Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2017 Ran by pc_mirko (05-03-2017 13:41:32) Running from C:\Users\pc_mirko\Desktop\PROGRAMMI Windows 8.1 Pro (Update) (X64) (2014-10-11 17:16:15) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2478243716-4240238963-824202402-500 - Administrator - Disabled) Guest (S-1-5-21-2478243716-4240238963-824202402-501 - Limited - Disabled) pc_mirko (S-1-5-21-2478243716-4240238963-824202402-1001 - Administrator - Enabled) => C:\Users\pc_mirko ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} FW: Personal firewall ESET (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) . . . (Version: 2.1.28.3 - Intel) Hidden . . . (x32 Version: 2.7.1.1 - Intel) Hidden 7-Zip 15.09 beta (HKLM-x32\...\7-Zip) (Version: 15.09 - Igor Pavlov) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) 7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov) ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated) Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.7.197 - Adobe Systems, Inc.) AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.83 - ASUSTeK Computer Inc.) Airytec Switch Off (HKLM\...\Airytec Switch Off) (Version: 3.5.1 - Airytec) Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.0 - Sereby Corporation) AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 2.0.8.0001 - Asmedia Technology) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.8.0000 - Asmedia Technology) Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.43.1 - Asmedia Technology) Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - ) Audio Silence Trimmer Pro (HKLM-x32\...\Audio Silence Trimmer Pro_is1) (Version: - Dandans) AV Splitter x64 1.3.0.7 (HKLM-x32\...\AV Splitter x64) (Version: 1.3.0.7 - ) AVI ReComp 1.5.6 (HKLM-x32\...\AVI ReComp) (Version: 1.5.6 - Mateusz Gola (aka Prozac)) Avi Splitter x64 (HKLM\...\Avi Splitter x64_is1) (Version: 1.5.0.1755 - codecs.com) AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.) BlackBerry USB Driver (HKLM-x32\...\{51e38982-9005-48e1-aee8-cfa2f13b2446}) (Version: 5.0.0.2 - BlackBerry Limited) Boilsoft Video Joiner 8.01 (HKLM-x32\...\{FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1) (Version: - Boilsoft, Inc.) BrowserBackup (HKLM-x32\...\BrowserBackup) (Version: 9.0 - Cjcr-Software) Bulk Image Downloader v4.96.0.0 (HKLM-x32\...\Bulk Image Downloader_is1) (Version: - Antibody Software) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.) Canon MG3500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3500_series) (Version: 1.01 - Canon Inc.) Canon MG3500 series On-screen Manual (HKLM-x32\...\Canon MG3500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.0.1 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.0.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.) Comic Life 3 (HKLM-x32\...\{F028B2F8-42B1-4C82-9978-6251E11D475C}) (Version: 3.1.1.32015 - plasq LLC) CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: 8.0.3.1 - Foolish IT LLC) Eraser 5.8.8 (HKLM\...\{B80CC46C-5839-4A48-B051-3CACF23A2718}_is1) (Version: Eraser 5.8.8 - The Eraser Project) ESET Smart Security (HKLM\...\{6EB7B72C-EC79-458E-AA63-6116DD0FBBE4}) (Version: 8.0.319.1 - ESET, spol s r. o.) Exact Audio Copy 1.3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.3 - Andre Wiethoff) ExeProperties 1.0 (HKLM\...\ExeProperties v1_is1) (Version: 1.0 - ExtraBit Software) ffdshow x64 v1.3.4533 [2014-09-29] (HKLM\...\ffdshow64_is1) (Version: 1.3.4533.0 - ) FileMenu Tools (HKLM\...\FileMenu Tools_is1) (Version: 7.2 - LopeSoft) Flash Video Splitter x64 (HKLM-x32\...\Flash Video Splitter x64_is1) (Version: 1.4.4.172 - codecs.com) FLVSplitter x64 (HKLM\...\FLVSplitter x64_is1) (Version: 1.4.4.286 - codecs.com) foobar2000 v1.3.14 (HKLM-x32\...\foobar2000) (Version: 1.3.14 - Peter Pawlowski) Fort - Crypto Extension for Windows (HKLM\...\{9A974296-4913-4776-9892-F4EB17B513FB}_is1) (Version: 1.3.0.0 - Niko Rosvall) Freemake Video Converter RePack by CUTA (HKLM-x32\...\Freemake Video Converter RePack by CUTA) (Version: 4.1.9.75 - RePack by CUTA) Freemake Video Converter versione 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation) F-Secure Key 4.3.134 (HKLM-x32\...\{6B7B1888-EC1B-4DEB-9630-DCD9322F6573}) (Version: 4.3.134 - F-Secure Corporation) F-Secure Key: User Data (HKLM-x32\...\{F6A4621C-F31F-42E2-BD11-632615967A56}) (Version: 1.1.0.0 - F-Secure Corporation) Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden HashTab 6.0.0.28 (HKLM\...\HashTab) (Version: 6.0.0.28 - Implbits Software) Hattrick Organizer (remove only) (HKLM-x32\...\Hattrick Organizer) (Version: - ) Hekasoft Backup & Restore 0.53 (HKLM\...\{PBR27112011-M1447-7KS6-C3E2-1X8374W715U4}_is1) (Version: 0.53 - Hekasoft) HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 3.6.3.586 - SurfRight B.V.) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation) Intel(R) Network Connections 20.0.10.0 (HKLM\...\PROSetDX) (Version: 20.0.10.0 - Intel) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.7.0.1000 - Intel Corporation) Intel(R) Technology Access (HKLM-x32\...\{fb74531f-28c3-4dca-9849-e6b8faa85afe}) (Version: 1.5.0.1021 - Intel Corporation) Intel(R) Technology Access Software Asset Manager (x32 Version: 1.0.1562 - Intel Corporation) Hidden Intel® Driver Update Utility (HKLM-x32\...\{29539bc2-b48e-4b56-93e8-420e38a6d551}) (Version: 2.7.1.1 - Intel) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.10.0.0 - QFX Software Corporation) Kryptel Free Edition version 7.3 (HKLM-x32\...\Kryptel Free Edition_is1) (Version: 7.3 - Inv Softworks LLC) LAV Filters 0.68.1-31 (HKLM-x32\...\lavfilters_is1) (Version: 0.68.1-31 - Hendrik Leppkes) Lazesoft Recovery Suite version 4.1 Unlimited Edition (HKLM-x32\...\LS-32CB12D5-CC47-4BC8-BC97-0613CDCB0406_is1) (Version: 4.1 - Lazesoft) Malwarebytes Anti-Malware versione 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Matroska Splitter x64 (HKLM\...\Matroska Splitter x64_is1) (Version: 1.5.0.1875 - codecs.com) Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software) Microsoft Games for Windows 8 x64 (HKLM\...\{B6047A78-062F-4C6F-A82D-B94DAF72FB73}) (Version: 1.2 - Microsoft) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation) MP4 Splitter x64 (HKLM\...\MP4 Splitter x64_is1) (Version: 1.4.6.1552 - codecs.com) MyGodMode 1.4 (HKLM-x32\...\{2B2FE19B-197A-4F24-8221-1268D967C6EC}_is1) (Version: - Giorgio Tani) Neave Space Invaders 1.0 (HKLM-x32\...\Neave Space Invaders_is1) (Version: 1.0 - ) Nuclear Coffee - VideoGet (HKLM-x32\...\VideoGet_is1) (Version: 2014 - Nuclear Coffee) O&O DiskImage Professional (HKLM\...\{3ED36072-ED00-4BE2-B862-8449AE4FE3C3}) (Version: 11.0.140 - O&O Software GmbH) One (HKLM\...\FarStone One) (Version: 1.10 - FarStone Technology, Inc.) OpenOffice 4.1.3 (HKLM-x32\...\{BFA62867-4219-4427-BD27-BE1557337B50}) (Version: 4.13.9783 - Apache Software Foundation) OpenWith (Enhanced) (HKLM-x32\...\OpenWith Enhanced) (Version: 1.10 - Greg Frieger) Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA) Opera 12.17 (HKLM\...\Opera 12.17.1863_1) (Version: 12.17.1863 - Opera Software ASA) Opera developer 40.0.2296.0 (HKLM-x32\...\Opera 40.0.2296.0) (Version: 40.0.2296.0 - Opera Software) Opera developer 41.0.2315.0 (HKLM-x32\...\Opera 41.0.2315.0) (Version: 41.0.2315.0 - Opera Software) Opera developer 44.0.2505.0 (HKLM-x32\...\Opera 44.0.2505.0) (Version: 44.0.2505.0 - Opera Software) Opera Stable 36.0.2130.32 (HKLM-x32\...\Opera 36.0.2130.32) (Version: 36.0.2130.32 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.) Paragon Hard Disk Manager™ 15 Premium nsane (HKLM\...\{619A89DE-5F01-11E2-85E8-000C2982512D}) (Version: 90.00.0003 - Paragon Software) Print Conductor 5.3 (HKLM-x32\...\Print Conductor_is1) (Version: 5.3 - fCoder SIA) RAPID Mode (Version: 1.0.1.96 - Samsung Electronics Co., Ltd.) Hidden R-Drive Image 6.0 (HKLM-x32\...\R-Drive Image 6.0NSIS) (Version: 6.0.6015 - R-Tools Technology Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.) Registrazione utente Canon MG3500 series (HKLM-x32\...\Registrazione utente Canon MG3500 series) (Version: - ‭Canon Inc.) RiDoc 4.3.5.1 (HKLM-x32\...\RiDoc) (Version: 4.3.5.1 - Riman company) Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics) Shark007 ADVANCED Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 7.0.3 - Shark007) Shark007 ADVANCED x64Components (HKLM\...\ADVANCED x64Components_is1) (Version: 7.0.3 - Shark007) Software per periferiche con chipset Intel® (x32 Version: 10.1.2.80 - Intel(R) Corporation) Hidden Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony) SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC) StartIsBack+ (HKLM-x32\...\StartIsBack) (Version: 1.7.6 - startisback.com) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.2.10619 - Krzysztof Kowalczyk) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeraCopy 3.0 (HKLM\...\TeraCopy_is1) (Version: - Code Sector) TNod User & Password Finder (HKLM\...\TNod) (Version: 1.6.1.0 - Tukero[X]Team) Unchecky v1.0.2 (HKLM-x32\...\Unchecky) (Version: 1.0.2 - RaMMicHaeL) UniversalAdBlocker v3.5 (HKLM-x32\...\UniversalAdBlocker) (Version: 3.5 - SecurityXploded) Unknown Device Identifier 8.01 (HKLM\...\Unknown Device Identifier_is1) (Version: 8.01 - Huntersoft) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) USB Driver x64 (Version: 5.0.0.2 - BlackBerry Limited) Hidden UsbFix (HKLM-x32\...\Usbfix) (Version: 9.001 - www.SOSVirus.Net) VirtualDrive Pro (HKLM-x32\...\VirtualDrive) (Version: 16.10 - FarStone Technology, Inc.) VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - ) Vivaldi (HKLM-x32\...\Vivaldi) (Version: 1.0.162.9 - Vivaldi) Vivaldi (HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\Vivaldi) (Version: 1.7.735.46 - Vivaldi) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version: 2.23 - Gabest) WD Drive Utilities (HKLM-x32\...\{c77bad57-f913-4ac3-9061-6dfd6c0aa40a}) (Version: 1.3.0.16 - Western Digital Technologies, Inc.) WD Drive Utilities (x32 Version: 1.3.0.16 - Western Digital Technologies, Inc.) Hidden WD Quick View (HKLM-x32\...\{9397FDFD-8C20-43E6-A2E3-38510C18B35E}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.) WD Security (HKLM-x32\...\{F64A3A5A-6511-46CD-BD3B-7603E33D96D2}) (Version: 1.1.1.3 - Western Digital Technologies, Inc.) WD SES Driver Setup (x32 Version: 1.0.6.3 - Western Digital) Hidden WD SmartWare (HKLM\...\{4C65A6F0-1339-4185-823F-293889FA36DA}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.) WD SmartWare Installer (HKLM-x32\...\{647175e1-9944-4a82-bac1-102c95f0a99a}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.) WhatsApp (HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\WhatsApp) (Version: 0.2.2732 - WhatsApp) WindowsGodMode (HKLM-x32\...\{0FBAEFC7-88C3-4BF5-8FDB-F0AA4E329414}) (Version: 2.0.0 - TechyGeeksHome) WinISO (HKLM-x32\...\WinISO) (Version: 6.4.1.5976 - WinISO Computing Inc.) WinMend Folder Hidden 1.5.4 (HKLM-x32\...\WinMend Folder Hidden_is1) (Version: - WinMend.com) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WinTools.net Premium version 17.0.0 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 17.0.0 - WinTools Software Engineering, Ltd.) Wondershare MobileTrans ( Version 7.7.1 ) (HKLM-x32\...\{18CDCEAA-A9E4-4A4C-AC0E-C15E87C30EA5}_is1) (Version: 7.7.1 - Wondershare) XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e) XviD MPEG4 Video Codec (remove only) (HKLM-x32\...\XviD MPEG4 Video Codec) (Version: - ) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.4 - Xvid Team) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2478243716-4240238963-824202402-1001_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> F:\SUMATRA\SumatraPDF\PdfPreview.dll () ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {023734DF-BB51-492D-9E91-31B997A474FE} - \Driver Booster Scheduler -> No File <==== ATTENTION Task: {07018C35-34F9-47FF-8023-4841D3AC3A9E} - \Driver Booster SkipUAC (pc_mirko) -> No File <==== ATTENTION Task: {108BBABF-1266-4939-8F97-67806F8C5008} - System32\Tasks\Game_Booster_AutoUpdate => F:\TUTTO x WIN 8.1\GAMES\EXTRA\IOBit Game Booster v3.5 Portable\AutoUpdate.exe [2016-07-18] () Task: {142A8C0F-6743-41F4-B81E-8FDD1151D65F} - System32\Tasks\AupAvUpdate => C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO\updAvTask.exe Task: {15C91FB2-E646-4D38-9B1E-3A9CF783933F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {16D6A1A8-B065-4C64-A477-6DC9C8FD81C5} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-07-02] () Task: {1C5A6B81-10E1-4B11-97BD-846DE805C59F} - System32\Tasks\GoogleUpdateTaskMachineCore1d0f13b689b8be7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {20A347F7-7A57-48C6-A2D7-64A8F4EBB4E2} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => App/Dll-Files.com Fixer/DLLFixer.exe Task: {23847DBD-A044-4896-9C89-08D29547A5D9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {2596B91D-1569-4296-9D19-57B32ACA7311} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2014-10-09] () Task: {27B441DB-286D-49D3-95D8-96FD713630E2} - System32\Tasks\SnailDriverSkipUSC => C:\Program Files (x86)\SnailSuite\SnailDriver\SnailLaunch.exe Task: {2BB74B80-DF7E-4773-B8F5-29D2197B1798} - System32\Tasks\GoogleUpdateTaskMachineCore1d08f01bd46f42f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {38948A15-4382-44EB-AA30-35862E7033EE} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e24d3bd6a969 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {3F87844F-0D78-462E-B2D8-1A736B4E5B74} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.) Task: {4682032D-A690-4B17-91C3-F26FC990E164} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2014-07-02] (TODO: ) Task: {4E686758-968B-48E9-BB51-B9F816A1EFD0} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-05-13] (Samsung Electronics.) Task: {50C5568C-6911-4FE4-841A-3EB73A8415C7} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-06-25] (ASUSTeK Computer Inc.) Task: {6265110A-443B-455A-BF0C-E2687C5CA0AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {7ADA4FDC-390E-4B50-B1BD-BF60AB651508} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bfb9ef63aaa2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {7C2AB072-BA0C-4D55-BC14-D18270BFFA6A} - System32\Tasks\DLL-Files.Com Fixer_Updates => App/Dll-Files.com Fixer/DLLFixer.exe Task: {7DBE97EF-EE39-4A22-A220-E5D32B403394} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14] (Adobe Systems Incorporated) Task: {7E75888B-481C-4848-945B-5DCED6FD3E40} - System32\Tasks\McAfee Cleanup => C:\Users\pc_mirko\AppData\Local\Temp\MCPR\mccleanup.exe <==== ATTENTION Task: {83E7EB36-C6A0-4FAF-B6D3-BD7D11060C96} - System32\Tasks\GoogleUpdateTaskMachineCore1d15db4ba83aa61 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {89C08175-F095-409E-B15D-243410F9B482} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe [2017-02-14] (Adobe Systems Incorporated) Task: {90A5DD54-12F8-4372-93E7-EB5C46077297} - System32\Tasks\Opera scheduled Autoupdate 1442492876 => F:\OPERA 36\launcher.exe [2017-02-16] (Opera Software) Task: {90D081ED-623D-4F58-A7CA-0F18F3B89DCC} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2014-05-28] (ASUSTeK Computer Inc.) Task: {A2DEC205-7AC9-4013-A80F-CD233B91B12B} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation) Task: {ACDEBE45-0C55-423D-A462-BB3F2B10309E} - \ASC9_SkipUac_pc_mirko -> No File <==== ATTENTION Task: {AEDAC913-8D9B-4828-A269-E184BAC8D8BD} - System32\Tasks\{BBDCB480-C450-49F6-887A-8BB994123F7A} => pcalua.exe -a "F:\TUTTO x WIN 8.1\ASUS Z97-PRO\EasyUEFI 2.4.0\EasyUEFI_Setup.exe" -d "F:\TUTTO x WIN 8.1\ASUS Z97-PRO\EasyUEFI 2.4.0" Task: {AF373889-D9FA-474C-B6AE-8D3D671B6A7C} - System32\Tasks\GoogleUpdateTaskMachineCore1cfff3c1c3a10ee => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {B181EBF4-3F6F-458E-8B43-10F6C1FC81A0} - \Auslogics\Disk Defrag Prof\Check Disk Defrag subscription expired for pc_mirko -> No File <==== ATTENTION Task: {CD2E73D0-7D3D-4D3F-88F3-4D3C692FF9EC} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ab77a94468fa => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {CED63808-16B0-45AF-AAD7-198C19299C62} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e98bd5dac70c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {D2D806D6-6110-4C3E-9648-8067D30270B1} - System32\Tasks\SnailDriverSkipUAC => C:\Program Files (x86)\SnailSuite\SnailDriver\SnailDriver.exe Task: {E799DF2A-A887-4D02-814A-951FF6100E2B} - \AdvancedDriverUpdaterRunAtStartup -> No File <==== ATTENTION Task: {F551AB66-4C8F-426D-BB8F-BC4DE871D0BA} - System32\Tasks\GoogleUpdateTaskMachineCore1d12eb894d229bb => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {F8DDADAE-DEC0-4A9A-BFDC-84E4DCBCE49A} - System32\Tasks\GoogleUpdateTaskMachineCore1d04075915b20b2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job => App Dll Files com Fixer DLLFixer exe scan MIRKO pc_mirko Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job => App Dll Files com Fixer DLLFixer exe updatecheck MIRKO pc_mirko Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cfff3c1c3a10ee.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04075915b20b2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d08f01bd46f42f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0bfb9ef63aaa2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0e24d3bd6a969.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0f13b689b8be7.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d12eb894d229bb.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d15db4ba83aa61.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d1ab77a94468fa.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\McAfee Cleanup.job => C:\Users\pc_mirko\AppData\Local\Temp\MCPR\mccleanup.exe <==== ATTENTION ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-09-07 03:01 - 2015-09-07 03:01 - 00069632 _____ () C:\Program Files (x86)\FarStone\One\EFB\FBAgent.exe 2013-06-28 02:09 - 2013-06-28 02:09 - 00100864 _____ () C:\Program Files (x86)\FarStone\One\EFB\zlibwapi.dll 2015-09-14 02:54 - 2015-09-14 02:54 - 00383488 _____ () C:\Program Files (x86)\FarStone\One\EFB\FBCmdDsp.dll 2015-09-07 03:02 - 2015-09-07 03:02 - 00102400 _____ () C:\Program Files (x86)\FarStone\One\EFB\FlBckpBk.dll 2015-09-14 07:27 - 2015-09-14 07:27 - 00384000 _____ () C:\Program Files (x86)\FarStone\One\EFB\FlBckpRt.dll 2015-06-04 07:01 - 2015-06-04 07:01 - 00205312 _____ () C:\Program Files (x86)\FarStone\One\EFB\EfbCheckImg.dll 2015-09-06 07:37 - 2015-09-06 07:37 - 00256512 _____ () C:\Program Files (x86)\FarStone\One\EFB\DiskClone.dll 2015-09-07 03:01 - 2015-09-07 03:01 - 00230400 _____ () C:\Program Files (x86)\FarStone\One\EFB\EFBSearchTool.dll 2015-09-06 07:37 - 2015-09-06 07:37 - 00253440 _____ () C:\Program Files (x86)\FarStone\One\EFB\DiskMgr.dll 2015-06-04 06:42 - 2015-06-04 06:42 - 00024576 _____ () C:\Program Files (x86)\FarStone\One\EFB\FBEventMgr.dll 2015-08-18 06:49 - 2015-08-18 06:49 - 00126464 _____ () C:\Program Files (x86)\FarStone\One\EFB\EasyFuncs.dll 2015-09-14 07:25 - 2015-09-14 07:25 - 00116736 _____ () C:\Program Files (x86)\FarStone\One\EFB\BootConfig.dll 2014-01-20 02:40 - 2014-01-20 02:40 - 00017408 _____ () C:\Program Files (x86)\FarStone\One\EFB\FSToken.dll 2014-01-20 02:43 - 2014-01-20 02:43 - 00013824 _____ () C:\Program Files (x86)\FarStone\One\EFB\FSFat32.dll 2014-01-20 02:43 - 2014-01-20 02:43 - 00240128 _____ () C:\Program Files (x86)\FarStone\One\EFB\NtfsLib.dll 2014-01-22 01:56 - 2014-01-22 01:56 - 00012288 _____ () C:\Program Files (x86)\FarStone\One\EFB\VssNew.dll 2015-06-04 06:43 - 2015-06-04 06:43 - 00275968 _____ () C:\Program Files (x86)\FarStone\One\EFB\diskpart.dll 2014-10-29 02:12 - 2014-10-29 02:12 - 00023040 _____ () C:\Program Files (x86)\FarStone\One\EFB\VDiskConvert.dll 2014-01-20 02:38 - 2014-01-20 02:38 - 00227328 _____ () C:\Program Files (x86)\FarStone\One\EFB\NetTool.dll 2014-09-15 17:09 - 2014-09-15 17:09 - 00112640 _____ () C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe 2014-10-11 18:43 - 2014-04-25 05:03 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe 2014-10-11 18:44 - 2014-04-24 13:29 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe 2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () F:\Unlocker\UnlockerCOM.dll 2017-02-24 15:38 - 2016-12-07 16:40 - 03681104 _____ () F:\TeraCopy\TeraCopy\TeraCopyExt.dll 2014-10-11 18:44 - 2014-10-09 09:30 - 01430328 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe 2014-10-11 18:44 - 2014-07-02 17:41 - 01270584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe 2014-10-12 00:12 - 2013-05-14 17:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2015-05-19 08:11 - 2015-05-19 08:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe 2015-01-24 16:28 - 2014-08-01 14:58 - 01065272 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe 2015-01-24 16:28 - 2014-07-25 16:32 - 00036152 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe 2014-10-11 18:44 - 2014-05-14 05:58 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe 2014-10-11 19:25 - 2015-04-29 12:16 - 01022464 _____ () C:\Program Files (x86)\OPERA 12\gstreamer\gstreamer.dll 2014-10-11 19:25 - 2015-04-29 12:16 - 00108544 _____ () C:\Program Files (x86)\OPERA 12\gstreamer\plugins\gstaudioconvert.dll 2014-10-11 19:25 - 2015-04-29 12:16 - 00106496 _____ () C:\Program Files (x86)\OPERA 12\gstreamer\plugins\gstaudioresample.dll 2014-10-11 19:25 - 2015-04-29 12:16 - 00062464 _____ () C:\Program Files (x86)\OPERA 12\gstreamer\plugins\gstautodetect.dll 2014-10-11 19:25 - 2015-04-29 12:16 - 00108032 _____ () C:\Program Files (x86)\OPERA 12\gstreamer\plugins\gstcoreplugins.dll 2014-10-11 19:25 - 2015-04-29 12:16 - 00073216 _____ () C:\Program Files (x86)\OPERA 12\gstreamer\plugins\gstdecodebin2.dll 2014-10-11 19:25 - 2015-04-29 12:16 - 00074752 _____ () C:\Program Files (x86)\OPERA 12\gstreamer\plugins\gstdirectsound.dll 2014-10-11 19:25 - 2015-04-29 12:16 - 00201216 _____ () C:\Program Files (x86)\OPERA 12\gstreamer\plugins\gstffmpegcolorspace.dll 2014-10-11 19:25 - 2015-04-29 12:16 - 00340480 _____ () C:\Program Files (x86)\OPERA 12\gstreamer\plugins\gstoggdec.dll 2014-10-11 19:25 - 2015-04-29 12:16 - 00045056 _____ () C:\Program Files (x86)\OPERA 12\gstreamer\plugins\gstwaveform.dll 2014-10-11 19:25 - 2015-04-29 12:16 - 00077312 _____ () C:\Program Files (x86)\OPERA 12\gstreamer\plugins\gstwavparse.dll 2014-10-11 19:25 - 2015-04-29 12:16 - 00115712 _____ () C:\Program Files (x86)\OPERA 12\gstreamer\plugins\gstwebmdec.dll 2014-10-11 18:43 - 2017-03-05 13:16 - 00034304 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll 2014-10-11 18:43 - 2014-04-25 05:03 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll 2014-10-11 18:44 - 2014-10-09 09:31 - 00237568 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll 2014-10-11 18:44 - 2014-02-24 17:49 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll 2014-10-11 18:44 - 2014-07-09 11:05 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll 2014-10-11 18:44 - 2014-07-02 17:41 - 00851456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll 2014-10-11 18:44 - 2014-07-02 17:41 - 00801792 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll 2014-10-11 18:44 - 2014-07-02 17:41 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll 2014-10-11 18:44 - 2014-07-02 17:41 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll 2014-10-11 18:44 - 2014-04-25 06:03 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll 2014-10-11 18:44 - 2014-04-25 06:03 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll 2015-01-24 16:27 - 2014-07-02 12:10 - 00872960 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll 2014-10-11 18:44 - 2014-07-17 11:42 - 04095488 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll 2014-10-11 18:44 - 2014-07-02 17:41 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll 2014-10-11 18:44 - 2014-10-30 15:36 - 01139712 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll 2014-10-11 18:44 - 2014-04-25 06:03 - 00827392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll 2015-01-24 16:27 - 2014-07-02 16:41 - 00053248 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll 2015-01-24 16:27 - 2014-07-02 16:41 - 00278528 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll 2014-10-11 18:43 - 2014-01-28 11:16 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll 2014-10-11 18:44 - 2014-07-02 17:41 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll 2015-01-24 16:28 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll 2014-10-11 18:44 - 2014-04-25 06:03 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll 2014-10-11 18:44 - 2014-04-25 06:03 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll 2015-01-24 16:28 - 2010-09-23 11:51 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\AsIdxParser.dll 2015-01-24 16:28 - 2010-02-25 14:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\Aszip.dll 2015-06-02 03:18 - 2015-06-02 03:18 - 01243936 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-01-24 16:28 - 2013-11-20 10:10 - 00662016 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll 2015-01-24 16:28 - 2013-07-02 10:40 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll 2017-03-02 13:18 - 2016-05-13 01:35 - 00021600 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll 2014-10-11 18:44 - 2014-07-02 17:41 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll 2014-10-11 18:44 - 2014-07-02 17:41 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll 2015-01-24 16:28 - 2014-04-10 15:23 - 00643584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMiniMsg.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\WINDOWS\SysWOW64\��: [8192] AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125] AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9 [136] AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8 [370] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{0CBD4F48-3751-475D-BE88-4F271385B672} => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKLM\...\.scr: CryptoPreventSCR => "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %* ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\1001movie.com -> 1001movie.com There are 6091 more sites. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-04-03 12:52 - 2017-03-05 13:16 - 00001763 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 store.esellerate.net 127.0.0.1 fvc_stat.freemake.com 0.0.0.0 keystone.mwbsys.com 127.0.0.1 keystone.mwbsys.com 127.0.0.1 bactem.mwbsys.com 127.0.0.1 23.51.123.27 127.0.0.1 46.16.74.95 127.0.0.1 5.35.253.2370.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com There are 25 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2478243716-4240238963-824202402-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pc_mirko\AppData\Local\Microsoft\Windows\Themes\GRETA GAR (2)\DesktopBackground\gretagarbo.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: WDBackup => 3 MSCONFIG\Services: WDDriveService => 3 HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "RtHDVBg_DTS" HKLM\...\StartupApproved\Run: => "SamsungRapidApp" HKLM\...\StartupApproved\Run: => "Shadow Defender Daemon" HKLM\...\StartupApproved\Run: => "Onboard" HKLM\...\StartupApproved\Run: => "OneTip" HKLM\...\StartupApproved\Run: => "OODITRAY.EXE" HKLM\...\StartupApproved\Run: => "OODefragTray" HKLM\...\StartupApproved\Run32: => "ASUS AiChargerPlus Execute" HKLM\...\StartupApproved\Run32: => "StartCCC" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "VDTask" HKLM\...\StartupApproved\Run32: => "CanonQuickMenu" HKLM\...\StartupApproved\Run32: => "WD Quick View" HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker" HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper" HKLM\...\StartupApproved\Run32: => "KeyScrambler" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "FSKeyAutoStart" HKLM\...\StartupApproved\Run32: => "Kryptel Shredder" HKLM\...\StartupApproved\Run32: => "ProductUpdater" HKLM\...\StartupApproved\Run32: => "DelaypluginInstall" HKLM\...\StartupApproved\Run32: => "RIMBBLaunchAgent.exe" HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\StartupApproved\Run: => "Kryptel Shredder" HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\StartupApproved\Run: => "Eraser" HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\StartupApproved\Run: => "Xvid" HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall" HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\StartupApproved\Run: => " Maintance" HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\StartupApproved\Run: => "csrs_up" HKU\S-1-5-21-2478243716-4240238963-824202402-1001\...\StartupApproved\Run: => "NetShareMonitor" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{1120A190-DDB3-4353-B8AA-C4BBABC8271F}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper.exe FirewallRules: [{4871F4E3-846B-410D-BA12-F30C38CADE0D}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper.exe FirewallRules: [{212F9A23-AF36-4C1B-B355-5DB0375F4B42}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper_32.exe FirewallRules: [{1421E6D9-D802-4292-BAD7-043A7D519019}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper_32.exe FirewallRules: [{96799204-875A-439A-8CCF-40D883D06454}] => (Allow) C:\Program Files\Opera x64\opera.exe FirewallRules: [{0E0296EC-0BB1-412F-A69C-AED853C84020}] => (Allow) C:\Program Files\Opera x64\opera.exe FirewallRules: [TCP Query User{A4262A6F-5FB6-471C-9C39-848CE7EC6710}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe FirewallRules: [UDP Query User{02FE4112-257B-43D9-8FC0-30ED43D56107}C:\program files (x86)\asus\ai suite iii\aisuite3.exe] => (Allow) C:\program files (x86)\asus\ai suite iii\aisuite3.exe FirewallRules: [{A8E1F1C6-65FE-44AB-9866-C81A12F2F950}] => (Allow) F:\STEAM\Steam.exe FirewallRules: [{11358274-BAF9-48D6-81DB-7109BD19D557}] => (Allow) F:\STEAM\Steam.exe FirewallRules: [{E6665780-E618-4045-B6DF-4E0666403F84}] => (Allow) F:\STEAM\bin\steamwebhelper.exe FirewallRules: [{70FF0ED2-FC30-42B1-8408-EA4A3EAB5E0D}] => (Allow) F:\STEAM\bin\steamwebhelper.exe FirewallRules: [{187AFF5D-6EE1-4C28-8416-75C3F8526ADF}] => (Allow) F:\Nuova cartella\Steam\Steam.exe FirewallRules: [{28C0954D-2D1A-40C5-BA65-4E58415BC1C2}] => (Allow) F:\Nuova cartella\Steam\Steam.exe FirewallRules: [{DE9EBA8D-2CEF-41DB-88DA-B069CF77000C}] => (Allow) F:\Nuova cartella\Steam\bin\steamwebhelper.exe FirewallRules: [{AE8FB2A5-FC0F-4F53-80C9-730CECD6CE24}] => (Allow) F:\Nuova cartella\Steam\bin\steamwebhelper.exe FirewallRules: [{E6A5CCA0-AD1D-4A14-8516-67796E372762}] => (Allow) F:\WatchDOGS\bin\Watch_Dogs.exe FirewallRules: [{F291D80F-A069-4300-93D2-D6E480626EBC}] => (Allow) F:\WatchDOGS\bin\Watch_Dogs.exe FirewallRules: [{B4A13AE9-55B6-4C08-AD11-8CBE28689F44}] => (Allow) C:\Program Files (x86)\OPERA 12\pluginwrapper\opera_plugin_wrapper.exe FirewallRules: [{D9074479-5562-4C36-BA68-F01737A63757}] => (Allow) C:\Program Files (x86)\OPERA 12\pluginwrapper\opera_plugin_wrapper.exe FirewallRules: [{3E3E21FA-B841-4417-ADEC-9800B473048B}] => (Allow) C:\Program Files (x86)\OPERA 12\pluginwrapper\opera_plugin_wrapper_32.exe FirewallRules: [{89DA5989-6BD9-44CD-BA9E-910C1A60B027}] => (Allow) C:\Program Files (x86)\OPERA 12\pluginwrapper\opera_plugin_wrapper_32.exe FirewallRules: [{02312D60-945A-4B59-8636-746AD9AD1083}] => (Allow) C:\Program Files (x86)\OPERA 12\opera.exe FirewallRules: [{F8086229-3C97-4741-BD3A-8BF1177AEDD9}] => (Allow) C:\Program Files (x86)\OPERA 12\opera.exe FirewallRules: [{B24FF4CC-BE68-4496-ABDF-D7DA9C2D780D}] => (Allow) C:\Users\pc_mirko\AppData\Local\Vivaldi\Application\vivaldi.exe FirewallRules: [{949AD2F2-76AF-4986-8C50-2E56900215DC}] => (Allow) C:\Program Files (x86)\Vivaldi\Application\vivaldi.exe FirewallRules: [{F51CD377-CFEB-4A06-B320-85A51FDAA179}] => (Allow) F:\GTA V\GTA5.exe FirewallRules: [{254203FE-B143-4AC7-A360-4EE3592EEDC3}] => (Allow) F:\GTA V\GTA5.exe FirewallRules: [{936E72FE-41E7-4910-88FF-0E63EE702E4E}] => (Allow) C:\Program Files (x86)\AOMEI PXE Boot Free 1.5\PXEBoot.exe FirewallRules: [{2484B84D-5017-46FC-AC39-A31BAB51F4D1}] => (Allow) C:\Program Files\OSTotoSoft\DriverTalent\DriverTalent.exe FirewallRules: [{396BDC75-88A3-47E4-9A30-5BA90F1ED487}] => (Allow) C:\Program Files\OSTotoSoft\DriverTalent\DTLService.exe FirewallRules: [{EF309FF2-3CCF-4853-A882-46B5DBAE34DF}] => (Allow) C:\Program Files\OSTotoSoft\DriverTalent\download\MiniThunderPlatform.exe FirewallRules: [{2D8B0FE1-6092-4B6E-BC0C-5493ED7D379D}] => (Allow) F:\TUTTO x WIN 8.1\HELP\DLL-Files Fixer v3.3.90.3079 PORTABLE\App\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{61DBB109-C6F0-4DFE-B58C-52C14F758173}] => (Allow) F:\TUTTO x WIN 8.1\HELP\DLL-Files Fixer v3.3.90.3079 PORTABLE\App\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{4705AAB4-93D9-48AC-A52B-0EFB1E1FDFE8}] => (Allow) F:\VIVALDI Browser\Application\vivaldi.exe FirewallRules: [{C7752DE3-1331-4D73-A52E-00A755EB5598}] => (Allow) F:\STEAM\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{01A78F56-584D-4FF1-9ADE-29BE36E0A5E2}] => (Allow) F:\STEAM\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{1061D8B1-9FE7-4F1D-BBF7-23970E82F895}] => (Allow) F:\OPERA 36\44.0.2494.0\opera.exe FirewallRules: [{E53DBEC5-A17A-4BBF-BBAE-368A04B79789}] => (Allow) F:\VIVALDI Browser\Application\vivaldi.exe FirewallRules: [{3B6F5A07-BADC-4E82-B66F-8ED201C57DEF}] => (Allow) F:\OPERA 36\44.0.2505.0\opera.exe FirewallRules: [{E91C346F-0CD0-4882-BDCE-3D8DB3C05276}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe FirewallRules: [{2908E166-895E-4023-A32A-8511E43DB4B0}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe] => enabled:@shell32.dll,-1 ==================== Restore Points ========================= 10-02-2017 14:44:56 Removed Turbo Studio 17 10-02-2017 15:05:54 Programma di installazione dei moduli di Windows 12-02-2017 19:52:24 Xperia Companion 22-02-2017 13:24:32 Intel® Driver Update Utility 24-02-2017 19:59:24 Installed O&O DiskImage Professional 27-02-2017 15:05:03 Rimosso Samsung Data Migration 28-02-2017 15:33:35 PROBLEMI ? 02-03-2017 13:15:41 RAPID 02-03-2017 13:20:08 RAPID 03-03-2017 13:30:22 Operazione di ripristino ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Could not start eventlog service, could not read events. Servizio Registro eventi di Windows in fase di avvio . Impossibile avviare il servizio Registro eventi di Windows. Errore di sistema. Errore di sistema 5. Accesso negato. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz Percentage of memory in use: 26% Total physical RAM: 16324.36 MB Available physical RAM: 11984.95 MB Total Virtual: 16524.36 MB Available Virtual: 12073.28 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:238.13 GB) (Free:188.36 GB) NTFS Drive f: (Volume) (Fixed) (Total:931.51 GB) (Free:494.14 GB) NTFS Drive h: (Riservato per il sistema) (Fixed) (Total:0.34 GB) (Free:0.08 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 4F8EE466) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=238.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E4446149) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================