~ Riporto di ZHPDiag v2015.5.2.45 - Nicolas Coolman  (02/05/2015)
~ Lanciato da admin (03/05/2015 19.20.31)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Indirizzo del foum Web : http://forum.nicolascoolman.fr
~ Tradotto da 
~ Stato della versione : Versione aggiornata.
~ Lista Bianca : Utente disattivato
~ Elevazione dei privilegi : OK
~ Controllo dell'Account utente : Activate by user


---\\ Browser Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 37.0.2 (Defaut)

---\\ Informazioni sul prodotto Windows
~ Langage: Italien
Windows Server License Manager Script : OK
Windows Automatic Updates : OK
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)

---\\ Software di protezione del sistema
COMODO Internet Security Premium v8.2.0.4508
Malwarebytes Anti-Malware versione 2.1.6.1022

---\\ Software di ottimizzazione del sistema

---\\ Condivisione di software PeerToPeer

---\\ Software di sorveglianza
Adobe Flash Player 17 NPAPI
Adobe Reader XI

---\\ Informazioni sul sistema
~ Processor: x86 Family 6 Model 23 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3070 MB (58% free)
System Restore: Désactivé (Disabled)
System drive C: has 637 GB (92%) free of 688 GB

---\\ Connessione alla modalità sistema
~ Computer Name: PC-ADMIN
~ User Name: admin
~ All Users Names: Guest, ASPNET, Administrator, admin, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variabili di ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\admin\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\admin\AppData\Roaming\
~ %Desktop% : C:\Users\admin\Desktop\
~ %Favorites% : C:\Users\admin\Favorites\
~ %LocalAppData% : C:\Users\admin\AppData\Local\
~ %StartMenu% : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\System32\

---\\ Enumerazione delle unità disco
C: Hard drive, Flash drive, Thumb drive (Free 637 Go of 688 Go)
D: Hard drive, Flash drive, Thumb drive (Free 1 Go of 10 Go)
E: Hard drive, Flash drive, Thumb drive (Free 516 Go of 699 Go)
F: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: CD-ROM drive (Not Inserted)



---\\ Stato di Windows Security Center
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 47 Scanned in 00mn 00s



---\\ Ricerca di particolari file generico
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Esplora risorse.) (.11/04/2009 - 7.27.36.) -- C:\WINDOWS\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Applicazione di avvio di Windows.) (.18/01/2008 - 22.33.38.) -- C:\WINDOWS\System32\Wininit.exe [96768]
[MD5.19B481D70FBC176AE5D3E91347B0128F] - (.Microsoft Corporation - Internet Extensions per Win32.) (.01/05/2015 - 13.30.53.) -- C:\WINDOWS\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Applicazione Accesso a Windows.) (.11/04/2009 - 7.28.13.) -- C:\WINDOWS\System32\Winlogon.exe [314368]
[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 7.53.22.) -- C:\WINDOWS\system32\Drivers\AFD.sys [273408]
[MD5.BFD3DF48C9ED81934FE21E8E3CFC2496] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.01/01/2007 - 22.50.14.) -- C:\WINDOWS\system32\Drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.18/01/2008 - 20.28.04.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 5.39.17.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15.59.03.) -- C:\WINDOWS\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 5.42.42.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Driver della porta i8042.) (.18/01/2008 - 20.49.20.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.18/01/2008 - 20.56.30.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14.24.40.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 5.45.37.) -- C:\WINDOWS\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Driver file system NT.) (.03/03/2013 - 20.07.52.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Driver della porta parallela.) (.02/11/2006 - 9.51.30.) -- C:\WINDOWS\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.18/01/2008 - 20.56.36.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10.03.00.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 5.45.22.) -- C:\WINDOWS\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 5.45.56.) -- C:\WINDOWS\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Driver copia shadow del volume.) (.21/08/2012 - 12.47.42.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [224640]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Stato dei file nascosti (nascosti/totale)
~ Mes images (My Pictures) : 1/84
~ Mes musiques (My Musics) : 1/3
~ Mes Videos (My Videos) : 1/6
~ Mes Favoris (My Favorites) : 1/21
~ Mes Documents (My Documents) : 1/155
~ Mon Bureau (My Desktop) : 1/11
~ Menu demarrer (Programs) : 0/0
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processo avviato
[MD5.1013953949768FA3FC0811CCF7FDD51C] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cistray.exe   [1359064] [PID.2228]
[MD5.361CD47DC5BD83EE24407903233B0D9A] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\WINDOWS\RtHDVCpl.exe   [4874240] [PID.2436]
[MD5.9A4322EE420D6FACD4D4B1FF6CB856B1] - (.Hewlett-Packard Company - hpsysdrv.) -- C:\hp\support\hpsysdrv.exe   [65536] [PID.2444]
[MD5.B1361669BDC6ED612C35B7C67ADA2240] - (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe   [118784] [PID.2460]
[MD5.0E34B7BB1FCF22BCC1E394D16F9E992B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe   [30040] [PID.2468]
[MD5.DE37F9B256FABE999A03EA23B4CA26EC] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe   [52392] [PID.2476]
[MD5.E6DEED311D830678E1A0B4889F3C2F0E] - (.UASSOFT.COM - DRIVER AUTORUN.) -- C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe   [212992] [PID.2484]
[MD5.0A15E929756AB59EEE6115996BF09313] - (.Macrovision - LaunchAnywhere.) -- C:\Program Files\MonitorSoftware\Winpower.exe   [114688] [PID.2500]
[MD5.FCB74635483CE82FF2BE9F91D2C8558E] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe   [91432] [PID.2508]
[MD5.CDE07257FC2802001D930ADD1F25127C] - (.UASSOFT.COM - USB Keyboard And PS/2 Keyboard Driver.) -- C:\Program Files\Trust\Trust R-Series Mouse\KMConfig.exe   [397312] [PID.2524]
[MD5.A63E46BECDDC697FF9C086D7AACBB0BE] - (.cyberlink - brs.) -- C:\Program Files\CyberLink\Shared Files\brs.exe   [75048] [PID.2588]
[MD5.23479CC4EB2E0A22299D6F4F30C5851F] - (...) -- C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe   [694008] [PID.2616]
[MD5.ECA139131FC9D36F92D81F85A1E08408] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\MonitorSoftware\jre\bin\javaw.exe   [135168] [PID.2640]
[MD5.0AAB8C2C7012CDFFE719C6FDF83EDF87] - (...) -- C:\Program Files\Portrait Displays\Pivot Software\floater.exe   [694008] [PID.2776]
[MD5.0A15E929756AB59EEE6115996BF09313] - (.Macrovision - LaunchAnywhere.) -- C:\Program Files\MonitorSoftware\wpRMI.exe   [114688] [PID.2792]
[MD5.F0CAE8186C27E930261C2EE6FAE8B102] - (.UASSOFT.COM - Keyboard And Mouse Processing.) -- C:\Program Files\Trust\Trust R-Series Mouse\KMProcess.exe   [327680] [PID.2848]
[MD5.0A15E929756AB59EEE6115996BF09313] - (.Macrovision - LaunchAnywhere.) -- C:\Program Files\MonitorSoftware\monitor.exe   [114688] [PID.2468]
[MD5.D9335549EAE48B14FB66EFCB6FFAE736] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe   [214360] [PID.2948]
[MD5.1F29FCA528DD88DAF85C529C7194B5DA] - (.Portrait Displays, Inc - HP My Display.) -- C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe   [336384] [PID.2968]
[MD5.0E0D415613C24E4382FAEF36669D60C8] - (.Portrait Displays Inc. - Context Menu Utility.) -- C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe   [114688] [PID.3040]
[MD5.B7614F58B6D2AE8EFADE3A6E0916E49D] - (...) -- C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe   [20572] [PID.2640]
[MD5.745A13EB241A081431C6FD26EB85367F] - (.Hewlett-Packard - Hewlett-Packard T-TR Status Client.) -- C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe   [212992] [PID.3488]
[MD5.7CAC10A1C258DFCB5ADE563BAE6D2F15] - (.Hewlett-Packard Company - KBD EXE.) -- C:\hp\kbd\kbd.exe   [67128] [PID.4736]
[MD5.275CA9517BA62BBD9DE2FB43830C07B1] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe   [184320] [PID.4228]
[MD5.64CF691CE6957C44E495031C3C8319FC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe   [610304] [PID.3640]
[MD5.8FC85C14B6316745670816F98693A100] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe   [262144] [PID.3284]
[MD5.5A9EC2534F85163841F46000F281A3EE] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cis.exe   [7689432] [PID.4916]
[MD5.53091911AB458088CF2BB5101B0AC184] - (.Microsoft Corporation - Microsoft Photo Editor.) -- C:\Users\admin\Documents\Microsoft PHOTO EDITOR\PHOTOED.exe   [790528] [PID.2544]
[MD5.C06C9EC74A0971A31A40723432201C86] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [8206336] [PID.4876]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe   [69120] [PID.5252]
[MD5.F8068FD29809634B6BB2DF5AB9E30AC9] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 347.8.) -- C:\Windows\system32\nvvsvc.exe   [670352] [PID.1032]
[MD5.C9362AB376E06F0F91CD48A03D5B4E80] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe   [4351816] [PID.1132]
[MD5.EDBA1382E5D7D1E71442B43E170CF8D4] - (.Creative Technology Ltd - Creative Audio Service.) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe   [423424] [PID.1372]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Servizio gestione licenze software Microsof.) -- C:\Windows\system32\SLsvc.exe   [3408896] [PID.1400]
[MD5.62B56B55E6B310187BD41E23BB9F1FCD] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe   [973456] [PID.1996]
[MD5.4C72FDD915D62EAEF149BD9C73AB9CF4] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe   [81088] [PID.3744]
[MD5.73686FE0B2E0469F89FD2075BE724704] - (.Apple Computer, Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe   [229376] [PID.3788]
[MD5.1DB483097AA009C069CAFEBDAB4C57F3] - (...) -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe   [69632] [PID.3804]
[MD5.DEB82AF183F1CD06813D91ED104C645C] - (...) -- c:\hp\HPEZBTN\HPBtnSrv.exe   [198240] [PID.3904]
[MD5.204A73A56751C68C6031E9D5D611EC98] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe   [354840] [PID.3968]
[MD5.213822072085B5BBAD9AF30AB577D817] - (.InterVideo - RegMgr Module.) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe   [112152] [PID.4004]
[MD5.A4A9ADB8E7005785D2C1F4FF8C7B70BB] - (.UASSOFT.COM - Keyboard And Mouse Communication Service.) -- C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe   [208896] [PID.4032]
[MD5.83D8BE94E1CBCBE2EA8372DB1A95A159] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe   [73728] [PID.4056]
[MD5.1BDB34A492109198CAB0575F2743BE70] - (.Seagate Technology LLC - Sync Windows Services.) -- C:\Program Files\Maxtor\Sync\SyncServices.exe   [193888] [PID.4068]
[MD5.A6A7AD767BF5141665F5C675F671B3E1] - (.Protexis Inc. - PsiService PsiService.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe   [185632] [PID.2432]
[MD5.7A8FD91FD806B1EB1743898DF4C6477A] - (.No owner - Reflect Service - Enables mounting of image.) -- C:\Program Files\Macrium\Reflect\ReflectService.exe   [220824] [PID.2964]
[MD5.2FCEAD838E64A79250046DD2A15B6A8A] - (.No owner - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe   [241734] [PID.1852]
[MD5.0A15E929756AB59EEE6115996BF09313] - (.Macrovision - LaunchAnywhere.) -- C:\Program Files\MonitorSoftware\wpRMI.exe   [114688] [PID.2792]
[MD5.14B21C1E09A79B89C49B47ED4021F486] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe   [455384] [PID.1360]
~ Processes Running:  Scanned in 00mn 03s



---\\ Mozilla Firefox, plugin, start, cerca, estensioni (P2, M0, M1, M2, M3)
M0 - MFSP: prefs.js [admin - 73b02pu3.default] http://startpage.com
M2 - MFEP: prefs.js [admin - 73b02pu3.default\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20131118 (..)
M2 - MFEP: Extension [admin - 73b02pu3.default] {73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
M2 - MFEP: Extension [admin - 73b02pu3.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi  =>.Adblock Plus Extension Mozilla Firefox
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazon-it.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay-it.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\hoepli.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia-it.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo-it.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll
P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (...) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (.not file.)
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.31211.0.) -- c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (...) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (.not file.)
P2 - FPN: [HKLM] [Adobe Acrobat] - (...) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (.not file.)
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.10.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
~ Firefox Browser: 26 Scanned in 00mn 00s



---\\ Internet Explorer, start, cerca, URLSearchHook, Phishing (R0, R1, R3, R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startpage.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.10.) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ IE Browser: 14 Scanned in 00mn 00s



---\\ Internet Explorer, gestione Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analisi delle linee F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (20)
~ Hosts File:  Scanned in 00mn 00s



---\\ Browser Helper Objects da browser (O2)
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} . (...) -- C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (.not file.)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} Chiave orfano
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ BHO: 12 Scanned in 00mn 00s



---\\ Internet Explorer barre degli strumenti (O3)
O3 - Toolbar: Adobe PDF - [HKLM]{47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Chiave orfano
~ Toolbar:  Scanned in 00mn 00s



---\\ Iniziato da file e registro applicazioni (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\WINDOWS\RtHDVCpl.exe   =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\hp\support\hpsysdrv.exe 
O4 - HKLM\..\Run: [KBD] . (...) -- C:\HP\KBD\KbdStub.exe 
O4 - HKLM\..\Run: [OsdMaestro] . (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe 
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe 
O4 - HKLM\..\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe   =>.Elaborate Bytes AG
O4 - HKLM\..\Run: [KMCONFIG] . (.UASSOFT.COM - DRIVER AUTORUN.) -- C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe 
O4 - HKLM\..\Run: [TomcatStartup 2.5] . (.Hewlett-Packard - hp toolbox Startup.) -- C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe 
O4 - HKLM\..\Run: [Winpower] . (.Macrovision - LaunchAnywhere.) -- C:\Program Files\MonitorSoftware\Winpower.exe 
O4 - HKLM\..\Run: [RemoteControl8] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe 
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] . (.CyberLink Corp. - PowerDVD Language Application.) -- C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe 
O4 - HKLM\..\Run: [BDRegion] . (.cyberlink - brs.) -- C:\Program Files\Cyberlink\Shared Files\brs.exe 
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [PivotSoftware] . (...) -- C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe 
O4 - HKLM\..\Run: [DT HPW] . (...) -- C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe 
O4 - HKLM\..\Run: [Sound Blaster Tactic3D Control Panel] . (.Creative Technology Ltd - Sound Blaster Tactic3D Control Panel.) -- C:\Program Files\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe 
O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cistray.exe 
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Applicazione di configurazione Servizio di.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Sidebar.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Sidebar.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-21-2920435616-4011303489-1674627156-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Applicazione di configurazione Servizio di.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe   =>.Microsoft Corporation
~ Application:  Scanned in 00mn 00s



---\\ I pulsanti sulla barra degli strumenti "principali strumenti" di Internet Explorer (O9)
O9 - Extra button: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Chiave orfano
O9 - Extra button: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Selezione intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Provider shim denominazione posta elettronica.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Provider spazio dei nomi PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Provider spazio dei nomi PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Computer, Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Service Provider Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 7 Scanned in 00mn 00s



---\\ Sito nella zona attendibile d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.corel.com
O15 - Trusted Zone: [HKCU\...\Domains\www] *.corel.com
O15 - Trusted Zone: [HKCU\...\Domains] http.intervideo.com
O15 - Trusted Zone: [HKCU\...\Domains\www] *.intervideo.com
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Modificare gli indirizzi DNS domain (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{F80FDB91-74F6-4D46-B5CD-168BCDBF9D21}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{F80FDB91-74F6-4D46-B5CD-168BCDBF9D21}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{F80FDB91-74F6-4D46-B5CD-168BCDBF9D21}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocollo addizionale (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizzatore HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valore di registro AppInit_DLLs e sottochiavi Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Adobe Systems Incorporated - 3D Capture Dll 9.5.) - C:\WINDOWS\System32\acaptuser32.dll
~ AppInit DLL:  Scanned in 00mn 00s



---\\ ShellServiceObjectDelayLoad SSODL/SSO, chiave di registro autorun (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Utilità di monitoraggio siti Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s



---\\ Chiave di registro autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Shell Browser UI Library.) -- C:\WINDOWS\System32\browseui.dll
~ STS/SSO:  Scanned in 00mn 00s



---\\ Elenco dei servizi non Microsoft NT e non disabili (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) . (.Apple Computer, Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) . (.COMODO - COMODO Internet Security.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Creative Audio Service (CTAudSvcService) . (.Creative Technology Ltd - Creative Audio Service.) - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) . (...) - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) . (...) - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: IviRegMgr (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) . (.UASSOFT.COM - Keyboard And Mouse Communication Service.) - C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) . (.Seagate Technology LLC - Sync Windows Services.) - C:\Program Files\Maxtor\Sync\SyncServices.exe
O23 - Service:  (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 347.8.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. - PsiService PsiService.) - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) . (.No owner - Reflect Service - Enables mounting of image.) - C:\Program Files\Macrium\Reflect\ReflectService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.No owner - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Winpowermonitor (Winpowermonitor) . (.Macrovision - LaunchAnywhere.) - C:\Program Files\MONITO~1\monitor.exe
O23 - Service: Power Control [2011/08/25 16:39:58] ({22D78859-9CE9-4B77-BF18-AC83E81A9263}) . (.CyberLink Corp. - No Comment.) - C:\Program Files\HP\DVDPlay\000.fcl
O23 - Service: Power Control [2009/09/25 20:41:03] ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) . (.CyberLink Corp. - No Comment.) - C:\Program Files\CyberLink\PowerDVD8\000.fcl
~ Services: 19 Scanned in 00mn 10s



---\\ L'enumerazione Active Desktop Editor MHTML (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
O24 - Desktop General: BackupWallPaper - .(...) - C:\WINDOWS\Web\Wallpaper\DSC01189.jpg
O24 - Desktop General: WallPaper - .(...) - C:\WINDOWS\Web\Wallpaper\DSC01189.jpg
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Attività pianificate in modo automatico (039)
[MD5.00000000000000000000000000000000] [APT] [JavaUpdateAdministrator] (...) -- C:\Windows\system32\jusched.exe (.not file.)   [0]
[MD5.9FFC7FD56CC35E7FA94E9AEDD39D0E0A] [APT] [RecoveryCD] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe   [28672]
[MD5.39044759DA9FD2B42864BC1AED78B349] [APT] [{8E76A54A-A8BA-4B3E-8840-B08822DFD173}] (.Nero AG.) -- C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe   [5854504]
[MD5.1013953949768FA3FC0811CCF7FDD51C] [APT] [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] (.COMODO.) -- C:\Program Files\COMODO\COMODO Internet Security\cistray.exe   [1359064]
[MD5.6F0271C658582A113E739924C764072F] [APT] [COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}] (.COMODO.) -- C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe   [2714840]
[MD5.6F0271C658582A113E739924C764072F] [APT] [COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}] (.COMODO.) -- C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe   [2714840]
[MD5.6F0271C658582A113E739924C764072F] [APT] [COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}] (.COMODO.) -- C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe   [2714840]
[MD5.6F0271C658582A113E739924C764072F] [APT] [COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}] (.COMODO.) -- C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe   [2714840]
[MD5.61D3771702DE72053FEE2A98F213A030] [APT] [Scheduled Maintenance] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe   [73728]
[MD5.6D0F62A4D823A36A529369257CD8C00D] [APT] [Scheduled Maintenance Swap] (...) -- C:\Program Files\PC-Doctor 5 for Windows\task_swap.bat    [199]
O39 - APT:  - (..) -- C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - admin.job   [546]
O39 - APT:  - (..) -- C:\WINDOWS\System32\Tasks\Norton Internet Security - Run Full System Scan - admin   [546]
~ Scheduled Task: 13 Scanned in 00mn 03s



---\\ Componenti installati (ActiveSetup installati componenti) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Risorse di Windows Media Player.) -- C:\WINDOWS\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilità di inizializzazione Per utente di Internet Explorer.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - IEAK branding.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Hewlett-Packard Company - No Comment.) -- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API di Windows Theme.) -- C:\WINDOWS\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Estensione shell della cartella FTP di Microsoft Internet Explo.) -- C:\WINDOWS\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Risorse di Windows Media Player.) -- C:\WINDOWS\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comune della shell di Windows.) -- C:\WINDOWS\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilità di inizializzazione Per utente di Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 17.0 r0.) -- C:\Windows\system32\Macromed\Flash\Flash32_17_0_0_169.ocx
~ Active Setup: 13 Scanned in 00mn 01s



---\\ Pilota all'inizio del sistema (O41)
O41 - Driver:  (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys
O41 - Driver:  (cmderd) . (.COMODO - COMODO Internet Security Eradication Driver.) - C:\WINDOWS\System32\DRIVERS\cmderd.sys
O41 - Driver:  (cmdGuard) . (.COMODO - COMODO Internet Security Sandbox Driver.) - C:\WINDOWS\System32\DRIVERS\cmdguard.sys
O41 - Driver:  (cmdHlp) . (.COMODO - COMODO Internet Security Helper Driver.) - C:\WINDOWS\System32\DRIVERS\cmdhlp.sys
O41 - Driver: C:\WINDOWS\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver:  (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - C:\WINDOWS\System32\Drivers\ElbyCDIO.sys
O41 - Driver:  (i8042prt) . (.Microsoft Corporation - Driver della porta i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys
O41 - Driver:  (inspect) . (.COMODO - COMODO Internet Security Firewall Driver.) - C:\WINDOWS\System32\DRIVERS\inspect.sys
O41 - Driver:  (kbdclass) . (.Microsoft Corporation - Driver classe tastiera.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys
O41 - Driver:  (kbdhid) . (.Microsoft Corporation - Driver del filtro della tastiera HID.) - C:\WINDOWS\System32\DRIVERS\kbdhid.sys
O41 - Driver:  (mouclass) . (.Microsoft Corporation - Driver Mouse Class.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys
O41 - Driver:  (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver:  (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\WINDOWS\System32\drivers\nsiproxy.sys
O41 - Driver: C:\WINDOWS\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Utilità di pianificazione pacchetti QoS.) - C:\WINDOWS\System32\DRIVERS\pacer.sys
O41 - Driver:  (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver:  (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys
O41 - Driver:  (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver:  (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\drivers\rdpencdd.sys
O41 - Driver:  (SASDIFSV) . (. - .) - C:\Users\admin\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.sys (.not file.)
O41 - Driver:  (SASKUTIL) . (. - .) - C:\Users\admin\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.sys (.not file.)
O41 - Driver: C:\WINDOWS\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\WINDOWS\System32\DRIVERS\smb.sys
O41 - Driver: C:\WINDOWS\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\WINDOWS\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver:  (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\WINDOWS\System32\DRIVERS\wanarp.sys
O41 - Driver: Ambiente di supporto del provider del Servizio Non-IFS di Windows Socket 2.0 (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\WINDOWS\system32\drivers\ws2ifsl.sys
~ Drivers: 84 Scanned in 00mn 01s



---\\ Software installato (O42)
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
O42 - Logiciel: ACDSee Photo Editor 2008 - (.ACD Systems.) [HKLM] -- {A6142247-58B1-40C7-B8E0-965C1A8026A5}
O42 - Logiciel: ACDSee Pro 2.5 - (.ACD Systems International.) [HKLM] -- {2D95950E-6D76-43E7-94A5-D9DBA2FD29E4}
O42 - Logiciel: ACDSee RAW Image Decoder Plug-In Update 4.0 - (.ACD Systems International.) [HKLM] -- {1BF38C77-E678-49AF-885A-BBD10AED2FF3}
O42 - Logiciel: AOMEI Partition Assistant Pro Edition 5.6 - (.AOMEI Technology Co., Ltd..) [HKLM] -- {02F850ED-FD0E-4ED1-BE0B-5498165BF300}_is1
O42 - Logiciel: Adobe Acrobat 9 Pro Extended - English, Français, Deutsch - (.Adobe Systems.) [HKLM] -- {AC76BA86-1033-F400-7761-000000000004}
O42 - Logiciel: Adobe Acrobat 9 Pro Extended - English, Français, Deutsch - (.Adobe Systems.) [HKLM] -- {AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}
O42 - Logiciel: Adobe Acrobat 9.5.5 - CPSID_83708 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-1033-F400-7761-000000000004}_955
O42 - Logiciel: Adobe Anchor Service CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {90176341-0A8B-4CCC-A78D-F862228A6B95}
O42 - Logiciel: Adobe Asset Services CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
O42 - Logiciel: Adobe Bridge CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {9C9824D9-9000-4373-A6A5-D0E5D4831394}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Bridge Start Meeting - (.Adobe Systems Incorporated.) [HKLM] -- {08B32819-6EEF-4057-AEDA-5AB681A36A23}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe CMaps - (.Adobe Systems Incorporated.) [HKLM] -- {A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
O42 - Logiciel: Adobe Camera Raw 4.0 - (.Adobe Systems Incorporated.) [HKLM] -- {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
O42 - Logiciel: Adobe Color Common Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
O42 - Logiciel: Adobe Color EU Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {51846830-E7B2-4218-8968-B77F0FF475B8}
O42 - Logiciel: Adobe Color JA Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
O42 - Logiciel: Adobe Color NA Recommended Settings - (.Adobe Systems Incorporated.) [HKLM] -- {95655ED4-7CA5-46DF-907F-7144877A32E5}
O42 - Logiciel: Adobe Default Language CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
O42 - Logiciel: Adobe Device Central CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {8D2BA474-F406-4710-9AE4-D4F22D21F0DD}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe ExtendScript Toolkit 2 - (.Adobe Systems Incorporated.) [HKLM] -- {C2D69781-F392-4118-A5A7-C7E9C38DBFC2}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM] -- {6ABE0BEE-D572-4FE8-B434-9E72A289431B}
O42 - Logiciel: Adobe Help Viewer CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {04AF207D-9A77-465A-8B76-991F6AB66245}
O42 - Logiciel: Adobe Linguistics CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {54793AA1-5001-42F4-ABB6-C364617C6078}
O42 - Logiciel: Adobe PDF Library Files - (.Adobe Systems Incorporated.) [HKLM] -- {D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
O42 - Logiciel: Adobe Photoshop CS3 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_719d6f144d0c086a0dfa7ff76bb9ac1  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Photoshop CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {3D7E3EC9-46CF-4359-9289-39CE01DFB82F}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Reader XI (11.0.10) - Italiano - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1040-7B44-AB0000000001}
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}
O42 - Logiciel: Adobe Stock Photos CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {29E5EA97-5F74-4A57-B8B2-D4F169117183}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Type Support - (.Adobe Systems Incorporated.) [HKLM] -- {8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
O42 - Logiciel: Adobe Update Manager CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {E69AE897-9E0B-485C-8552-7841F48D42D8}
O42 - Logiciel: Adobe Version Cue CS3 Client - (.Adobe Systems Incorporated.) [HKLM] -- {D0DFF92A-492E-4C40-B862-A74A173C25C5}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM] -- {184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
O42 - Logiciel: Adobe XMP Panels CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {802771A9-A856-4A41-ACF7-1450E523C923}
O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM] -- {b2ec4a38-b545-4a00-8214-13fe0e915e6d}
O42 - Logiciel: AnyDVD - (.SlySoft.) [HKLM] -- AnyDVD
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {0C34B801-6AEC-4667-B053-03A67E2D0415}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}  =>.Apple Inc
O42 - Logiciel: Audacity 2.1.0 - (.Audacity Team.) [HKLM] -- Audacity_is1
O42 - Logiciel: COMODO Internet Security Premium - (.COMODO Security Solutions Inc..) [HKLM] -- {73830292-868E-4C82-9AF5-CCFE2047B6A3}
O42 - Logiciel: Corel WinDVD 9 - (.Nome società.) [HKLM] -- InstallShield_{E3993D46-AE3F-402E-9F9D-EEBDFBEC3564}
O42 - Logiciel: Creative System Information - (.Creative Technology Limited.) [HKLM] -- SysInfo
O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink PhotoNow - (.CyberLink Corp..) [HKLM] -- InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}
O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM] -- InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}
O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM] -- {2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}
O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: CyberLink PowerProducer - (.CyberLink Corp..) [HKLM] -- InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}
O42 - Logiciel: CyberLink PowerProducer - (.CyberLink Corp..) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861}
O42 - Logiciel: DVD Identifier - (.Kris Schoofs.) [HKLM] -- DVD Identifier_is1
O42 - Logiciel: DVD Play BD & HD DVD - (.Hewlett-Packard.) [HKLM] -- {45D707E9-F3C4-11D9-A373-0050BAE317E1}
O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler
O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters
O42 - Logiciel: DolbyFiles - (.Nero AG.) [HKLM] -- {b1adf008-e898-4fe2-8a1f-690d9a06acaf}
O42 - Logiciel: EZ CD Audio Converter - (.Poikosoft.) [HKLM] -- EZ CD Audio Converter
O42 - Logiciel: FFmpeg (Windows) for Audacity versione 2.2.2 - (...) [HKLM] -- {9C7E31E3-017F-434C-AC40-24431A354A1E}_is1
O42 - Logiciel: FileZilla Client 3.10.3 - (.Tim Kosse.) [HKLM] -- FileZilla Client
O42 - Logiciel: FirmTools Panorama Composer 3 - (.FirmTools.) [HKLM] -- Panorama Composer 3
O42 - Logiciel: GPL Ghostscript 9.01 - (...) [HKLM] -- GPL Ghostscript 9.01
O42 - Logiciel: GSview 4.9 - (...) [HKLM] -- GSview 4.9
O42 - Logiciel: HP Color LaserJet 2820/2830/2840 3.1 - (.HP.) [HKLM] -- HP Color LaserJet 2820/2830/2840
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {C8D47273-7A1A-4614-A3D8-263632D8A5ED}
O42 - Logiciel: HP Customer Feedback - (.Hewlett-Packard.) [HKLM] -- {9DBA770F-BF73-4D39-B1DF-6035D95268FC}
O42 - Logiciel: HP Customer Participation Program 10.0 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Document Manager 1.0 - (.HP.) [HKLM] -- HP Document Manager
O42 - Logiciel: HP Easy Setup - Frontend - (.Hewlett-Packard.) [HKLM] -- {1BCE2581-B7CA-4BB4-BDFB-D113506AA38B}
O42 - Logiciel: HP Imaging Device Functions 10.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP My Display - (.Portrait Displays, Inc..) [HKLM] -- {15733AD1-1CEF-459A-9245-0924FC63BDD5}
O42 - Logiciel: HP Officejet J6400 Series - (.HP.) [HKLM] -- {15262012-213A-4f65-9019-C8A409EC0156}  =>.Hewlett-Packard Co
O42 - Logiciel: HP On-Screen Cap/Num/Scroll Lock Indicator - (.Hewlett-Packard.) [HKLM] -- OsdMaestro
O42 - Logiciel: HP Photosmart Essential 2.5 - (.HP.) [HKLM] -- HP Photosmart Essential  =>.Hewlett-Packard Co
O42 - Logiciel: HP Picasso Media Center Add-In - (.HP.) [HKLM] -- {55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
O42 - Logiciel: HP Smart Web Printing - (.HP.) [HKLM] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 10.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Total Care Advisor - (.Hewlett-Packard.) [HKLM] -- {fef8097e-662d-49b3-aa77-2919db3746d7}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {FE57DE70-95DE-4B64-9266-84DA811053DB}
O42 - Logiciel: HandBrake 0.10.1 - (...) [HKLM] -- HandBrake
O42 - Logiciel: Hauppauge MCE XP/Vista Software Encoder (2.0.25180) - (.Hauppauge Computer Works, Inc..) [HKLM] -- Hauppauge MCE2005 Software Encoder
O42 - Logiciel: Hewlett-Packard Active Check - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Hewlett-Packard Asset Agent for Health Check - (.HP.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: HiDownloadPlatinum - (...) [HKLM] -- HiDownload Platinum_is1
O42 - Logiciel: ImgBurn - (.LIGHTNING UK!.) [HKLM] -- ImgBurn
O42 - Logiciel: Installazione di DivX - (.DivX, LLC.) [HKLM] -- DivX Setup
O42 - Logiciel: Intel(R) Matrix Storage Manager - (...) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: LAME v3.99.3 (for Windows) - (...) [HKLM] -- LAME_is1
O42 - Logiciel: LabelPrint 2.0 - (...) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM] -- {82EF29B1-9B60-4142-A155-0599216DD053}
O42 - Logiciel: LightScribe Template Labeler - (.LightScribe.) [HKLM] -- {FCBE0690-CBE1-4C60-87B0-4A70A6F5434E}
O42 - Logiciel: MKVToolNix 7.8.0 (32bit) - (.Moritz Bunkus.) [HKLM] -- MKVToolNix
O42 - Logiciel: MPC-HC 1.7.8 - (.MPC-HC Team.) [HKLM] -- {2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1
O42 - Logiciel: MSVC80_x86 - (.Nokia.) [HKLM] -- {212748BB-0DA5-46DE-82A1-403736DC9F27}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Macrium Reflect - Free Edition - (.Macrium.) [HKLM] -- {0D007C7C-5813-4FDE-9E61-63A63DD1A0CD}
O42 - Logiciel: Malwarebytes Anti-Malware versione 2.1.6.1022 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Maxtor Manager - (.Seagate Technology.) [HKLM] -- InstallShield_{4D36E953-4456-4F8F-BC44-90BC4AA59889}
O42 - Logiciel: Maxtor Manager - (.Seagate Technology.) [HKLM] -- {4D36E953-4456-4F8F-BC44-90BC4AA59889}
O42 - Logiciel: MediaInfo 0.7.70 - (.MediaArea.net.) [HKLM] -- MediaInfo
O42 - Logiciel: Menu Templates - Starter Kit - (.Nero AG.) [HKLM] -- {b78120a0-cf84-4366-a393-4d0a59bc546c}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Movie Templates - Starter Kit - (.Nero AG.) [HKLM] -- {e498385e-1c51-459a-b45f-1721e37aa1a0}
O42 - Logiciel: Mozilla Firefox 37.0.2 (x86 it) - (.Mozilla.) [HKLM] -- Mozilla Firefox 37.0.2 (x86 it)
O42 - Logiciel: NVIDIA Driver audio HD 1.3.33.0 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: NVIDIA Driver grafico 347.88 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {B455E95A-B804-439F-B533-336B1635AE97}
O42 - Logiciel: NVIDIA PhysX System Software 9.14.0702 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: Nero 9 - (.Nero AG.) [HKLM] -- {d04cecef-8caf-4323-9257-ef3151dfaac2}
O42 - Logiciel: Nero BurnRights - (.Nero AG.) [HKLM] -- {7829db6f-a066-4e40-8912-cb07887c20bb}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
O42 - Logiciel: Nero CoverDesigner - (.Nero AG.) [HKLM] -- {62ac81f6-bdd3-4110-9d36-3e9eaab40999}
O42 - Logiciel: Nero Disc Copy Gadget - (.Nero AG.) [HKLM] -- {f1861f30-3419-44db-b2a1-c274825698b3}
O42 - Logiciel: Nero DiscSpeed - (.Nero AG.) [HKLM] -- {869200db-287a-4dc0-b02b-2b6787fbcd4c}
O42 - Logiciel: Nero DriveSpeed - (.Nero AG.) [HKLM] -- {33cf58f5-48d8-4575-83d6-96f574e4d83a}
O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM] -- {fbcdfd61-7dcf-4e71-9226-873ba0053139}
O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM] -- {e8a80433-302b-4ff1-815d-fcc8eac482ff}
O42 - Logiciel: Nero Live - (.Nero AG.) [HKLM] -- {df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}
O42 - Logiciel: Nero PhotoSnap - (.Nero AG.) [HKLM] -- {9e82b934-9a25-445b-b8df-8012808074ac}
O42 - Logiciel: Nero Recode - (.Nero AG.) [HKLM] -- {359cfc0a-beb1-440d-95ba-cf63a86da34f}
O42 - Logiciel: Nero Rescue Agent - (.Nero AG.) [HKLM] -- {368ba326-73ad-4351-84ed-3c0a7a52cc53}
O42 - Logiciel: Nero ShowTime - (.Nero AG.) [HKLM] -- {d9dcf92e-72eb-412d-ac71-3b01276e5f8b}
O42 - Logiciel: Nero StartSmart - (.Nero AG.) [HKLM] -- {7748ac8c-18e3-43bb-959b-088faea16fb2}
O42 - Logiciel: Nero Vision - (.Nero AG.) [HKLM] -- {43e39830-1826-415d-8bae-86845787b54b}
O42 - Logiciel: Nero WaveEditor - (.Nero AG.) [HKLM] -- {a209525b-3377-43f4-b886-32f6b6e7356f}
O42 - Logiciel: NeroBurningROM - (.Nero AG.) [HKLM] -- {d025a639-b9c9-417d-8531-208859000af8}
O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM] -- {595a3116-40bb-4e0f-a2e8-d7951da56270}
O42 - Logiciel: NeroLiveGadget - (.Nero AG.) [HKLM] -- {9e9fdde6-2c26-492a-85a0-05646b3f2795}
O42 - Logiciel: OCR Software by I.R.I.S. 10.0 - (.HP.) [HKLM] -- HPOCR
O42 - Logiciel: PDF Settings - (.Adobe Systems Incorporated.) [HKLM] -- {AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
O42 - Logiciel: PDF2Office v4.0 - (.Recosoft Corporation.) [HKLM] -- {DEBD63AC-C256-4237-A6C9-D166CF456422}
O42 - Logiciel: Pacchetto di compatibilità per Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-0410-0000-0000000FF1CE}
O42 - Logiciel: Paragon Go Virtual™ - (.Paragon Software.) [HKLM] -- {AF58CE7A-B48F-4DDF-8FB7-838DDC22D63C}
O42 - Logiciel: Pivot Software - (.Portrait Displays, Inc..) [HKLM] -- {0217E1D1-BCEF-4A61-AF6D-F7740F65A066}
O42 - Logiciel: Python 2.5 - (.Martin v. Löwis.) [HKLM] -- {0A2C5854-557E-48C8-835A-3B9F074BDCAA}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 6.0
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SDK - (.Portrait Displays, Inc..) [HKLM] -- {0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies
O42 - Logiciel: Soluzione tastiera multimediale avanzata - (.Hewlett-Packard.) [HKLM] -- KBD
O42 - Logiciel: Sound Blaster Tactic(3D) - (.Creative Technology Limited.) [HKLM] -- {92000C16-939B-44CA-802F-0D552019D7C8}
O42 - Logiciel: SoundTrax - (.Nero AG.) [HKLM] -- {c5a7cb6c-e76d-408f-ba0e-85605420fe9d}
O42 - Logiciel: Strumenti di diagnostica di hardware - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows
O42 - Logiciel: Trust R-Series Mouse - (.Nome società.) [HKLM] -- InstallShield_{718666FC-C0A7-4DE7-9120-8F1746A90588}
O42 - Logiciel: TsRemux 0.23.2 - (...) [HKLM] -- TsRemux_is1
O42 - Logiciel: URL Helper - (...) [HKLM] -- URL Helper_is1
O42 - Logiciel: UltraISO Premium V9.33 - (...) [HKLM] -- UltraISO_is1
O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM] -- {933B4015-4618-4716-A828-5289FC03165F}
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player  =>.VideoLAN
O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM] -- VirtualCloneDrive
O42 - Logiciel: WinPcap 4.1.3 - (.Riverbed Technology, Inc..) [HKLM] -- WinPcapInst
O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM] -- Winamp
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}  =>.Microsoft Corporation
O42 - Logiciel: Winpower - (...) [HKLM] -- Winpower
O42 - Logiciel: bitRipper - (...) [HKLM] -- bitRipper
O42 - Logiciel: iCoolsoft M2TS Converter - (...) [HKLM] -- iCoolsoft M2TS Converter_is1
O42 - Logiciel: muvee autoProducer 6.1 - (.muvee Technologies.) [HKLM] -- {FB9C5329-F982-435C-AEC5-EE0A75EE6395}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
~ Logic: 79 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\4kdownload.com]
[HKCU\Software\ACD Systems]
[HKCU\Software\AOL]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\LastScanTime]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Audacity]
[HKCU\Software\CDDB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\ComodoGroup]
[HKCU\Software\Creative Tech]
[HKCU\Software\Cyberlink]
[HKCU\Software\DVD Identifier]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\EasyBoot Systems]
[HKCU\Software\Elaborate Bytes]
[HKCU\Software\FFSoft]
[HKCU\Software\FirmTools]
[HKCU\Software\Folder Manager]
[HKCU\Software\GPL Ghostscript]
[HKCU\Software\HP Guide]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HiDownloadPlatinum]
[HKCU\Software\ImgBurn]
[HKCU\Software\InterVideo]
[HKCU\Software\Iris]
[HKCU\Software\JavaSoft]
[HKCU\Software\Keyboard And Mouse Config]
[HKCU\Software\Lake]
[HKCU\Software\Licenses]
[HKCU\Software\LightScribe]
[HKCU\Software\MPC-HC]
[HKCU\Software\Macrium]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (Muvee)]
[HKCU\Software\MainConceptMCE]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes Anti-Rootkit]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Maxtor]
[HKCU\Software\Mozilla]
[HKCU\Software\Multimedia Combo Set]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\NeroDigital]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Northcode Inc]
[HKCU\Software\ODBC]
[HKCU\Software\Partition Assistant]
[HKCU\Software\Piriform]
[HKCU\Software\Poikosoft]
[HKCU\Software\Policies]
[HKCU\Software\Portrait Displays, Inc.]
[HKCU\Software\Portrait Displays]
[HKCU\Software\ProtectedData]
[HKCU\Software\QtProject]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\S3R521]
[HKCU\Software\SUPERAntiSpyware.com]
[HKCU\Software\SWiSHzone.com]
[HKCU\Software\SecuROM]
[HKCU\Software\SimonTatham]
[HKCU\Software\Skype]
[HKCU\Software\SlySoft]
[HKCU\Software\Sony Corporation]
[HKCU\Software\SysInternals]
[HKCU\Software\The Silicon Realms Toolworks]
[HKCU\Software\Trolltech]
[HKCU\Software\URLHelper]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VMware, Inc.]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Winamp]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\giveawayoftheday.com]
[HKCU\Software\mkvmergeGUI]
[HKCU\Software\multiAVCHD]
[HKLM\Software\<company>]
[HKLM\Software\ACD Systems]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Audible]
[HKLM\Software\BroadCom]
[HKLM\Software\COMODO]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conexant]
[HKLM\Software\Corel]
[HKLM\Software\Creative Tech]
[HKLM\Software\CyberLink]
[HKLM\Software\Debug]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\EasyBoot Systems]
[HKLM\Software\Elaborate Bytes]
[HKLM\Software\FFmpeg for Audacity]
[HKLM\Software\FileZilla 3]
[HKLM\Software\FirmTools]
[HKLM\Software\GPL Ghostscript]
[HKLM\Software\Ghostgum]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hauppauge]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\LEAD Technologies, Inc.]
[HKLM\Software\Lake]
[HKLM\Software\Lame For Audacity]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribeTemplateLabeler]
[HKLM\Software\LightScribe]
[HKLM\Software\LogMeIn Rescue]
[HKLM\Software\MAXSOFT-OCRON]
[HKLM\Software\Macrium]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\MainConceptMCE]
[HKLM\Software\Malwarebytes Anti-Rootkit]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Maxtor]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\Nokia]
[HKLM\Software\Nullsoft]
[HKLM\Software\ODBC]
[HKLM\Software\OpenAL]
[HKLM\Software\Oracle]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Piriform]
[HKLM\Software\Poikosoft]
[HKLM\Software\Policies]
[HKLM\Software\Portrait Displays, Inc.]
[HKLM\Software\Portrait Displays]
[HKLM\Software\PortraitDisplays]
[HKLM\Software\Protexis]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\Recosoft Corporation]
[HKLM\Software\Recosoft]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RichFX]
[HKLM\Software\S3R521]
[HKLM\Software\SRS Labs]
[HKLM\Software\SUPERAntiSpyware.com]
[HKLM\Software\SlySoft]
[HKLM\Software\Sonic]
[HKLM\Software\SymDebug]
[HKLM\Software\Trolltech]
[HKLM\Software\VMware, Inc.]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WholeSecurity]
[HKLM\Software\Wilson WindowWare]
[HKLM\Software\WinPcap]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\iTinySoft]
[HKLM\Software\mozilla.org]
[HKLM\Software\muvee Technologies]
~ Key Software: 424 Scanned in 00mn 00s



---\\ Contenuto delle cartelle Programmi, ProgramFiles, ProgramData, AppData (O43)
O43 - CFD: 11/04/2009 - 18.13.46 - [] ----D C:\Program Files\ACD Systems
O43 - CFD: 08/03/2013 - 17.31.56 - [] ----D C:\Program Files\Adobe
O43 - CFD: 23/09/2014 - 23.14.14 - [0] ----D C:\Program Files\AGEIA Technologies
O43 - CFD: 17/12/2014 - 11.54.43 - [] ----D C:\Program Files\AOMEI Partition Assistant Pro Edition 5.6
O43 - CFD: 11/04/2009 - 17.13.32 - [] ----D C:\Program Files\Apple Software Update  =>.Apple Inc
O43 - CFD: 30/04/2015 - 20.07.29 - [] ----D C:\Program Files\Audacity
O43 - CFD: 06/12/2010 - 0.38.48 - [] ----D C:\Program Files\bitRipper
O43 - CFD: 11/04/2009 - 2.11.01 - [] ----D C:\Program Files\Bonjour
O43 - CFD: 30/04/2015 - 15.43.30 - [] ----D C:\Program Files\Common Files
O43 - CFD: 30/04/2015 - 21.41.52 - [] ----D C:\Program Files\COMODO
O43 - CFD: 11/04/2009 - 16.45.45 - [] ----D C:\Program Files\Corel
O43 - CFD: 30/04/2015 - 19.30.12 - [] ----D C:\Program Files\Creative
O43 - CFD: 25/09/2009 - 20.39.21 - [] ----D C:\Program Files\CyberLink
O43 - CFD: 30/04/2015 - 20.24.49 - [] ----D C:\Program Files\Defraggler
O43 - CFD: 18/06/2009 - 16.27.35 - [] ----D C:\Program Files\DIFX
O43 - CFD: 01/05/2015 - 17.13.57 - [] ----D C:\Program Files\DivX
O43 - CFD: 11/04/2009 - 19.19.54 - [] ----D C:\Program Files\DVD Identifier
O43 - CFD: 11/04/2009 - 14.42.54 - [] ----D C:\Program Files\Elaborate Bytes
O43 - CFD: 30/04/2015 - 20.25.31 - [] ----D C:\Program Files\EZ CD Audio Converter
O43 - CFD: 13/10/2014 - 23.12.42 - [] ----D C:\Program Files\FFmpeg for Audacity
O43 - CFD: 10/04/2009 - 23.35.35 - [] -SH-D C:\Program Files\File comuni
O43 - CFD: 03/05/2015 - 0.48.32 - [] ----D C:\Program Files\FileZilla FTP Client
O43 - CFD: 11/04/2009 - 21.05.00 - [] ----D C:\Program Files\FirmTools
O43 - CFD: 11/04/2009 - 17.06.27 - [] ----D C:\Program Files\Ghostgum
O43 - CFD: 17/03/2011 - 20.28.07 - [] ----D C:\Program Files\gs
O43 - CFD: 30/04/2015 - 20.27.56 - [] ----D C:\Program Files\Handbrake
O43 - CFD: 11/04/2009 - 21.22.55 - [] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 25/08/2011 - 16.39.12 - [] ----D C:\Program Files\HP
O43 - CFD: 25/02/2011 - 3.20.40 - [] ----D C:\Program Files\iCoolsoft Studio
O43 - CFD: 21/06/2013 - 16.33.55 - [] ----D C:\Program Files\ImgBurn
O43 - CFD: 30/04/2015 - 19.29.39 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 01/01/2007 - 15.18.52 - [] ----D C:\Program Files\Intel
O43 - CFD: 01/05/2015 - 15.01.52 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 11/04/2009 - 16.46.01 - [] ----D C:\Program Files\InterVideo
O43 - CFD: 30/10/2012 - 2.43.23 - [] ----D C:\Program Files\Lame For Audacity
O43 - CFD: 11/04/2009 - 19.28.11 - [] ----D C:\Program Files\LightScribe Template Labeler
O43 - CFD: 05/07/2011 - 12.32.52 - [] ----D C:\Program Files\Macrium
O43 - CFD: 30/04/2015 - 20.31.43 - [] ----D C:\Program Files\Malwarebytes Anti-Malware
O43 - CFD: 12/04/2009 - 17.46.13 - [] ----D C:\Program Files\Maxtor
O43 - CFD: 30/04/2015 - 20.38.47 - [] ----D C:\Program Files\MediaInfo
O43 - CFD: 02/11/2006 - 14.37.34 - [] ----D C:\Program Files\Microsoft Games
O43 - CFD: 29/06/2011 - 15.04.27 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 14/12/2014 - 12.33.51 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 11/04/2009 - 2.25.52 - [] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 11/04/2009 - 2.24.31 - [] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 09/06/2010 - 23.58.03 - [] ----D C:\Program Files\Microsoft Works
O43 - CFD: 26/01/2011 - 19.14.05 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 03/05/2015 - 0.51.08 - [] ----D C:\Program Files\MKVToolNix
O43 - CFD: 17/10/2014 - 2.45.28 - [] ----D C:\Program Files\MonitorSoftware
O43 - CFD: 30/03/2011 - 15.15.39 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 30/04/2015 - 21.08.30 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 30/04/2015 - 20.55.17 - [] ----D C:\Program Files\MPC-HC
O43 - CFD: 11/04/2009 - 2.26.08 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 12/04/2009 - 17.35.04 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 01/01/2007 - 15.30.09 - [] ----D C:\Program Files\muvee Technologies
O43 - CFD: 25/09/2009 - 23.27.40 - [] ----D C:\Program Files\Nero
O43 - CFD: 30/04/2015 - 18.20.39 - [] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 10/04/2009 - 23.40.02 - [] R---D C:\Program Files\Online Services
O43 - CFD: 27/07/2011 - 22.44.40 - [] ----D C:\Program Files\Paragon Software
O43 - CFD: 01/01/2007 - 15.47.56 - [] ----D C:\Program Files\PC-Doctor 5 for Windows
O43 - CFD: 11/04/2012 - 2.19.50 - [] ----D C:\Program Files\Portrait Displays
O43 - CFD: 12/01/2013 - 14.13.51 - [] ----D C:\Program Files\QuickTime
O43 - CFD: 11/04/2009 - 17.42.01 - [] ----D C:\Program Files\Real
O43 - CFD: 06/09/2009 - 12.16.22 - [] ----D C:\Program Files\Realtek
O43 - CFD: 11/04/2009 - 2.44.22 - [] ----D C:\Program Files\Recosoft PDF2Office
O43 - CFD: 02/11/2006 - 14.37.34 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 11/04/2009 - 20.51.32 - [] ----D C:\Program Files\SlySoft
O43 - CFD: 16/11/2010 - 2.06.21 - [] ----D C:\Program Files\StreamingStar
O43 - CFD: 30/04/2015 - 15.47.49 - [] ----D C:\Program Files\Total Video Converter
O43 - CFD: 11/04/2009 - 14.55.53 - [] ----D C:\Program Files\Trust
O43 - CFD: 10/01/2011 - 18.19.49 - [] ----D C:\Program Files\TsRemux
O43 - CFD: 15/04/2009 - 23.08.34 - [] ----D C:\Program Files\UltraISO
O43 - CFD: 02/11/2006 - 15.01.55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 20/05/2010 - 18.34.12 - [] ----D C:\Program Files\USBLocalDisk_forCorsair
O43 - CFD: 30/04/2015 - 20.46.39 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 31/07/2011 - 15.12.34 - [] ----D C:\Program Files\VMware
O43 - CFD: 14/04/2009 - 0.45.00 - [] ----D C:\Program Files\Winamp
O43 - CFD: 30/03/2011 - 15.15.39 - [] ----D C:\Program Files\Windows Calendar
O43 - CFD: 30/03/2011 - 15.15.39 - [] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 30/03/2011 - 15.15.38 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 08/07/2014 - 19.18.04 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 10/04/2012 - 19.06.20 - [] ----D C:\Program Files\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 30/03/2011 - 15.15.39 - [] ----D C:\Program Files\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 10/04/2009 - 23.35.35 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 30/03/2011 - 15.15.39 - [] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 30/03/2011 - 16.11.56 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 30/03/2011 - 15.15.39 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 29/03/2013 - 16.27.27 - [] ----D C:\Program Files\WinPcap
O43 - CFD: 30/04/2015 - 21.44.19 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 01/01/2007 - 15.20.18 - [] ----D C:\Program Files\WinTV
O43 - CFD: 11/04/2009 - 21.39.43 - [] --H-D C:\Program Files\Zero G Registry
O43 - CFD: 03/05/2015 - 19.19.02 - [] ----D C:\Program Files\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 11/04/2009 - 18.13.53 - [] ----D C:\Program Files\Common Files\ACD Systems
O43 - CFD: 08/03/2013 - 17.31.57 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 25/09/2009 - 18.44.11 - [] ----D C:\Program Files\Common Files\Apple
O43 - CFD: 25/09/2009 - 20.40.53 - [] ----D C:\Program Files\Common Files\CyberLink
O43 - CFD: 13/05/2014 - 19.09.19 - [] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 11/12/2014 - 23.48.03 - [] ----D C:\Program Files\Common Files\DivX Shared
O43 - CFD: 15/04/2009 - 23.08.34 - [] ----D C:\Program Files\Common Files\EZB Systems
O43 - CFD: 11/04/2009 - 21.21.43 - [] ----D C:\Program Files\Common Files\Hewlett-Packard
O43 - CFD: 01/01/2007 - 15.23.52 - [] ----D C:\Program Files\Common Files\HP
O43 - CFD: 01/01/2007 - 15.44.37 - [] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 11/04/2009 - 16.46.01 - [] ----D C:\Program Files\Common Files\InterVideo
O43 - CFD: 25/09/2009 - 21.13.43 - [] ---AD C:\Program Files\Common Files\LightScribe
O43 - CFD: 01/01/2007 - 15.29.36 - [] ---AD C:\Program Files\Common Files\LS Getting Started
O43 - CFD: 11/04/2009 - 2.06.07 - [] ----D C:\Program Files\Common Files\Macrovision Shared
O43 - CFD: 26/10/2011 - 1.35.15 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 01/01/2007 - 15.30.10 - [] ----D C:\Program Files\Common Files\muvee Technologies
O43 - CFD: 25/09/2009 - 23.28.37 - [] ----D C:\Program Files\Common Files\Nero
O43 - CFD: 11/04/2012 - 2.19.44 - [] ----D C:\Program Files\Common Files\Portrait Displays
O43 - CFD: 11/04/2009 - 16.46.01 - [] ----D C:\Program Files\Common Files\Protexis
O43 - CFD: 11/04/2009 - 16.31.52 - [] ----D C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 11/04/2009 - 17.42.09 - [] ----D C:\Program Files\Common Files\Real
O43 - CFD: 02/11/2006 - 13.18.33 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 13.18.33 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 11/04/2009 - 21.17.28 - [] ----D C:\Program Files\Common Files\SWF Studio
O43 - CFD: 08/11/2011 - 20.03.17 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 10/03/2011 - 19.18.30 - [] ----D C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 11/04/2009 - 17.42.11 - [] ----D C:\Program Files\Common Files\xing shared
O43 - CFD: 11/04/2009 - 18.13.50 - [] ----D C:\ProgramData\ACD Systems
O43 - CFD: 08/10/2012 - 17.06.42 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 11/04/2009 - 17.13.32 - [] ----D C:\ProgramData\Apple
O43 - CFD: 25/09/2009 - 18.43.40 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 13/04/2009 - 15.06.43 - [] ----D C:\ProgramData\Application Data
O43 - CFD: 30/04/2015 - 21.47.01 - [] ----D C:\ProgramData\Comodo
O43 - CFD: 30/04/2015 - 21.41.17 - [] ----D C:\ProgramData\Comodo Downloader
O43 - CFD: 12/04/2009 - 18.25.58 - [] ----D C:\ProgramData\Corel
O43 - CFD: 30/04/2015 - 19.32.22 - [] ----D C:\ProgramData\Creative
O43 - CFD: 25/08/2011 - 16.39.58 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 10/04/2009 - 23.35.35 - [] -SH-D C:\ProgramData\Dati applicazioni
O43 - CFD: 10/04/2009 - 23.35.35 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 01/05/2015 - 17.14.04 - [] ----D C:\ProgramData\DivX
O43 - CFD: 10/04/2009 - 23.35.35 - [] -SH-D C:\ProgramData\Documenti
O43 - CFD: 28/07/2011 - 2.38.05 - [] ----D C:\ProgramData\explauncher
O43 - CFD: 29/05/2014 - 11.55.11 - [0] ----D C:\ProgramData\EZ CD Audio Converter
O43 - CFD: 12/06/2010 - 17.14.52 - [] ----D C:\ProgramData\FLEXnet
O43 - CFD: 10/01/2011 - 18.41.04 - [] ----D C:\ProgramData\fontconfig
O43 - CFD: 11/04/2009 - 21.56.25 - [] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 11/04/2009 - 21.55.02 - [] ----D C:\ProgramData\HP
O43 - CFD: 11/04/2009 - 21.55.02 - [] ----D C:\ProgramData\HP Product Assistant
O43 - CFD: 18/02/2011 - 18.02.21 - [] ----D C:\ProgramData\iCoolsoft Studio
O43 - CFD: 30/04/2015 - 15.18.53 - [] ----D C:\ProgramData\Installations
O43 - CFD: 25/09/2009 - 19.48.38 - [] ----D C:\ProgramData\InterVideo
O43 - CFD: 28/07/2011 - 2.38.04 - [] ----D C:\ProgramData\launcher
O43 - CFD: 19/02/2014 - 16.56.16 - [] ----D C:\ProgramData\Licenses
O43 - CFD: 12/04/2009 - 18.48.42 - [] ----D C:\ProgramData\LightScribe
O43 - CFD: 29/05/2014 - 11.56.45 - [] ----D C:\ProgramData\Logs
O43 - CFD: 05/07/2011 - 12.35.49 - [] ----D C:\ProgramData\Macrium
O43 - CFD: 13/06/2014 - 12.08.13 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 11/04/2009 - 15.41.29 - [] ----D C:\ProgramData\Maxtor
O43 - CFD: 10/04/2009 - 23.35.35 - [] -SH-D C:\ProgramData\Menu Avvio
O43 - CFD: 09/12/2014 - 20.22.08 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 01/05/2015 - 14.48.07 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 10/04/2009 - 23.35.35 - [] -SH-D C:\ProgramData\Modelli
O43 - CFD: 24/04/2012 - 17.11.12 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 01/01/2007 - 15.30.07 - [] ----D C:\ProgramData\muvee Technologies
O43 - CFD: 25/09/2009 - 23.21.06 - [] ----D C:\ProgramData\Nero
O43 - CFD: 30/04/2015 - 18.20.45 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 30/04/2015 - 18.20.20 - [] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 01/01/2007 - 15.35.07 - [] ----D C:\ProgramData\PC-Doctor
O43 - CFD: 10/04/2009 - 23.35.35 - [] -SH-D C:\ProgramData\Preferiti
O43 - CFD: 30/04/2015 - 21.41.57 - [0] ----D C:\ProgramData\Shared Space
O43 - CFD: 11/04/2009 - 20.53.28 - [] ----D C:\ProgramData\SlySoft
O43 - CFD: 03/05/2014 - 22.29.17 - [] ---AD C:\ProgramData\TEMP
O43 - CFD: 28/07/2011 - 2.38.31 - [] ----D C:\ProgramData\vmcreate
O43 - CFD: 10/04/2009 - 23.57.26 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 13/04/2009 - 15.16.36 - [] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 30/07/2010 - 15.30.38 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 11/04/2009 - 18.13.53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
O43 - CFD: 22/04/2012 - 21.15.13 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 16/12/2014 - 20.17.27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Pro Edition 5.6
O43 - CFD: 06/12/2010 - 0.38.41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bitRipper
O43 - CFD: 30/04/2015 - 21.42.21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
O43 - CFD: 11/04/2009 - 16.46.20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel WinDVD
O43 - CFD: 30/04/2015 - 19.30.12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
O43 - CFD: 11/04/2009 - 18.50.41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint
O43 - CFD: 30/07/2010 - 15.53.40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go
O43 - CFD: 30/07/2010 - 15.53.40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
O43 - CFD: 30/07/2010 - 15.53.40 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
O43 - CFD: 30/07/2010 - 15.53.40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerProducer
O43 - CFD: 30/04/2015 - 20.13.46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
O43 - CFD: 01/05/2015 - 17.14.01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
O43 - CFD: 11/04/2009 - 19.19.54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Identifier
O43 - CFD: 11/04/2009 - 14.42.54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
O43 - CFD: 11/04/2009 - 1.13.20 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades
O43 - CFD: 03/05/2015 - 0.48.31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
O43 - CFD: 11/04/2009 - 21.05.00 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FirmTools
O43 - CFD: 11/04/2009 - 17.06.28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostgum
O43 - CFD: 24/02/2012 - 2.43.12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
O43 - CFD: 01/01/2007 - 15.44.41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guida e Strumenti del PC
O43 - CFD: 05/03/2011 - 3.52.31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
O43 - CFD: 30/04/2015 - 18.10.57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 11/04/2012 - 2.20.10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP My Display
O43 - CFD: 25/02/2011 - 3.20.42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCoolsoft
O43 - CFD: 21/06/2013 - 16.33.57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
O43 - CFD: 01/01/2007 - 15.18.54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Matrix Storage Manager
O43 - CFD: 25/09/2009 - 21.13.44 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
O43 - CFD: 05/07/2011 - 12.32.53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium
O43 - CFD: 11/04/2009 - 17.43.34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
O43 - CFD: 02/11/2006 - 14.56.46 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 30/04/2015 - 20.31.44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 01/01/2007 - 15.35.34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manuali dell'utente
O43 - CFD: 12/04/2009 - 17.46.26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxtor
O43 - CFD: 30/07/2010 - 15.53.40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaInfo
O43 - CFD: 10/09/2013 - 19.33.11 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 13/12/2014 - 13.06.28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 03/05/2015 - 0.51.08 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
O43 - CFD: 30/04/2015 - 20.55.17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
O43 - CFD: 24/02/2012 - 2.23.27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\multiAVCHD
O43 - CFD: 01/01/2007 - 15.30.16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\muvee
O43 - CFD: 25/09/2009 - 23.27.43 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
O43 - CFD: 10/04/2009 - 23.40.02 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
O43 - CFD: 27/07/2011 - 22.44.46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Go Virtual™
O43 - CFD: 25/09/2009 - 18.43.55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 11/04/2009 - 17.42.03 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
O43 - CFD: 11/04/2009 - 2.44.22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recosoft Corporation
O43 - CFD: 11/04/2009 - 20.51.32 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
O43 - CFD: 11/12/2014 - 2.05.31 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 16/11/2010 - 2.06.22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamingStar
O43 - CFD: 24/02/2012 - 14.36.17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strumenti di amministrazione
O43 - CFD: 02/11/2006 - 14.37.34 - [] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 10/01/2011 - 18.19.49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TsRemux
O43 - CFD: 15/04/2009 - 23.08.35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
O43 - CFD: 30/04/2015 - 20.46.50 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 30/04/2015 - 15.00.35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
O43 - CFD: 29/03/2013 - 16.27.27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
O43 - CFD: 30/04/2015 - 20.05.55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 03/05/2015 - 19.19.02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP  =>.Nicolas Coolman
O43 - CFD: 11/04/2009 - 18.35.31 - [] ----D C:\Users\admin\AppData\Roaming\ACD Systems
O43 - CFD: 02/11/2011 - 23.38.02 - [] ----D C:\Users\admin\AppData\Roaming\Adobe
O43 - CFD: 30/04/2015 - 20.12.22 - [] ----D C:\Users\admin\AppData\Roaming\Audacity
O43 - CFD: 11/04/2009 - 16.54.16 - [] ----D C:\Users\admin\AppData\Roaming\Corel
O43 - CFD: 12/04/2009 - 18.21.16 - [] ----D C:\Users\admin\AppData\Roaming\CyberLink
O43 - CFD: 11/04/2012 - 2.24.42 - [] ----D C:\Users\admin\AppData\Roaming\DisplayTune
O43 - CFD: 11/04/2013 - 13.16.07 - [] ----D C:\Users\admin\AppData\Roaming\DivX
O43 - CFD: 31/01/2013 - 0.32.35 - [] ----D C:\Users\admin\AppData\Roaming\dvdcss
O43 - CFD: 03/05/2015 - 0.49.36 - [] ----D C:\Users\admin\AppData\Roaming\FileZilla
O43 - CFD: 30/04/2015 - 20.28.23 - [] ----D C:\Users\admin\AppData\Roaming\HandBrake
O43 - CFD: 10/04/2009 - 23.43.15 - [] ----D C:\Users\admin\AppData\Roaming\Hewlett-Packard
O43 - CFD: 11/04/2009 - 21.30.18 - [] ----D C:\Users\admin\AppData\Roaming\HP
O43 - CFD: 10/04/2009 - 23.42.34 - [] ----D C:\Users\admin\AppData\Roaming\Identities
O43 - CFD: 21/06/2013 - 17.28.05 - [] ----D C:\Users\admin\AppData\Roaming\ImgBurn
O43 - CFD: 12/04/2009 - 22.07.18 - [] ----D C:\Users\admin\AppData\Roaming\InstallShield
O43 - CFD: 10/04/2009 - 23.42.09 - [] ----D C:\Users\admin\AppData\Roaming\Macromedia
O43 - CFD: 13/06/2014 - 12.08.16 - [0] ----D C:\Users\admin\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 14.37.34 - [0] ----D C:\Users\admin\AppData\Roaming\Media Center Programs
O43 - CFD: 19/11/2014 - 22.58.52 - [0] ----D C:\Users\admin\AppData\Roaming\MediaInfo
O43 - CFD: 26/05/2014 - 22.14.45 - [] -S--D C:\Users\admin\AppData\Roaming\Microsoft
O43 - CFD: 23/07/2010 - 23.31.18 - [] ----D C:\Users\admin\AppData\Roaming\mkvtoolnix
O43 - CFD: 11/04/2009 - 18.30.27 - [] ----D C:\Users\admin\AppData\Roaming\Mozilla
O43 - CFD: 30/04/2015 - 20.56.14 - [] ----D C:\Users\admin\AppData\Roaming\MPC-HC
O43 - CFD: 21/08/2013 - 13.12.28 - [] ----D C:\Users\admin\AppData\Roaming\Nero
O43 - CFD: 05/05/2010 - 1.38.24 - [] ----D C:\Users\admin\AppData\Roaming\NeroDCTemplates
O43 - CFD: 08/12/2010 - 20.24.02 - [0] ----D C:\Users\admin\AppData\Roaming\NeroDigital(TM)
O43 - CFD: 11/04/2009 - 17.31.17 - [] ----D C:\Users\admin\AppData\Roaming\OpenOffice.org
O43 - CFD: 12/04/2009 - 19.07.43 - [] ----D C:\Users\admin\AppData\Roaming\Real
O43 - CFD: 30/08/2013 - 22.02.45 - [] ----D C:\Users\admin\AppData\Roaming\SUPERAntiSpyware.com
O43 - CFD: 02/05/2015 - 22.12.27 - [] ----D C:\Users\admin\AppData\Roaming\vlc
O43 - CFD: 12/04/2009 - 19.47.19 - [] ----D C:\Users\admin\AppData\Roaming\Winamp
O43 - CFD: 11/12/2014 - 1.41.59 - [] ----D C:\Users\admin\AppData\Roaming\WinRAR
O43 - CFD: 03/05/2015 - 19.21.09 - [] ----D C:\Users\admin\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 01/09/2014 - 18.13.21 - [] ----D C:\Users\admin\AppData\Local\4kdownload.com
O43 - CFD: 18/10/2009 - 17.35.30 - [] ----D C:\Users\admin\AppData\Local\ACD Systems
O43 - CFD: 14/01/2014 - 14.24.33 - [] ----D C:\Users\admin\AppData\Local\Adobe
O43 - CFD: 15/04/2009 - 14.28.42 - [] ----D C:\Users\admin\AppData\Local\Ahead
O43 - CFD: 11/04/2009 - 17.13.33 - [] ----D C:\Users\admin\AppData\Local\Apple
O43 - CFD: 11/04/2009 - 17.16.49 - [] ----D C:\Users\admin\AppData\Local\Apple Computer
O43 - CFD: 12/04/2009 - 17.37.06 - [] ----D C:\Users\admin\AppData\Local\ApplicationHistory
O43 - CFD: 13/04/2009 - 15.50.39 - [] ----D C:\Users\admin\AppData\Local\Apps
O43 - CFD: 17/12/2014 - 13.19.28 - [] ----D C:\Users\admin\AppData\Local\Creative
O43 - CFD: 10/04/2009 - 23.39.35 - [] -SH-D C:\Users\admin\AppData\Local\Cronologia
O43 - CFD: 18/08/2010 - 2.19.10 - [] ----D C:\Users\admin\AppData\Local\CyberLink
O43 - CFD: 10/04/2009 - 23.39.35 - [] -SH-D C:\Users\admin\AppData\Local\Dati applicazioni
O43 - CFD: 15/03/2011 - 17.22.59 - [0] ----D C:\Users\admin\AppData\Local\Deployment
O43 - CFD: 13/04/2009 - 13.17.02 - [] ----D C:\Users\admin\AppData\Local\Downloaded Installations
O43 - CFD: 25/08/2011 - 17.03.56 - [] ----D C:\Users\admin\AppData\Local\DVDPlay
O43 - CFD: 30/04/2015 - 20.25.31 - [] ----D C:\Users\admin\AppData\Local\EZ CD Audio Converter
O43 - CFD: 10/04/2009 - 23.43.34 - [] ----D C:\Users\admin\AppData\Local\Hewlett-Packard
O43 - CFD: 11/04/2009 - 22.01.37 - [] ----D C:\Users\admin\AppData\Local\HP
O43 - CFD: 08/06/2012 - 20.02.06 - [] ----D C:\Users\admin\AppData\Local\Macromedia
O43 - CFD: 07/11/2011 - 12.40.02 - [] ----D C:\Users\admin\AppData\Local\Microsoft
O43 - CFD: 12/12/2009 - 17.13.26 - [] ----D C:\Users\admin\AppData\Local\Microsoft Help
O43 - CFD: 11/04/2009 - 18.30.27 - [] ----D C:\Users\admin\AppData\Local\Mozilla
O43 - CFD: 08/11/2009 - 18.58.02 - [] ----D C:\Users\admin\AppData\Local\Nero
O43 - CFD: 11/04/2009 - 18.54.59 - [] ----D C:\Users\admin\AppData\Local\Power2Go
O43 - CFD: 18/08/2010 - 2.19.09 - [] ----D C:\Users\admin\AppData\Local\PowerCinema
O43 - CFD: 03/05/2015 - 19.19.07 - [] ----D C:\Users\admin\AppData\Local\Temp
O43 - CFD: 10/04/2009 - 23.39.35 - [] -SH-D C:\Users\admin\AppData\Local\Temporary Internet Files
O43 - CFD: 11/04/2009 - 16.53.40 - [] ----D C:\Users\admin\AppData\Local\VirtualStore
O43 - CFD: 24/10/2013 - 21.35.32 - [] R---D E:\PC VECCHIO_ windows 2000 al 12-09-2008\Mails OLE 6\Programs\Administrative Tools
O43 - CFD: 30/04/2015 - 20.27.54 - [0] ----D E:\PC VECCHIO_ windows 2000 al 12-09-2008\Mails OLE 6\Programs\Handbrake
O43 - CFD: 15/12/2012 - 23.06.17 - [] ----D E:\PC VECCHIO_ windows 2000 al 12-09-2008\Mails OLE 6\Programs\multiAVCHD
O43 - CFD: 09/03/2012 - 18.51.31 - [] R---D E:\PC VECCHIO_ windows 2000 al 12-09-2008\Mails OLE 6\Programs\Startup
O43 - CFD: 30/04/2015 - 20.05.55 - [] ----D E:\PC VECCHIO_ windows 2000 al 12-09-2008\Mails OLE 6\Programs\WinRAR
~ Program Folder: 294 Scanned in 00mn 00s



---\\ Ultimi file modificati o creati su Windows e System32 (O44)
O44 - LFC:[MD5.1035970885DD6ABA0EBCB3C02006A8E9] - 01/05/2015 - 13.30.50 ---A- . (.Microsoft Corporation - Visualizzatore HTML Microsoft (R).) -- C:\WINDOWS\System32\mshtml.dll   [12377600]
O44 - LFC:[MD5.59717C2C872AAEA7519B0124409B4578] - 01/05/2015 - 13.30.51 ---A- . (.Microsoft Corporation - Browser Internet.) -- C:\WINDOWS\System32\ieframe.dll   [9747968]
O44 - LFC:[MD5.16BAD3B8ABC01EC9D34E912162CA4A53] - 01/05/2015 - 13.30.51 ---A- . (.Microsoft Corporation - Motore interfaccia utente Internet Explorer.) -- C:\WINDOWS\System32\ieui.dll   [176640]
O44 - LFC:[MD5.5FCA6B58D90B6D17327B48216451266D] - 01/05/2015 - 13.30.52 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\WINDOWS\System32\jscript9.dll   [1810944]
O44 - LFC:[MD5.19B481D70FBC176AE5D3E91347B0128F] - 01/05/2015 - 13.30.53 ---A- . (.Microsoft Corporation - Internet Extensions per Win32.) -- C:\WINDOWS\System32\wininet.dll   [1129472]
O44 - LFC:[MD5.95D3A97897CE0386358FA6F65D8F343D] - 01/05/2015 - 13.30.53 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\WINDOWS\System32\jscript.dll   [717824]
O44 - LFC:[MD5.6B5500DE200DC9C51A3F6A9377D14789] - 01/05/2015 - 13.30.53 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\WINDOWS\System32\msfeeds.dll   [607744]
O44 - LFC:[MD5.02D9B399770C9C971F3B3344017106BA] - 01/05/2015 - 13.30.53 ---A- . (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\WINDOWS\System32\msfeedssync.exe   [10752]
O44 - LFC:[MD5.5E2BFFFBAA061C1660F8255B2E3BD25C] - 01/05/2015 - 13.30.53 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\WINDOWS\System32\mshtmled.dll   [73216]
O44 - LFC:[MD5.F73E3C29743621D9AAF09503E523E175] - 01/05/2015 - 13.30.53 ---A- . (.Microsoft Corporation - Programma di conversione HTML Microsoft.) -- C:\WINDOWS\System32\html.iec   [367104]
O44 - LFC:[MD5.E8DFFB36F1120DC1DB7C0BCBCF1640AD] - 01/05/2015 - 13.30.54 ---A- . (.Microsoft Corporation - Internet Shortcut Shell Extension DLL.) -- C:\WINDOWS\System32\url.dll   [231936]
O44 - LFC:[MD5.B4AAF0FD9C32478889639DE464B21DA0] - 01/05/2015 - 13.30.54 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\WINDOWS\System32\jsproxy.dll   [65024]
O44 - LFC:[MD5.E38129C89502D27580368D9762B6AFC6] - 01/05/2015 - 13.30.54 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\WINDOWS\System32\mshtml.tlb   [2382848]
O44 - LFC:[MD5.B76F31C79764D2D8835CBEC935D49DB7] - 01/05/2015 - 13.30.54 ---A- . (.Microsoft Corporation - Pannello di controllo Internet.) -- C:\WINDOWS\System32\inetcpl.cpl   [1427968]
O44 - LFC:[MD5.052A629983DD1A2116629293D02B1B58] - 01/05/2015 - 13.30.54 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\WINDOWS\System32\iertutil.dll   [1803264]
O44 - LFC:[MD5.E6DE7F4A4BF8CD9E5C4F9466981892EC] - 01/05/2015 - 13.30.54 ---A- . (.Microsoft Corporation - Utilità per l'installazione automatica di I.) -- C:\WINDOWS\System32\ieUnatt.exe   [142848]
O44 - LFC:[MD5.67DB0E50E830E45BA24AA7B1B2143B93] - 01/05/2015 - 13.30.55 ---A- . (.Microsoft Corporation - Estensioni OLE32 per Win32.) -- C:\WINDOWS\System32\urlmon.dll   [1139200]
O44 - LFC:[MD5.9B1B09743E49F4E2364C34203F843844] - 01/05/2015 - 13.30.55 ---A- . (.Microsoft Corporation - Host applicazioni HTML Microsoft (R).) -- C:\WINDOWS\System32\mshta.exe   [11776]
O44 - LFC:[MD5.C1BC2B2E0AA56E9C28299273C86A73E4] - 01/05/2015 - 13.30.55 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\WINDOWS\System32\vbscript.dll   [421376]
O44 - LFC:[MD5.686DFDA82EE2DBE1F58A48C9E3093996] - 01/05/2015 - 13.30.55 ---A- . (.Microsoft Corporation - Sinc in background per feed Microsoft.) -- C:\WINDOWS\System32\msfeedsbs.dll   [41472]
O44 - LFC:[MD5.735B1EB4521724784A6C142CE923DBFC] - 01/05/2015 - 13.32.34 ---A- . (.Microsoft Corporation - Modulo di gestione dell'Editor di configura.) -- C:\WINDOWS\System32\scesrv.dll   [306176]
O44 - LFC:[MD5.2BF660554AD726BD43869E2A452B547F] - 01/05/2015 - 13.34.51 ---A- . (.Microsoft Corporation - DLL comune della shell di Windows.) -- C:\WINDOWS\System32\shell32.dll   [11587584]
O44 - LFC:[MD5.BAC7D3632B09A5DF7D2BD067933E49E0] - 01/05/2015 - 13.35.16 ---A- . (.Microsoft Corporation - Windows Installer.) -- C:\WINDOWS\System32\msi.dll   [2264064]
O44 - LFC:[MD5.5035EDF1F2E72F78BB1EC5BD9B97463F] - 01/05/2015 - 13.35.34 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\WINDOWS\System32\Drivers\ksecdd.sys   [440760]
O44 - LFC:[MD5.2D357C80ABB17CFACB7B552BC9CC8548] - 01/05/2015 - 13.35.35 ---A- . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\System32\schannel.dll   [279040]
O44 - LFC:[MD5.259F6A6294AF75E74F93F480E05F264A] - 01/05/2015 - 13.35.56 ---A- . (.Microsoft Corporation - MSCTF Server DLL.) -- C:\WINDOWS\System32\msctf.dll   [807936]
O44 - LFC:[MD5.ED1E4D1CA97596E0871C1F59AC4DE8F0] - 01/05/2015 - 13.37.25 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\WINDOWS\System32\atmlib.dll   [34304]
O44 - LFC:[MD5.AB272D0B2EF1C79E43E7744D098352B2] - 01/05/2015 - 13.37.25 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\WINDOWS\System32\atmfd.dll   [296960]
O44 - LFC:[MD5.0D8FBC644E556C40E06B7EB25A73F6E5] - 01/05/2015 - 13.37.39 ---A- . (.Microsoft Corporation - No Comment.) -- C:\WINDOWS\System32\oleaut32.dll   [564224]
O44 - LFC:[MD5.952EA6E27E3A16F02F85C10BB7F4752A] - 01/05/2015 - 13.39.55 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\WINDOWS\System32\ntoskrnl.exe   [3552184]
O44 - LFC:[MD5.D9DD1D278927A9CD5FF135887928C8EC] - 01/05/2015 - 13.39.56 ---A- . (.Microsoft Corporation - Client Server Runtime Process.) -- C:\WINDOWS\System32\csrsrv.dll   [49152]
O44 - LFC:[MD5.E33CD56F2F344658C6000821611BBBD7] - 01/05/2015 - 13.39.56 ---A- . (.Microsoft Corporation - DLL del livello NT.) -- C:\WINDOWS\System32\ntdll.dll   [1205168]
O44 - LFC:[MD5.377602E869DA9C05AC67CA3A5019A051] - 01/05/2015 - 13.39.56 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\WINDOWS\System32\ntkrnlpa.exe   [3604920]
O44 - LFC:[MD5.B5C66E0B251D954D6CED30E4FDB07792] - 01/05/2015 - 13.39.56 ---A- . (.Microsoft Corporation - Windows Session Manager.) -- C:\WINDOWS\System32\smss.exe   [64000]
O44 - LFC:[MD5.5D9311526801643000D7032A83B18B12] - 01/05/2015 - 13.40.28 ---A- . (.Microsoft Corporation - Common Log File System Driver.) -- C:\WINDOWS\System32\clfs.sys   [244152]
O44 - LFC:[MD5.2FF4B8BA9805BABA5E8FB923AF44F480] - 01/05/2015 - 13.40.28 ---A- . (.Microsoft Corporation - Common Log Marshalling Win32 DLL.) -- C:\WINDOWS\System32\clfsw32.dll   [57344]
O44 - LFC:[MD5.1359F3CD7DF4D105C6C70CCE671F8520] - 01/05/2015 - 13.41.17 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\WINDOWS\System32\gdi32.dll   [297984]
O44 - LFC:[MD5.BC817A039C2CEF89B82E7F4F53AA252B] - 01/05/2015 - 13.41.41 ---A- . (.Microsoft Corporation - Strumento di rimozione malware.) -- C:\WINDOWS\System32\mrt.exe   [125832184]
O44 - LFC:[MD5.9F0BF29BB9D6E77C6F909412FB052F1D] - 01/05/2015 - 13.47.08 ---A- . (.Microsoft Corporation - Driver Win32 multiutente.) -- C:\WINDOWS\System32\win32k.sys   [2064384]
O44 - LFC:[MD5.BFC1892FFA0E8D3351EF59D6E3F39A2F] - 01/05/2015 - 13.47.24 ---A- . (.Microsoft Corporation - MSXML 3.0 SP10.) -- C:\WINDOWS\System32\msxml3.dll   [1249280]
O44 - LFC:[MD5.217B3071BA854D5D704EE24CFF7E5F9C] - 01/05/2015 - 13.48.12 ---A- . (.Microsoft Corporation - Microsoft Windows Codecs Library.) -- C:\WINDOWS\System32\WindowsCodecs.dll   [975360]
O44 - LFC:[MD5.AC841E83E5B0914C700D236AC2E84BB0] - 01/05/2015 - 13.48.29 ---A- . (.Microsoft Corporation - Codec Windows Media Photo.) -- C:\WINDOWS\System32\WMPhoto.dll   [369664]
O44 - LFC:[MD5.C65AC8B07F2AD5B37E722A2D56B8E035] - 01/05/2015 - 14.04.27 ---A- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT   [1830576]
O44 - LFC:[MD5.04B309A1A653177994630C2773E659F1] - 02/05/2015 - 12.33.05 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\Drivers\MBAMSwissArmy.sys   [119512]
O44 - LFC:[MD5.D811DE64B1FF7F43905F8DF229D88C0A] - 02/05/2015 - 12.45.10 ---A- . (...) -- C:\WINDOWS\setupact.log   [112117]
O44 - LFC:[MD5.48FDECE1D51342AF52FCFB29B626D648] - 03/05/2015 - 10.57.39 ---A- . (...) -- C:\WINDOWS\PFRO.log   [575174]
O44 - LFC:[MD5.43AE8D1E2B80390E0C3C3D07DC032270] - 03/05/2015 - 10.57.44 -S-A- . (...) -- C:\WINDOWS\bootstat.dat   [67584]
O44 - LFC:[MD5.C075E4D840ACC698829E233ABB0A4DB0] - 03/05/2015 - 11.05.20 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI   [1796060]
O44 - LFC:[MD5.25A912BD7B73EF08B43F50E05C05156A] - 03/05/2015 - 11.05.20 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat   [129814]
O44 - LFC:[MD5.9DA6AD119A3A83FE4FF7211B62FB5A92] - 03/05/2015 - 11.05.20 ---A- . (...) -- C:\WINDOWS\System32\perfc010.dat   [183484]
O44 - LFC:[MD5.93208BDB5C05745059B4F921FCA33AE0] - 03/05/2015 - 11.05.20 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat   [657860]
O44 - LFC:[MD5.A60327766271B15AAFDC5EA518D26ECD] - 03/05/2015 - 11.05.20 ---A- . (...) -- C:\WINDOWS\System32\perfh010.dat   [827582]
O44 - LFC:[MD5.65068CE31EA70B82F24B626D59CC1FD6] - 03/05/2015 - 13.58.16 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log   [1945605]
O44 - LFC:[MD5.B3C3959D2C9BB380AA9BE760666E0692] - 03/05/2015 - 18.17.41 ---A- . (...) -- C:\WINDOWS\System32\Drivers\sfi.dat   [1474832]
O44 - LFC:[MD5.F6E4BFA4AC13AE27CCE6E83B410B8D3A] - 30/04/2015 - 14.20.00 ---A- . (...) -- C:\WINDOWS\DPINST.LOG   [103276]
O44 - LFC:[MD5.C16128AF698D98D23849A6AC59D0E672] - 30/04/2015 - 17.01.49 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\System32\FlashPlayerApp.exe   [778416]
O44 - LFC:[MD5.B432B52EAD3006A61D7A37A2F7978416] - 30/04/2015 - 17.01.49 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl   [142512]
O44 - LFC:[MD5.6DE8B7431E6B1D0072E7AB360DB16A8C] - 30/04/2015 - 17.19.41 ---A- . (.NVIDIA Corporation - NVIDIA NVAPI Library, Version 347.88.) -- C:\WINDOWS\System32\nvapi.dll   [2905856]
O44 - LFC:[MD5.D519ED4C32F1C15066B8B06618810B8B] - 30/04/2015 - 17.19.42 ---A- . (...) -- C:\WINDOWS\System32\nvinfo.pb   [22594]
O44 - LFC:[MD5.19FE52C3AEB9C3493AE26DCE662FD0DF] - 30/04/2015 - 17.19.42 ---A- . (.NVIDIA Corporation - Display Driver Coinstaller.) -- C:\WINDOWS\System32\nvdispco3234788.dll   [1048776]
O44 - LFC:[MD5.E7AD73D1269113CE5630626AC296DDDB] - 30/04/2015 - 17.19.42 ---A- . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\WINDOWS\System32\nvdispgenco3234788.dll   [912528]
O44 - LFC:[MD5.96CEFCFD0F0298A10FC3D40B24E62173] - 30/04/2015 - 17.19.42 ---A- . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\WINDOWS\System32\nvhdagenco3220103.dll   [908608]
O44 - LFC:[MD5.4B85A28A93808D9F383B22B7F3E52456] - 30/04/2015 - 17.19.42 ---A- . (.NVIDIA Corporation - NVIDIA CUDA 7.0.29 OpenCL 1.1 Driver, Versi.) -- C:\WINDOWS\System32\nvopencl.dll   [10776152]
O44 - LFC:[MD5.D9D426ECBFDF20F5B9254925DA517D33] - 30/04/2015 - 17.19.42 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Driver, Version 347.88.) -- C:\WINDOWS\System32\nvcuda.dll   [10714792]
O44 - LFC:[MD5.E694F84BFC3AB1EE2552788C6FFD007F] - 30/04/2015 - 17.19.42 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Decode API, Version 347.8.) -- C:\WINDOWS\System32\nvcuvid.dll   [3248272]
O44 - LFC:[MD5.07C3D4081C7DC5EBFBA60FC1EB5FF783] - 30/04/2015 - 17.19.42 ---A- . (.NVIDIA Corporation - NVIDIA Compatible OpenGL ICD.) -- C:\WINDOWS\System32\nvoglv32.dll   [24775368]
O44 - LFC:[MD5.4F2A58333D1299CB14643E6D12EA70E9] - 30/04/2015 - 17.19.42 ---A- . (.NVIDIA Corporation - NVIDIA Compiler, Version 347.88.) -- C:\WINDOWS\System32\nvcompiler.dll   [20465808]
O44 - LFC:[MD5.15293747493CE6DA85A9F2BB8840288C] - 30/04/2015 - 17.19.42 ---A- . (.NVIDIA Corporation - NVIDIA D3D10 Driver, Version 347.88.) -- C:\WINDOWS\System32\nvwgf2um.dll   [16022016]
O44 - LFC:[MD5.F69FD161BD904778E1D6EBE9EEBBC2B5] - 30/04/2015 - 17.19.42 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\WINDOWS\System32\Drivers\nvhda32v.sys   [161424]
O44 - LFC:[MD5.CACE10C9EF1886D026AD39E0086516DC] - 30/04/2015 - 17.19.42 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\WINDOWS\System32\nvhdap32.dll   [27280]
O44 - LFC:[MD5.85997865CAC72B692CDBFCF7A751ECBD] - 30/04/2015 - 17.19.42 ---A- . (.NVIDIA Corporation - NVIDIA OpenGL In-band Frame Readback Librar.) -- C:\WINDOWS\System32\NvIFROpenGL.dll   [345744]
O44 - LFC:[MD5.B0DCCA7A558A2692C3CDF80919E8E864] - 30/04/2015 - 17.19.42 ---A- . (.NVIDIA Corporation - NVIDIA WDDM D3D Driver, Version 347.88.) -- C:\WINDOWS\System32\nvd3dum.dll   [14121624]
O44 - LFC:[MD5.593184CE76FDAAC328843CCCC579C19D] - 30/04/2015 - 17.19.42 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\WINDOWS\System32\Drivers\nvlddmkm.sys   [8454856]
O44 - LFC:[MD5.DE647FDB68000D633661F0117ACBC6E2] - 30/04/2015 - 17.20.25 ---A- . (.Khronos Group - OpenCL Client DLL.) -- C:\WINDOWS\System32\OpenCL.dll   [60560]
O44 - LFC:[MD5.C2CC4BFF029E857761FBA1B495E8B613] - 30/04/2015 - 17.20.40 ---A- . (...) -- C:\WINDOWS\System32\nvcoproc.bin   [4246327]
O44 - LFC:[MD5.5D204B91CBA171F86690E79BB7F39809] - 30/04/2015 - 17.20.40 ---A- . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\System32\nvcpl.dll   [4404880]
O44 - LFC:[MD5.1553D55A5DCFDD0565B5D77A43DDC16A] - 30/04/2015 - 17.20.40 ---A- . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) -- C:\WINDOWS\System32\nvshext.dll   [62664]
O44 - LFC:[MD5.0D0E2E56474909CE83E875AE98BFD5C8] - 30/04/2015 - 17.20.40 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 347.8.) -- C:\WINDOWS\System32\nvsvc.dll   [3064464]
O44 - LFC:[MD5.C1439B8122F7CB8BC17875AD638D4BCA] - 30/04/2015 - 17.20.40 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 347.8.) -- C:\WINDOWS\System32\nvsvcr.dll   [2555080]
O44 - LFC:[MD5.F8068FD29809634B6BB2DF5AB9E30AC9] - 30/04/2015 - 17.20.40 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 347.8.) -- C:\WINDOWS\System32\nvvsvc.exe   [670352]
O44 - LFC:[MD5.94DC996D79E11470287A8893C4BD178C] - 30/04/2015 - 17.20.40 ---A- . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\System32\nvmctray.dll   [374928]
O44 - LFC:[MD5.26C84DC826EBA0CAB5EEB857611254D9] - 30/04/2015 - 18.29.24 ---A- . (...) -- C:\WINDOWS\NLSDownlevelMapping.log   [1542]
O44 - LFC:[MD5.EFD9B8F48F3AAB6650CF58A33AF11CC7] - 30/04/2015 - 18.29.40 ----- . (.Creative - OpenAL Host Implementation.) -- C:\WINDOWS\System32\Sens_oal.dll   [1609728]
O44 - LFC:[MD5.DB08CF76449D2EB521DFB71A58DAF62D] - 30/04/2015 - 18.29.40 ---A- . (.Creative Labs - OpenAL32.) -- C:\WINDOWS\System32\wrap_oal.dll   [445016]
O44 - LFC:[MD5.663A319D105E14548DBA4C72201876B1] - 30/04/2015 - 18.29.40 ---A- . (.Portions (C) Creative Labs Inc. and NVIDIA - Standard OpenAL(TM) Implementation.) -- C:\WINDOWS\System32\OpenAL32.dll   [109144]
O44 - LFC:[MD5.06615A5BAE8FD89C0E0C77519C552CC4] - 30/04/2015 - 18.29.56 ---A- . (...) -- C:\WINDOWS\System32\APOMngr.DLL   [274944]
O44 - LFC:[MD5.BF9A280211421CDB0787EBE7D33507D6] - 30/04/2015 - 18.29.56 ---A- . (...) -- C:\WINDOWS\System32\CmdRtr.DLL   [74240]
O44 - LFC:[MD5.094A1BE17AF60DED05E6555870791DFF] - 30/04/2015 - 18.29.58 ---A- . (...) -- C:\WINDOWS\Evo.ico   [170165]
O44 - LFC:[MD5.82C2B6E48E30AB8D33F061167F24E18B] - 30/04/2015 - 18.29.58 ---A- . (...) -- C:\WINDOWS\Fury.ico   [71569]
O44 - LFC:[MD5.01735A9CCDF075635831C6128A96ADA3] - 30/04/2015 - 18.29.58 ---A- . (...) -- C:\WINDOWS\Rage.ico   [83118]
O44 - LFC:[MD5.4171B5CB22BC8BC7CDA01B9B1BCD52A5] - 30/04/2015 - 18.29.58 ---A- . (...) -- C:\WINDOWS\System32\UHS.ini   [33735]
O44 - LFC:[MD5.EE6DB4701E63ABEA3E4F74E7C681D028] - 30/04/2015 - 18.29.58 ---A- . (...) -- C:\WINDOWS\UHSAPO32.ssc   [17857]
O44 - LFC:[MD5.5449606A015E89466A800FB1E5C09597] - 30/04/2015 - 18.29.58 ---A- . (...) -- C:\WINDOWS\UHSConfig.ini   [373]
O44 - LFC:[MD5.B452EB96D0598E5325F5570E5D044FE8] - 30/04/2015 - 18.29.58 ---A- . (...) -- C:\WINDOWS\UHSICON.ico   [93940]
O44 - LFC:[MD5.52395C5F8A8E533D5D3EF3CA63364CBA] - 30/04/2015 - 18.29.58 ---A- . (...) -- C:\WINDOWS\UHSMCcfg.ini   [387]
O44 - LFC:[MD5.7D7B5F368295D2262362465CBB2537E8] - 30/04/2015 - 18.29.58 ---A- . (...) -- C:\WINDOWS\UHScfg.ini   [2413]
O44 - LFC:[MD5.469FF1079DB1B7B672F526619A04D008] - 30/04/2015 - 18.29.58 ---A- . (.Creative Technology Limited - CtDvInst.) -- C:\WINDOWS\System32\UHScInst.dll   [197120]
O44 - LFC:[MD5.DD53D08883264EC2B8F6F48D6CD45C28] - 30/04/2015 - 18.29.58 ---A- . (.Creative Technology Ltd. - Command Router Restore Utility.) -- C:\WINDOWS\UHSDefE.exe   [11264]
O44 - LFC:[MD5.98CA943CC45B2D097D8115BD0D78C849] - 30/04/2015 - 18.29.58 ---A- . (.Creative Technology Ltd. - Creative Audio Driver.) -- C:\WINDOWS\System32\Drivers\UHSfiltv.sys   [18944]
O44 - LFC:[MD5.32D06E92D43080B62D04C3FA898E9991] - 30/04/2015 - 18.29.58 ---A- . (.Creative Technology Ltd. - Creative Audio Processing Object Module.) -- C:\WINDOWS\System32\UHSAPO32.dll   [2016024]
O44 - LFC:[MD5.2C5DD172562936827C210E0B32EFFED0] - 30/04/2015 - 18.29.58 ---A- . (.Creative Technology Ltd. - Creative Property Page Loader Module.) -- C:\WINDOWS\System32\UHSpld32.dll   [243200]
O44 - LFC:[MD5.4961AE44D569273C1BB75FD38E1A3433] - 30/04/2015 - 18.29.58 ---A- . (.Creative Technology Ltd. - Installation of Catalog File.) -- C:\WINDOWS\AddCat.exe   [42496]
O44 - LFC:[MD5.9A264010E5D1771DFA6FF0700645D74A] - 30/04/2015 - 18.30.09 R-HA- . (...) -- C:\WINDOWS\ctfile.rfc   [342]
O44 - LFC:[MD5.3C21F7E95FFCA33EF1A83AA33D9663CF] - 30/04/2015 - 19.31.41 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\Drivers\mbam.sys   [23256]
O44 - LFC:[MD5.155BF99B2B87E0C298CAC3B4B8136D83] - 30/04/2015 - 19.31.41 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\Drivers\mbamchameleon.sys   [92888]
O44 - LFC:[MD5.3F435B1E9F5B3EF95669344FD8E9DCF9] - 30/04/2015 - 19.31.41 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\WINDOWS\System32\Drivers\mwac.sys   [51928]
O44 - LFC:[MD5.965C16A6FDBBFA554FEA6771CD815A01] - 30/04/2015 - 21.21.15 ---A- . (...) -- C:\WINDOWS\System32\Drivers\fvstore.dat   [28712]
~ Files: 109 Scanned in 01mn 20s



---\\ Operazioni e funzioni all'avvio di Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Denial of service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Modulo di gestione client dell'Editor di configurazione della protezione di Wind.) -- C:\WINDOWS\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacchetto di protezione Kerberos.) -- C:\WINDOWS\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\WINDOWS\System32\tspkg.dll
~ LSA: 7 Scanned in 00mn 00s



---\\ Controllo di avvio sicuro (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\CleanHlp.sys . (...) -- C:\WINDOWS\System32\Drivers\CleanHlp.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver filtro mouse seriale.) -- C:\WINDOWS\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\WINDOWS\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\WINDOWS\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\CleanHlp.sys . (...) -- C:\WINDOWS\System32\Drivers\CleanHlp.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\WINDOWS\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver filtro mouse seriale.) -- C:\WINDOWS\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\WINDOWS\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\WINDOWS\System32\Drivers\volmgrx.sys
~ CSB: 15 Scanned in 00mn 00s



---\\ Cerca "infezione i driver (HKLM) (TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll
O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 5 Scanned in 00mn 00s



---\\ Enumerazione della chiave del Registro di sistema StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Acrobat Assistant 8.0  [Key] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Acrobat Speed Launcher  [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
O53 - SMSR:HKLM\...\startupreg\CLMLServer  [Key] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
O53 - SMSR:HKLM\...\startupreg\DivXMediaServer  [Key] . (.DivX, LLC - DivX Media Server Launcher.) -- C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O53 - SMSR:HKLM\...\startupreg\DivXUpdate  [Key] . (.No owner - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
O53 - SMSR:HKLM\...\startupreg\HP Software Update  [Key] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe  =>.Hewlett-Packard Co
O53 - SMSR:HKLM\...\startupreg\mxomssmenu  [Key] . (.Maxtor Corporation - Maxtor Status Icon.) -- C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateReg  [Key] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\system32\jureg.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched  [Key] . (...) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe (.not file.)  =>.Oracle Corporation
O53 - SMSR:HKLM\...\startupreg\TkBellExe  [Key] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe  =>.RealNetworks, Inc
O53 - SMSR:HKLM\...\startupreg\UpdatePPShortCut  [Key] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
O53 - SMSR:HKLM\...\startupreg\VMware hqtray  [Key] . (...) -- C:\Program Files\VMware\VMware Player\hqtray.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Windows Defender  [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
~ SMSR Keys: 14 Scanned in 00mn 00s



---\\ Enumerazione delle chiavi del Registro di sistema SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\WINDOWS\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\WINDOWS\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumerazione del Registro chiavi PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Scanned in 00mn 00s



---\\ Enumerazione della chiave del Registro di sistema PoliciesExplorer (SRI) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3
~ MWPE Keys: 5 Scanned in 00mn 00s



---\\ Elenco dei driver del sistema (SDL) (O58)
O58 - SDL:02/11/2006 - 10.51.38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\WINDOWS\System32\Drivers\adp94xx.sys   [420968]
O58 - SDL:02/11/2006 - 10.51.32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\WINDOWS\System32\Drivers\adpahci.sys   [297576]
O58 - SDL:02/11/2006 - 10.50.35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\WINDOWS\System32\Drivers\adpu160m.sys   [98408]
O58 - SDL:02/11/2006 - 10.51.00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\WINDOWS\System32\Drivers\adpu320.sys   [147048]
O58 - SDL:01/01/2007 - 22.50.14 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\System32\Drivers\aliide.sys   [17464]
O58 - SDL:15/02/2014 - 16.31.08 ---A- . (.SlySoft, Inc. - AnyDVD Filter Driver.) -- C:\WINDOWS\System32\Drivers\AnyDVD.sys   [121000]
O58 - SDL:02/11/2006 - 10.50.09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\WINDOWS\System32\Drivers\arc.sys   [67688]
O58 - SDL:02/11/2006 - 10.50.10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\Drivers\arcsas.sys   [67688]
O58 - SDL:26/03/2008 - 5.48.10 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\WINDOWS\System32\Drivers\athr.sys   [766464]
O58 - SDL:17/04/2009 - 19.42.58 ---A- . (.VMware, Inc. - VMware Modified Clusters Tracking Driver.) -- C:\WINDOWS\System32\Drivers\bmdrvr.sys   [27312]
O58 - SDL:02/11/2006 - 9.24.45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\WINDOWS\System32\Drivers\BrFiltLo.sys   [13568]
O58 - SDL:02/11/2006 - 9.24.46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\WINDOWS\System32\Drivers\BrFiltUp.sys   [5248]
O58 - SDL:02/11/2006 - 9.25.24 ---A- . (.Brother Industries Ltd. - Driver I/F seriale Brother (WDM).) -- C:\WINDOWS\System32\Drivers\BrSerId.sys   [71808]
O58 - SDL:02/11/2006 - 9.24.44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\WINDOWS\System32\Drivers\BrSerWdm.sys   [62336]
O58 - SDL:02/11/2006 - 9.24.44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\WINDOWS\System32\Drivers\BrUsbMdm.sys   [12160]
O58 - SDL:02/11/2006 - 9.24.47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\WINDOWS\System32\Drivers\BrUsbSer.sys   [11904]
O58 - SDL:24/12/2002 - 20.18.56 ---A- . (.Hitachi Global Storage Technologies - CompactFlash Filter Driver.) -- C:\WINDOWS\System32\Drivers\cfadisk.sys   [3712]
O58 - SDL:13/04/2007 - 15.13.16 ---A- . (.C-Media Inc - C-Media Audio WDM Driver.) -- C:\WINDOWS\System32\Drivers\CM106.sys   [1307136]
O58 - SDL:01/04/2015 - 17.49.10 ---A- . (.COMODO - COMODO Internet Security Eradication Driver.) -- C:\WINDOWS\System32\Drivers\cmderd.sys   [17088]
O58 - SDL:01/04/2015 - 17.49.14 ---A- . (.COMODO - COMODO Internet Security Sandbox Driver.) -- C:\WINDOWS\System32\Drivers\cmdguard.sys   [622192]
O58 - SDL:01/04/2015 - 17.49.16 ---A- . (.COMODO - COMODO Internet Security Helper Driver.) -- C:\WINDOWS\System32\Drivers\cmdhlp.sys   [40736]
O58 - SDL:01/01/2007 - 22.50.14 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\WINDOWS\System32\Drivers\cmdide.sys   [19000]
O58 - SDL:02/11/2006 - 10.50.11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\WINDOWS\System32\Drivers\djsvs.sys   [71272]
O58 - SDL:02/11/2006 - 8.30.54 ---A- . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\WINDOWS\System32\Drivers\E1G60I32.sys   [117760]
O58 - SDL:04/03/2013 - 10.25.00 ---A- . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\WINDOWS\System32\Drivers\ElbyCDIO.sys   [30616]
O58 - SDL:02/11/2006 - 10.51.34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\WINDOWS\System32\Drivers\elxstor.sys   [316520]
O58 - SDL:25/03/2011 - 21.27.32 ---A- . (.VMware, Inc. - VMware USB monitor.) -- C:\WINDOWS\System32\Drivers\hcmon.sys.OLD   [32368]
O58 - SDL:01/10/2007 - 9.21.08 ---A- . (.Hauppauge Computer Works - CX23885 BDA driver.) -- C:\WINDOWS\System32\Drivers\HCW85BDA.sys   [1129344]
O58 - SDL:24/06/2010 - 15.08.16 ---A- . (.Paragon Software Group - A part of Paragon System Utilities.) -- C:\WINDOWS\System32\Drivers\hotcore3.sys   [56208]
O58 - SDL:02/11/2006 - 10.50.10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\WINDOWS\System32\Drivers\HpCISSs.sys   [37480]
O58 - SDL:02/02/2005 - 17.29.28 ---A- . (.Hewlett Packard - hpplsbulk.sys.) -- C:\WINDOWS\System32\Drivers\hpplsbulk.sys   [9344]
O58 - SDL:02/11/2004 - 15.22.16 ---A- . (.Hewlett Packard - HPPLSBULK Support Driver.) -- C:\WINDOWS\System32\Drivers\hpplsgen.sys   [17024]
O58 - SDL:12/07/2007 - 17.35.02 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\WINDOWS\System32\Drivers\iaStor.sys   [305176]
O58 - SDL:02/11/2006 - 10.51.25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\WINDOWS\System32\Drivers\iaStorV.sys   [232040]
O58 - SDL:02/11/2006 - 10.50.17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\WINDOWS\System32\Drivers\iirsp.sys   [41576]
O58 - SDL:01/04/2015 - 17.49.20 ---A- . (.COMODO - COMODO Internet Security Firewall Driver.) -- C:\WINDOWS\System32\Drivers\inspect.sys   [91200]
O58 - SDL:02/11/2006 - 10.50.07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\WINDOWS\System32\Drivers\iteatapi.sys   [35944]
O58 - SDL:02/11/2006 - 10.50.09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\WINDOWS\System32\Drivers\iteraid.sys   [35944]
O58 - SDL:29/03/2007 - 14.00.16 ---A- . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\WINDOWS\System32\Drivers\KMWDFilter.SYS   [17024]
O58 - SDL:02/11/2006 - 10.50.04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_fc.sys   [65640]
O58 - SDL:02/11/2006 - 10.50.05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_sas.sys   [65640]
O58 - SDL:02/11/2006 - 10.50.10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_scsi.sys   [65640]
O58 - SDL:14/04/2015 - 8.37.42 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\Drivers\mbam.sys   [23256]
O58 - SDL:14/04/2015 - 8.37.44 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\Drivers\mbamchameleon.sys   [92888]
O58 - SDL:02/05/2015 - 12.33.05 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\Drivers\MBAMSwissArmy.sys   [119512]
O58 - SDL:02/11/2006 - 10.49.53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\WINDOWS\System32\Drivers\megasas.sys   [28776]
O58 - SDL:02/11/2006 - 10.49.59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\WINDOWS\System32\Drivers\Mraid35x.sys   [33384]
O58 - SDL:14/04/2015 - 8.37.50 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\WINDOWS\System32\Drivers\mwac.sys   [51928]
O58 - SDL:03/05/2007 - 12.37.08 ---A- . (.Maxtor Corp. - OneTouch Security Driver.) -- C:\WINDOWS\System32\Drivers\mxopswd.sys   [22152]
O58 - SDL:02/11/2006 - 10.50.19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\WINDOWS\System32\Drivers\nfrd960.sys   [45160]
O58 - SDL:01/03/2013 - 2.48.42 ---A- . (.Riverbed Technology, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\WINDOWS\System32\Drivers\npf.sys   [36600]
O58 - SDL:02/11/2006 - 8.36.50 ---A- . (.N-trig Innovative Technologies - Driver incluso per digitalizzatore Tablet PC N-trig.) -- C:\WINDOWS\System32\Drivers\ntrigdigi.sys   [20608]
O58 - SDL:13/03/2015 - 20.43.34 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\WINDOWS\System32\Drivers\nvhda32v.sys   [161424]
O58 - SDL:13/03/2015 - 20.43.34 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 347.88.) -- C:\WINDOWS\System32\Drivers\nvlddmkm.sys   [8454856]
O58 - SDL:02/11/2006 - 10.50.24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\Drivers\nvraid.sys   [88680]
O58 - SDL:02/11/2006 - 10.50.13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\Drivers\nvstor.sys   [40040]
O58 - SDL:26/08/2008 - 9.26.12 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\System32\Drivers\pccsmcfd.sys   [18816]
O58 - SDL:16/11/2006 - 16.20.48 ---A- . (.Portrait Displays, Inc. - PdiPorts Device Driver.) -- C:\WINDOWS\System32\Drivers\PdiPorts.sys   [15920]
O58 - SDL:12/12/2005 - 17.27.00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\WINDOWS\System32\Drivers\PS2.sys   [19072]
O58 - SDL:01/07/2011 - 12.55.28 ---A- . (.Macrium Software - Macrium Reflect Virtual Disk Driver.) -- C:\WINDOWS\System32\Drivers\psmounter.sys   [45208]
O58 - SDL:01/07/2011 - 12.55.37 ---A- . (.Macrium Software - Backup image protection.) -- C:\WINDOWS\System32\Drivers\pssnap.sys   [16024]
O58 - SDL:01/07/2011 - 12.56.01 ---A- . (.Paramount Software UK Ltd - Volume Access driver.) -- C:\WINDOWS\System32\Drivers\PSVolAcc.sys   [12952]
O58 - SDL:02/11/2006 - 10.51.45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\WINDOWS\System32\Drivers\ql2300.sys   [900712]
O58 - SDL:02/11/2006 - 10.50.35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\WINDOWS\System32\Drivers\ql40xx.sys   [106088]
O58 - SDL:17/04/2007 - 19.09.28 ---A- . (.InterVideo - regi driver.) -- C:\WINDOWS\System32\Drivers\regi.sys   [11032]
O58 - SDL:16/02/2007 - 1.56.49 ---A- . (.Elaborate Bytes AG - Elby Delay Lower Filter Driver.) -- C:\WINDOWS\System32\Drivers\RegKill.sys   [11984]
O58 - SDL:04/08/2009 - 8.48.20 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\System32\Drivers\RTKVHDA.sys   [2744800]
O58 - SDL:03/10/2007 - 17.18.12 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\WINDOWS\System32\Drivers\Rtlh86.sys   [99840]
O58 - SDL:02/11/2006 - 7.37.21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\Drivers\secdrv.sys   [20480]
O58 - SDL:02/11/2006 - 10.50.10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\Drivers\sisraid2.sys   [38504]
O58 - SDL:02/11/2006 - 10.50.16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\Drivers\sisraid4.sys   [71784]
O58 - SDL:02/11/2006 - 10.50.05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\WINDOWS\System32\Drivers\symc8xx.sys   [35944]
O58 - SDL:02/11/2006 - 10.49.56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\WINDOWS\System32\Drivers\sym_hi.sys   [31848]
O58 - SDL:02/11/2006 - 10.50.03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\WINDOWS\System32\Drivers\sym_u3.sys   [34920]
O58 - SDL:31/05/2013 - 15.43.04 ---A- . (.Creative Technology Ltd. - Creative Audio Driver.) -- C:\WINDOWS\System32\Drivers\UHSfiltv.sys   [18944]
O58 - SDL:02/11/2006 - 10.51.25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\WINDOWS\System32\Drivers\uliahci.sys   [235112]
O58 - SDL:02/11/2006 - 10.50.35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\WINDOWS\System32\Drivers\ulsata.sys   [98408]
O58 - SDL:02/11/2006 - 10.50.45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\WINDOWS\System32\Drivers\ulsata2.sys   [115816]
O58 - SDL:02/03/2009 - 12.41.49 ---A- . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\WINDOWS\System32\Drivers\VClone.sys   [29184]
O58 - SDL:01/01/2007 - 22.50.14 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\WINDOWS\System32\Drivers\viaide.sys   [20024]
O58 - SDL:25/03/2011 - 22.27.18 ---A- . (.VMware, Inc. - VMware kernel driver.) -- C:\WINDOWS\System32\Drivers\vmx86.sys   [854256]
O58 - SDL:02/11/2006 - 10.50.41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\WINDOWS\System32\Drivers\vsmraid.sys   [112232]
O58 - SDL:18/12/2013 - 11.33.16 ---A- . (...) -- C:\WINDOWS\System32\ampa.sys   [14448]
O58 - SDL:02/11/2006 - 8.09.42 ---A- . (...) -- C:\WINDOWS\System32\ANSI.SYS   [9029]
O58 - SDL:02/11/2006 - 8.09.45 ---A- . (...) -- C:\WINDOWS\System32\country.sys   [27097]
O58 - SDL:02/11/2006 - 8.09.41 ---A- . (...) -- C:\WINDOWS\System32\HIMEM.SYS   [4768]
O58 - SDL:02/11/2006 - 8.09.44 ---A- . (...) -- C:\WINDOWS\System32\KEY01.SYS   [42809]
O58 - SDL:02/11/2006 - 8.09.44 ---A- . (...) -- C:\WINDOWS\System32\KEYBOARD.SYS   [42537]
O58 - SDL:22/11/2004 - 11.07.56 ---A- . (...) -- C:\WINDOWS\System32\Machnm32.sys   [2304]
O58 - SDL:02/11/2006 - 8.09.29 ---A- . (...) -- C:\WINDOWS\System32\NTDOS.SYS   [27866]
O58 - SDL:02/11/2006 - 8.09.35 ---A- . (...) -- C:\WINDOWS\System32\NTDOS404.SYS   [29146]
O58 - SDL:02/11/2006 - 8.09.38 ---A- . (...) -- C:\WINDOWS\System32\NTDOS411.SYS   [29370]
O58 - SDL:02/11/2006 - 8.09.40 ---A- . (...) -- C:\WINDOWS\System32\NTDOS412.SYS   [29274]
O58 - SDL:02/11/2006 - 8.09.31 ---A- . (...) -- C:\WINDOWS\System32\NTDOS804.SYS   [29146]
O58 - SDL:02/11/2006 - 8.09.20 ---A- . (...) -- C:\WINDOWS\System32\NTIO.SYS   [33952]
O58 - SDL:02/11/2006 - 8.09.23 ---A- . (...) -- C:\WINDOWS\System32\NTIO404.SYS   [34672]
O58 - SDL:02/11/2006 - 8.09.24 ---A- . (...) -- C:\WINDOWS\System32\NTIO411.SYS   [35776]
O58 - SDL:02/11/2006 - 8.09.26 ---A- . (...) -- C:\WINDOWS\System32\NTIO412.SYS   [35536]
O58 - SDL:02/11/2006 - 8.09.22 ---A- . (...) -- C:\WINDOWS\System32\NTIO804.SYS   [34672]
~ Drivers: 99 Scanned in 00mn 05s



---\\ Ultimi file modificati o creati (utente) (O61)
O61 - LFC: 01/05/2015 - 19.22.46 ---A- . (...) -- C:\Users\admin\AppData\Local\Adobe\Acrobat\11.0\UserCache.bin   [233555]
O61 - LFC: 02/05/2015 - 19.22.47 ---A- . (...) -- C:\Users\admin\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\2c83ed367799a69a993a9844caf6d3d5_fce8395f8fd8a848_15f74c7777689be5_0_0.bin   [16384]
O61 - LFC: 02/05/2015 - 19.22.47 ---A- . (...) -- C:\Users\admin\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\2c83ed367799a69a993a9844caf6d3d5_fce8395f8fd8a848_15f74c7777689be5_0_1.bin   [1048576]
O61 - LFC: 02/05/2015 - 19.22.47 ---A- . (...) -- C:\Users\admin\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\2c83ed367799a69a993a9844caf6d3d5_fce8395f8fd8a848_15f74c7777689be5_1_0.bin   [16384]
O61 - LFC: 03/05/2015 - 19.22.48 ---A- . (.Nicolas Coolman.) -- C:\Users\admin\Desktop\ZHPDiag2.exe   [6880006]  =>.Nicolas Coolman
~ 44 Fichiers temporaires (Temporary files)
~ 5 Fichiers cookies (Cookies files)
~ Files: 5 Scanned in 00mn 03s



---\\ File Alternate Data Stream (ADS) (O62)
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atmfd.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\atmlib.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clfs.sys:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\clfsw32.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\csrsrv.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dxtmsft.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\dxtrans.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\gdi32.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ieframe.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\iertutil.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ieui.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ieUnatt.exe:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\inetcpl.cpl:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\jscript.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\jscript9.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\jsproxy.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\mrt.exe:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\msctf.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\msfeeds.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\msfeedsbs.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\msfeedssync.exe:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\mshta.exe:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\mshtml.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\mshtmled.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\msi.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\msxml3.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ntdll.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ntkrnlpa.exe:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\ntoskrnl.exe:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\oleaut32.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\scesrv.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\schannel.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\shell32.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\smss.exe:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\url.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\urlmon.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\vbscript.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\win32k.sys:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\WindowsCodecs.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\wininet.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\WMPhoto.dll:$CmdTcID
O62 - ADS:Alternate Data Stream File - C:\WINDOWS\System32\Drivers\ksecdd.sys:$CmdTcID
~ ADS:  Scanned in 00mn 00s



---\\ Elenco di strumenti di disinfezione (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Elenco servizi registrati legacy (LALS) (O64)
O64 - Services: CurCS - 28/02/2006 - C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service)  .(.Apple Computer, Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - 24/12/2002 - C:\WINDOWS\System32\DRIVERS\cfadisk.sys (cfadisk)  .(.Hitachi Global Storage Technologies - CompactFlash Filter Driver.) - LEGACY_CFADISK
O64 - Services: CurCS - 01/04/2015 - C:\WINDOWS\System32\DRIVERS\cmderd.sys (cmderd)  .(.COMODO - COMODO Internet Security Eradication Driver.) - LEGACY_CMDERD
O64 - Services: CurCS - 01/04/2015 - C:\WINDOWS\System32\DRIVERS\cmdguard.sys (cmdGuard)  .(.COMODO - COMODO Internet Security Sandbox Driver.) - LEGACY_CMDGUARD
O64 - Services: CurCS - 01/04/2015 - C:\WINDOWS\System32\DRIVERS\cmdhlp.sys (cmdHlp)  .(.COMODO - COMODO Internet Security Helper Driver.) - LEGACY_CMDHLP
O64 - Services: CurCS - 14/07/2008 - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe (DTSRVC) .(...) - LEGACY_DTSRVC
O64 - Services: CurCS - 04/03/2013 - C:\WINDOWS\System32\Drivers\ElbyCDIO.sys (ElbyCDIO)  .(.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - LEGACY_ELBYCDIO
O64 - Services: CurCS - 01/04/2015 - C:\WINDOWS\System32\DRIVERS\inspect.sys (inspect)  .(.COMODO - COMODO Internet Security Firewall Driver.) - LEGACY_INSPECT
O64 - Services: CurCS - 21/07/2008 - C:\Program Files\Maxtor\Sync\SyncServices.exe (Maxtor Sync Service)  .(.Seagate Technology LLC - Sync Windows Services.) - LEGACY_MAXTOR_SYNC_SERVICE
O64 - Services: CurCS - 14/04/2015 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector)  .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 24/07/2007 - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (PSI_SVC_2)  .(.Protexis Inc. - PsiService PsiService.) - LEGACY_PSI_SVC_2
O64 - Services: CurCS - 17/04/2007 - C:\WINDOWS\System32\drivers\regi.sys (regi)  .(.InterVideo - regi driver.) - LEGACY_REGI
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 17/04/2009 - C:\Program Files\VMware\VMware vCenter Converter Standalone\vstor2-mntapi10.sys (vstor2-mntapi10)  .(.VMware, Inc. - VMware Virtual Storage Volume Driver.) - LEGACY_VSTOR2-MNTAPI10
O64 - Services: CurCS - 12/07/2011 - C:\Program Files\HP\DVDPlay\000.fcl ({22D78859-9CE9-4B77-BF18-AC83E81A9263})  .(.CyberLink Corp. - No Comment.) - LEGACY_{22D78859-9CE9-4B77-BF18-AC83E81A9263}
O64 - Services: CurCS - 28/08/2009 - C:\Program Files\CyberLink\PowerDVD8\000.fcl ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054})  .(.CyberLink Corp. - No Comment.) - LEGACY_{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}
~ Legacy: 192 Scanned in 00mn 00s



---\\ Associazioni Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\WINDOWS\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Utilità di avvio snap-in Visualizzatore eventi.) -- C:\WINDOWS\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor del Registro di sistema.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu Start Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Cerca "infezione su browser internet (SBI) (O69)
O69 - SBI: prefs.js [admin - 73b02pu3.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
~ Keys:  Scanned in 00mn 00s



---\\ Enumera l'avvio del servizio Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Servizio verifica compatibilità applicazioni.) -- C:\WINDOWS\System32\aelupsvc.dll   [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Segnalazioni di problemi e soluzioni.) -- C:\WINDOWS\System32\wercplsupport.dll   [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll di servizi shell di Windows.) -- C:\WINDOWS\System32\shsvcs.dll   [247296]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Servizio Propagazione certificati smart card Microsoft.) -- C:\WINDOWS\System32\certprop.dll   [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Servizio Propagazione certificati smart card Microsoft.) -- C:\WINDOWS\System32\certprop.dll   [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL di servizio server.) -- C:\WINDOWS\System32\srvsvc.dll   [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client di Criteri di gruppo.) -- C:\WINDOWS\System32\gpsvc.dll   [576512]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Estensione IKE.) -- C:\WINDOWS\System32\ikeext.dll   [444928]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Servizio Audio di Windows.) -- C:\WINDOWS\System32\Audiosrv.dll   [316928]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestione composizione automatica di accesso remoto.) -- C:\WINDOWS\System32\rasauto.dll   [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Connection Manager di Accesso remoto.) -- C:\WINDOWS\System32\rasmans.dll   [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestione interfaccia dinamica.) -- C:\WINDOWS\System32\mprdim.dll   [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Servizio di notifica eventi di sistema (SENS).) -- C:\WINDOWS\System32\sens.dll   [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componenti helper NAT Microsoft.) -- C:\WINDOWS\System32\ipnathlp.dll   [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Server di Telefonia Microsoft® Windows(TM).) -- C:\WINDOWS\System32\tapisrv.dll   [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestione connessioni remote di Servizi terminal.) -- C:\WINDOWS\System32\termsrv.dll   [449536]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agente di Windows Update.) -- C:\WINDOWS\System32\wuaueng.dll   [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Servizio trasferimento intelligente in background.) -- C:\WINDOWS\System32\qmgr.dll   [758784]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll di servizi shell di Windows.) -- C:\WINDOWS\System32\shsvcs.dll   [247296]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Servizio che offre connettività IPv6 su una rete IPv4..) -- C:\WINDOWS\System32\iphlpsvc.dll   [200704]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL del Servizio di accesso secondario.) -- C:\WINDOWS\system32\seclogon.dll   [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Servizio Informazioni applicazioni.) -- C:\WINDOWS\System32\appinfo.dll   [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Servizio di individuazione iSCSI.) -- C:\WINDOWS\System32\iscsiexe.dll   [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Servizio Utilità di pianificazione classi multimediali.) -- C:\WINDOWS\System32\mmcss.dll   [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\System32\profsvc.dll   [153600]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Servizio Microsoft EAPHost.) -- C:\WINDOWS\System32\eapsvc.dll   [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\System32\wbem\WMIsvc.dll   [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Servizio Utilità di pianificazione.) -- C:\WINDOWS\System32\schedsvc.dll   [601600]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Servizio Configurazione Servizi terminal.) -- C:\WINDOWS\System32\sessenv.dll   [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL servizio Browser di computer.) -- C:\WINDOWS\System32\browser.dll   [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Servizio di gestione delle chiavi.) -- C:\WINDOWS\System32\kmsvc.dll   [68096]
~ Services: 31 Scanned in 00mn 00s



---\\ Particolare ricerca nella directory principale del sistema (SPRF) (O84)
[MD5.0641A46F1E58529A42EAD4573A3A0861] [SPRF][11/04/2009] (...) -- C:\ProgramData\F32F589BA3.sys   [8]
[MD5.4A0F0FCFAB658D3A0BD264CD8228F596] [SPRF][24/10/2014] (...) -- C:\ProgramData\KGyGaAvL.sys   [2776]
[MD5.9C119B708A9C5FE86E86981087ADEC12] [SPRF][03/05/2015] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Users\admin\Desktop\ZHPDiag2.exe   [6880006]
[MD5.789E50B5A5D602BC141A3725AE22ADCF] [SPRF][05/06/2011] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.3 r181.) -- C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe   [3119776]
~ Files: 4 Scanned in 00mn 00s



---\\ Condizioni generali dei servizi non Microsoft (GSR) (SR = esecuzione, SS = fermato)
SS - | Demand 01/04/2015 1664728 |  (cmdvirth) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
SS - | Demand 11/04/2009 651720 |  (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Disabled 19/09/2007 65536 |  (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
SS - | Auto 14/04/2015 1080120 |  (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
SS - | Disabled 15/05/2009 935208 |  (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
SS - | Disabled 01/03/2013 118520 |  (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files\WinPcap\rpcapd.exe
SS - | Disabled 17/04/2009 428592 |  (vmware-converter-agent) . (.VMware, Inc..) - C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
SS - | Disabled 17/04/2009 428592 |  (vmware-converter-server) . (.VMware, Inc..) - C:\Program Files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
SS - | Auto 18/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe
SS - | Auto 11/04/2009 114688 | C:\Program Files\MONITO~1\monitor.exe (Winpowermonitor) . (.Macrovision.) - C:\Program Files\MonitorSoftware\monitor.exe
SR - | Auto 03/12/2014 81088 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 28/02/2006 229376 |  (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 01/04/2015 4351816 |  (CmdAgent) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
SR - | Auto 19/10/2011 423424 |  (CTAudSvcService) . (.Creative Technology Ltd.) - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
SR - | Auto 14/07/2008 69632 |  (DTSRVC) . (...) - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
SR - | Auto 29/05/2007 198240 |  (HPBtnSrv) . (...) - c:\hp\HPEZBTN\HPBtnSrv.exe
SR - | Demand 18/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\WINDOWS\System32\svchost.exe
SR - | Auto 18/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\WINDOWS\System32\svchost.exe
SR - | Auto 12/07/2007 354840 |  (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
SR - | Auto 04/01/2007 112152 |  (IviRegMgr) . (.InterVideo.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
SR - | Auto 08/06/2007 208896 |  (KMWDSERVICE) . (.UASSOFT.COM.) - C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe
SR - | Auto 17/06/2009 73728 |  (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 21/07/2008 193888 |  (Maxtor Sync Service) . (.Seagate Technology LLC.) - C:\Program Files\Maxtor\Sync\SyncServices.exe
SR - | Auto 18/01/2008 21504 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\WINDOWS\System32\svchost.exe
SR - | Auto 13/03/2015 670352 |  (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 18/01/2008 21504 | C:\Windows\system32\hpzipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\WINDOWS\System32\svchost.exe
SR - | Auto 24/07/2007 185632 |  (PSI_SVC_2) . (.Protexis Inc..) - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 01/07/2011 220824 |  (ReflectService) . (...) - C:\Program Files\Macrium\Reflect\ReflectService.exe
SR - | Auto 07/04/2008 241734 |  (RichVideo) . (...) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
SR - | Demand 11/04/2009 114688 | C:\Program Files\MONITO~1\wpRMI.exe (WinpowerRMI) . (.Macrovision.) - C:\Program Files\MonitorSoftware\wpRMI.exe
SR - | Auto 18/01/2008 21504 | C:\WINDOWS\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe
SR - | Auto 12/07/2011 87536 |  ({22D78859-9CE9-4B77-BF18-AC83E81A9263}) . (.CyberLink Corp..) - C:\Program Files\HP\DVDPlay\000.fcl
SR - | Auto 28/08/2009 87536 |  ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) . (.CyberLink Corp..) - C:\Program Files\CyberLink\PowerDVD8\000.fcl
~ Services:  Scanned in 00mn 14s



---\\ Ricerche simultanee su Master Boot Record (MBR) (O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Scanned in 00mn 02s



---\\ Ricerche simultanee sul Master Boot Record (MBRCheck) (O80)
Written by ad13, http://ad13.geekstog
Run by admin at 03/05/2015 19.24.30
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 04s



---\\ Scansione aggiuntive (O88)
Database Version : 13008 - (02/05/2015)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 0

~ Additionnel Scan: 486186 Items scanned in 00mn 29s



---\\ Informationi complémentaires sul le segnalazione
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/  =>.Internet Explorer, gestione Proxy (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/  =>.Browser Helper Objects da browser (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/  =>.Internet Explorer barre degli strumenti (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/  =>.Iniziato da file e registro applicazioni (O4)
~ AMI: 4 Scanned in 00mn 00s



End of the scan (1659 lines in 04mn 34s)(0.4)