-Funbox DevTeam\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor\Changelog.lnk -> C:\Program Files (x86)\HxD\changelog.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor\HxD.lnk -> C:\Program Files (x86)\HxD\HxD.exe (Maël Hörz)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor\License.lnk -> C:\Program Files (x86)\HxD\license.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor\Readme.lnk -> C:\Program Files (x86)\HxD\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.0\EaseUS Partition Master 10.0.lnk -> C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\EPMStartLoader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.0\Uninstall EaseUS Partition Master 10.0.lnk -> C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\SPTD Setup.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\SPTDinst-x64.exe (Duplex Secure Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++\Dev-C++.lnk -> C:\Dev-Cpp\devcpp.exe (Bloodshed Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++\License.lnk -> C:\Dev-Cpp\copying.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++\Uninstall Dev-C++.lnk -> C:\Dev-Cpp\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)\BitComet.lnk -> C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)\HomePage.lnk -> C:\Program Files\BitComet\BitComet.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit)\Uninstall.lnk -> C:\Program Files\BitComet\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup\Avira System Speedup.lnk -> C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup\Disinstalla.Ink.lnk -> C:\Program Files (x86)\Avira\AviraSpeedup\Uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher\aTube Catcher.lnk -> C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe (DsNET)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft WebCam Companion 4\Avvia Utility.lnk -> C:\Program Files (x86)\ArcSoft\WebCam Companion 4\Utility.exe (ArcSoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft WebCam Companion 4\WebCam Companion 4.lnk -> C:\Program Files (x86)\ArcSoft\WebCam Companion 4\uMCEDVDPlayer.exe (ArcSoft Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect\Avvia ArcSoft Connect.lnk -> C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACStart.exe (ArcSoft Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition\Bitdefender Antivirus Free Edition.lnk -> C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe (Bitdefender)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition\Manuale per l'utente.lnk -> C:\Program Files\Bitdefender\Antivirus Free Edition\Manualeutente.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio\Android Studio.lnk -> C:\Program Files\Android\Android Studio\bin\studio64.exe (Android)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\Users\Dario\Links\Dario.lnk -> D:\Dario ()
Shortcut: C:\Users\Dario\Links\DeImOs (D).lnk -> D:\ ()
Shortcut: C:\Users\Dario\Links\Desktop.lnk -> C:\Users\Dario\Desktop ()
Shortcut: C:\Users\Dario\Links\Download.lnk -> D:\Download ()
Shortcut: C:\Users\Dario\Links\Downloads.lnk -> C:\Users\Dario\Downloads ()
Shortcut: C:\Users\Dario\Links\Google Drive.lnk -> D:\Dario\Google Drive ()
Shortcut: C:\Users\Dario\Links\Musica.lnk -> D:\Music ()
Shortcut: C:\Users\Dario\Links\Rete usb.lnk -> \\Vodafone\A (No File)
Shortcut: C:\Users\Dario\Links\WesternDigital Elements 1TB (W).lnk -> W:\ (No File)
Shortcut: C:\Users\Dario\Desktop\Adobe Dreamweaver CC.lnk -> C:\Program Files (x86)\Adobe\Adobe Dreamweaver CC\Dreamweaver.exe (Adobe Systems, Inc.)
Shortcut: C:\Users\Dario\Desktop\Android Studio.lnk -> C:\Program Files\Android\Android Studio\bin\studio64.exe (Android)
Shortcut: C:\Users\Dario\Desktop\Dev-C++.lnk -> C:\Dev-Cpp\devcpp.exe (Bloodshed Software)
Shortcut: C:\Users\Dario\Desktop\eclipse.exe.lnk -> D:\Dario\UniPa\PROGRAMMAZIONE MIA\eclipse-java-luna-SR2-win32-x86_64\eclipse.exe ()
Shortcut: C:\Users\Dario\Desktop\EL.lnk -> D:\Dario\UniPa\elettronica ()
Shortcut: C:\Users\Dario\Desktop\FCE.lnk -> D:\Dario\UniPa\Fond. Com. El ()
Shortcut: C:\Users\Dario\Desktop\Workspace.lnk -> D:\Dario\UniPa\PROGRAMMAZIONE MIA ()
Shortcut: C:\Users\Dario\Desktop\XAMPP Control Panel.lnk -> C:\xampp\xampp-control.exe ()
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Guida a WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manuale di RAR in modalità carattere.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Novità dell'ultima versione.lnk -> C:\Program Files\WinRAR\Novità.Txt ()
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-Fi Password Key\Help.lnk -> C:\Program Files (x86)\Wi-Fi Password Key\Help File\Wi-Fi Password Key Help.chm ()
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-Fi Password Key\Uninstall Wi-Fi Password Key.lnk -> C:\Program Files (x86)\Wi-Fi Password Key\uninst.exe ()
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-Fi Password Key\Website.lnk -> C:\Program Files (x86)\Wi-Fi Password Key\Wi-Fi Password Key.url ()
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-Fi Password Key\Wi-Fi Password Key.lnk -> C:\Program Files (x86)\Wi-Fi Password Key\Wi-Fi Password Key.exe (Tenorshare)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\SendTo\Trasferimento file Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Dev-C++.lnk -> C:\Dev-Cpp\devcpp.exe (Bloodshed Software)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\EaseUS Partition Master 10.0.lnk -> C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.0\bin\EPMStartLoader.exe ()
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe ()
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Bitdefender Antivirus Free Edition.lnk -> C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe (Bitdefender)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\VAIO Gate.lnk -> C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Sony Corporation)
Shortcut: C:\Users\Dario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\MATLAB R2014a.lnk -> C:\Program Files\MATLAB\R2014a\bin\matlab.exe (The MathWorks Inc.)
 
 
 
 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk -> C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Control Center.exe (Sony Corporation) -> /VCC
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies (Lite).lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe () -> /lite
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Uninstall Kies.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe (Samsung Electronics Co., Ltd.) -> /removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ontrack EasyRecovery Professional\Change Ontrack EasyRecovery Professional Language.lnk -> C:\Program Files (x86)\Kroll Ontrack\Ontrack EasyRecovery11 Professional\ERPro64.exe (LC Technology International, Inc.) -> -chooselang
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam\Reset settings.lnk -> C:\Program Files (x86)\ManyCam\ManyCam.exe (Visicom Media Inc.) -> --remove-settings
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Informazioni su Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Rileva aggiornamenti.lnk -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\Visualizzatore eventi WiFi.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel® Corporation) -> /sf Wireless Event Viewer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_document
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_spreadsheet
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_presentation
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira.lnk -> C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG) -> /showMiniGui
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect\Visualizza informazioni ArcSoft.lnk -> C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACRun.exe (ArcSoft Inc.) -> ProductInfo.ac
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Dario\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) -> --sendto
ShortcutWithArgument: C:\Users\Dario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe () -> /lite
ShortcutWithArgument: C:\Users\Dario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Schermo OFF.lnk -> D:\Dario\Vario\wizmo.exe () -> quiet monoff
ShortcutWithArgument: C:\Users\Dario\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\VAIO Control Center.lnk -> C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Control Center.exe (Sony Corporation) -> /VCC
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) -> --sendto
 
 
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\Bitnami for XAMPP.url -> hxxp://bitnami.com/stack/xampp?utm_source=bitnami&utm_medium=installer&utm_campaign=XAMPP%2BInstaller
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tansee iPhone Transfer SMS\Tansee iPhone Transfer SMS Homepage.url -> hxxp://www.tansee.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ontrack EasyRecovery Professional\Ontrack EasyRecovery Professional sul Web.url -> hxxp://www.krollontrack.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\MPC-HC sul Web.url -> hxxp://mpc-hc.org/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag\Mp3tag Website.url -> hxxp://www.mp3tag.de
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie\PhoneClean\PhoneClean Online Help.url -> hxxp://www.imobie.com/phoneclean/guide.htm
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor\Website.url -> hxxp://mh-nexus.de/hxd/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.0\EaseUS Partition Master 10.0 Help.url -> hxxp://www.partition-tool.com/easeus-partition-manager/manual.htm?ref=free
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.0\Visit EaseUS on the Web.url -> hxxp://www.partition-tool.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher\aTube Catcher sul Web.url -> hxxp://www.atube.me/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft WebCam Companion 4\ArcSoft Products and Bonus Offers.url -> hxxp://www.arcsoft.com/public/download/download_group.asp?DlType=0&productType=RETAIL&gmid=arcsoft-webcamcompanion-40-101221-ret
InternetURL: C:\Users\Dario\Favorites\Benvenuti su MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\Dario\Favorites\Home Page di Microsoft Windows.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\Dario\Favorites\Microsoft Italia.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\Dario\Favorites\VodafoneStation.url -> hxxp://vodafone.station/main.cgi?page=index.html
InternetURL: C:\Users\Dario\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\Dario\Favorites\Siti Web Microsoft\Internet Explorer - Home.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\Dario\Favorites\Siti Web Microsoft\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Dario\Favorites\MSN\MSN Intrattenimento.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72659
InternetURL: C:\Users\Dario\Favorites\MSN\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72640
InternetURL: C:\Users\Dario\Favorites\MSN\MSN Motori.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72680
InternetURL: C:\Users\Dario\Favorites\MSN\MSN Notizie.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72636
InternetURL: C:\Users\Dario\Favorites\MSN\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72635
InternetURL: C:\Users\Dario\Favorites\MSN\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\Dario\Favorites\Microsoft Websites\Gallery Add-on per IE.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Dario\Favorites\Links\VodafoneStation.url -> hxxp://vodafone.station/main.cgi?page=index.html
 
==================== End of log =============================


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,940 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:47 AM

Posted 21 March 2015 - 08:44 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.


start

CloseProcesses:

HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [0WinSecurityProvider] -> {F76FA5C2-3B6A-451E-8CA5-34C8D0AE0637} => C:\ProgramData\Microsoft\Security\Client\SecurityProvider.dll ()
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1839114821-66284644-2445751584-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
CHR Extension: (Avira Browser Safety) - C:\Users\Dario\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-06-05]
U3 ae2pzv9s; C:\Windows\System32\Drivers\ae2pzv9s.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 atikmdag; system32\DRIVERS\atikmdag.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 clwvd6; system32\DRIVERS\clwvd6.sys [X]
S3 cpuz134; \??\C:\Users\Dario\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
C:\Users\Dario\AppData\Local\Temp\{0CCEC090-B840-4476-AA5D-5D3D2ACAA60C}.exe

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

How is the computer running now?

#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,940 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:47 AM

Posted 26 March 2015 - 08:38 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users