Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2017 01
Ran by DF (29-09-2017 20:40:16)
Running from C:\Users\DF\Contacts\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-09-09 01:14:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1286336489-1028466569-3393745925-500 - Administrator - Disabled)
DF (S-1-5-21-1286336489-1028466569-3393745925-1000 - Administrator - Enabled) => C:\Users\DF
Guest (S-1-5-21-1286336489-1028466569-3393745925-501 - Limited - Enabled) => C:\Users\Guest
postgres (S-1-5-21-1286336489-1028466569-3393745925-1015 - Limited - Enabled) => C:\Users\postgres.DF-PC.000
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}) (Version: 0.0.0.2 - Nero AG) Hidden
Agatha Christie - Death on the Nile (HKLM-x32\...\WT088216) (Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{BAF4695F-7867-D8B2-528A-A1EF2EE0A9EF}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Backup Manager Basic (HKLM-x32\...\{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems) Hidden
Bejeweled 2 Deluxe (HKLM-x32\...\WT088226) (Version: 2.2.0.95 - WildTangent) Hidden
BetClic Poker (HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\BetClic Poker) (Version: - )
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
Build-a-lot 2 (HKLM-x32\...\WT088228) (Version: 2.2.0.95 - WildTangent) Hidden
ccc-core-static (HKLM-x32\...\{28849F27-E11E-F067-C4B5-7F4CDB75D473}) (Version: 2010.0825.2205.37769 - Nome società) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Chuzzle Deluxe (HKLM-x32\...\WT088235) (Version: 2.2.0.95 - WildTangent) Hidden
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 33.1.0.1 - Comodo)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT088238) (Version: 2.2.0.95 - WildTangent) Hidden
Driver dispositivo USB (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2066.1.9B05 - )
e-express (HKLM-x32\...\e-express) (Version: 21.005.20.01.606 - Huawei Technologies Co.,Ltd)
EhoCW Alpha 0.91n 06/12/2010 (HKLM-x32\...\EhoCW) (Version: Alpha 0.91n 06/12/2010 - F8EHO)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
ETDWare PS/2-x64 7.0.6.5_WHQL (HKLM\...\Elantech) (Version: 7.0.6.5 - ELAN Microelectronics Corp.)
Farm Frenzy (HKLM-x32\...\WT088260) (Version: 2.2.0.95 - WildTangent) Hidden
FATE (HKLM-x32\...\WT088416) (Version: 2.2.0.95 - WildTangent) Hidden
FileZilla Client 3.23.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.23.0.2 - Tim Kosse)
Final Drive Nitro (HKLM-x32\...\WT088420) (Version: 2.2.0.95 - WildTangent) Hidden
FLV-Media Player 1.8 (HKLM-x32\...\FLV-Media Player) (Version: 1.8 - HYBRIDWEB)
Free Sound Recorder v10.8.8 (HKLM-x32\...\Free Sound Recorder_is1) (Version: - Copyright(C) 2005-2015 FreeSoundRecorder Technologies, Inc.)
Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GD Poker (HKLM-x32\...\GiocoDigitalePoker) (Version: - GiocoDigitale)
GDpoker 1.0.0 (HKLM-x32\...\GDpoker_is1) (Version: 1.0.0 - gd_poker)
GL USB2.0 UVC Camera Device (HKLM-x32\...\{9897BBD8-013A-49F3-928E-866A59B6E00C}) (Version: 15.12.14.0 - GenesysLogic)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HMA! Pro VPN 2.7.1.7 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.7.1.7 - )
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version: - )
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Packard Bell)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
ImTOO DVD Creator (HKLM-x32\...\ImTOO DVD Creator) (Version: 7.0.3.1214 - ImTOO)
Insaniquarium Deluxe (HKLM-x32\...\WT088268) (Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Jewel Quest Solitaire 2 (HKLM-x32\...\WT088269) (Version: 2.2.0.95 - WildTangent) Hidden
JLG Extended Keyboard Layout US (v1.1) (HKLM-x32\...\{0904AF3E-7420-42B7-9174-AB2F9070281B}) (Version: 1.1 - JLG Utilities)
John Deere Drive Green (HKLM-x32\...\WT088448) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - Packard Bell)
LogProtect version 1.4.3 (HKLM-x32\...\LogProtect_is1) (Version: - )
Lottomatica.it Poker (HKLM-x32\...\Lottomatica.it Poker ) (Version: - GTECH Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.7 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office a portata di clic 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Italiano (HKLM-x32\...\{90140011-0066-0410-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 16.002.15.01.51 - Huawei Technologies Co.,Ltd)
Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 56.0 (x64 en-US) (HKLM\...\Mozilla Firefox 56.0 (x64 en-US)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.0.6478 - Mozilla)
MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NCPlot v2.32 (HKLM-x32\...\NCPlot_is1) (Version: - NCPlot Software LLC)
Nero 9 Essentials (HKLM-x32\...\{c68f25a7-43f0-423d-b5de-ca33885f1ba7}) (Version: - Nero AG)
OpenOffice 4.1.3 (HKLM-x32\...\{3E1679DA-5081-44AA-B4C2-BF8EE7E107E0}) (Version: 4.13.9783 - Apache Software Foundation)
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.1.3 - WildTangent)
Packard Bell MyBackup (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3016 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.03.3003 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0806.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 1.0.1901 - CyberLink Corp.) Hidden
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 1.0.1901 - CyberLink Corp.)
PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version: - )
PDF Architect (HKLM-x32\...\{86D8A96B-1911-4C3F-AA16-0B47E053E492}) (Version: 1.2.97.14551 - pdfforge GmbH)
Pencil (HKLM-x32\...\Pencil) (Version: - Evolus Co., Ltd.)
Penguins! (HKLM-x32\...\WT088452) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (HKLM-x32\...\WT088283) (Version: 2.2.0.95 - WildTangent) Hidden
Poker Club by Lottomatica (HKLM-x32\...\Poker Club by Lottomatica ) (Version: - Boss Media AB)
PokerStars.it (HKLM-x32\...\PokerStars.it) (Version: - PokerStars.it)
Polar Bowler (HKLM-x32\...\WT088456) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT088460) (Version: 2.2.0.95 - WildTangent) Hidden
Pool Rebel for Windows (HKLM-x32\...\Pool Rebel for Windows_is1) (Version: - Compumaster Ltd)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
PX Profile Update (HKLM-x32\...\{98A26988-E99C-2EA6-684A-3FFE6F3A90F9}) (Version: 1.00.1. - AMD) Hidden
Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
SafeZone Stable 1.51.2220.62 (HKLM-x32\...\SafeZone 1.51.2220.62) (Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (HKLM-x32\...\{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Should I Remove It (HKLM-x32\...\{4E62123C-4C0D-4123-A8A2-C0103B92D7EA}) (Version: 1.0.4 - Reason Software Company Inc.) Hidden
Should I Remove It (HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Smart PC Recorder - by freebird (HKLM-x32\...\SmartPCRecorder) (Version: 1.2 - Freebird)
Sublime Text Build 3114 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Titanbet.it Poker (HKLM-x32\...\Titanpoker.it) (Version: - )
Viber (HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\Viber) (Version: 5.1.2.24 - Viber Media Inc)
Video to Video (HKLM-x32\...\{7F95A744-78DA-4AED-A8F0-A0AF330B8411}_is1) (Version: - Media Converters)
Video Web Camera (HKLM-x32\...\{83299633-1261-47A3-84F3-6F02B4B8CDB1}) (Version: 2.0.6.0 - Liteon)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT088508) (Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Wampserver64 3.0.6 (HKLM\...\{wampserver64}_is1) (Version: 3.0.6 - Dominique Ottello aka Otomatic)
Web Companion (HKLM-x32\...\{67651c28-5e35-4bd7-849c-145c2062e619}) (Version: 2.3.1411.2698 - Lavasoft)
WEBpatente 4.2 (HKLM-x32\...\{29D4BDED-54EC-4FDA-B2E1-B6A5F8C4E5C2}}_is1) (Version: - Roberto Mastri)
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3007 - Packard Bell)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{C89F2092-B9E4-46FD-83BB-C6F2D7838CED}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version: - ZTE Corporation)
Zuma Deluxe (HKLM-x32\...\WT088292) (Version: 2.2.0.95 - WildTangent) Hidden
Zuma's Revenge (HKLM-x32\...\WT088531) (Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\ChromeHTML: -> C:\Users\DF\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\DF\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\DF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\DF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\DF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\DF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\DF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => -> No File
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll -> No File
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll -> No File
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => -> No File
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => -> No File
ContextMenuHandlers1: [Eraser] -> [CC]{BC9B776A-90D7-4476-A791-79D835F30650} => -> No File
ContextMenuHandlers1: [PDFArchitectExtension] -> [CC]{DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => -> No File
ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2012-05-22] (The Eraser Project)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> [CC]{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [Eraser] -> [CC]{BC9B776A-90D7-4476-A791-79D835F30650} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-08-25] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Eraser] -> [CC]{BC9B776A-90D7-4476-A791-79D835F30650} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4_S-1-5-21-1286336489-1028466569-3393745925-1000: [ SkyDriveEx] -> [CC]{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {043C85FE-E78E-42C8-B927-70B50A0725E9} - System32\Tasks\SafeZone scheduled Autoupdate 1463222709 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {0DF8FDD0-8287-49C0-9998-49F1BF167518} - System32\Tasks\{6E2F2F69-DE59-46C0-A227-37CF026B81F2} => C:\Windows\system32\pcalua.exe -a C:\Users\DF\Contacts\Desktop\setup.exe -d C:\Users\DF\Contacts\Desktop
Task: {0FAC4710-5291-422D-BA25-ED71BF109437} - System32\Tasks\{5EF0B267-6728-4AA1-9146-FD57F3F21FA1} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {113310D4-59CA-457B-BB4F-AAA886A6D681} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1286336489-1028466569-3393745925-1000UA => C:\Users\DF\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {145A4324-772A-4A1F-976F-D81BC628B04D} - System32\Tasks\GoogleUpdateTaskMachineUA1d3356085573eb8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1A47E4B2-FCEE-478E-AE28-1C2BF434B4CD} - System32\Tasks\AVAST Software\Avast settings backup
Task: {2882934E-C666-4DBC-9D84-793B9457297A} - System32\Tasks\{95394694-E3A6-4D9D-B679-563350095D82} => C:\Windows\system32\pcalua.exe -a C:\Users\DF\Downloads\wlsetup-web(1).exe -d C:\Users\DF\Downloads
Task: {2C01746D-96DD-4F32-8E1B-5FE4FC42EC4D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {3CC8F55E-5EB2-4DE2-BE09-A1CB1F8D3764} - System32\Tasks\{45CA06BB-DB9E-4D62-91B5-B0A0EB94EE8B} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Task: {3D5076EC-AA97-416C-8F17-E35BE8A5F05B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4513471C-4795-457C-A96A-FBB894DF828A} - System32\Tasks\{2D763861-8D8F-49BD-9780-5962A2A4CB9E} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.17.0.105/fr/abandoninstall?page=tsProgressBar
Task: {4B23F739-2101-4754-B2E9-B0854513EAF3} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {6245EE8B-612E-43FC-B838-FE7903BDF21B} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {680BBB87-C776-4C8C-804B-8D4C5EDFDB54} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-02] (Adobe Systems Incorporated)
Task: {6DB7008A-A54E-49E2-8C51-DBB985C069D6} - System32\Tasks\{20E3E361-DEC0-4511-AD18-70833B52E443} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {781863B3-A4D9-47B8-B275-58502DB62E3B} - System32\Tasks\RealCreateProcessScheduledTask57126068S-1-5-21-1286336489-1028466569-3393745925-1000 => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
Task: {7E871CAC-F1FF-4E16-8E6D-9351B9346DF9} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1286336489-1028466569-3393745925-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {7E9DFBDD-986E-4957-B025-963D275A0F34} - System32\Tasks\{400330FA-85FC-4308-B182-782E4526524F} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\POKERC~1\UNWISE.EXE -c C:\PROGRA~2\POKERC~1\INSTALL.LOG
Task: {7EA9816E-B666-4CA6-A10A-318416AFBE19} - System32\Tasks\{04294779-4D42-4428-9B3D-8E6598F5E0C6} => C:\Windows\system32\pcalua.exe -a C:\Users\DF\Contacts\Desktop\ubuntu\uninstall-wubi.exe -d C:\Users\DF\Contacts\Desktop\ubuntu
Task: {8862D2AD-D070-4749-ABBD-E51D5996D4E6} - System32\Tasks\{1D956DDB-65FC-4CEF-BA43-F7ABFF106DC4} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.17.0.105/fr/abandoninstall?page=tsProgressBar
Task: {8F43BDD3-A249-4AAD-A3D0-8C5F89F1E803} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1286336489-1028466569-3393745925-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {8F95BEF1-4944-4C81-9950-61A5047B525E} - System32\Tasks\{0F847B3A-738B-4FC9-AEC8-9DB2D01765F4} => C:\Windows\system32\pcalua.exe -a C:\Users\DF\Contacts\Desktop\unetbootin-windows-613.exe -d C:\Users\DF\Contacts\Desktop
Task: {91792999-1409-41EE-9A01-24B5E01DAC12} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {B6EFCA77-3220-473D-B51F-08FAAF578C7C} - System32\Tasks\RealCreateProcessScheduledTask33514271S-1-5-21-1286336489-1028466569-3393745925-1000 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {BBECA6D1-1897-4C71-93C7-1B837E238172} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {D1559733-EC38-49E6-A3C1-F739E3114BFC} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1286336489-1028466569-3393745925-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {E51D94B3-5BF3-4BA7-BA58-541C81051C56} - System32\Tasks\GoogleUpdateTaskMachineCore1d33560853128b3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E6392A10-C729-46A6-9688-C3E8365B72A6} - System32\Tasks\Product Updater => C:\Program Files (x86)\Free Sound Recorder\FFProductUpdater.exe [2017-06-01] ()
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION
Task: {F3D2D8DA-A766-4029-9340-19EDF28C0F3E} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe [2010-12-02] (Acer)
Task: {F8342B61-DA23-4CDF-BEB5-A973803545EC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1286336489-1028466569-3393745925-1000Core => C:\Users\DF\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FE598438-C78C-4EB0-A979-4C4498762BDF} - System32\Tasks\{A0216EFB-4B48-4C4E-9528-1D29BB81A804} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1286336489-1028466569-3393745925-1000Core.job => C:\Users\DF\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1286336489-1028466569-3393745925-1000UA.job => C:\Users\DF\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\DF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICMIZER.lnk -> C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe (Microsoft Corporation) -> 2539601351.www.pokericmcalculator.com
==================== Loaded Modules (Whitelisted) ==============
2016-12-06 18:17 - 2016-12-06 18:17 - 000052400 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2014-07-01 04:45 - 2010-05-31 18:51 - 000536576 _____ () C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
2017-09-14 06:38 - 2017-09-14 06:38 - 000170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\37fc2d150a5569e7ce440b1dd07b7ee9\IsdiInterop.ni.dll
2011-02-17 10:09 - 2010-04-13 19:52 - 000058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-07-01 04:45 - 2010-04-23 10:16 - 000014848 ____R () C:\Program Files (x86)\Mobile Partner\isaputrace.dll
2014-07-01 04:45 - 2010-05-31 18:48 - 000122880 _____ () C:\Program Files (x86)\Mobile Partner\DeviceMgrPlugin.dll
2014-07-01 04:45 - 2010-05-31 18:49 - 000057344 _____ () C:\Program Files (x86)\Mobile Partner\ConfigFilePlugin.dll
2014-07-01 04:45 - 2010-08-04 15:03 - 000159744 _____ () C:\Program Files (x86)\Mobile Partner\NetInfoPlugin.dll
2014-07-01 04:45 - 2010-05-31 18:45 - 000090112 _____ () C:\Program Files (x86)\Mobile Partner\DialUpPlugin.dll
2014-07-01 04:45 - 2010-08-06 16:50 - 001019904 _____ () C:\Program Files (x86)\Mobile Partner\NDISAPI.dll
2014-07-01 04:45 - 2010-05-31 17:54 - 000172032 ____R () C:\Program Files (x86)\Mobile Partner\DetectDev.dll
2014-07-01 04:45 - 2010-05-31 17:54 - 000598016 ____R () C:\Program Files (x86)\Mobile Partner\atcomm.dll
2014-07-01 04:45 - 2010-05-31 17:53 - 000061440 ____R () C:\Program Files (x86)\Mobile Partner\XCodec.dll
2014-07-01 04:45 - 2010-05-31 17:54 - 000061440 ____R () C:\Program Files (x86)\Mobile Partner\DeviceOperate.dll
2014-07-01 04:45 - 2010-05-31 18:51 - 000139264 _____ () C:\Program Files (x86)\Mobile Partner\LocaleMgrPlugin.dll
2014-07-01 04:45 - 2010-05-31 18:47 - 000073728 _____ () C:\Program Files (x86)\Mobile Partner\CallPlugin.dll
2014-07-01 04:45 - 2010-04-23 10:16 - 000090112 ____R () C:\Program Files (x86)\Mobile Partner\FileManager.dll
2014-07-01 04:45 - 2010-05-31 18:50 - 000032768 _____ () C:\Program Files (x86)\Mobile Partner\NotifyServicePlugin.dll
2014-07-01 04:45 - 2010-05-31 18:45 - 000253952 _____ () C:\Program Files (x86)\Mobile Partner\DeviceMgrUIPlugin.dll
2014-07-01 04:45 - 2010-05-31 18:50 - 000163840 _____ () C:\Program Files (x86)\Mobile Partner\SMSPlugin.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:4B1BA31B [130]
AlternateDataStreams: C:\ProgramData\Temp:753C01E7 [140]
AlternateDataStreams: C:\ProgramData\Temp:AD022376 [125]
AlternateDataStreams: C:\ProgramData\Temp:D5FBE8F9 [127]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2016-11-14 19:43 - 000002053 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DF\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 212.52.97.25 - 193.70.152.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VideoWebCamera.exe.lnk => C:\Windows\pss\VideoWebCamera.exe.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AvgUi => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
MSCONFIG\startupreg: EDAHelper => C:\Users\DF\AppData\Local\Temp\Rar$EXa0.073\ZXW\SETUP\EDAHelper.exe
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: ETDWare => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: FreeCall => "C:\Program Files (x86)\FreeCall.com\FreeCall\freecall.exe" -nosplash -minimized
MSCONFIG\startupreg: GLSystray => C:\Program Files (x86)\GLPCCamera\monitorpad.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPDLR.exe => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: ProductUpdater => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VoipCheapCom => "C:\Program Files (x86)\VoipCheapCom.com\VoipCheapCom\voipcheapcom.exe" -nosplash -minimized
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{874A99B9-9E4D-4885-97D9-8BD6A735318B}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{681C367C-50AC-4AE7-9BB7-86258EB45374}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{54A44595-6AF6-437A-AC56-8818E48F952F}] => (Allow) svchost.exe
FirewallRules: [{991D5C48-8E74-4346-8047-207F0433390E}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{9775D280-FB50-417E-85F6-BFC9AA4F1604}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{4E4693A2-3A3B-4CE6-958C-82DC9EC4B221}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{05A53FC4-6678-4F2B-A324-4AC7C6B837CB}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{FB1E31F1-007B-48B4-AAEC-C2720F3F20CC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{EE0190F4-7300-43E3-B74E-41AFC58FF86B}C:\program files (x86)\emule\emule.exe] => (Block) C:\program files (x86)\emule\emule.exe
FirewallRules: [UDP Query User{2BA70C4D-B309-4F0D-9E70-170A172A4043}C:\program files (x86)\emule\emule.exe] => (Block) C:\program files (x86)\emule\emule.exe
FirewallRules: [{2D9914CE-E7D1-4753-B049-2B52F3290A32}] => (Allow) LPort=5432
FirewallRules: [TCP Query User{4DF45DC3-219C-4200-894C-3E2CF52ED65E}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe] => (Block) C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe
FirewallRules: [UDP Query User{A946BEA9-92B5-4921-AD1E-124045500684}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe] => (Block) C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe
FirewallRules: [{2C6D2ACB-24E9-47BC-9F37-DCDB88A3230D}] => (Allow) C:\Program Files (x86)\FreeCall.com\FreeCall\FreeCall.exe
FirewallRules: [{273E5C73-E8A2-43F0-8D0A-00E6B84C1AF5}] => (Allow) C:\Program Files (x86)\FreeCall.com\FreeCall\FreeCall.exe
FirewallRules: [{FD1100D8-A2A3-4E9F-947A-136073D1FC9B}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{C82CBCCE-6B18-4FC9-9C7F-FAFF987AF7D8}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{B3610559-57FB-4B64-B3AA-248302FC9B88}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{C8BF327E-55CC-4D56-9284-6CF7F78FC7F9}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{8D6463DD-094E-4532-B1AE-2B628C392089}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{0C9BC26B-E5E7-4E76-9BDC-CC5E129F3F1D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{EA1E935E-5ED8-41D9-9B03-DA39A4B01A1B}] => (Allow) C:\Users\DF\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{0A6D4CF9-3992-4609-9147-D42D3DC86070}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C10DB6D2-9653-418E-A4A7-B6C5262174B2}] => (Allow) LPort=2869
FirewallRules: [{C47899D3-41C9-401B-883E-408253AF5D53}] => (Allow) LPort=1900
FirewallRules: [{72553287-1E30-44E7-AAA1-4CFBB7E658C3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4335BCC4-A604-4415-B2F8-F0364182A1C3}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [TCP Query User{ACC74981-FE85-438C-8D2B-422478705569}C:\ffoutput\gdpoker\gdpoker.exe] => (Allow) C:\ffoutput\gdpoker\gdpoker.exe
FirewallRules: [UDP Query User{EC78DB41-FB35-4F3C-A35F-E3B47B70271E}C:\ffoutput\gdpoker\gdpoker.exe] => (Allow) C:\ffoutput\gdpoker\gdpoker.exe
FirewallRules: [{3CF4453C-22F2-434D-9DA7-118F90F8E049}] => (Block) C:\ffoutput\gdpoker\gdpoker.exe
FirewallRules: [{30D6BE8F-9FBE-43E3-8F28-477CC7B9ED56}] => (Block) C:\ffoutput\gdpoker\gdpoker.exe
FirewallRules: [{5B3B9558-867D-4784-831F-D17220653ECF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DE79213E-5843-4D49-A9E1-1E13F6AE6DB1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8EEF5595-7991-4B43-A723-CAD719BC40B1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B22079D5-842B-4C4E-B648-DA95D390C598}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{1366C2CD-97CF-4797-932A-58C1C03D92AF}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [UDP Query User{F9F8A46D-FC56-461D-B629-5D7DAF83B7CB}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [{92ED5307-0C0F-47A9-8DA3-3D09AD08DE32}] => (Block) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [{2D923625-A191-4B81-80E0-4B4E26F1BA6D}] => (Block) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [{676DE828-E461-4F51-B846-2F514B1E1971}] => (Allow) C:\Users\DF\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{F2AFAC81-44D3-4CF8-8C52-FB497DED1D61}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EAC301DE-7D54-43DC-90A4-FBB3EC1919FD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F742DBE-D79A-4D34-A2B5-105FD998FCA0}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{3AC5789F-14A7-4D33-9F02-388F82D6265B}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{16ADFBAC-A4CB-4DD5-B70A-3AD966D44991}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{3E3E5413-6B8F-41F7-8955-6B70AB17595D}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{79F89B0F-6F80-4D94-9B6C-541D9C2112E6}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{1500678F-8E43-4CCC-9970-23A97299F2B4}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{F6F10930-E370-4805-9423-97AE70A1D967}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{8E83695B-94BF-4AF6-B681-B167BDAC78B4}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{8F744F88-5BD8-4BBA-9B2E-31C238A0AF56}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{ADC197F6-324E-44CE-9173-117337A2DBB9}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{54E7AB5E-4FFF-4796-AA5D-1280AD82EB6F}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{773902AD-4154-4719-BFCA-B51DB5A50CC0}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{7D9CBD96-F972-4CB9-B97B-02D2AB1ECAAD}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{F56B0C59-69F9-43C1-AF5B-374DA45A1F96}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [TCP Query User{3EF337B7-11A2-40E4-8C17-12EC2EC377AF}C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [UDP Query User{FDD4BD8B-1879-426D-A74D-2FE7C2A036DD}C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [{ED11E5FF-BAEC-4E88-950F-7BF3D22FB862}] => (Block) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [{04A67018-2A38-491D-8512-EC1FA9E3982D}] => (Block) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [TCP Query User{B204F2D4-3628-42CD-B665-304D9D10B80F}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [UDP Query User{60C01ADB-6956-45C9-971B-D38D84A69A84}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [TCP Query User{BBC43FD3-A766-4BF5-BCB9-583A1B7DFDBC}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{4BAAF4C4-DDF6-4D75-AC27-659E5C15EA55}C:\program files\bitcoin\bitcoin-qt.exe] => (Allow) C:\program files\bitcoin\bitcoin-qt.exe
==================== Restore Points =========================
15-09-2017 15:00:15 Windows Update
25-09-2017 21:27:11 Removed Nero BurnLite 10.
25-09-2017 22:59:34 Windows Update
29-09-2017 13:29:09 Windows Update
29-09-2017 14:05:30 VEN290917
==================== Faulty Device Manager Devices =============
Name: 1.3M HD WebCam
Description: Dispositivo video USB
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: RHDISK_AMD64
Description: RHDISK_AMD64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RHDISK_AMD64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/29/2017 06:48:33 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
(Patch task for {90140011-0066-0410-0000-0000000FF1CE}): DownloadLatest Failed: Nessuna connessione di rete attualmente attiva. Quando verrà collegata una scheda, Servizio trasferimento intelligente in background (BITS) ripeterà l'operazione.
Error: (09/29/2017 06:38:33 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
Impossibile completare l'azione. Riprovare. Se il problema persiste, rivolgersi al Servizio Supporto Tecnico Clienti Microsoft.
Error: (09/29/2017 06:38:23 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2017-09-29 16:38:23 GMTFATAL: bogus data in lock file "postmaster.pid": ""
Error: (09/29/2017 01:04:20 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
Impossibile completare l'azione. Riprovare. Se il problema persiste, rivolgersi al Servizio Supporto Tecnico Clienti Microsoft.
Error: (09/29/2017 01:04:17 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2017-09-29 11:04:17 GMTFATAL: bogus data in lock file "postmaster.pid": ""
Error: (09/28/2017 07:32:14 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
(Patch task for {90140011-0066-0410-0000-0000000FF1CE}): DownloadLatest Failed: Nessuna connessione di rete attualmente attiva. Quando verrà collegata una scheda, Servizio trasferimento intelligente in background (BITS) ripeterà l'operazione.
Error: (09/28/2017 07:31:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: Mobile Partner.exe, versione: 1.0.0.1, timestamp: 0x4c0394b4
Nome del modulo che ha generato l'errore: ntdll.dll, versione: 6.1.7601.23889, timestamp: 0x598d4c81
Codice eccezione: 0xc0000005
Offset errore 0x0004eb83
ID processo che ha generato l'errore: 0xeb0
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d3387fa62417bb
Percorso dell'applicazione che ha generato l'errore: C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
Percorso del modulo che ha generato l'errore: C:\Windows\SysWOW64\ntdll.dll
ID segnalazione: ea12a0b4-a472-11e7-a152-001e101f7fb6
Error: (09/28/2017 07:24:00 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
(Stream product id=0x0066): Streaming Failed
Error: (09/28/2017 07:23:30 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
Too many failures while downloading ranges: 2
Error: (09/28/2017 07:22:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Servizi di crittografia: impossibile inizializzare il database del catalogo. Errore ESENT: -550.
System errors:
=============
Error: (09/29/2017 06:38:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio RHDISK_AMD64 non è stato avviato per il seguente errore:
Impossibile trovare il percorso specificato.
Error: (09/29/2017 06:38:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio RdnaoFlSvc non è stato avviato per il seguente errore:
Impossibile trovare il file specificato.
Error: (09/29/2017 01:04:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio RHDISK_AMD64 non è stato avviato per il seguente errore:
Impossibile trovare il percorso specificato.
Error: (09/29/2017 01:04:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio RdnaoFlSvc non è stato avviato per il seguente errore:
Impossibile trovare il file specificato.
Error: (09/28/2017 08:01:34 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Caricamento del driver \??\C:\Windows\System32\drivers\TrueSight.sys bloccato a causa di incompatibilità con il sistema in uso. Rivolgersi al fornitore del software per richiedere una versione compatibile del driver.
Error: (09/28/2017 07:29:32 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Servizio Intel(R) Management & Security Application User Notification Service bloccato in partenza.
Error: (09/28/2017 07:26:29 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a26\??\C:\Users\DF\ntuser.dat
Error: (09/28/2017 07:24:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio Servizio Gateway di livello applicazione non è stato avviato per il seguente errore:
Il servizio non ha risposto alla richiesta di avvio o controllo nel tempo previsto.
Error: (09/28/2017 07:24:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della connessione del servizio Servizio Gateway di livello applicazione.
Error: (09/28/2017 07:21:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio RHDISK_AMD64 non è stato avviato per il seguente errore:
Impossibile trovare il percorso specificato.
CodeIntegrity:
===================================
Date: 2016-09-05 10:05:03.703
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-05 10:05:03.469
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 20:14:32.813
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 20:14:32.735
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 11:15:37.204
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 11:15:37.126
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 01:02:34.666
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 01:02:34.369
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-03 21:42:00.580
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-03 21:42:00.486
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU P6200 @ 2.13GHz
Percentage of memory in use: 49%
Total physical RAM: 3958.71 MB
Available physical RAM: 2001.39 MB
Total Virtual: 7915.6 MB
Available Virtual: 5906.11 MB
==================== Drives ================================
Drive c: (Packard Bell) (Fixed) (Total:450.66 GB) (Free:271.6 GB) NTFS
Drive e: (Mobile Partner) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 240CA24E)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================