Indice del forum Olimpo Informatico
I Forum di Zeus News
Leggi la newsletter gratuita - Attiva il Menu compatto
 
 FAQFAQ   CercaCerca   Lista utentiLista utenti   GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo   Messaggi privatiMessaggi privati   Log inLog in 

    Newsletter RSS Facebook Twitter Contatti Ricerca
Computer infestato....
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus
Precedente :: Successivo  
Autore Messaggio
fabiola
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 09/10/09 09:34
Messaggi: 140
Residenza: brescia
MessaggioInviato: 07 Mar 2014 20:50    Oggetto: Computer infestato.... Rispondi citando
Buonasera a tutti!
A volte ritorno.... e scusate il disturbo. Embarassed
Ultimamente il pc è andato fuori di testa ed ovviamente la colpa è mia che non lo preservo facendo pulizie e tutto quello che dovrei....
per favore potreste aiutarmi per l'ennesima volta? Crying or Very sad

Finestre che continuano ad aprirsi, pubblicità, lentezza infinita, web cam che non funziona....
per favore, quando avrete un pò di tempo aspetto vostre direttive ...
grazie infinite, come sempre .
ciao fabiola Fiori
Top
Profilo Invia messaggio privato
R16
Dio maturo
Dio maturo


Registrato: 07/03/08 22:58
Messaggi: 10129
MessaggioInviato: 07 Mar 2014 21:11    Oggetto: Rispondi citando
Ciao.
1)Segui le istruzioni di questo topic per usare MBAM: (ricorda di aggiornarlo prima della scansione)
http://forum.zeusnews.com/viewtopic.php?p=297823#297823
Esegui una scansione completa. (NON veloce)
Elimina gli eventuali file infetti trovati. (li devi selezionare e poi cliccare su "Rimuovi selezionati")
Posta il log.


2)Scarica Adwcleaner sul desktop:
link
Chiudi tutti i browser (è importante che siano chiusi: IE,Firefox, Chrome ecc...)
Clicca sul pulsante "Scan".
Finita la scansione clicca su "Clean"
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Postalo qui.

3)
scarica Junkware Removal Tool sul desktop.
link
Disattiva temporaneamente l'antivirus per evitare potenziali conflitti.
Doppio click su JRT
Lo strumento si aprirà e avvierà la scansione del sistema.
Devi avere pazienza in quanto questo tool può richiedere del tempo per completare la scansione .
Al termine, un log (JRT.txt) viene salvato sul desktop e si aprirà automaticamente.
Postalo qui.

Per ultimo:
Fai questa scansione con OTL.
http://forum.zeusnews.com/viewtopic.php?t=51382
Posta i log richiesti (TUTTI) con Wikisend o similari.
Top
Profilo Invia messaggio privato
fabiola
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 09/10/09 09:34
Messaggi: 140
Residenza: brescia
MessaggioInviato: 07 Mar 2014 22:05    Oggetto: Rispondi citando
ok, inizio a far tutto.

Grazie intanto.
Top
Profilo Invia messaggio privato
fabiola
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 09/10/09 09:34
Messaggi: 140
Residenza: brescia
MessaggioInviato: 09 Mar 2014 21:43    Oggetto: Rispondi citando
Buonasera!

Ecco i log.

1)

mbam-log-2014-03-09 (09-59-03).txt


2)

_09_03_14.txt]AdwCleaner[S0]_09_03_14.txt


3)

JRT.txt


4)

OTL.Txt

Extras.Txt


Grazie.
Fabiola
Top
Profilo Invia messaggio privato
R16
Dio maturo
Dio maturo


Registrato: 07/03/08 22:58
Messaggi: 10129
MessaggioInviato: 10 Mar 2014 19:09    Oggetto: Rispondi citando
Avvia OTL.

Sotto "Custom Scans\Fixes" copia-incolla questo codice:

Codice:
:OTL
PRC - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
SRV - (LiveUpSC) -- C:\Users\Simone\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe File not found
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe (McAfee, Inc.)
SRV - (SsupdService) -- C:\Users\Simone\AppData\Local\ssupd\ssupd.exe (SsupdService)
SRV - (SsroService) -- C:\Users\Simone\AppData\Local\ServiceManager\ssro.exe (SsroService)
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-21-635087108-2870536643-3254155579-1000\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found
IE - HKU\S-1-5-21-635087108-2870536643-3254155579-1000\..\URLSearchHook: {f2c43291-151e-499c-98a7-923c120b88fa} - No CLSID value found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\12x3q4@3244516.com: C:\Program Files\Better-Surf\ff
[2010/01/01 10.01.22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Simone\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
CHR - default_search_provider: Ask (Enabled)
CHR - Extension: McAfee Security Scan+ = C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh\3.8.141.12_0\
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
O3 - HKU\S-1-5-21-635087108-2870536643-3254155579-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-635087108-2870536643-3254155579-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-635087108-2870536643-3254155579-1000\..\Toolbar\WebBrowser: (no name) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - No CLSID value found.
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SsroService] C:\Users\Public\Documents\Application\CurrentFile\ssadl.exe (ssadl)
[2014/03/09 19.41.57 | 001,037,734 | ---- | C] (Thisisu) -- C:\Users\Simone\Desktop\JRT.exe
[2014/03/09 18.25.20 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/15 22.59.48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/04/08 21.25.54 | 000,000,000 | ---D | M] -- C:\Users\Simone\AppData\Roaming\Awem

:Files
C:\Program Files\McAfee Security Scan
C:\Users\Simone\AppData\Local\ssupd
C:\Users\Simone\AppData\Local\ServiceManager
C:\Users\Public\Documents\Application\CurrentFile\ssadl.exe
ipconfig /flushdns /c

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"

:commands
[purity]
[emptytemp]
[Emptyjava]
[RESETHOSTS]
[EMPTYFLASH]
[start explorer]
[Reboot]


Clicca sul pulsante RUN FIX.
Lascia fare la scansione senza interferire.
Posta il log.
Dimmi quali problemi riscontri.
Top
Profilo Invia messaggio privato
fabiola
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 09/10/09 09:34
Messaggi: 140
Residenza: brescia
MessaggioInviato: 10 Mar 2014 20:13    Oggetto: Rispondi citando
Buonasera a tutti, buonasera R16.

allora innanzitutto mi è comparsa una finestra ( avgnt.exe errore applicazione)
e la scritta:

l'istruzione a0x68b0980a ha fatto riferimento alla memoria a0x00000020.
La memoria non poteva essere read
Fare clic su Ok per terminare.
Poi ho cercato di caricare il log della scansione ma per più di due volte mi ha dato errore e non me lo ha fatto fare.
Provo tra poco.


grazie intanto.
Top
Profilo Invia messaggio privato
R16
Dio maturo
Dio maturo


Registrato: 07/03/08 22:58
Messaggi: 10129
MessaggioInviato: 10 Mar 2014 22:47    Oggetto: Rispondi citando
Lo script non contiene errori.
Forse hai copiato anche la parola Codice:
Non devi copiare tale parola.

Prova così:
Scarica questo file sul desktop:

link

Con il mouse lo trascini sotto "Custom Scans\Fixes" (nello spazio bianco)

Poi clicca su RUN FIX.

Se non funziona prova a eseguirlo in Modalità provvisoria, nelle modalità descritte nel post precedente.
Top
Profilo Invia messaggio privato
fabiola
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 09/10/09 09:34
Messaggi: 140
Residenza: brescia
MessaggioInviato: 11 Mar 2014 11:55    Oggetto: Rispondi citando
Buongiorno R16, buongiorno a tutti.

Son sicura di non aver inserito la parola codice, perchè avevo fatto copia incolla prima su un foglio di testo per esser sicura di copiare le cose giuste e riguardandolo '' codice'' non era stato copiato, comunque poco male..
obbedisco e ci risentiamo.
Grazie mille .
fabiola Ciao
Top
Profilo Invia messaggio privato
fabiola
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 09/10/09 09:34
Messaggi: 140
Residenza: brescia
MessaggioInviato: 11 Mar 2014 12:14    Oggetto: Rispondi citando
questo è il log

03112014_105727.log

anche prima è uscito il messaggio di errore che ti dicevo.

Ho notato che si aprono meno finestre di prima, la web non va ancora e si apre sempre una finestra che mi dice che '' rilevamento finestra di dialogodei servizi interattivi - un programma non è in grado di visualizzare un messaggio sul desktop.... ''

ah, non mi funziona più la posta ( incredimail) da ieri sera, posso ricevere ma non inviare mi compare questa scritta

Exception: ACCESS_VIOLATION (C0000005) - on reading from 02E52648
Faulting Offset: 00003D13
Module: ImLookU.dll

00003D13 ImLookU.dll

chissà che ho combinato Embarassed Embarassed


Crying or Very sad

o che bisogna risolvere una cosa alla volta, l'ho scritto solo per non dimenticarmi poi.
grazie
Top
Profilo Invia messaggio privato
R16
Dio maturo
Dio maturo


Registrato: 07/03/08 22:58
Messaggi: 10129
MessaggioInviato: 11 Mar 2014 21:53    Oggetto: Rispondi citando
Disinstalla IncrediMail (da "Programmi e funzionalità" )
Poi disinstalla anche Avira sempre da "Programmi e funzionalità".
Fai una pulizia con CCleaner (registro compreso)

Poi fai una nuova scansione con OTL.
Posta il log.

I programmi disinstallati, saranno reistallati in seguito.
Top
Profilo Invia messaggio privato
fabiola
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 09/10/09 09:34
Messaggi: 140
Residenza: brescia
MessaggioInviato: 12 Mar 2014 09:57    Oggetto: Rispondi citando
Buongiorno R16!
Stavo pensando di non usare più Incredimail ma il thunderbird
devo comunque disinstallare e poi rimettere incredimail e dopo, seguendo un post che ho trovato qui, passo tutto al Thunder?

Grazie ci risentiamo nel pome, ora scappo a lavoro Wink

grazie

fabiola
Top
Profilo Invia messaggio privato
R16
Dio maturo
Dio maturo


Registrato: 07/03/08 22:58
Messaggi: 10129
MessaggioInviato: 12 Mar 2014 19:09    Oggetto: Rispondi citando
Citazione:
devo comunque disinstallare e poi rimettere incredimail e dopo, seguendo un post che ho trovato qui, passo tutto al Thunder?

Se puoi installa subito Thunder, e passa tutto da incredimail a Thunder.
Poi elimini incredimail.
Top
Profilo Invia messaggio privato
fabiola
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 09/10/09 09:34
Messaggi: 140
Residenza: brescia
MessaggioInviato: 12 Mar 2014 20:03    Oggetto: Rispondi citando
Embarassed
hem....
lo farò dopo con calma, devo capire bene i passaggi da fare.....

tra poco posto il log di OTL

grazie Embarassed Embarassed
Top
Profilo Invia messaggio privato
fabiola
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 09/10/09 09:34
Messaggi: 140
Residenza: brescia
MessaggioInviato: 12 Mar 2014 22:30    Oggetto: Rispondi citando
Buonasera!

OTL (2).Txt

Extras.Txt

grazie



p.s. scusa R16, ma quando passo da incredimail a thunder, passo solo i contatti od anche tutte le mail che ci sono al momento in posta inviata, ricevuta o salvata in apposite cartelle? Grazie mille Smile

pss mi correggo.... credo che non riuscirò mai a farlo Sad ho provato a salvare thunder, ma mi si apre finestra e dice che devo mettere pass amministratire... ??? mannaggia a me Sad non ci capisco una cpu!!
Top
Profilo Invia messaggio privato
fabiola
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 09/10/09 09:34
Messaggi: 140
Residenza: brescia
MessaggioInviato: 13 Mar 2014 19:51    Oggetto: Rispondi citando
Buonasera R16 Crying or Very sad Embarassed
non riesco ad aprire firefox...
mi compare finestra con scritto
'' mozilla crash report '' ma non mi fa copiare quello che c'è scritto:-(
Top
Profilo Invia messaggio privato
R16
Dio maturo
Dio maturo


Registrato: 07/03/08 22:58
Messaggi: 10129
MessaggioInviato: 13 Mar 2014 21:18    Oggetto: Rispondi citando
Prova con un'altro browser.
Top
Profilo Invia messaggio privato
fabiola
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 09/10/09 09:34
Messaggi: 140
Residenza: brescia
MessaggioInviato: 13 Mar 2014 22:11    Oggetto: Rispondi citando
chrome funziona....
non posso più usare firefox allora?
Top
Profilo Invia messaggio privato
R16
Dio maturo
Dio maturo


Registrato: 07/03/08 22:58
Messaggi: 10129
MessaggioInviato: 14 Mar 2014 19:19    Oggetto: Rispondi citando
Citazione:
chrome funziona....

Usa Chrome.
Citazione:
non posso più usare firefox allora?

No, alle volte Firefox "crasha" ma poi si riprende.
Top
Profilo Invia messaggio privato
fabiola
Eroe in grazia degli dei
Eroe in grazia degli dei


Registrato: 09/10/09 09:34
Messaggi: 140
Residenza: brescia
MessaggioInviato: 14 Mar 2014 21:29    Oggetto: Rispondi citando
Buonasera R16!
Ok allora per ora userò chrome...
per il resto attendo istruzioni?

Qualke finestra ancora si riattiva, per la web cam come posso fare?
Grazie mille! Fiori
Top
Profilo Invia messaggio privato
jokergi
Comune mortale
Comune mortale


Registrato: 01/04/14 11:58
Messaggi: 1
MessaggioInviato: 01 Apr 2014 14:24    Oggetto: Rispondi
Cerco aiuto anch'io, allego di seguito i file di scansione come richiesto.
Sono 2 giorni che ci sto sbattendo la testa Mad


MBAM
Codice:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Versione database: v2014.04.01.02

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16521
User :: PC-USER [amministratore]

01/04/2014 12.18.53
mbam-log-2014-04-01 (12-18-53).txt

Tipo di scansione: Scansione completa (C:\|D:\|E:\|F:\|G:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 665198
Tempo impiegato: 1 ore, 16 minuti, 53 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 2
C:\Users\User\Desktop\DAEMONToolsUltra110-0101.exe (PUP.Optional.OpenCandy) -> Spostato in quarantena ed eliminato con successo.
C:\Users\User\Downloads\DAEMONToolsUltra110-0101.exe (PUP.Optional.OpenCandy) -> Spostato in quarantena ed eliminato con successo.

(fine)



ADW

Codice:

# AdwCleaner v3.022 - Report created 01/04/2014 at 13:57:07
# Updated 13/03/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : User - PC-USER
# Running from : C:\Users\User\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v28.0 (it)

[ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9v9pcwq7.default\prefs.js ]


-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1484 octets] - [31/03/2014 14:52:09]
AdwCleaner[R1].txt - [983 octets] - [01/04/2014 09:32:23]
AdwCleaner[R2].txt - [1042 octets] - [01/04/2014 09:44:46]
AdwCleaner[R3].txt - [1163 octets] - [01/04/2014 10:22:39]
AdwCleaner[R4].txt - [1283 octets] - [01/04/2014 13:56:27]
AdwCleaner[S0].txt - [1561 octets] - [31/03/2014 14:53:04]
AdwCleaner[S1].txt - [1104 octets] - [01/04/2014 09:45:38]
AdwCleaner[S2].txt - [1225 octets] - [01/04/2014 10:23:08]
AdwCleaner[S3].txt - [1205 octets] - [01/04/2014 13:57:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1265 octets] ##########



JRT

Codice:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 8.1 x64
Ran by User on 01/04/2014 at 14.00.21,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4169855334-39843783-1202095317-1002\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\9v9pcwq7.default\prefs.js

user_pref("extensions.alexa.searchconf", "\n{\n  \"google\" : {\n    \"urlexp\" : \"hxxp(s)?:\\\\/\\\\/www\\\\.google\\\\..*\\\\/.*[?#&]q=([^&]+)\",\n    \"rankometer\" :  {\n
user_pref("extensions.bootstrappedAddons", "{\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"version\":\"2.5.1\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\User\\\\A
Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\9v9pcwq7.default\minidumps [7 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/04/2014 at 14.03.31,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


OTL
[code:1:2cd09c912b]
OTL logfile created on: 01/04/2014 14.05.55 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

15,89 Gb Total Physical Memory | 14,03 Gb Available Physical Memory | 88,32% Memory free
18,26 Gb Paging File | 16,38 Gb Available in Paging File | 89,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,11 Gb Total Space | 51,81 Gb Free Space | 18,56% Space Free | Partition Type: NTFS
Drive D: | 397,87 Gb Total Space | 373,08 Gb Free Space | 93,77% Space Free | Partition Type: NTFS
Drive E: | 349,32 Gb Total Space | 348,19 Gb Free Space | 99,68% Space Free | Partition Type: NTFS
Drive F: | 349,32 Gb Total Space | 348,28 Gb Free Space | 99,70% Space Free | Partition Type: NTFS

Computer Name: PC-USER | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Users\User\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe ()
PRC - C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH)
PRC - C:\Program Files (x86)\PDF Architect\ConversionService.exe (pdfforge GmbH)
PRC - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
PRC - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG)
PRC - C:\Programmi\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
PRC - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe ()
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Programmi\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe ()
PRC - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe ()
PRC - C:\Program Files (x86)\MUSTEK 1248UB\Driver\WATCH.exe (Common Group)


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll ()
MOD - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll ()
MOD - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe ()
MOD - C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe ()


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (FlexNet Licensing Service 64) -- C:\Programmi\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software LLC)
SRV - (Disc Soft Bus Service) -- C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe (Disc Soft Ltd)
SRV - (PDF Architect Helper Service) -- C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH)
SRV - (PDF Architect Service) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe (pdfforge GmbH)
SRV - (CodeMeter.exe) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG)
SRV - (ekrn) -- C:\Programmi\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUSTek Computer Inc.)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Qualcomm Atheros Commnucations)
SRV - (ZAtheros Bt and Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Programmi\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (ASUS InstantOn) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (ASUS)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (mi-raysat_3dsmax2014_64) -- C:\Programmi\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe ()
SRV - (Autodesk Content Service) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe ()
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (osppsvc) -- C:\Programmi\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:[b]64bit:[/b] - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:[b]64bit:[/b] - (dtscsibus) -- C:\Windows\SysNative\drivers\dtscsibus.sys (Disc Soft Ltd)
DRV:[b]64bit:[/b] - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:[b]64bit:[/b] - (HIDSwitch) -- C:\Windows\SysNative\drivers\AsHIDSwitch64.sys (ASUS)
DRV:[b]64bit:[/b] - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:[b]64bit:[/b] - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:[b]64bit:[/b] - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:[b]64bit:[/b] - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:[b]64bit:[/b] - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:[b]64bit:[/b] - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (ReFS) -- C:\Windows\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (athr) -- C:\Windows\SysNative\drivers\athwbx.sys (Qualcomm Atheros Communications, Inc.)
DRV:[b]64bit:[/b] - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:[b]64bit:[/b] - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (L1C) -- C:\Windows\SysNative\drivers\L1C63x64.sys (Qualcomm Atheros Co., Ltd.)
DRV:[b]64bit:[/b] - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
DRV:[b]64bit:[/b] - (ATP) -- C:\Windows\SysNative\drivers\AsusTP.sys (ASUS Corporation)
DRV:[b]64bit:[/b] - (epfwwfpr) -- C:\Windows\SysNative\drivers\epfwwfpr.sys (ESET)
DRV:[b]64bit:[/b] - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:[b]64bit:[/b] - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:[b]64bit:[/b] - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:[b]64bit:[/b] - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Qualcomm Atheros)
DRV:[b]64bit:[/b] - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:[b]64bit:[/b] - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:[b]64bit:[/b] - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:[b]64bit:[/b] - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:[b]64bit:[/b] - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (DgiVecp) -- C:\Windows\SysNative\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.)
DRV:[b]64bit:[/b] - (GT680x) -- C:\Windows\SysNative\drivers\gt680x.sys ( )
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
DRV - (GT680x) -- C:\Windows\SysWOW64\drivers\gt680x.sys ( )


[color=#E56717]========== Standard Registry (All) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.it.msn.com/
IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it-IT
IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1E CA 04 B7 D9 4C CF 01 [binary data]
IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1002\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1002\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4169855334-39843783-1202095317-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.startup.homepage: "https://www.google.it"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013/12/18 12.40.02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013/05/28 13.41.43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013/05/25 00.59.59 | 000,000,000 | ---D | M]

[2013/05/27 21.05.28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2014/03/31 14.53.05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\9v9pcwq7.default\extensions
[2014/03/05 20.33.15 | 002,297,084 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\9v9pcwq7.default\extensions\firebug@software.joehewitt.com.xpi
[2014/02/26 23.04.07 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\9v9pcwq7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/03/31 15.02.04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014/03/31 15.02.04 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://google.it/
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - Extension: Google Drive = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Ricerca Google = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/08/22 15.25.41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCEPServiceManager] C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Autodesk, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS InstantKey] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe (ASUS)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe (ASUS Cloud Corporation)
O4 - HKLM..\Run: [BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-4169855334-39843783-1202095317-1002..\Run: [Akamai NetSession Interface] C:\Users\User\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-4169855334-39843783-1202095317-1002..\Run: [DAEMON Tools Ultra Agent] C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-4169855334-39843783-1202095317-1002..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\S-1-5-21-4169855334-39843783-1202095317-1001..\RunOnce: [WAB Migrate] C:\Program Files (x86)\Windows Mail\wab.exe (Microsoft Corporation)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ritaglio schermata e avvio di OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Watch.lnk = C:\Program Files (x86)\MUSTEK 1248UB\Driver\WATCH.exe (Common Group)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Atheros Communications)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 [2013/08/27 19.10.14 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 [2013/09/18 17.42.03 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O7 - HKU\S-1-5-21-4169855334-39843783-1202095317-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4169855334-39843783-1202095317-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-4169855334-39843783-1202095317-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O9:[b]64bit:[/b] - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9:[b]64bit:[/b] - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNat
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> Pronto Soccorso Virus Tutti i fusi orari sono GMT + 2 ore
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi