Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2017
Ran by DF (07-10-2017 17:24:52)
Running from C:\Users\DF\Contacts\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-09-09 01:14:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1286336489-1028466569-3393745925-500 - Administrator - Disabled)
DF (S-1-5-21-1286336489-1028466569-3393745925-1000 - Administrator - Enabled) => C:\Users\DF
Guest (S-1-5-21-1286336489-1028466569-3393745925-501 - Limited - Enabled) => C:\Users\Guest
postgres (S-1-5-21-1286336489-1028466569-3393745925-1015 - Limited - Enabled) => C:\Users\postgres.DF-PC.000
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}) (Version: 0.0.0.2 - Nero AG) Hidden
Agatha Christie - Death on the Nile (HKLM-x32\...\WT088216) (Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{BAF4695F-7867-D8B2-528A-A1EF2EE0A9EF}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
Backup Manager Basic (HKLM-x32\...\{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems) Hidden
Bejeweled 2 Deluxe (HKLM-x32\...\WT088226) (Version: 2.2.0.95 - WildTangent) Hidden
BetClic Poker (HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\BetClic Poker) (Version: - )
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
Build-a-lot 2 (HKLM-x32\...\WT088228) (Version: 2.2.0.95 - WildTangent) Hidden
ccc-core-static (HKLM-x32\...\{28849F27-E11E-F067-C4B5-7F4CDB75D473}) (Version: 2010.0825.2205.37769 - Nome società) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Chuzzle Deluxe (HKLM-x32\...\WT088235) (Version: 2.2.0.95 - WildTangent) Hidden
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 33.1.0.1 - Comodo)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT088238) (Version: 2.2.0.95 - WildTangent) Hidden
Driver dispositivo USB (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2066.1.9B05 - )
e-express (HKLM-x32\...\e-express) (Version: 21.005.20.01.606 - Huawei Technologies Co.,Ltd)
EhoCW Alpha 0.91n 06/12/2010 (HKLM-x32\...\EhoCW) (Version: Alpha 0.91n 06/12/2010 - F8EHO)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
ETDWare PS/2-x64 7.0.6.5_WHQL (HKLM\...\Elantech) (Version: 7.0.6.5 - ELAN Microelectronics Corp.)
Farm Frenzy (HKLM-x32\...\WT088260) (Version: 2.2.0.95 - WildTangent) Hidden
FATE (HKLM-x32\...\WT088416) (Version: 2.2.0.95 - WildTangent) Hidden
FileZilla Client 3.23.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.23.0.2 - Tim Kosse)
Final Drive Nitro (HKLM-x32\...\WT088420) (Version: 2.2.0.95 - WildTangent) Hidden
FLV-Media Player 1.8 (HKLM-x32\...\FLV-Media Player) (Version: 1.8 - HYBRIDWEB)
Free Sound Recorder v10.8.8 (HKLM-x32\...\Free Sound Recorder_is1) (Version: - Copyright(C) 2005-2015 FreeSoundRecorder Technologies, Inc.)
Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GD Poker (HKLM-x32\...\GiocoDigitalePoker) (Version: - GiocoDigitale)
GDpoker 1.0.0 (HKLM-x32\...\GDpoker_is1) (Version: 1.0.0 - gd_poker)
GL USB2.0 UVC Camera Device (HKLM-x32\...\{9897BBD8-013A-49F3-928E-866A59B6E00C}) (Version: 15.12.14.0 - GenesysLogic)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HMA! Pro VPN 2.7.1.7 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.7.1.7 - )
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version: - )
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Packard Bell)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
ImTOO DVD Creator (HKLM-x32\...\ImTOO DVD Creator) (Version: 7.0.3.1214 - ImTOO)
Insaniquarium Deluxe (HKLM-x32\...\WT088268) (Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Jewel Quest Solitaire 2 (HKLM-x32\...\WT088269) (Version: 2.2.0.95 - WildTangent) Hidden
JLG Extended Keyboard Layout US (v1.1) (HKLM-x32\...\{0904AF3E-7420-42B7-9174-AB2F9070281B}) (Version: 1.1 - JLG Utilities)
John Deere Drive Green (HKLM-x32\...\WT088448) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - Packard Bell)
LogProtect version 1.4.3 (HKLM-x32\...\LogProtect_is1) (Version: - )
Lottomatica.it Poker (HKLM-x32\...\Lottomatica.it Poker ) (Version: - GTECH Corporation)
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft .NET Framework 4.7 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office a portata di clic 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Italiano (HKLM-x32\...\{90140011-0066-0410-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 16.002.15.01.51 - Huawei Technologies Co.,Ltd)
Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0 (x64 en-US)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.0.6484 - Mozilla)
MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NCPlot v2.32 (HKLM-x32\...\NCPlot_is1) (Version: - NCPlot Software LLC)
Nero 9 Essentials (HKLM-x32\...\{c68f25a7-43f0-423d-b5de-ca33885f1ba7}) (Version: - Nero AG)
OpenOffice 4.1.3 (HKLM-x32\...\{3E1679DA-5081-44AA-B4C2-BF8EE7E107E0}) (Version: 4.13.9783 - Apache Software Foundation)
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.1.3 - WildTangent)
Packard Bell MyBackup (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3016 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.03.3003 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0806.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 1.0.1901 - CyberLink Corp.) Hidden
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 1.0.1901 - CyberLink Corp.)
PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version: - )
PDF Architect (HKLM-x32\...\{86D8A96B-1911-4C3F-AA16-0B47E053E492}) (Version: 1.2.97.14551 - pdfforge GmbH)
Pencil (HKLM-x32\...\Pencil) (Version: - Evolus Co., Ltd.)
Penguins! (HKLM-x32\...\WT088452) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (HKLM-x32\...\WT088283) (Version: 2.2.0.95 - WildTangent) Hidden
Poker Club by Lottomatica (HKLM-x32\...\Poker Club by Lottomatica ) (Version: - Boss Media AB)
PokerStars.it (HKLM-x32\...\PokerStars.it) (Version: - PokerStars.it)
Polar Bowler (HKLM-x32\...\WT088456) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT088460) (Version: 2.2.0.95 - WildTangent) Hidden
Pool Rebel for Windows (HKLM-x32\...\Pool Rebel for Windows_is1) (Version: - Compumaster Ltd)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
PX Profile Update (HKLM-x32\...\{98A26988-E99C-2EA6-684A-3FFE6F3A90F9}) (Version: 1.00.1. - AMD) Hidden
Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
SafeZone Stable 1.51.2220.62 (HKLM-x32\...\SafeZone 1.51.2220.62) (Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (HKLM-x32\...\{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Should I Remove It (HKLM-x32\...\{4E62123C-4C0D-4123-A8A2-C0103B92D7EA}) (Version: 1.0.4 - Reason Software Company Inc.) Hidden
Should I Remove It (HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Smart PC Recorder - by freebird (HKLM-x32\...\SmartPCRecorder) (Version: 1.2 - Freebird)
Sublime Text Build 3114 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Titanbet.it Poker (HKLM-x32\...\Titanpoker.it) (Version: - )
Viber (HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\Viber) (Version: 5.1.2.24 - Viber Media Inc)
Video to Video (HKLM-x32\...\{7F95A744-78DA-4AED-A8F0-A0AF330B8411}_is1) (Version: - Media Converters)
Video Web Camera (HKLM-x32\...\{83299633-1261-47A3-84F3-6F02B4B8CDB1}) (Version: 2.0.6.0 - Liteon)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT088508) (Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Wampserver64 3.0.6 (HKLM\...\{wampserver64}_is1) (Version: 3.0.6 - Dominique Ottello aka Otomatic)
Web Companion (HKLM-x32\...\{67651c28-5e35-4bd7-849c-145c2062e619}) (Version: 2.3.1411.2698 - Lavasoft)
WEBpatente 4.2 (HKLM-x32\...\{29D4BDED-54EC-4FDA-B2E1-B6A5F8C4E5C2}}_is1) (Version: - Roberto Mastri)
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3007 - Packard Bell)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{C89F2092-B9E4-46FD-83BB-C6F2D7838CED}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version: - ZTE Corporation)
Zuma Deluxe (HKLM-x32\...\WT088292) (Version: 2.2.0.95 - WildTangent) Hidden
Zuma's Revenge (HKLM-x32\...\WT088531) (Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\ChromeHTML: -> C:\Users\DF\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\DF\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\DF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\DF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\DF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\DF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\DF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-05] (AVAST Software)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll -> No File
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-05] (AVAST Software)
ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2012-05-22] (The Eraser Project)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-05] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-08-25] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-05] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0FAC4710-5291-422D-BA25-ED71BF109437} - System32\Tasks\{5EF0B267-6728-4AA1-9146-FD57F3F21FA1} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {113310D4-59CA-457B-BB4F-AAA886A6D681} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1286336489-1028466569-3393745925-1000UA => C:\Users\DF\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {145A4324-772A-4A1F-976F-D81BC628B04D} - System32\Tasks\GoogleUpdateTaskMachineUA1d3356085573eb8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1A47E4B2-FCEE-478E-AE28-1C2BF434B4CD} - System32\Tasks\AVAST Software\Avast settings backup
Task: {2C01746D-96DD-4F32-8E1B-5FE4FC42EC4D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {3CC8F55E-5EB2-4DE2-BE09-A1CB1F8D3764} - System32\Tasks\{45CA06BB-DB9E-4D62-91B5-B0A0EB94EE8B} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Task: {3D5076EC-AA97-416C-8F17-E35BE8A5F05B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4513471C-4795-457C-A96A-FBB894DF828A} - System32\Tasks\{2D763861-8D8F-49BD-9780-5962A2A4CB9E} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.17.0.105/fr/abandoninstall?page=tsProgressBar
Task: {4B23F739-2101-4754-B2E9-B0854513EAF3} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {6245EE8B-612E-43FC-B838-FE7903BDF21B} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {680BBB87-C776-4C8C-804B-8D4C5EDFDB54} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-02] (Adobe Systems Incorporated)
Task: {6DB7008A-A54E-49E2-8C51-DBB985C069D6} - System32\Tasks\{20E3E361-DEC0-4511-AD18-70833B52E443} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {7E9DFBDD-986E-4957-B025-963D275A0F34} - System32\Tasks\{400330FA-85FC-4308-B182-782E4526524F} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\POKERC~1\UNWISE.EXE -c C:\PROGRA~2\POKERC~1\INSTALL.LOG
Task: {85178CC8-57AB-49C1-9D29-33B8BAB810B4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-05] (AVAST Software)
Task: {8862D2AD-D070-4749-ABBD-E51D5996D4E6} - System32\Tasks\{1D956DDB-65FC-4CEF-BA43-F7ABFF106DC4} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.17.0.105/fr/abandoninstall?page=tsProgressBar
Task: {91792999-1409-41EE-9A01-24B5E01DAC12} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {BBECA6D1-1897-4C71-93C7-1B837E238172} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {E51D94B3-5BF3-4BA7-BA58-541C81051C56} - System32\Tasks\GoogleUpdateTaskMachineCore1d33560853128b3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E6392A10-C729-46A6-9688-C3E8365B72A6} - System32\Tasks\Product Updater => C:\Program Files (x86)\Free Sound Recorder\FFProductUpdater.exe [2017-06-01] ()
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION
Task: {F3D2D8DA-A766-4029-9340-19EDF28C0F3E} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe [2010-12-02] (Acer)
Task: {F8342B61-DA23-4CDF-BEB5-A973803545EC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1286336489-1028466569-3393745925-1000Core => C:\Users\DF\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FE598438-C78C-4EB0-A979-4C4498762BDF} - System32\Tasks\{A0216EFB-4B48-4C4E-9528-1D29BB81A804} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1286336489-1028466569-3393745925-1000Core.job => C:\Users\DF\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1286336489-1028466569-3393745925-1000UA.job => C:\Users\DF\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\DF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICMIZER.lnk -> C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe (Microsoft Corporation) -> 2539601351.www.pokericmcalculator.com
==================== Loaded Modules (Whitelisted) ==============
2017-10-02 18:03 - 2017-09-27 09:37 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000169832 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000846752 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000286712 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2016-12-06 18:17 - 2016-12-06 18:17 - 000052400 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2014-07-01 04:45 - 2010-05-31 18:51 - 000536576 _____ () C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
2017-10-05 18:00 - 2017-10-05 18:00 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000217088 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000151104 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2017-10-06 12:25 - 2017-10-06 12:25 - 005891888 _____ () C:\Program Files\AVAST Software\Avast\defs\17100602\algo.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000700656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000241448 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-10-07 17:09 - 2017-10-07 17:09 - 005880504 _____ () C:\Program Files\AVAST Software\Avast\defs\17100700\algo.dll
2017-09-14 06:38 - 2017-09-14 06:38 - 000170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\37fc2d150a5569e7ce440b1dd07b7ee9\IsdiInterop.ni.dll
2011-02-17 10:09 - 2010-04-13 19:52 - 000058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000234280 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2014-07-01 04:45 - 2010-04-23 10:16 - 000014848 ____R () C:\Program Files (x86)\Mobile Partner\isaputrace.dll
2014-07-01 04:45 - 2010-05-31 18:48 - 000122880 _____ () C:\Program Files (x86)\Mobile Partner\DeviceMgrPlugin.dll
2014-07-01 04:45 - 2010-08-04 15:03 - 000159744 _____ () C:\Program Files (x86)\Mobile Partner\NetInfoPlugin.dll
2014-07-01 04:45 - 2010-05-31 18:45 - 000090112 _____ () C:\Program Files (x86)\Mobile Partner\DialUpPlugin.dll
2014-07-01 04:45 - 2010-05-31 18:49 - 000057344 _____ () C:\Program Files (x86)\Mobile Partner\ConfigFilePlugin.dll
2014-07-01 04:45 - 2010-08-06 16:50 - 001019904 _____ () C:\Program Files (x86)\Mobile Partner\NDISAPI.dll
2014-07-01 04:45 - 2010-05-31 17:54 - 000172032 ____R () C:\Program Files (x86)\Mobile Partner\DetectDev.dll
2014-07-01 04:45 - 2010-05-31 17:54 - 000598016 ____R () C:\Program Files (x86)\Mobile Partner\atcomm.dll
2014-07-01 04:45 - 2010-05-31 17:53 - 000061440 ____R () C:\Program Files (x86)\Mobile Partner\XCodec.dll
2014-07-01 04:45 - 2010-05-31 17:54 - 000061440 ____R () C:\Program Files (x86)\Mobile Partner\DeviceOperate.dll
2014-07-01 04:45 - 2010-05-31 18:51 - 000139264 _____ () C:\Program Files (x86)\Mobile Partner\LocaleMgrPlugin.dll
2014-07-01 04:45 - 2010-05-31 18:47 - 000073728 _____ () C:\Program Files (x86)\Mobile Partner\CallPlugin.dll
2014-07-01 04:45 - 2010-04-23 10:16 - 000090112 ____R () C:\Program Files (x86)\Mobile Partner\FileManager.dll
2014-07-01 04:45 - 2010-05-31 18:50 - 000032768 _____ () C:\Program Files (x86)\Mobile Partner\NotifyServicePlugin.dll
2014-07-01 04:45 - 2010-05-31 18:45 - 000253952 _____ () C:\Program Files (x86)\Mobile Partner\DeviceMgrUIPlugin.dll
2014-07-01 04:45 - 2010-05-31 18:50 - 000163840 _____ () C:\Program Files (x86)\Mobile Partner\SMSPlugin.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2016-11-14 19:43 - 000002053 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DF\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 212.52.97.25 - 193.70.152.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VideoWebCamera.exe.lnk => C:\Windows\pss\VideoWebCamera.exe.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AvgUi => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
MSCONFIG\startupreg: EDAHelper => C:\Users\DF\AppData\Local\Temp\Rar$EXa0.073\ZXW\SETUP\EDAHelper.exe
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: ETDWare => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: FreeCall => "C:\Program Files (x86)\FreeCall.com\FreeCall\freecall.exe" -nosplash -minimized
MSCONFIG\startupreg: GLSystray => C:\Program Files (x86)\GLPCCamera\monitorpad.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPDLR.exe => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: ProductUpdater => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VoipCheapCom => "C:\Program Files (x86)\VoipCheapCom.com\VoipCheapCom\voipcheapcom.exe" -nosplash -minimized
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{874A99B9-9E4D-4885-97D9-8BD6A735318B}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{681C367C-50AC-4AE7-9BB7-86258EB45374}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{54A44595-6AF6-437A-AC56-8818E48F952F}] => (Allow) svchost.exe
FirewallRules: [{991D5C48-8E74-4346-8047-207F0433390E}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{9775D280-FB50-417E-85F6-BFC9AA4F1604}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{4E4693A2-3A3B-4CE6-958C-82DC9EC4B221}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{05A53FC4-6678-4F2B-A324-4AC7C6B837CB}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{FB1E31F1-007B-48B4-AAEC-C2720F3F20CC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2D9914CE-E7D1-4753-B049-2B52F3290A32}] => (Allow) LPort=5432
FirewallRules: [TCP Query User{8D6463DD-094E-4532-B1AE-2B628C392089}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{0C9BC26B-E5E7-4E76-9BDC-CC5E129F3F1D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{0A6D4CF9-3992-4609-9147-D42D3DC86070}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C10DB6D2-9653-418E-A4A7-B6C5262174B2}] => (Allow) LPort=2869
FirewallRules: [{C47899D3-41C9-401B-883E-408253AF5D53}] => (Allow) LPort=1900
FirewallRules: [{72553287-1E30-44E7-AAA1-4CFBB7E658C3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4335BCC4-A604-4415-B2F8-F0364182A1C3}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{5B3B9558-867D-4784-831F-D17220653ECF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DE79213E-5843-4D49-A9E1-1E13F6AE6DB1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8EEF5595-7991-4B43-A723-CAD719BC40B1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B22079D5-842B-4C4E-B648-DA95D390C598}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{676DE828-E461-4F51-B846-2F514B1E1971}] => (Allow) C:\Users\DF\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{F2AFAC81-44D3-4CF8-8C52-FB497DED1D61}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EAC301DE-7D54-43DC-90A4-FBB3EC1919FD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3EF337B7-11A2-40E4-8C17-12EC2EC377AF}C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [UDP Query User{FDD4BD8B-1879-426D-A74D-2FE7C2A036DD}C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [{ED11E5FF-BAEC-4E88-950F-7BF3D22FB862}] => (Block) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [{04A67018-2A38-491D-8512-EC1FA9E3982D}] => (Block) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
==================== Restore Points =========================
25-09-2017 21:27:11 Removed Nero BurnLite 10.
25-09-2017 22:59:34 Windows Update
29-09-2017 13:29:09 Windows Update
29-09-2017 14:05:30 VEN290917
30-09-2017 19:56:22 Restore Point Created by FRST
04-10-2017 10:38:30 Windows Update
04-10-2017 11:03:01 ZHPFix Restore System Point
06-10-2017 12:29:37 ZHPFix Restore System Point
==================== Faulty Device Manager Devices =============
Name: Android
Description: Android
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: 1.3M HD WebCam
Description: Dispositivo video USB
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Android
Description: Android
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: ADB Interface
Description: ADB Interface
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/07/2017 05:06:15 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
(Patch task for {90140011-0066-0410-0000-0000000FF1CE}): DownloadLatest Failed: Nessuna connessione di rete attualmente attiva. Quando verrà collegata una scheda, Servizio trasferimento intelligente in background (BITS) ripeterà l'operazione.
Error: (10/07/2017 04:56:15 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
Impossibile completare l'azione. Riprovare. Se il problema persiste, rivolgersi al Servizio Supporto Tecnico Clienti Microsoft.
Error: (10/07/2017 04:55:58 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2017-10-07 14:55:58 GMTFATAL: bogus data in lock file "postmaster.pid": ""
Error: (10/06/2017 04:55:29 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
Impossibile completare l'azione. Riprovare. Se il problema persiste, rivolgersi al Servizio Supporto Tecnico Clienti Microsoft.
Error: (10/06/2017 04:54:57 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2017-10-06 14:54:57 GMTFATAL: bogus data in lock file "postmaster.pid": ""
Error: (10/06/2017 12:14:27 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
Impossibile completare l'azione. Riprovare. Se il problema persiste, rivolgersi al Servizio Supporto Tecnico Clienti Microsoft.
Error: (10/06/2017 12:14:23 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2017-10-06 10:14:23 GMTFATAL: bogus data in lock file "postmaster.pid": ""
Error: (10/06/2017 08:37:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "c:\program files (x86)\poker club by lottomatica\CrashSender1402.exe". Errore nel file manifesto o dei criteri "", alla riga .
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (10/06/2017 08:33:21 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "c:\program files (x86)\lottomatica.it poker\CrashSender1402.exe". Errore nel file manifesto o dei criteri "", alla riga .
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (10/06/2017 08:29:52 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
(Patch task for {90140011-0066-0410-0000-0000000FF1CE}): DownloadLatest Failed: Nessuna connessione di rete attualmente attiva. Quando verrà collegata una scheda, Servizio trasferimento intelligente in background (BITS) ripeterà l'operazione.
System errors:
=============
Error: (10/06/2017 08:22:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio aswbIDSAgent non è stato avviato per il seguente errore:
Il servizio non ha risposto alla richiesta di avvio o controllo nel tempo previsto.
Error: (10/06/2017 08:22:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della connessione del servizio aswbIDSAgent.
Error: (10/06/2017 03:20:11 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Servizio Windows Update bloccato in partenza.
Error: (10/05/2017 10:03:39 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: Agente proxy DNS: impossibile allocare 0 byte di memoria. Ciò potrebbe indicare una condizione di memoria virtuale insufficiente nel sistema oppure un errore interno rilevato dal gestore della memoria.
Error: (10/05/2017 09:59:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio Servizio Gateway di livello applicazione non è stato avviato per il seguente errore:
Il servizio non ha risposto alla richiesta di avvio o controllo nel tempo previsto.
Error: (10/05/2017 09:59:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della connessione del servizio Servizio Gateway di livello applicazione.
Error: (10/05/2017 06:08:17 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Il server {60A90A2F-858D-42AF-8929-82BE9D99E8A1} non si è registrato con DCOM entro il timeout richiesto.
Error: (10/05/2017 05:44:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Servizio Windows Update bloccato in partenza.
Error: (10/04/2017 10:28:37 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Servizio Windows Update bloccato in partenza.
Error: (10/03/2017 05:06:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio Agente criteri IPsec non è stato avviato per il seguente errore:
Il servizio non è stato avviato a causa di un errore in fase di accesso.
CodeIntegrity:
===================================
Date: 2016-09-05 10:05:03.703
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-05 10:05:03.469
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 20:14:32.813
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 20:14:32.735
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 11:15:37.204
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 11:15:37.126
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 01:02:34.666
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 01:02:34.369
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-03 21:42:00.580
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-03 21:42:00.486
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU P6200 @ 2.13GHz
Percentage of memory in use: 45%
Total physical RAM: 3958.71 MB
Available physical RAM: 2141.58 MB
Total Virtual: 7915.6 MB
Available Virtual: 6268.33 MB
==================== Drives ================================
Drive c: (Packard Bell) (Fixed) (Total:450.66 GB) (Free:273.27 GB) NTFS
Drive e: (Mobile Partner) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 240CA24E)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by DF (07-10-2017 17:24:52)
Running from C:\Users\DF\Contacts\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-09-09 01:14:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1286336489-1028466569-3393745925-500 - Administrator - Disabled)
DF (S-1-5-21-1286336489-1028466569-3393745925-1000 - Administrator - Enabled) => C:\Users\DF
Guest (S-1-5-21-1286336489-1028466569-3393745925-501 - Limited - Enabled) => C:\Users\Guest
postgres (S-1-5-21-1286336489-1028466569-3393745925-1015 - Limited - Enabled) => C:\Users\postgres.DF-PC.000
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}) (Version: 0.0.0.2 - Nero AG) Hidden
Agatha Christie - Death on the Nile (HKLM-x32\...\WT088216) (Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{BAF4695F-7867-D8B2-528A-A1EF2EE0A9EF}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
Backup Manager Basic (HKLM-x32\...\{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems) Hidden
Bejeweled 2 Deluxe (HKLM-x32\...\WT088226) (Version: 2.2.0.95 - WildTangent) Hidden
BetClic Poker (HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\BetClic Poker) (Version: - )
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
Build-a-lot 2 (HKLM-x32\...\WT088228) (Version: 2.2.0.95 - WildTangent) Hidden
ccc-core-static (HKLM-x32\...\{28849F27-E11E-F067-C4B5-7F4CDB75D473}) (Version: 2010.0825.2205.37769 - Nome società) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Chuzzle Deluxe (HKLM-x32\...\WT088235) (Version: 2.2.0.95 - WildTangent) Hidden
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 33.1.0.1 - Comodo)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT088238) (Version: 2.2.0.95 - WildTangent) Hidden
Driver dispositivo USB (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2066.1.9B05 - )
e-express (HKLM-x32\...\e-express) (Version: 21.005.20.01.606 - Huawei Technologies Co.,Ltd)
EhoCW Alpha 0.91n 06/12/2010 (HKLM-x32\...\EhoCW) (Version: Alpha 0.91n 06/12/2010 - F8EHO)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
ETDWare PS/2-x64 7.0.6.5_WHQL (HKLM\...\Elantech) (Version: 7.0.6.5 - ELAN Microelectronics Corp.)
Farm Frenzy (HKLM-x32\...\WT088260) (Version: 2.2.0.95 - WildTangent) Hidden
FATE (HKLM-x32\...\WT088416) (Version: 2.2.0.95 - WildTangent) Hidden
FileZilla Client 3.23.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.23.0.2 - Tim Kosse)
Final Drive Nitro (HKLM-x32\...\WT088420) (Version: 2.2.0.95 - WildTangent) Hidden
FLV-Media Player 1.8 (HKLM-x32\...\FLV-Media Player) (Version: 1.8 - HYBRIDWEB)
Free Sound Recorder v10.8.8 (HKLM-x32\...\Free Sound Recorder_is1) (Version: - Copyright(C) 2005-2015 FreeSoundRecorder Technologies, Inc.)
Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GD Poker (HKLM-x32\...\GiocoDigitalePoker) (Version: - GiocoDigitale)
GDpoker 1.0.0 (HKLM-x32\...\GDpoker_is1) (Version: 1.0.0 - gd_poker)
GL USB2.0 UVC Camera Device (HKLM-x32\...\{9897BBD8-013A-49F3-928E-866A59B6E00C}) (Version: 15.12.14.0 - GenesysLogic)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HMA! Pro VPN 2.7.1.7 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.7.1.7 - )
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version: - )
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Packard Bell)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
ImTOO DVD Creator (HKLM-x32\...\ImTOO DVD Creator) (Version: 7.0.3.1214 - ImTOO)
Insaniquarium Deluxe (HKLM-x32\...\WT088268) (Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Jewel Quest Solitaire 2 (HKLM-x32\...\WT088269) (Version: 2.2.0.95 - WildTangent) Hidden
JLG Extended Keyboard Layout US (v1.1) (HKLM-x32\...\{0904AF3E-7420-42B7-9174-AB2F9070281B}) (Version: 1.1 - JLG Utilities)
John Deere Drive Green (HKLM-x32\...\WT088448) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - Packard Bell)
LogProtect version 1.4.3 (HKLM-x32\...\LogProtect_is1) (Version: - )
Lottomatica.it Poker (HKLM-x32\...\Lottomatica.it Poker ) (Version: - GTECH Corporation)
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft .NET Framework 4.7 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office a portata di clic 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Italiano (HKLM-x32\...\{90140011-0066-0410-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 16.002.15.01.51 - Huawei Technologies Co.,Ltd)
Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0 (x64 en-US)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.0.6484 - Mozilla)
MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NCPlot v2.32 (HKLM-x32\...\NCPlot_is1) (Version: - NCPlot Software LLC)
Nero 9 Essentials (HKLM-x32\...\{c68f25a7-43f0-423d-b5de-ca33885f1ba7}) (Version: - Nero AG)
OpenOffice 4.1.3 (HKLM-x32\...\{3E1679DA-5081-44AA-B4C2-BF8EE7E107E0}) (Version: 4.13.9783 - Apache Software Foundation)
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.1.3 - WildTangent)
Packard Bell MyBackup (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3016 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.03.3003 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0806.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 1.0.1901 - CyberLink Corp.) Hidden
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 1.0.1901 - CyberLink Corp.)
PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version: - )
PDF Architect (HKLM-x32\...\{86D8A96B-1911-4C3F-AA16-0B47E053E492}) (Version: 1.2.97.14551 - pdfforge GmbH)
Pencil (HKLM-x32\...\Pencil) (Version: - Evolus Co., Ltd.)
Penguins! (HKLM-x32\...\WT088452) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (HKLM-x32\...\WT088283) (Version: 2.2.0.95 - WildTangent) Hidden
Poker Club by Lottomatica (HKLM-x32\...\Poker Club by Lottomatica ) (Version: - Boss Media AB)
PokerStars.it (HKLM-x32\...\PokerStars.it) (Version: - PokerStars.it)
Polar Bowler (HKLM-x32\...\WT088456) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT088460) (Version: 2.2.0.95 - WildTangent) Hidden
Pool Rebel for Windows (HKLM-x32\...\Pool Rebel for Windows_is1) (Version: - Compumaster Ltd)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
PX Profile Update (HKLM-x32\...\{98A26988-E99C-2EA6-684A-3FFE6F3A90F9}) (Version: 1.00.1. - AMD) Hidden
Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
SafeZone Stable 1.51.2220.62 (HKLM-x32\...\SafeZone 1.51.2220.62) (Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (HKLM-x32\...\{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Should I Remove It (HKLM-x32\...\{4E62123C-4C0D-4123-A8A2-C0103B92D7EA}) (Version: 1.0.4 - Reason Software Company Inc.) Hidden
Should I Remove It (HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Smart PC Recorder - by freebird (HKLM-x32\...\SmartPCRecorder) (Version: 1.2 - Freebird)
Sublime Text Build 3114 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Titanbet.it Poker (HKLM-x32\...\Titanpoker.it) (Version: - )
Viber (HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\Viber) (Version: 5.1.2.24 - Viber Media Inc)
Video to Video (HKLM-x32\...\{7F95A744-78DA-4AED-A8F0-A0AF330B8411}_is1) (Version: - Media Converters)
Video Web Camera (HKLM-x32\...\{83299633-1261-47A3-84F3-6F02B4B8CDB1}) (Version: 2.0.6.0 - Liteon)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT088508) (Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Wampserver64 3.0.6 (HKLM\...\{wampserver64}_is1) (Version: 3.0.6 - Dominique Ottello aka Otomatic)
Web Companion (HKLM-x32\...\{67651c28-5e35-4bd7-849c-145c2062e619}) (Version: 2.3.1411.2698 - Lavasoft)
WEBpatente 4.2 (HKLM-x32\...\{29D4BDED-54EC-4FDA-B2E1-B6A5F8C4E5C2}}_is1) (Version: - Roberto Mastri)
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3007 - Packard Bell)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{C89F2092-B9E4-46FD-83BB-C6F2D7838CED}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version: - ZTE Corporation)
Zuma Deluxe (HKLM-x32\...\WT088292) (Version: 2.2.0.95 - WildTangent) Hidden
Zuma's Revenge (HKLM-x32\...\WT088531) (Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\ChromeHTML: -> C:\Users\DF\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\DF\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\DF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\DF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\DF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\DF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\DF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\DF\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-05] (AVAST Software)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll -> No File
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-05] (AVAST Software)
ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2012-05-22] (The Eraser Project)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-05] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-08-25] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-05] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0FAC4710-5291-422D-BA25-ED71BF109437} - System32\Tasks\{5EF0B267-6728-4AA1-9146-FD57F3F21FA1} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {113310D4-59CA-457B-BB4F-AAA886A6D681} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1286336489-1028466569-3393745925-1000UA => C:\Users\DF\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {145A4324-772A-4A1F-976F-D81BC628B04D} - System32\Tasks\GoogleUpdateTaskMachineUA1d3356085573eb8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1A47E4B2-FCEE-478E-AE28-1C2BF434B4CD} - System32\Tasks\AVAST Software\Avast settings backup
Task: {2C01746D-96DD-4F32-8E1B-5FE4FC42EC4D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {3CC8F55E-5EB2-4DE2-BE09-A1CB1F8D3764} - System32\Tasks\{45CA06BB-DB9E-4D62-91B5-B0A0EB94EE8B} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Task: {3D5076EC-AA97-416C-8F17-E35BE8A5F05B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4513471C-4795-457C-A96A-FBB894DF828A} - System32\Tasks\{2D763861-8D8F-49BD-9780-5962A2A4CB9E} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.17.0.105/fr/abandoninstall?page=tsProgressBar
Task: {4B23F739-2101-4754-B2E9-B0854513EAF3} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {6245EE8B-612E-43FC-B838-FE7903BDF21B} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {680BBB87-C776-4C8C-804B-8D4C5EDFDB54} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-02] (Adobe Systems Incorporated)
Task: {6DB7008A-A54E-49E2-8C51-DBB985C069D6} - System32\Tasks\{20E3E361-DEC0-4511-AD18-70833B52E443} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {7E9DFBDD-986E-4957-B025-963D275A0F34} - System32\Tasks\{400330FA-85FC-4308-B182-782E4526524F} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\POKERC~1\UNWISE.EXE -c C:\PROGRA~2\POKERC~1\INSTALL.LOG
Task: {85178CC8-57AB-49C1-9D29-33B8BAB810B4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-05] (AVAST Software)
Task: {8862D2AD-D070-4749-ABBD-E51D5996D4E6} - System32\Tasks\{1D956DDB-65FC-4CEF-BA43-F7ABFF106DC4} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.17.0.105/fr/abandoninstall?page=tsProgressBar
Task: {91792999-1409-41EE-9A01-24B5E01DAC12} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {BBECA6D1-1897-4C71-93C7-1B837E238172} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {E51D94B3-5BF3-4BA7-BA58-541C81051C56} - System32\Tasks\GoogleUpdateTaskMachineCore1d33560853128b3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E6392A10-C729-46A6-9688-C3E8365B72A6} - System32\Tasks\Product Updater => C:\Program Files (x86)\Free Sound Recorder\FFProductUpdater.exe [2017-06-01] ()
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION
Task: {F3D2D8DA-A766-4029-9340-19EDF28C0F3E} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe [2010-12-02] (Acer)
Task: {F8342B61-DA23-4CDF-BEB5-A973803545EC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1286336489-1028466569-3393745925-1000Core => C:\Users\DF\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FE598438-C78C-4EB0-A979-4C4498762BDF} - System32\Tasks\{A0216EFB-4B48-4C4E-9528-1D29BB81A804} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1286336489-1028466569-3393745925-1000Core.job => C:\Users\DF\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1286336489-1028466569-3393745925-1000UA.job => C:\Users\DF\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\DF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICMIZER.lnk -> C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe (Microsoft Corporation) -> 2539601351.www.pokericmcalculator.com
==================== Loaded Modules (Whitelisted) ==============
2017-10-02 18:03 - 2017-09-27 09:37 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000169832 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000846752 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000286712 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2016-12-06 18:17 - 2016-12-06 18:17 - 000052400 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2014-07-01 04:45 - 2010-05-31 18:51 - 000536576 _____ () C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
2017-10-05 18:00 - 2017-10-05 18:00 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000217088 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000151104 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2017-10-06 12:25 - 2017-10-06 12:25 - 005891888 _____ () C:\Program Files\AVAST Software\Avast\defs\17100602\algo.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000700656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000241448 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-10-07 17:09 - 2017-10-07 17:09 - 005880504 _____ () C:\Program Files\AVAST Software\Avast\defs\17100700\algo.dll
2017-09-14 06:38 - 2017-09-14 06:38 - 000170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\37fc2d150a5569e7ce440b1dd07b7ee9\IsdiInterop.ni.dll
2011-02-17 10:09 - 2010-04-13 19:52 - 000058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-10-05 18:00 - 2017-10-05 18:00 - 000234280 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2014-07-01 04:45 - 2010-04-23 10:16 - 000014848 ____R () C:\Program Files (x86)\Mobile Partner\isaputrace.dll
2014-07-01 04:45 - 2010-05-31 18:48 - 000122880 _____ () C:\Program Files (x86)\Mobile Partner\DeviceMgrPlugin.dll
2014-07-01 04:45 - 2010-08-04 15:03 - 000159744 _____ () C:\Program Files (x86)\Mobile Partner\NetInfoPlugin.dll
2014-07-01 04:45 - 2010-05-31 18:45 - 000090112 _____ () C:\Program Files (x86)\Mobile Partner\DialUpPlugin.dll
2014-07-01 04:45 - 2010-05-31 18:49 - 000057344 _____ () C:\Program Files (x86)\Mobile Partner\ConfigFilePlugin.dll
2014-07-01 04:45 - 2010-08-06 16:50 - 001019904 _____ () C:\Program Files (x86)\Mobile Partner\NDISAPI.dll
2014-07-01 04:45 - 2010-05-31 17:54 - 000172032 ____R () C:\Program Files (x86)\Mobile Partner\DetectDev.dll
2014-07-01 04:45 - 2010-05-31 17:54 - 000598016 ____R () C:\Program Files (x86)\Mobile Partner\atcomm.dll
2014-07-01 04:45 - 2010-05-31 17:53 - 000061440 ____R () C:\Program Files (x86)\Mobile Partner\XCodec.dll
2014-07-01 04:45 - 2010-05-31 17:54 - 000061440 ____R () C:\Program Files (x86)\Mobile Partner\DeviceOperate.dll
2014-07-01 04:45 - 2010-05-31 18:51 - 000139264 _____ () C:\Program Files (x86)\Mobile Partner\LocaleMgrPlugin.dll
2014-07-01 04:45 - 2010-05-31 18:47 - 000073728 _____ () C:\Program Files (x86)\Mobile Partner\CallPlugin.dll
2014-07-01 04:45 - 2010-04-23 10:16 - 000090112 ____R () C:\Program Files (x86)\Mobile Partner\FileManager.dll
2014-07-01 04:45 - 2010-05-31 18:50 - 000032768 _____ () C:\Program Files (x86)\Mobile Partner\NotifyServicePlugin.dll
2014-07-01 04:45 - 2010-05-31 18:45 - 000253952 _____ () C:\Program Files (x86)\Mobile Partner\DeviceMgrUIPlugin.dll
2014-07-01 04:45 - 2010-05-31 18:50 - 000163840 _____ () C:\Program Files (x86)\Mobile Partner\SMSPlugin.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2016-11-14 19:43 - 000002053 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1286336489-1028466569-3393745925-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DF\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 212.52.97.25 - 193.70.152.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VideoWebCamera.exe.lnk => C:\Windows\pss\VideoWebCamera.exe.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AvgUi => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
MSCONFIG\startupreg: EDAHelper => C:\Users\DF\AppData\Local\Temp\Rar$EXa0.073\ZXW\SETUP\EDAHelper.exe
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: ETDWare => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: FreeCall => "C:\Program Files (x86)\FreeCall.com\FreeCall\freecall.exe" -nosplash -minimized
MSCONFIG\startupreg: GLSystray => C:\Program Files (x86)\GLPCCamera\monitorpad.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPDLR.exe => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: ProductUpdater => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VoipCheapCom => "C:\Program Files (x86)\VoipCheapCom.com\VoipCheapCom\voipcheapcom.exe" -nosplash -minimized
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{874A99B9-9E4D-4885-97D9-8BD6A735318B}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{681C367C-50AC-4AE7-9BB7-86258EB45374}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{54A44595-6AF6-437A-AC56-8818E48F952F}] => (Allow) svchost.exe
FirewallRules: [{991D5C48-8E74-4346-8047-207F0433390E}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{9775D280-FB50-417E-85F6-BFC9AA4F1604}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{4E4693A2-3A3B-4CE6-958C-82DC9EC4B221}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{05A53FC4-6678-4F2B-A324-4AC7C6B837CB}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{FB1E31F1-007B-48B4-AAEC-C2720F3F20CC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2D9914CE-E7D1-4753-B049-2B52F3290A32}] => (Allow) LPort=5432
FirewallRules: [TCP Query User{8D6463DD-094E-4532-B1AE-2B628C392089}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{0C9BC26B-E5E7-4E76-9BDC-CC5E129F3F1D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{0A6D4CF9-3992-4609-9147-D42D3DC86070}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C10DB6D2-9653-418E-A4A7-B6C5262174B2}] => (Allow) LPort=2869
FirewallRules: [{C47899D3-41C9-401B-883E-408253AF5D53}] => (Allow) LPort=1900
FirewallRules: [{72553287-1E30-44E7-AAA1-4CFBB7E658C3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4335BCC4-A604-4415-B2F8-F0364182A1C3}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{5B3B9558-867D-4784-831F-D17220653ECF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DE79213E-5843-4D49-A9E1-1E13F6AE6DB1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8EEF5595-7991-4B43-A723-CAD719BC40B1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B22079D5-842B-4C4E-B648-DA95D390C598}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{676DE828-E461-4F51-B846-2F514B1E1971}] => (Allow) C:\Users\DF\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{F2AFAC81-44D3-4CF8-8C52-FB497DED1D61}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EAC301DE-7D54-43DC-90A4-FBB3EC1919FD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3EF337B7-11A2-40E4-8C17-12EC2EC377AF}C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [UDP Query User{FDD4BD8B-1879-426D-A74D-2FE7C2A036DD}C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [{ED11E5FF-BAEC-4E88-950F-7BF3D22FB862}] => (Block) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
FirewallRules: [{04A67018-2A38-491D-8512-EC1FA9E3982D}] => (Block) C:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe
==================== Restore Points =========================
25-09-2017 21:27:11 Removed Nero BurnLite 10.
25-09-2017 22:59:34 Windows Update
29-09-2017 13:29:09 Windows Update
29-09-2017 14:05:30 VEN290917
30-09-2017 19:56:22 Restore Point Created by FRST
04-10-2017 10:38:30 Windows Update
04-10-2017 11:03:01 ZHPFix Restore System Point
06-10-2017 12:29:37 ZHPFix Restore System Point
==================== Faulty Device Manager Devices =============
Name: Android
Description: Android
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: 1.3M HD WebCam
Description: Dispositivo video USB
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Android
Description: Android
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: ADB Interface
Description: ADB Interface
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/07/2017 05:06:15 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
(Patch task for {90140011-0066-0410-0000-0000000FF1CE}): DownloadLatest Failed: Nessuna connessione di rete attualmente attiva. Quando verrà collegata una scheda, Servizio trasferimento intelligente in background (BITS) ripeterà l'operazione.
Error: (10/07/2017 04:56:15 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
Impossibile completare l'azione. Riprovare. Se il problema persiste, rivolgersi al Servizio Supporto Tecnico Clienti Microsoft.
Error: (10/07/2017 04:55:58 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2017-10-07 14:55:58 GMTFATAL: bogus data in lock file "postmaster.pid": ""
Error: (10/06/2017 04:55:29 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
Impossibile completare l'azione. Riprovare. Se il problema persiste, rivolgersi al Servizio Supporto Tecnico Clienti Microsoft.
Error: (10/06/2017 04:54:57 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2017-10-06 14:54:57 GMTFATAL: bogus data in lock file "postmaster.pid": ""
Error: (10/06/2017 12:14:27 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
Impossibile completare l'azione. Riprovare. Se il problema persiste, rivolgersi al Servizio Supporto Tecnico Clienti Microsoft.
Error: (10/06/2017 12:14:23 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2017-10-06 10:14:23 GMTFATAL: bogus data in lock file "postmaster.pid": ""
Error: (10/06/2017 08:37:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "c:\program files (x86)\poker club by lottomatica\CrashSender1402.exe". Errore nel file manifesto o dei criteri "", alla riga .
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (10/06/2017 08:33:21 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "c:\program files (x86)\lottomatica.it poker\CrashSender1402.exe". Errore nel file manifesto o dei criteri "", alla riga .
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (10/06/2017 08:29:52 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
(Patch task for {90140011-0066-0410-0000-0000000FF1CE}): DownloadLatest Failed: Nessuna connessione di rete attualmente attiva. Quando verrà collegata una scheda, Servizio trasferimento intelligente in background (BITS) ripeterà l'operazione.
System errors:
=============
Error: (10/06/2017 08:22:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio aswbIDSAgent non è stato avviato per il seguente errore:
Il servizio non ha risposto alla richiesta di avvio o controllo nel tempo previsto.
Error: (10/06/2017 08:22:20 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della connessione del servizio aswbIDSAgent.
Error: (10/06/2017 03:20:11 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Servizio Windows Update bloccato in partenza.
Error: (10/05/2017 10:03:39 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: Agente proxy DNS: impossibile allocare 0 byte di memoria. Ciò potrebbe indicare una condizione di memoria virtuale insufficiente nel sistema oppure un errore interno rilevato dal gestore della memoria.
Error: (10/05/2017 09:59:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio Servizio Gateway di livello applicazione non è stato avviato per il seguente errore:
Il servizio non ha risposto alla richiesta di avvio o controllo nel tempo previsto.
Error: (10/05/2017 09:59:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della connessione del servizio Servizio Gateway di livello applicazione.
Error: (10/05/2017 06:08:17 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Il server {60A90A2F-858D-42AF-8929-82BE9D99E8A1} non si è registrato con DCOM entro il timeout richiesto.
Error: (10/05/2017 05:44:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Servizio Windows Update bloccato in partenza.
Error: (10/04/2017 10:28:37 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Servizio Windows Update bloccato in partenza.
Error: (10/03/2017 05:06:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio Agente criteri IPsec non è stato avviato per il seguente errore:
Il servizio non è stato avviato a causa di un errore in fase di accesso.
CodeIntegrity:
===================================
Date: 2016-09-05 10:05:03.703
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-05 10:05:03.469
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 20:14:32.813
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 20:14:32.735
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 11:15:37.204
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 11:15:37.126
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 01:02:34.666
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-04 01:02:34.369
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-03 21:42:00.580
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
Date: 2016-09-03 21:42:00.486
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU P6200 @ 2.13GHz
Percentage of memory in use: 45%
Total physical RAM: 3958.71 MB
Available physical RAM: 2141.58 MB
Total Virtual: 7915.6 MB
Available Virtual: 6268.33 MB
==================== Drives ================================
Drive c: (Packard Bell) (Fixed) (Total:450.66 GB) (Free:273.27 GB) NTFS
Drive e: (Mobile Partner) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 240CA24E)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================