Controllo log - Sicurezza VIRUS

Benvenuto Ospite

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Controllo log

Controllo log

Opzioni

Topic Precedente · Topic Sucessivo

daunisic

Inviato: Saturday, August 16, 2014 10:57:22 PM

Rank: AiutAmico

Iscritto dal : 2/23/2005
Posts: 30

Il computer di mio figlio, con firefox, carica molte pagine indesiderate.
Di seguito posto i logs:

Malwarebytes Anti-Malware
www.malwarebytes.org

Data scansione: 16/08/2014
Ora scansione: 22.18.34
File di log: log.txt
Amministratore: No

Versione: 2.00.2.1012
Database malware: v2014.08.16.06
Database rootkit: v2014.08.16.01
Licenza: Prova
Protezione da malware: Attivata
Protezione da siti web nocivi: Attivata
Self-protection: Disattivata

SO: Windows 8
CPU: x64
File system: NTFS
Utente: dari0d

Tipo di scansione: Scansione elementi nocivi
Risultati: Completata
Elementi analizzati: 237333
Tempo impiegato: 11 min, 19 sec

Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Heuristics: Attivata
PUP: Attivata
PUM: Attivata

Processi: 0
(No malicious items detected)

Moduli: 0
(No malicious items detected)

Chiavi di registro: 0
(No malicious items detected)

Valori di registro: 0
(No malicious items detected)

Dati di registro: 0
(No malicious items detected)

Cartelle: 0
(No malicious items detected)

File: 2
PUP.Optional.WebsSearches.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml, Elimina al riavvio, [96b0b215a7d474c2901f44bc0df6c937],
PUP.Optional.SweetPage.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml, Elimina al riavvio, [b98da0277a0185b132a2ac8bd33125db],

Settori fisici: 0
(No malicious items detected)

(end)

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21.56.58, on 16/08/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17028)

FIREFOX: 31.0 (x86 it)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\bdwtxapps.exe
C:\Users\dari0d\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [Intel AppUp(R) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [TPUReg] "C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe" /Retimes
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\dari0d\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (vsserv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8751 bytes

OTL logfile created on: 16/08/2014 21.43.45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\dari0d\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17028)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3,89 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 58,65% Memory free
4,89 Gb Paging File | 3,11 Gb Available in Paging File | 63,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286,89 Gb Total Space | 236,64 Gb Free Space | 82,48% Space Free | Partition Type: NTFS

Computer Name: MULETTO | User Name: pippo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Users\dari0d\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\bdwtxapps.exe (Bitdefender)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()

========== Services (SafeList) ==========

SRV:64bit: - (vsserv) -- C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe (Bitdefender)
SRV:64bit: - (ClickToRunSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Microsoft Corporation)
SRV:64bit: - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe (Bitdefender)
SRV:64bit: - (BdDesktopParental) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe (Bitdefender)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\Teco\TecoService.exe (TOSHIBA Corporation)
SRV:64bit: - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TMachInfo) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (GFNEXSrv) -- C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe ()

========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\Drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\Drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (avckf) -- C:\Windows\SysNative\Drivers\avckf.sys (BitDefender)
DRV:64bit: - (avc3) -- C:\Windows\SysNative\Drivers\avc3.sys (BitDefender)
DRV:64bit: - (BdfNdisf) -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC)
DRV:64bit: - (BDSandBox) -- C:\Windows\SysNative\Drivers\bdsandbox.sys (BitDefender SRL)
DRV:64bit: - (tosrfec) -- C:\Windows\SysNative\Drivers\tosrfec.sys (TOSHIBA Corporation)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\Drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\Drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (bdelam) -- C:\Windows\SysNative\Drivers\bdelam.sys (Bitdefender)
DRV:64bit: - (gzflt) -- C:\Windows\SysNative\Drivers\gzflt.sys (BitDefender LLC)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (trufos) -- C:\Windows\SysNative\Drivers\trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (bdfwfpf) -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC)
DRV:64bit: - (avchv) -- C:\Windows\SysNative\Drivers\avchv.sys (BitDefender)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (bdfwfpf_pc) -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys (Bitdefender SRL)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (RTWlanE) -- C:\Windows\SysNative\Drivers\rtwlane.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (RTL8192Ce) -- C:\Windows\SysNative\Drivers\rtwlane.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (Thotkey) -- C:\Windows\SysNative\Drivers\Thotkey.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\Drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\Drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:64bit: - (TVALZFL) -- C:\Windows\SysNative\Drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\Drivers\tos_sps64.sys (TOSHIBA Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (PEGAGFN) -- C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys (PEGATRON)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{7DFF4858-7036-46B7-B7DA-A11FEA669415}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{7DFF4858-7036-46B7-B7DA-A11FEA669415}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3217549307-2249909302-3316572946-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3217549307-2249909302-3316572946-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3217549307-2249909302-3316572946-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3217549307-2249909302-3316572946-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3217549307-2249909302-3316572946-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3217549307-2249909302-3316572946-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3217549307-2249909302-3316572946-1004\..\SearchScopes,DefaultScope = {7DFF4858-7036-46B7-B7DA-A11FEA669415}
IE - HKU\S-1-5-21-3217549307-2249909302-3316572946-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3217549307-2249909302-3316572946-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: quick_start%40gmail.com:3.1.9
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2015\BDTBEXT [2014/07/11 17.33.31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bdwteff@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff\ [2014/07/11 17.33.37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014/07/11 17.33.31 | 000,000,000 | ---D | M]

[2014/03/26 19.27.35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pippo\AppData\Roaming\mozilla\Extensions
[2014/08/16 17.32.14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pippo\AppData\Roaming\mozilla\Firefox\Profiles\d3l6q26u.default\extensions
[2014/08/16 17.22.36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/08/16 17.22.51 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - homepage:

O1 HOSTS File: ([2012/07/26 07.26.49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (no name) - {41564952-412D-5637-4300-7A786E7484D7} - No CLSID value found.
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (Bitdefender Wallet ) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bitdefender Wallet) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3217549307-2249909302-3316572946-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SRS Premium Sound HD] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe ()
O4:64bit: - HKLM..\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe ()
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Intel AppUp(R) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [TPUReg] C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe (Pegatron Corporation)
O4 - HKU\S-1-5-21-3217549307-2249909302-3316572946-1001..\Run: [Bitdefender Wallet Agent] C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe (Bitdefender)
O4 - HKU\S-1-5-21-3217549307-2249909302-3316572946-1001..\Run: [Spotify Web Helper] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-3217549307-2249909302-3316572946-1004..\Run: [Facebook Update] C:\Users\dari0d\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-3217549307-2249909302-3316572946-1001..\RunOnce: [Report] \AdwCleaner\AdwCleaner[S2].txt ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13A2026D-4ED2-44B3-B27D-9FF2602A2CF1}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{281B1766-503D-47F3-89EE-19FAFE5DF334}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 60 Days ==========

[2014/08/16 21.22.36 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2014/08/16 17.34.28 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\windows\SysWow64\sqlite3.dll
[2014/08/16 17.33.33 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/08/16 17.22.36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/08/16 17.11.26 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/16 17.10.59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/08/16 17.10.55 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014/08/16 17.10.55 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2014/08/16 17.10.55 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014/08/16 17.10.55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/08/16 17.10.55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/08/16 15.43.29 | 000,074,512 | ---- | C] (BitDefender SRL) -- C:\windows\SysNative\bdsandboxuiskin32.dll
[2014/08/16 15.43.28 | 000,079,192 | ---- | C] (BitDefender) -- C:\windows\SysNative\drivers\bdvedisk.sys
[2014/08/16 15.37.53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
[2014/08/16 15.37.39 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2014/08/16 15.37.34 | 000,023,568 | ---- | C] (Bitdefender) -- C:\windows\SysNative\drivers\bdelam.sys
[2014/08/16 15.37.28 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\windows\capicom.dll
[2014/08/16 15.37.28 | 000,098,768 | ---- | C] (BitDefender LLC) -- C:\windows\SysNative\drivers\bdfndisf6.sys
[2014/08/16 15.37.28 | 000,082,824 | ---- | C] (BitDefender SRL) -- C:\windows\SysNative\drivers\bdsandbox.sys
[2014/08/16 15.37.28 | 000,074,512 | ---- | C] (BitDefender SRL) -- C:\windows\SysWow64\bdsandboxuiskin32.dll
[2014/08/16 15.37.18 | 000,893,440 | ---- | C] (BitDefender) -- C:\windows\SysNative\drivers\avc3.sys
[2014/08/16 15.37.18 | 000,635,392 | ---- | C] (BitDefender) -- C:\windows\SysNative\drivers\avckf.sys
[2014/08/16 15.37.18 | 000,261,496 | ---- | C] (BitDefender) -- C:\windows\SysNative\drivers\avchv.sys
[2014/08/16 15.29.35 | 000,000,000 | ---D | C] -- C:\Users\pippo\AppData\Roaming\Bitdefender
[2014/08/16 15.23.44 | 000,150,256 | ---- | C] (BitDefender LLC) -- C:\windows\SysNative\drivers\gzflt.sys
[2014/08/16 15.23.43 | 000,389,240 | ---- | C] (BitDefender S.R.L.) -- C:\windows\SysNative\drivers\trufos.sys
[2014/08/16 15.20.39 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2014/08/16 15.14.04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender
[2014/08/16 14.41.46 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TsWpfWrp.exe
[2014/08/16 14.41.46 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsWpfWrp.exe
[2014/08/16 14.35.02 | 000,084,848 | ---- | C] (BitDefender SRL) -- C:\windows\SysNative\BDSandBoxUISkin.dll
[2014/08/16 14.35.02 | 000,034,384 | ---- | C] (BitDefender SRL) -- C:\windows\SysNative\BDSandBoxUH.dll
[2014/08/16 14.35.02 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2014/08/16 14.34.44 | 000,000,000 | ---D | C] -- C:\Users\pippo\AppData\Roaming\QuickScan
[2014/08/16 14.30.57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2014/07/15 16.20.44 | 010,115,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twinui.dll
[2014/07/15 16.20.41 | 008,858,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twinui.dll
[2014/07/15 16.20.32 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\actxprxy.dll
[2014/07/15 16.20.32 | 000,703,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NotificationUI.exe
[2014/07/15 16.20.31 | 002,307,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2014/07/15 16.20.30 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2014/07/15 16.20.30 | 000,694,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSShared.dll
[2014/07/15 16.20.30 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSetupUI.dll
[2014/07/15 16.20.28 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSShared.dll
[2014/07/15 16.20.27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/07/15 16.20.27 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/07/14 14.36.26 | 000,077,824 | ---- | C] (Fox Magic Software) -- C:\windows\SysWow64\fmcodec.DLL
[2014/07/14 14.36.15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DsNET Corp
[2014/07/14 14.36.03 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Uninstall Information
[2014/07/13 12.14.33 | 000,703,968 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2014/07/13 12.14.33 | 000,105,440 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/07/13 12.08.56 | 000,000,000 | --SD | C] -- C:\windows\SysNative\CompatTel
[2014/07/13 01.56.47 | 001,557,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\osk.exe
[2014/07/13 01.56.47 | 001,440,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\osk.exe
[2014/07/13 01.56.40 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\InkEd.dll
[2014/07/13 01.56.22 | 001,281,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2014/07/13 01.56.22 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SHCore.dll
[2014/07/13 01.56.22 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SHCore.dll
[2014/07/13 01.56.22 | 000,439,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsm.dll
[2014/07/13 01.56.09 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/07/13 01.56.09 | 000,556,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014/07/13 01.56.09 | 000,394,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\devinv.dll
[2014/07/13 01.56.09 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepic.dll
[2014/07/13 01.56.05 | 006,974,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2014/07/13 01.56.04 | 001,824,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2014/07/13 01.56.04 | 001,023,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2014/07/13 01.56.03 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Robocopy.exe
[2014/07/13 01.56.03 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Robocopy.exe
[2014/07/13 01.55.40 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/07/13 01.55.34 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2014/07/13 01.55.34 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/07/13 01.55.33 | 001,508,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/07/13 01.55.32 | 001,440,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/07/13 01.55.32 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/07/13 01.55.32 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/07/13 01.55.32 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/07/13 01.55.31 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxtheme.dll
[2014/07/13 01.55.31 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2014/07/13 01.55.30 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2014/07/13 01.55.30 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2014/07/13 01.55.30 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/07/13 01.55.29 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/07/13 01.55.29 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/07/13 01.55.29 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/07/13 01.55.28 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UXInit.dll
[2014/07/13 01.55.28 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/07/13 01.55.28 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/07/13 01.55.27 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UXInit.dll
[2014/07/13 01.55.26 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/07/13 01.55.26 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/07/13 01.54.57 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2014/07/13 01.54.57 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2014/07/12 20.58.03 | 000,982,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2014/07/12 20.58.02 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\objsel.dll
[2014/07/12 20.58.02 | 000,578,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2014/07/12 20.58.02 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2014/07/12 20.58.01 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpapisrv.dll
[2014/07/12 20.57.58 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\objsel.dll
[2014/07/12 20.57.55 | 001,043,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usercpl.dll
[2014/07/12 20.57.55 | 000,961,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\usercpl.dll
[2014/07/12 20.57.52 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dimsroam.dll
[2014/07/12 20.57.52 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dimsroam.dll
[2014/07/12 20.57.52 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2014/07/12 20.57.51 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\workerdd.dll
[2014/07/12 20.57.13 | 000,269,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdFilter.sys
[2014/07/12 20.57.11 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdBoot.sys
[2014/07/12 20.57.00 | 003,246,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll
[2014/07/12 20.57.00 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpudd.dll
[2014/07/12 20.56.19 | 000,328,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys
[2014/07/12 20.56.19 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wusa.exe
[2014/07/12 20.56.19 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wusa.exe
[2014/07/12 20.55.42 | 001,301,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2014/07/12 15.39.51 | 001,258,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2014/07/12 15.39.48 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gpedit.dll
[2014/07/12 15.39.46 | 001,075,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gpedit.dll
[1 C:\Users\pippo\AppData\Local\*.tmp files -> C:\Users\pippo\AppData\Local\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2014/08/16 21.42.43 | 000,001,164 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/16 21.42.36 | 000,002,152 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/08/16 21.41.14 | 000,001,160 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/16 21.40.33 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/08/16 21.15.05 | 000,000,409 | ---- | M] () -- C:\windows\SysNative\checkdnsid.xml
[2014/08/16 21.09.00 | 000,000,978 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/08/16 21.04.42 | 001,781,840 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/08/16 21.04.42 | 000,791,380 | ---- | M] () -- C:\windows\SysNative\perfh010.dat
[2014/08/16 21.04.42 | 000,710,244 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/08/16 21.04.42 | 000,153,214 | ---- | M] () -- C:\windows\SysNative\perfc010.dat
[2014/08/16 21.04.42 | 000,132,614 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/08/16 20.58.15 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/08/16 20.58.11 | 3338,006,528 | -HS- | M] () -- C:\hiberfil.sys
[2014/08/16 17.31.13 | 000,471,770 | ---- | M] () -- C:\log.xml
[2014/08/16 17.14.03 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/16 17.10.59 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/16 16.25.22 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/08/16 15.56.32 | 000,000,385 | ---- | M] () -- C:\windows\SysNative\user_gensett.xml
[2014/08/16 15.47.22 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/08/16 15.43.29 | 000,074,512 | ---- | M] (BitDefender SRL) -- C:\windows\SysNative\bdsandboxuiskin32.dll
[2014/08/16 15.43.28 | 000,079,192 | ---- | M] (BitDefender) -- C:\windows\SysNative\drivers\bdvedisk.sys
[2014/08/16 15.39.27 | 000,675,201 | ---- | M] () -- C:\ProgramData\1408195416.bdinstall.bin
[2014/08/16 15.37.53 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2015.lnk
[2014/08/16 15.37.53 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014/08/16 15.22.00 | 000,063,687 | ---- | M] () -- C:\ProgramData\1408195312.bdinstall.bin
[2014/08/16 15.20.40 | 000,284,947 | ---- | M] () -- C:\ProgramData\1408195196.bdinstall.bin
[2014/08/16 15.14.54 | 000,095,631 | ---- | M] () -- C:\ProgramData\1408194881.bdinstall.bin
[2014/08/16 14.57.50 | 000,063,667 | ---- | M] () -- C:\ProgramData\1408193855.bdinstall.bin
[2014/08/16 14.52.33 | 000,277,697 | ---- | M] () -- C:\ProgramData\1408193486.bdinstall.bin
[2014/08/16 14.45.44 | 000,063,666 | ---- | M] () -- C:\ProgramData\1408193134.bdinstall.bin
[2014/08/16 14.44.39 | 000,363,791 | ---- | M] () -- C:\ProgramData\1408192485.bdinstall.bin
[2014/08/04 13.48.05 | 000,000,948 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3217549307-2249909302-3316572946-1004UA.job
[2014/07/20 22.48.00 | 000,000,926 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3217549307-2249909302-3316572946-1004Core.job
[2014/07/14 14.36.27 | 000,001,161 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk
[2014/07/13 12.40.16 | 000,421,704 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/07/01 00.42.56 | 000,394,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\devinv.dll
[2014/07/01 00.42.48 | 000,702,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/07/01 00.42.48 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepic.dll
[2014/06/28 05.35.04 | 000,556,544 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014/06/26 22.53.24 | 000,703,968 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2014/06/26 22.53.24 | 000,105,440 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/06/24 09.36.07 | 000,703,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\NotificationUI.exe
[2014/06/24 09.35.44 | 000,010,450 | ---- | M] () -- C:\windows\SysNative\autoconfig.cab
[2014/06/24 08.41.34 | 000,694,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WSShared.dll
[2014/06/24 08.41.34 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/06/24 08.41.20 | 010,115,584 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\twinui.dll
[2014/06/24 08.40.27 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WinSetupUI.dll
[2014/06/24 08.39.40 | 002,307,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2014/06/24 08.39.31 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\actxprxy.dll
[2014/06/24 06.08.30 | 000,567,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\WSShared.dll
[2014/06/24 06.08.30 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/06/24 06.08.21 | 008,858,624 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\twinui.dll
[2014/06/24 06.06.56 | 002,037,760 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2014/06/19 04.12.31 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/06/19 04.12.02 | 000,915,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\uxtheme.dll
[2014/06/19 04.12.02 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\UXInit.dll
[2014/06/19 04.11.04 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/06/19 04.11.01 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/06/19 04.10.56 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/06/19 04.10.33 | 003,959,296 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/06/19 04.10.32 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2014/06/19 04.10.28 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2014/06/19 04.10.28 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/06/19 04.10.28 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/06/19 04.10.18 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/06/19 04.10.17 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/06/19 04.09.55 | 001,508,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/06/19 02.53.42 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\UXInit.dll
[2014/06/19 02.53.03 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/06/19 02.53.01 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/06/19 02.52.46 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2014/06/19 02.52.42 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2014/06/19 02.52.42 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/06/19 02.52.42 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/06/19 02.52.19 | 001,440,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/06/18 01.27.37 | 001,440,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\osk.exe
[2014/06/18 01.24.48 | 001,557,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\osk.exe
[1 C:\Users\pippo\AppData\Local\*.tmp files -> C:\Users\pippo\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/08/16 17.31.26 | 000,471,770 | ---- | C] () -- C:\log.xml
[2014/08/16 17.10.59 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/16 15.56.32 | 000,000,385 | ---- | C] () -- C:\windows\SysNative\user_gensett.xml
[2014/08/16 15.47.40 | 000,000,409 | ---- | C] () -- C:\windows\SysNative\checkdnsid.xml
[2014/08/16 15.39.27 | 000,675,201 | ---- | C] () -- C:\ProgramData\1408195416.bdinstall.bin
[2014/08/16 15.37.53 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2015.lnk
[2014/08/16 15.37.53 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014/08/16 15.22.00 | 000,063,687 | ---- | C] () -- C:\ProgramData\1408195312.bdinstall.bin
[2014/08/16 15.20.40 | 000,284,947 | ---- | C] () -- C:\ProgramData\1408195196.bdinstall.bin
[2014/08/16 15.14.54 | 000,095,631 | ---- | C] () -- C:\ProgramData\1408194881.bdinstall.bin
[2014/08/16 14.57.50 | 000,063,667 | ---- | C] () -- C:\ProgramData\1408193855.bdinstall.bin
[2014/08/16 14.52.33 | 000,277,697 | ---- | C] () -- C:\ProgramData\1408193486.bdinstall.bin
[2014/08/16 14.45.44 | 000,063,666 | ---- | C] () -- C:\ProgramData\1408193134.bdinstall.bin
[2014/08/16 14.44.39 | 000,363,791 | ---- | C] () -- C:\ProgramData\1408192485.bdinstall.bin
[2014/07/15 16.20.32 | 000,010,450 | ---- | C] () -- C:\windows\SysNative\autoconfig.cab
[2014/07/13 12.40.06 | 000,421,704 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/07/12 20.56.19 | 000,387,268 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2013/11/29 17.25.51 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2013/05/03 00.14.39 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe
[2012/10/26 01.24.10 | 000,598,780 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin
[2012/10/26 01.24.05 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012/10/26 01.24.04 | 000,755,048 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin

========== ZeroAccess Check ==========

[2014/03/26 19.29.11 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/28 10.23.06 | 019,759,104 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/28 08.18.26 | 017,562,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 05.05.38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 05.18.27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 05.07.41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/08/16 15.44.02 | 000,000,000 | ---D | M] -- C:\Users\dari0d\AppData\Roaming\Bitdefender
[2014/08/16 16.00.29 | 000,000,000 | ---D | M] -- C:\Users\dari0d\AppData\Roaming\QuickScan
[2013/08/04 22.02.33 | 000,000,000 | ---D | M] -- C:\Users\dari0d\AppData\Roaming\sMedio
[2014/08/16 15.29.35 | 000,000,000 | ---D | M] -- C:\Users\pippo\AppData\Roaming\Bitdefender
[2014/08/16 14.34.44 | 000,000,000 | ---D | M] -- C:\Users\pippo\AppData\Roaming\QuickScan
[2013/08/29 11.52.04 | 000,000,000 | ---D | M] -- C:\Users\pippo\AppData\Roaming\Spotify

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:AD022376

< End of report >
OTL Extras logfile created on: 16/08/2014 21.43.45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\dari0d\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17028)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3,89 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 58,65% Memory free
4,89 Gb Paging File | 3,11 Gb Available in Paging File | 63,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286,89 Gb Total Space | 236,64 Gb Free Space | 82,48% Space Free | Partition Type: NTFS

Computer Name: MULETTO | User Name: pippo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3217549307-2249909302-3316572946-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B954D5A-2BF1-4B90-817E-0E07014E56DB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0EAC5CCA-B701-4C28-8597-8EEA02CFBD26}" = rport=445 | protocol=6 | dir=out | app=system |
"{1C8E3F3D-8414-4A82-AE30-CCF587A459E5}" = rport=138 | protocol=17 | dir=out | app=system |
"{24A7E26F-FB0E-4871-AAC7-180C3D894DFF}" = lport=138 | protocol=17 | dir=in | app=system |
"{2544F2CB-8DFF-4A1C-9D53-A320F800BA05}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{2A80BC98-CC88-4967-9ACC-19843025F556}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3DC11DF4-5E0A-48D9-8A9E-47A384FBED09}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4A70F90E-EF5F-4F9A-B9B4-EBAF735E168B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4C407392-049F-4C1F-8A40-F6D5BE795952}" = lport=139 | protocol=6 | dir=in | app=system |
"{4F042E92-819C-4E97-9F16-50178A46912C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{54AC2C46-C272-49B4-9313-9C52BACD5A29}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{59D17FA1-6542-419F-B117-4A91BFA9BE1F}" = lport=445 | protocol=6 | dir=in | app=system |
"{70354100-1492-4005-900E-DA5468EAA06E}" = rport=137 | protocol=17 | dir=out | app=system |
"{72EE75CB-5357-4FF5-B27C-001222C6AF49}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8F2CF66F-4BEF-4E93-BB28-E5163BAE9298}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{90308C7B-2035-4C23-9285-9A967CF9BA6E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{990E0079-14F3-473F-BC71-EDF4E7479948}" = rport=139 | protocol=6 | dir=out | app=system |
"{A19A8B65-3116-44A0-898A-4388FED2C538}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B6365F69-2EC0-4C85-9D88-4DF94A813205}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C4198D0A-1CEC-4A24-9592-AE062AA40420}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DA3EDC5C-F928-42DC-BA94-59529376C442}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F0E80F6C-5BC4-434E-85FE-21F82B9C4344}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F9730B08-7BC5-4E52-B2EA-63BB9B01ACD7}" = lport=137 | protocol=17 | dir=in | app=system |
"{FB53F750-0AB3-4766-BA17-7F8893A86DCB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{FC5A9D6E-653C-456C-BFFD-D6E97F694A18}" = lport=10243 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{008BC6E1-9A9A-4DE7-A94F-E2C3827CDA76}" = protocol=6 | dir=out | app=system |
"{0108187D-470C-48DF-84A2-914F2C0A1DB7}" = dir=out | name=@{microsoft.bingnews_1.5.1.409_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{03A41505-0F06-4174-95D9-4C941F19EED7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0761410D-9026-4420-921B-A63355D8FE85}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{0AA30E52-7409-424C-94E8-403CD273BC9B}" = dir=out | name=@{microsoft.zunemusic_1.1.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{0B51F36E-4583-4A98-8FE0-B4A44DFEF188}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{15257F32-D51A-4A9E-8401-125C8996D246}" = dir=out | name=@{microsoft.skypeapp_1.2.0.129_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{2179A25F-4211-467A-A57E-6EE7DA9956EA}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{229281B6-1882-4E2A-A7F8-CDE515258FE3}" = dir=in | name=evernote |
"{2564000C-EE4E-470D-94AE-82FBAC5BE532}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2764B796-61EE-443A-A4CA-8FB6F3F7DAF2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{29322657-425A-432E-852D-77D50B6E0D78}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{2C0FD0CF-3EB8-4212-9698-77E324C5F08D}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{2D5276E1-CF02-4EF5-87B6-7C4F113E2499}" = dir=out | name=@{microsoft.bing_1.5.1.251_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{2EA48E5B-F9FB-49E3-8B64-623BD5917781}" = dir=out | name=@{microsoft.skypeapp_1.2.0.129_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{38A09E30-9992-48E3-9D3C-0B4823C81CF1}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{3904DE35-6DCA-439A-81E5-B1B739761EDB}" = dir=out | name=mcafee security advisor for toshiba |
"{3BFEA774-BA96-4EFD-817E-0893CF6ABD6D}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{47F7BCDD-34B8-47FB-8F5C-AC86F1058F9D}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{4ADAB8BF-8BA8-4FAD-A605-9F2439638763}" = dir=in | name=toshiba media player by smedio truelink+ |
"{4D3EF0DC-592B-4297-A62D-6260E53EAC40}" = dir=out | name=windows_ie_ac_001 |
"{4E8C5ACE-2517-431C-994F-883E8D09E4EF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4F835B38-5012-4A44-ADBB-151700CB68A7}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{604745D1-9A70-4A42-AFEB-BB9FFECC5A2F}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{61D15311-F990-4762-9B4D-49A7754965A4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6B0FE2C2-5E54-473E-8D90-71CC8A21BD3B}" = dir=in | name=ebay |
"{6BDBD5B4-0C7F-45F2-87CB-B7DD5D427E8E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6E71EBBF-B8C8-4255-8096-10D8FC168E3D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6F392437-156A-4697-97B5-17F4D189F366}" = dir=out | name=ebay |
"{710177C7-C5FC-4B8B-A857-2883633063E6}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{723C4CFC-4C88-45DA-9B0A-5029C2B7C9DF}" = dir=out | name=@{microsoft.bing_1.5.1.251_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{728115A9-2610-4DAC-A804-C2F3901D62A0}" = dir=out | name=skyscanner |
"{72E15FCC-4426-4D66-B436-5A356B9B64E9}" = dir=out | name=@{microsoft.bingfinance_1.5.1.406_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{73318B95-F320-4C04-8AA8-77A924187945}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{76CEE148-D9A4-4607-B4E9-8AC24AD7347A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{77B6848B-26AF-457B-BD7C-24FF418313EC}" = dir=in | app=c:\program files (x86)\intel\intelappstore\bin\ismagent.exe |
"{77C75B41-EFC4-49EA-AE7D-82B0A2DFEA6D}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{791BFCEB-F141-424E-9278-4519F553BCD3}" = dir=out | name=evernote |
"{7931DFCA-2656-4CF4-B04D-55F21837F353}" = dir=out | name=evernote |
"{7CDDA351-FB94-4BF4-83F0-31DD05C22EC9}" = dir=out | name=@{microsoft.zunemusic_1.1.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{807C7A8A-30F3-468F-9E57-1FA99A9E7BD1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8133A971-CE9A-4B03-AE18-6D10B78D7FF7}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{84D859CA-3941-4EF8-820B-BDA2AC877654}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{898CA953-D670-4421-9F50-7A08243D14AA}" = dir=out | name=@{microsoft.bingweather_1.5.1.245_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{8B5BD6D1-262E-4797-ABB8-280A9C15AEB9}" = dir=out | name=skitch |
"{8F698AC2-ED2C-4C22-AD74-99A0EF8F9554}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{91D2AA90-8E7A-437F-82F6-57B2729B6ED8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{95C3EA3D-6E99-4122-A442-A474A59E44AE}" = dir=out | name=@{microsoft.bingfinance_1.5.1.406_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{96CAD640-CB19-49E9-B302-C597A452772D}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{9A4BA26A-574E-4B1A-AD4E-7F43744E1A44}" = dir=out | name=@{microsoft.bingweather_1.5.1.245_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{9D2E3163-5EF7-41E3-B805-FB7261821760}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9E7007A5-8069-4483-B82F-312E6422B6D9}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{9F9BD413-2A5C-4055-9AB6-B746997D7112}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{A1F6F6D7-0124-4E9F-B45F-06AF800775E2}" = dir=out | name=@{microsoft.bingsports_1.5.1.249_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{A2B99589-C242-4640-B872-D78EC1978BE7}" = dir=out | name=- games app - |
"{A485B863-27B5-4DB6-92CB-E70BEA4F97E6}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{A94B8640-8153-4A2D-A4A7-37D9D4FB1FBC}" = dir=out | name=mcafee security advisor for toshiba |
"{AD951F14-0600-4C1E-B652-9D0838C4E8D7}" = dir=out | name=ebay |
"{ADC86177-62D7-4F21-9406-9E266A245F45}" = dir=out | name=@{microsoft.bingtravel_1.5.1.248_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{AEE07C74-C79C-4652-9AE5-E9FFC8325093}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{AEEF6C55-9357-4C55-8BF2-E7D6744965EF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B207D4A8-C01F-4460-95C3-77AAA1D42995}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B2A9BB04-05C0-414F-BF8D-FAC62D522218}" = dir=in | name=@{microsoft.skypeapp_1.2.0.129_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{B32C6B06-9231-41C3-BA25-4A4ADD9CE138}" = dir=out | name=toshiba media player by smedio truelink+ |
"{B6E21F7A-1576-466E-BEBB-F248D433E341}" = dir=in | name=evernote |
"{B8AA07B2-2CBC-467B-A497-39A431F4C47F}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{B92423CC-8154-4359-806F-985F6564CB7E}" = dir=out | name=fresh paint |
"{BC59FC64-ADD2-4329-876B-9268B93C0EF0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BCF760F8-5BC1-42A4-AE1C-587A3965972A}" = dir=in | name=toshiba media player by smedio truelink+ |
"{BDBAE8AD-2738-44BD-A982-F597882D15B9}" = dir=in | app=c:\users\pippo\appdata\local\microsoft\skydrive\skydrive.exe |
"{BDC1F541-F680-48DF-A621-44757C179E53}" = dir=out | name=toshiba places |
"{BDD7FD06-7BF9-4BC7-BFB0-A8AA9DE2EE3F}" = dir=out | name=toshiba media player by smedio truelink+ |
"{C0069452-664B-4A0B-9488-CC8A27B995E9}" = dir=in | name=@{microsoft.skypeapp_1.2.0.129_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{C208EEF6-5BD7-40C0-B85A-0EDBCFDF3FB1}" = dir=out | name=@{microsoft.bingtravel_1.5.1.248_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{C9956E44-BE07-4211-B963-B03ED9E9080E}" = dir=out | name=- games app - |
"{D571B04D-4A29-4899-B4EA-F5EDAA6D90D6}" = dir=out | name=fresh paint |
"{D9BBA665-0770-4F01-8875-2E0900F1F948}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{DDFEFA95-FFB0-4BA0-9A09-8D237B262733}" = dir=out | name=toshiba places |
"{E1BA6AF7-216F-481C-A930-77BDDF9ECDAB}" = dir=out | name=@{microsoft.bingsports_1.5.1.249_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E8EE66E3-DC75-466D-8333-CD14BA441628}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{F2D56523-E2ED-4B71-9B82-0550D6DCF941}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F46F8D2C-CB52-45B6-963D-7B680760FA6D}" = dir=out | name=skitch |
"{F4979517-F544-444F-9144-06FCF60870A8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F5B84AD3-9E8B-4A46-B650-2D006D91C62B}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{F7227F02-03B8-4B5D-A457-692858A8E2A2}" = dir=out | name=@{microsoft.bingnews_1.5.1.409_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{F793B5BC-42FB-49DB-9B6C-34A17AE7CD79}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{FB182F2C-2D48-4ECE-BCE9-5E1F3403BA66}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FB25DADD-FF0D-44EB-9173-6A7398C95827}" = dir=out | name=skyscanner |
"{FDBC88F0-6971-4A95-AEBC-EE0D27F17D05}" = dir=in | name=ebay |
"{FF1AAAE3-5E96-4F2B-AEDE-9AD5D3CAD014}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000A208E-1050-4181-AC37-E13DA9254B73}" = Premium Sound HD
"{16562A90-71BC-41A0-B890-D91B0C267120}" = TOSHIBA Function Key
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{5944B9D4-3C2A-48DE-931E-26B31714A2F7}" = TOSHIBA eco Utility
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{95CCACF0-010D-45F0-82BF-858643D8BC02}" = TOSHIBA Desktop Assist
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{B8C8422F-01F1-4791-B084-047AAFF9BFCC}" = TOSHIBA Service Station
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"Bitdefender" = Bitdefender Internet Security 2015
"CCleaner" = CCleaner
"O365HomePremRetail - it-it" = Microsoft Office 365 - it-it
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05A55927-DB9B-4E26-BA44-828EBFF829F0}" = TOSHIBA System Settings
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1E6A96A1-2BAB-43EF-8087-30437593C66C}" = TOSHIBA System Driver
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}" = TOSHIBA Resolution+ Plug-in for Windows Media Player
"{78931270-BC9E-441A-A52B-73ECD4ACFAB5}" = TOSHIBA Password Utility
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0410-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = TOSHIBA Manuals
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1" = aTube Catcher versione 3.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"aTube Catcher" = aTube Catcher
"Google Chrome" = Google Chrome
"InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}" = TOSHIBA Password Utility
"Intel AppUp(R) center 41663" = Intel AppUp(R) center
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware versione 2.0.2.1012
"Mozilla Firefox 31.0 (x86 it)" = Mozilla Firefox 31.0 (x86 it)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Spotify" = Spotify
"VLC media player" = VLC media player 2.0.8

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3217549307-2249909302-3316572946-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive

< End of report >

Ho fatto il cleaning con programmi ma i due rilevati da Malwarebytes Anti-Malware
ritornano sempre.
Vi ringrazio in anticipo per il vs aiuto.

Torna in alto

Sponsor

Inviato: Saturday, August 16, 2014 10:57:22 PM

Torna in alto

daunisic

Inviato: Monday, September 01, 2014 2:28:22 PM

Rank: AiutAmico

Iscritto dal : 2/23/2005
Posts: 30

Grazie per l'aiuto.

Torna in alto

Utenti presenti in questo topic

Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Controllo log

Salta al Forum

Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Invia topic via Email

RSS Feed

Watch this topic

Stampa topic

Normale

Threaded