0% found this document useful (0 votes)

109 views22 pages

Otl

Uploaded by

Michele Martinez

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

109 views22 pages

Otl

Uploaded by

Michele Martinez

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

You are on page 1/ 22

OTL logfile created on: 23.07.

2013 11:12:34 - Run 1

OTL by OldTimer - Version 3.2.69.0
Folder = C:\Users\Andrea\Downloads
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 0000100c | Country: Suisse | Language: FRS | Date Format: dd.MM.yyyy
11,93 Gb Total Physical Memory | 8,90 Gb Available Physical Memory | 74,58% Memo
ry free
13,62 Gb Paging File | 10,20 Gb Available in Paging File | 74,87% Paging File fr
ee
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Fil
es (x86)
Drive C: | 232,54 Gb Total Space | 125,82 Gb Free Space | 54,11% Space Free | Pa
rtition Type: NTFS
Drive D: | 465,76 Gb Total Space | 165,76 Gb Free Space | 35,59% Space Free | Pa
rtition Type: NTFS
Computer Name: HPCOMPAQ6000PRO | User Name: Andrea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitel
ist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2013.07.23 10:45:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\User
s\Andrea\Downloads\OTL.exe
PRC - [2013.07.19 16:24:56 | 000,270,520 | ---- | M] () -- C:\Users\Andrea\AppDa
ta\Roaming\Dashlane\Dashlane.exe
PRC - [2013.07.12 20:49:47 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program
Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.07.08 14:39:02 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Users\A
ndrea\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013.07.03 23:39:22 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\
Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.07.03 23:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) -- C:\
Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.07.03 02:53:20 | 029,337,928 | ---- | M] (Dropbox, Inc.) -- C:\Users
\x-ang_000\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.06.21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\
Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.05.13 16:39:15 | 000,356,352 | ---- | M] ( Mignosoft Corporation.) - C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\IEmonitor\IEMonitor.exe
PRC - [2013.04.05 12:59:08 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program
Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2013.04.05 12:58:26 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program
Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2013.01.28 13:08:14 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program
Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012.12.11 11:59:14 | 009,440,256 | ---- | M] (Celartem, Inc., doing busi
ness as Extensis.) -- C:\Program Files (x86)\Extensis\Suitcase Fusion 4\FMCore.e
xe
PRC - [2012.07.13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Fil
es (x86)\Nero\Update\NASvc.exe
PRC - [2012.06.11 17:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2010.03.08 09:38:42 | 000,517,416 | ---- | M] (Nero AG) -- C:\Program Fil
es (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013.07.19 16:24:56 | 000,270,520 | ---- | M] () -- C:\Users\Andrea\AppDa
ta\Roaming\Dashlane\Dashlane.exe
MOD - [2013.07.19 16:24:12 | 012,466,872 | ---- | M] () -- C:\Users\Andrea\AppDa
ta\Roaming\Dashlane\2.1.3.40845\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-f
b1ee16b8e9f}\components\KWMainLib.2.1.3.40845.dll
MOD - [2013.07.19 16:24:12 | 001,870,520 | ---- | M] () -- C:\Users\Andrea\AppDa
ta\Roaming\Dashlane\2.1.3.40845\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-f
b1ee16b8e9f}\components\KWMainLibData.2.1.3.40845.dll
MOD - [2013.07.19 16:24:12 | 000,411,320 | ---- | M] () -- C:\Users\Andrea\AppDa
ta\Roaming\Dashlane\2.1.3.40845\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-f
b1ee16b8e9f}\components\KWUtils.2.1.3.40845.dll
MOD - [2013.07.19 16:24:12 | 000,155,832 | ---- | M] () -- C:\Users\Andrea\AppDa
ta\Roaming\Dashlane\2.1.3.40845\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-f
b1ee16b8e9f}\components\KWMainLib_win.2.1.3.40845.dll
MOD - [2013.07.19 16:24:10 | 026,062,008 | ---- | M] () -- C:\Users\Andrea\AppDa
ta\Roaming\Dashlane\2.1.3.40845\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-f
b1ee16b8e9f}\components\KWExternLib.2.1.3.40845.dll
MOD - [2013.07.19 16:24:10 | 000,225,464 | ---- | M] () -- C:\Users\Andrea\AppDa
ta\Roaming\Dashlane\2.1.3.40845\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-f
b1ee16b8e9f}\components\Kwift_NPAPI_exports.2.1.3.40845.dll
MOD - [2013.07.19 16:24:10 | 000,179,896 | ---- | M] () -- C:\Users\Andrea\AppDa
ta\Roaming\Dashlane\2.1.3.40845\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-f
b1ee16b8e9f}\components\KWDebugDll_win32.2.1.3.40845.dll
MOD - [2013.07.19 16:24:08 | 004,751,032 | ---- | M] () -- C:\Users\Andrea\AppDa
ta\Roaming\Dashlane\2.1.3.40845\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-f
b1ee16b8e9f}\components\KWData.2.1.3.40845.dll
MOD - [2013.07.19 16:24:08 | 003,928,760 | ---- | M] () -- C:\Users\Andrea\AppDa
ta\Roaming\Dashlane\2.1.3.40845\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-f
b1ee16b8e9f}\components\KWApplication.2.1.3.40845.dll
MOD - [2013.07.19 16:24:08 | 000,341,688 | ---- | M] () -- C:\Users\Andrea\AppDa
ta\Roaming\Dashlane\2.1.3.40845\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-f
b1ee16b8e9f}\components\KWDebug.2.1.3.40845.dll
MOD - [2013.07.12 20:49:44 | 000,396,240 | ---- | M] () -- C:\Program Files (x86
)\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll
MOD - [2013.07.12 20:49:42 | 004,052,944 | ---- | M] () -- C:\Program Files (x86
)\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013.07.12 20:48:52 | 000,601,552 | ---- | M] () -- C:\Program Files (x86
)\Google\Chrome\Application\28.0.1500.72\libglesv2.dll
MOD - [2013.07.12 20:48:51 | 000,123,344 | ---- | M] () -- C:\Program Files (x86
)\Google\Chrome\Application\28.0.1500.72\libegl.dll
MOD - [2013.07.12 20:48:49 | 001,597,392 | ---- | M] () -- C:\Program Files (x86
)\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2013.03.13 22:48:52 | 024,978,944 | ---- | M] () -- C:\Users\x-ang_000\Ap
pData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012.12.11 11:52:04 | 001,007,616 | ---- | M] () -- C:\Program Files (x86
)\Extensis\Suitcase Fusion 4\libxml2.2.6.24.dll
MOD - [2012.12.11 11:52:02 | 000,901,120 | ---- | M] () -- C:\Program Files (x86
)\Extensis\Suitcase Fusion 4\iconv-1.9.2.dll
MOD - [2012.12.11 11:52:02 | 000,007,168 | ---- | M] () -- C:\Program Files (x86
)\Extensis\Suitcase Fusion 4\libcharset.dll
MOD - [2012.11.28 15:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86
)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.11.28 15:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86
)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.11.14 01:32:50 | 003,558,400 | ---- | M] () -- C:\Users\x-ang_000\Ap
pData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2013.07.18 10:04:00 | 000,067,320 | ---- | M] (Bitdefender)
[Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
-- (UPDATESRV)
SRV:[b]64bit:[/b] - [2013.07.18 10:03:19 | 001,646,280 | ---- | M] (Bitdefender)
[Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe -(VSSERV)
SRV:[b]64bit:[/b] - [2013.06.01 11:19:58 | 000,207,872 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll
-- (DsmSvc)
SRV:[b]64bit:[/b] - [2013.05.04 08:58:02 | 000,470,528 | ---- | M] (Microsoft Co
rporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (net
profm)
SRV:[b]64bit:[/b] - [2013.05.04 08:57:05 | 000,179,712 | ---- | M] (Microsoft Co
rporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastr
ucture)
SRV:[b]64bit:[/b] - [2013.04.09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Co
rporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -(AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Co
rporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -(TimeBroker)
SRV:[b]64bit:[/b] - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Co
rporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServe
r.dll -- (SystemEventsBroker)
SRV:[b]64bit:[/b] - [2013.02.26 17:22:43 | 000,069,392 | ---- | M] (Bitdefender)
[Disabled | Stopped] -- C:\Program Files\Bitdefender\Bitdefender 2013\bdparenta
lservice.exe -- (BdDesktopParental)
SRV:[b]64bit:[/b] - [2013.01.29 03:57:14 | 000,014,920 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.ex
e -- (WinDefend)
SRV:[b]64bit:[/b] - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Co
rporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc
)
SRV:[b]64bit:[/b] - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Co
rporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:[b]64bit:[/b] - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\Pri
ntConfig.dll -- (PrintNotify)
SRV:[b]64bit:[/b] - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSSer
vice)
SRV:[b]64bit:[/b] - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Co
rporation) [Auto | Running] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:[b]64bit:[/b] - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:[b]64bit:[/b] - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Co
rporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:[b]64bit:[/b] - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Co
rporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultS
vc)
SRV:[b]64bit:[/b] - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:[b]64bit:[/b] - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlog
on)
SRV:[b]64bit:[/b] - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)

SRV:[b]64bit:[/b] - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Co

rporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (Nc
dAutoSetup)
SRV:[b]64bit:[/b] - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:[b]64bit:[/b] - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:[b]64bit:[/b] - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Co
rporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociatio
nService)
SRV:[b]64bit:[/b] - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (
AllUserInstallAgent)
SRV:[b]64bit:[/b] - [2012.07.26 05:05:04 | 000,187,392 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgm
t)
SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimes
ync)
SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutd
own)
SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpex
change)
SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Co
rporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheart
beat)
SRV - [2013.07.08 13:20:12 | 000,117,144 | ---- | M] (Mozilla Foundation) [Disab
led | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenance
service.exe -- (MozillaMaintenance)
SRV - [2013.07.03 23:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) [Auto
| Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemo
nu.exe -- (nvUpdatusService)
SRV - [2013.06.21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto
| Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.ex
e -- (Stereo Service)
SRV - [2013.06.17 22:01:05 | 000,256,904 | ---- | M] (Adobe Systems Incorporated
) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateS
ervice.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated
) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\arms
vc.exe -- (AdobeARMservice)
SRV - [2013.01.31 10:52:12 | 002,402,080 | ---- | M] (TuneUp Software) [Auto | R
unning] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64
.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On
_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -(PrintNotify)
SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On
_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012.07.13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running]
-- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2012.06.11 17:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [O
n_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPor
t.EXE -- (BBUpdate)

SRV - [2012.06.11 17:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [A

uto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE - (BBSvc)
SRV - [2011.08.18 02:29:52 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto
| Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (
HPSLPSVC)
SRV - [2010.03.08 09:38:42 | 000,517,416 | ---- | M] (Nero AG) [Auto | Running]
-- C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe -- (Ner
oMediaHomeService.4)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated
) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\
SwitchBoard.exe -- (SwitchBoard)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - [2013.07.18 10:03:38 | 000,597,776 | ---- | M] (BitDefender)
[File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\avckf.sys - (avckf)
DRV:[b]64bit:[/b] - [2013.06.01 13:54:16 | 000,194,816 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.
sys -- (sdbus)
DRV:[b]64bit:[/b] - [2013.06.01 13:29:35 | 000,337,152 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHC
I.SYS -- (USBXHCI)
DRV:[b]64bit:[/b] - [2013.06.01 13:29:35 | 000,213,248 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX010
00.SYS -- (UCX01000)
DRV:[b]64bit:[/b] - [2013.06.01 05:08:57 | 000,037,632 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvr
cpTg.sys -- (BthAvrcpTg)
DRV:[b]64bit:[/b] - [2013.05.28 12:12:19 | 000,382,536 | ---- | M] (BitDefender
S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\trufos.sy
s -- (trufos)
DRV:[b]64bit:[/b] - [2013.05.04 09:34:17 | 000,446,720 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB
3.SYS -- (USBHUB3)
DRV:[b]64bit:[/b] - [2013.05.04 09:34:15 | 000,284,416 | ---- | M] (Microsoft Co
rporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.s
ys -- (spaceport)
DRV:[b]64bit:[/b] - [2013.04.17 14:59:56 | 000,718,840 | ---- | M] (BitDefender)
[File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avc3.sys -- (avc
3)
DRV:[b]64bit:[/b] - [2013.04.09 17:20:55 | 000,098,768 | ---- | M] (BitDefender
LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bi
tdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV:[b]64bit:[/b] - [2013.03.14 23:41:56 | 000,052,320 | ---- | M] (http://libus
b-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\
Drivers\libusb0.sys -- (libusb0)
DRV:[b]64bit:[/b] - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Co
rporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\storahci.sy
s -- (storahci)
DRV:[b]64bit:[/b] - [2013.03.02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sy
s -- (TPM)
DRV:[b]64bit:[/b] - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Co
rporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -(pdc)
DRV:[b]64bit:[/b] - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot

.sys -- (WdBoot)
DRV:[b]64bit:[/b] - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Co
rporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\W
dFilter.sys -- (WdFilter)
DRV:[b]64bit:[/b] - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpio
win32.sys -- (msgpiowin32)
DRV:[b]64bit:[/b] - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfH
id.sys -- (bthhfhid)
DRV:[b]64bit:[/b] - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c
.sys -- (hidi2c)
DRV:[b]64bit:[/b] - [2012.11.12 18:11:19 | 000,082,384 | ---- | M] (BitDefender
SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bdsandb
ox.sys -- (BDSandBox)
DRV:[b]64bit:[/b] - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.
sys -- (FxPPM)
DRV:[b]64bit:[/b] - [2012.11.02 14:17:46 | 000,261,056 | ---- | M] (BitDefender)
[Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\avchv.sys -- (av
chv)
DRV:[b]64bit:[/b] - [2012.10.17 15:13:46 | 000,106,568 | ---- | M] (BitDefender
LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bi
tdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:[b]64bit:[/b] - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvid
eominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor
.sys -- (sdstor)
DRV:[b]64bit:[/b] - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Co
rporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys - (dam)
DRV:[b]64bit:[/b] - [2012.10.11 05:51:49 | 000,012,288 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sersca
n.sys -- (StillCam)
DRV:[b]64bit:[/b] - [2012.10.04 14:30:19 | 000,147,232 | ---- | M] (BitDefender
LLC) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\gzflt.sys -(gzflt)
DRV:[b]64bit:[/b] - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpio
clx.sys -- (GPIOClx0101)
DRV:[b]64bit:[/b] - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Cor
poration) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -(ebdrv)
DRV:[b]64bit:[/b] - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Cor
poration) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys - (b06bdrv)
DRV:[b]64bit:[/b] - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Co
rporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.
sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv
.sys -- (condrv)
DRV:[b]64bit:[/b] - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporat
ion) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (
VSTXRAID)
DRV:[b]64bit:[/b] - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Verifi

erExt.sys -- (VerifierExt)
DRV:[b]64bit:[/b] - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspst
or.sys -- (UASPStor)
DRV:[b]64bit:[/b] - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Co
rporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys
-- (acpiex)
DRV:[b]64bit:[/b] - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semi
conductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumi
s.sys -- (mvumis)
DRV:[b]64bit:[/b] - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Tech
nology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor
.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporat
ion) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (
LSI_SAS2)
DRV:[b]64bit:[/b] - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporat
ion) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (L
SI_SSS)
DRV:[b]64bit:[/b] - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Pack
ard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sy
s -- (HpSAMD)
DRV:[b]64bit:[/b] - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Co
rporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDr
v.sys -- (EhStorTcgDrv)
DRV:[b]64bit:[/b] - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Co
rporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass
.sys -- (EhStorClass)
DRV:[b]64bit:[/b] - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technolo
gies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys
-- (amdsbs)
DRV:[b]64bit:[/b] - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel
| Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:[b]64bit:[/b] - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Mic
ro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sy
s -- (amdsata)
DRV:[b]64bit:[/b] - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Mic
ro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sy
s -- (amdxata)
DRV:[b]64bit:[/b] - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Co
rporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -(CLFS)
DRV:[b]64bit:[/b] - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Co
rporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys
-- (WFPLWFS)
DRV:[b]64bit:[/b] - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.s
ys -- (vpci)
DRV:[b]64bit:[/b] - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\termin
pt.sys -- (terminpt)
DRV:[b]64bit:[/b] - [2012.07.26 04:29:47 | 000,021,504 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPri
nt.sys -- (WSDPrintDevice)
DRV:[b]64bit:[/b] - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidu
mdf.sys -- (mshidumdf)
DRV:[b]64bit:[/b] - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Co
rporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisp
lay.sys -- (BasicDisplay)

DRV:[b]64bit:[/b] - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Co

rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperV
ideo.sys -- (HyperVideo)
DRV:[b]64bit:[/b] - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Co
rporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRend
er.sys -- (BasicRender)
DRV:[b]64bit:[/b] - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgenc
ounter.sys -- (gencounter)
DRV:[b]64bit:[/b] - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.
sys -- (kdnic)
DRV:[b]64bit:[/b] - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpiti
me.sys -- (acpitime)
DRV:[b]64bit:[/b] - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Co
rporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig
.sys -- (npsvctrig)
DRV:[b]64bit:[/b] - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WpdUpF
ltr.sys -- (WpdUpFltr)
DRV:[b]64bit:[/b] - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipa
gr.sys -- (acpipagr)
DRV:[b]64bit:[/b] - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperk
bd.sys -- (hyperkbd)
DRV:[b]64bit:[/b] - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.
sys -- (SerCx)
DRV:[b]64bit:[/b] - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.
sys -- (SpbCx)
DRV:[b]64bit:[/b] - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbG
D.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfe
num.sys -- (BthHFEnum)
DRV:[b]64bit:[/b] - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.
sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbF
lt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012.07.26 04:25:26 | 000,203,776 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sy
s -- (Vid)
DRV:[b]64bit:[/b] - [2012.07.26 04:25:22 | 000,067,584 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvs
p.sys -- (storvsp)
DRV:[b]64bit:[/b] - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcflt
r.sys -- (wpcfltr)
DRV:[b]64bit:[/b] - [2012.07.26 04:25:12 | 000,117,248 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr
.sys -- (vmbusr)
DRV:[b]64bit:[/b] - [2012.07.26 04:25:12 | 000,066,048 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivs
p.sys -- (vpcivsp)

DRV:[b]64bit:[/b] - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Co

rporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisIm
Platform.sys -- (NdisImPlatform)
DRV:[b]64bit:[/b] - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Co
rporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mslldp
.sys -- (MsLldp)
DRV:[b]64bit:[/b] - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Co
rporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -(Ndu)
DRV:[b]64bit:[/b] - [2012.07.11 07:48:42 | 000,023,456 | ---- | M] (Bitdefender)
[Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bdelam.sys -- (bdelam
)
DRV:[b]64bit:[/b] - [2012.06.02 16:31:38 | 000,333,824 | ---- | M] (Intel Corpor
ation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\e1i63x64.s
ys -- (e1iexpress)
DRV:[b]64bit:[/b] - [2011.11.03 04:01:00 | 000,056,208 | ---- | M] (Rovi Corpora
tion) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -(PxHlpa64)
DRV - [2012.11.16 16:35:26 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel |
On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtil
itiesDriver64.sys -- (TuneUpUtilitiesDrv)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = a
bout:blank
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}:
"URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysW
OW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http:/
/www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "
ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "
ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001\SOFTWARE\Microsoft\Inter
net Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001\SOFTWARE\Microsoft\Inter
net Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001\SOFTWARE\Microsoft\Inter
net Explorer\Main,Start Page Redirect Cache = http://ch.msn.com/defaultf.aspx
IE - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001\SOFTWARE\Microsoft\Inter

net Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-CH,fr;q=0.5

IE - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001\SOFTWARE\Microsoft\Inter
net Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D1 A3 A5 F8 3C B4 CD 01
[binary data]
IE - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001\SOFTWARE\Microsoft\Inter
net Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001\SOFTWARE\Microsoft\Inter
net Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001\..\SearchScopes,DefaultS
cope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001\..\SearchScopes\{0633EE9
3-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerm
s}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001\..\SearchScopes\{18E110C
D-B15A-44C0-8F8F-3A424E99EE1F}: "URL" = http://www.google.com/search?q={searchTe
rms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001\..\SearchScopes\{6A1806C
D-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerm
s}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001\Software\Microsoft\Windo
ws\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001\Software\Microsoft\Windo
ws\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "Recherche scurise"
FF - prefs.js..browser.startup.homepage: "http://www.google.ch/"
FF - prefs.js..extensions.enabledAddons: web2pdfextension%40web2pdf.adobedotcom:
1.2
FF - prefs.js..extensions.enabledAddons: %7B442718d9-475e-452a-b3e1-fb1ee16b8e9f
%7D:2.1.1.38487
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd
%7D:22.0
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windo
ws\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.
0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Cor
poration)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,versio
n=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Ma
cromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Progra
m Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows
\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Progr
am Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program F
iles (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporat
ion)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program
Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation
)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PRO

GRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE
~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\N
VIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program File
s (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\
Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\
Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Fi
les (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Ac
robat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Rea
der 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunder
[email protected]: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2013\BDTBEXT [201
3.07.08 15:20:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@we
b2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCF
irefoxExtn [2013.05.18 08:09:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Compon
ents: C:\Program Files (x86)\Mozilla Firefox\components [2013.07.08 13:20:05 | 0
00,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugin
s: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.07.13 13:01:18 | 000,000
,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@b
itdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013.07.0
8 15:20:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{442718d9-475e-452ab3e1-fb1ee16b8e9f}: C:\Users\Andrea\AppData\Roaming\Dashlane\2.1.3.40845\bin\Fir
efox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} [2013.07.22 22:01:19 | 000
,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Compone
nts: C:\Program Files (x86)\Mozilla Firefox\components [2013.07.08 13:20:05 | 00
0,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins
: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.07.13 13:01:18 | 000,000,
000 | ---D | M]
[2012.10.28 11:40:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andre
a\AppData\Roaming\mozilla\Extensions
[2013.06.09 23:38:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andre
a\AppData\Roaming\mozilla\Firefox\Profiles\h35w6lzm.default\extensions
[2013.05.18 16:08:56 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\An
drea\AppData\Roaming\mozilla\firefox\profiles\h35w6lzm.default\extensions\{d10d0
bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.07.08 13:20:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Fil
es (x86)\Mozilla Firefox\browser\extensions
[2013.07.08 13:20:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x8
6)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.05.18 08:09:54 | 000,000,000 | ---D | M] (Adobe Acrobat - Create PDF) -- C
:\PROGRAM FILES (X86)\ADOBE\ACROBAT 10.0\ACROBAT\BROWSER\WCFIREFOXEXTN
File not found (No name found) -- C:\USERS\ANDREA\APPDATA\ROAMING\DASHLANE\2.1.1
.38487\BIN\FIREFOX_EXTENSION\{442718D9-475E-452A-B3E1-FB1EE16B8E9F}
[2013.06.13 20:45:42 | 000,034,048 | ---- | M] (Microsoft Corporation) -- C:\Pro

gram Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

[color=#E56717]========== Chrome ==========[/color]
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerm
s}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{go
ogle:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:ins
tantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{goog
le:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPositio
n}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.ch/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\A
pplication\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\App
lication\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome
\Application\28.0.1500.72\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0
\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files (x86)\Mozilla F
irefox\plugins\npMeetingJoinPluginOC.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\Mozilla
Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\Mozilla
Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\Mozilla
Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\Mozilla
Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\Mozilla
Firefox\plugins\npqtplugin5.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\PROGRA~2\MICROS~2\Office15\NP
SPWRAP.DLL
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3
.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3
.21.149\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java
\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft S
ilverlight\5.1.20125.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corpora
tion\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corpora
tion\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npv
lc.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPS
WF32_11_7_700_224.dll
CHR - Extension: Google Translate = C:\Users\Andrea\AppData\Local\Google\Chrome\
User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Documents Google = C:\Users\Andrea\AppData\Local\Google\Chrome\
User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google\u00A0Drive = C:\Users\Andrea\AppData\Local\Google\Chrome
\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: ColorZilla = C:\Users\Andrea\AppData\Local\Google\Chrome\User D
ata\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp\0.5.3_0\

CHR - Extension: YouTube = C:\Users\Andrea\AppData\Local\Google\Chrome\User Data

\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Firebug Lite for Google Chrome\u2122 = C:\Users\Andrea\AppData\
Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifenc
h\1.4.0.11967_0\
CHR - Extension: Adblock Plus = C:\Users\Andrea\AppData\Local\Google\Chrome\User
Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5_0\
CHR - Extension: Spotify - Music for every moment = C:\Users\Andrea\AppData\Loca
l\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh\0.
2.3_0\
CHR - Extension: Recherche Google = C:\Users\Andrea\AppData\Local\Google\Chrome\
User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google+ = C:\Users\Andrea\AppData\Local\Google\Chrome\User Data
\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.2.0.418_0\
CHR - Extension: Google\u00A0Agenda = C:\Users\Andrea\AppData\Local\Google\Chrom
e\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Dropbox = C:\Users\Andrea\AppData\Local\Google\Chrome\User Data
\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.6_0\
CHR - Extension: Window Resizer = C:\Users\Andrea\AppData\Local\Google\Chrome\Us
er Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh\1.7.0.2_0\
CHR - Extension: Auto HD For YouTube = C:\Users\Andrea\AppData\Local\Google\Chro
me\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\4.0.2_0\
CHR - Extension: Google Play = C:\Users\Andrea\AppData\Local\Google\Chrome\User
Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.0_0\
CHR - Extension: JDownloader Integration for Google Chrome\u2122 = C:\Users\Andr
ea\AppData\Local\Google\Chrome\User Data\Default\Extensions\laeghehalempfenbefbj
bhccjcoakpmm\1.2.3_0\
CHR - Extension: Google\u00A0Maps = C:\Users\Andrea\AppData\Local\Google\Chrome\
User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Dashlane = C:\Users\Andrea\AppData\Local\Google\Chrome\User Dat
a\Default\Extensions\mkjojgglmmcghgaiknnpgjgldgaocjfd\2.1.3.40845_0\
CHR - Extension: Mural.ly = C:\Users\Andrea\AppData\Local\Google\Chrome\User Dat
a\Default\Extensions\nnhlnnalackljjehlfocmheepffkiihf\1.6.3_0\
CHR - Extension: Evernote Web Clipper = C:\Users\Andrea\AppData\Local\Google\Chr
ome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.9.19_1\
CHR - Extension: Gmail = C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\D
efault\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
Hosts file not found
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA
22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL (Microsoft Corpora
tion)
O2:[b]64bit:[/b] - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7
-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL (Microsoft
Corporation)
O2 - BHO: (Dashlane BHO) - {42D79B50-CC4A-4A8E-860F-BE674AF053A2} - C:\Users\And
rea\AppData\Roaming\Dashlane\ie\Dashlanei.dll (Dashlane)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
- C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445E
E161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavCl
ient.dll (Adobe Systems Incorporated)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Progra
m Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A
9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Prog
ram Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Sy
stems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\

Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adob

e Systems Incorporated)
O3 - HKLM\..\Toolbar: (Dashlane Toolbar) - {669695BC-A811-4A9D-8CDF-BA8C795F261C
} - C:\Users\Andrea\AppData\Roaming\Dashlane\ie\KWIEBar.dll (Dashlane)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\P
rogram Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporatio
n.)
O3 - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001\..\Toolbar\WebBrowser: (
Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Com
mon Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Comm
on Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorpora
ted)
O4:[b]64bit:[/b] - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefende
r 2013\bdagent.exe (Bitdefender)
O4:[b]64bit:[/b] - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNativ
e\LogiLDA.dll (Logitech, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporatio
n\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10
.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acr
obat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Ad
obe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple App
lication Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4
\NeroMediaHome.exe (Nero AG)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchB
oard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001..\Run: [ApplePhotoStream
s] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams
.exe (Apple Inc.)
O4 - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001..\Run: [Dashlane] C:\Use
rs\Andrea\AppData\Roaming\Dashlane\Dashlane.exe ()
O4 - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001..\Run: [FMCore.exe] C:\P
rogram Files (x86)\Extensis\Suitcase Fusion 4\FMCore.exe (Celartem, Inc., doing
business as Extensis.)
O4 - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001..\Run: [iCloudServices]
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (
Apple Inc.)
O4 - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001..\Run: [IEMonitor(TM)] C
:\Users\Andrea\AppData\Roaming\Microsoft\Windows\IEmonitor\IEMonitor.exe ( Mignos
oft Corporation.)
O4 - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001..\Run: [Spotify] C:\User
s\Andrea\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-3417856131-3288021406-2419714886-1001..\Run: [Spotify Web Help
er] C:\Users\Andrea\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify L
td)
O4 - Startup: C:\Users\amaga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Pr
ograms\Startup\Dropbox.lnk = C:\Users\Andrea\AppData\Roaming\Dropbox\bin\Dropbox
.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\amang_000\AppData\Roaming\Microsoft\Windows\Start Menu\Pr
ograms\Startup\Dropbox.lnk = C:\Users\Andrea\AppData\Roaming\Dropbox\bin\Dropbox
.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Progr
ams\Startup\Dropbox.lnk = C:\Users\x-ang_000\AppData\Roaming\Dropbox\bin\Dropbox
.exe (Dropbox, Inc.)

O4 - Startup: C:\Users\x-ang_000\AppData\Roaming\Microsoft\Windows\Start Menu\Pr

ograms\Startup\Dropbox.lnk = C:\Users\Andrea\AppData\Roaming\Dropbox\bin\Dropbox
.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveD
esktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveD
esktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentProm
ptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCurso
rSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentProm
ptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinke
dConnections = 1
O8:[b]64bit:[/b] - Extra context menu item: &Envoyer OneNote - res://C:\PROGRA~1
\MICROS~2\Office15\ONBttnIE.dll/105 File not found
O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:[b]64bit:[/b] - Extra context menu item: Ajouter un fichier PDF existant - C:
\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Ado
be Systems Incorporated)
O8:[b]64bit:[/b] - Extra context menu item: Ajouter la cible du lien un fichier
PDF existant - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEF
avClient.dll (Adobe Systems Incorporated)
O8:[b]64bit:[/b] - Extra context menu item: Convertir au format Adobe PDF - C:\P
rogram Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe
Systems Incorporated)
O8:[b]64bit:[/b] - Extra context menu item: Convertir la cible du lien au format
Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFav
Client.dll (Adobe Systems Incorporated)
O8:[b]64bit:[/b] - Extra context menu item: E&xporter vers Microsoft Excel - res
://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Envoyer OneNote - res://C:\PROGRA~1\MICROS~2\Offi
ce15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\Sys
Wow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Ajouter un fichier PDF existant - C:\Program Files
(x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Inc
orporated)
O8 - Extra context menu item: Ajouter la cible du lien un fichier PDF existant C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (
Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir au format Adobe PDF - C:\Program Files (
x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incor
porated)
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - C
:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Ad
obe Systems Incorporated)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1
\MICROS~2\Office15\EXCEL.EXE/3000 File not found
O9 - Extra Button: Dashlane Button - {40354A83-504E-4611-ACAE-3D137F6F595E} - C:
\Users\Andrea\AppData\Roaming\Dashlane\ie\Dashlanei.dll (Dashlane)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Pr
ogram Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86
)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72CA3A5A-11A8-4EB8-9
E91-FFDF2187DA56}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.
exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe)
- C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (
Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.ex
e (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - N
o CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value
found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/col
or]
[2013.07.22 21:48:40 | 000,693,112 | ---:\Windows\SysWow64\FlashPlayerApp.exe
[2013.07.22 21:48:40 | 000,078,200 | ---:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.07.18 10:19:08 | 002,219,520 | ---dows\SysNative\dwmcore.dll
[2013.07.18 10:19:07 | 002,391,280 | ---dows\explorer.exe
[2013.07.18 10:19:07 | 001,842,176 | ---dows\SysWow64\dwmcore.dll
[2013.07.18 10:19:06 | 006,987,008 | ---dows\SysNative\ntoskrnl.exe
[2013.07.18 10:19:06 | 002,106,176 | ---dows\SysWow64\explorer.exe
[2013.07.18 10:19:05 | 001,527,808 | ---dows\SysNative\mfcore.dll
[2013.07.18 10:19:05 | 000,729,600 | ---dows\SysNative\samsrv.dll
[2013.07.18 10:19:04 | 001,453,568 | ---dows\SysWow64\mfcore.dll
[2013.07.18 10:19:03 | 001,403,296 | ---dows\SysNative\winload.efi
[2013.07.18 10:19:03 | 001,271,584 | ---dows\SysNative\winload.exe
[2013.07.18 10:19:00 | 001,217,352 | ---dows\SysNative\winresume.efi
[2013.07.18 10:19:00 | 001,093,904 | ---dows\SysNative\winresume.exe

| C] (Adobe Systems Incorporated) -- C

[2013.07.18 10:19:00 | 000,523,264 | ---dows\SysNative\XpsGdiConverter.dll

[2013.07.18 10:18:57 | 000,583,168 | ---dows\SysNative\mscms.dll
[2013.07.18 10:18:54 | 001,048,576 | ---dows\SysNative\mfasfsrcsnk.dll
[2013.07.18 10:18:54 | 000,364,544 | ---dows\SysWow64\XpsGdiConverter.dll
[2013.07.18 10:18:54 | 000,213,248 | ---dows\SysNative\drivers\UCX01000.SYS
[2013.07.18 10:18:53 | 000,850,944 | ---dows\SysWow64\mfasfsrcsnk.dll
[2013.07.18 10:18:53 | 000,337,152 | ---dows\SysNative\drivers\USBXHCI.SYS
[2013.07.18 10:18:53 | 000,207,872 | ---dows\SysNative\DeviceSetupManager.dll
[2013.07.18 10:18:53 | 000,106,496 | ---dows\SysNative\samlib.dll
[2013.07.18 10:18:53 | 000,080,896 | ---dows\SysNative\MbaeParserTask.exe
[2013.07.18 10:18:52 | 000,194,816 | ---dows\SysNative\drivers\sdbus.sys
[2013.07.18 10:18:52 | 000,125,184 | ---dows\SysNative\drivers\dumpsd.sys
[2013.07.18 10:18:51 | 000,190,976 | ---dows\SysNative\vdsutil.dll
[2013.07.18 10:18:50 | 000,037,632 | ---dows\SysNative\drivers\BthAvrcpTg.sys
[2013.07.18 10:03:38 | 000,597,776 | ---tive\drivers\avckf.sys
[2013.07.13 13:11:31 | 000,595,968 | ---dows\SysNative\qedit.dll
[2013.07.13 13:11:31 | 000,496,640 | ---dows\SysWow64\qedit.dll
[2013.07.13 13:10:35 | 001,838,080 | ---dows\SysNative\DWrite.dll
[2013.07.13 13:09:42 | 003,958,784 | ---dows\SysNative\jscript9.dll
[2013.07.13 13:09:39 | 000,855,552 | ---dows\SysNative\jscript.dll
[2013.07.13 13:09:38 | 000,690,688 | ---dows\SysWow64\jscript.dll
[2013.07.13 13:09:38 | 000,603,136 | ---dows\SysNative\msfeeds.dll
[2013.07.13 13:09:38 | 000,051,712 | ---dows\SysNative\ie4uinit.exe
[2013.07.13 13:09:00 | 002,842,112 | ---dows\SysNative\WMVDECOD.DLL
[2013.07.13 13:09:00 | 002,620,928 | ---dows\SysWow64\WMVDECOD.DLL
[2013.07.08 23:13:17 | 000,000,000 | ---D
Video
[2013.07.08 16:01:42 | 000,078,752 | ---tive\drivers\bdvedisk.sys
[2013.07.08 15:20:48 | 000,000,000 | ---D
ws\Start Menu\Programs\Bitdefender 2013
[2013.07.08 15:20:31 | 000,023,456 | ---tive\drivers\bdelam.sys
[2013.07.08 15:20:30 | 000,098,768 | ---ysNative\drivers\bdfndisf6.sys

| C] (Microsoft Corporation) -- C:\Win

[2013.07.08 15:20:30 | 000,082,384

ysNative\drivers\bdsandbox.sys
[2013.07.08 15:20:24 | 000,718,840
tive\drivers\avc3.sys
[2013.07.08 15:20:14 | 000,000,000
g\Bitdefender
[2013.07.08 15:20:10 | 000,000,000
[2013.07.08 15:16:42 | 000,147,232
ysNative\drivers\gzflt.sys
[2013.07.08 15:16:41 | 000,382,536
s\SysNative\drivers\trufos.sys
[2013.07.08 14:33:32 | 001,974,616
dows\SysWow64\D3DCompiler_42.dll
[2013.07.08 14:33:29 | 001,892,184
dows\SysWow64\D3DX9_42.dll
[2013.07.08 14:21:04 | 000,000,000
echnologies
[2013.07.08 14:17:40 | 027,781,920
s\SysNative\nvoglv64.dll
[2013.07.08 14:17:40 | 025,256,224
s\SysNative\nvcompiler.dll
[2013.07.08 14:17:40 | 021,102,368
s\SysWow64\nvoglv32.dll
[2013.07.08 14:17:40 | 017,560,352
s\SysWow64\nvcompiler.dll
[2013.07.08 14:17:40 | 015,144,928
s\SysNative\nvd3dumx.dll
[2013.07.08 14:17:40 | 013,411,896
s\SysWow64\nvwgf2um.dll
[2013.07.08 14:17:40 | 009,239,344
s\SysNative\nvcuda.dll
[2013.07.08 14:17:40 | 007,687,592
s\SysWow64\nvcuda.dll
[2013.07.08 14:17:40 | 007,641,832
s\SysNative\nvopencl.dll
[2013.07.08 14:17:40 | 006,324,360
s\SysWow64\nvopencl.dll
[2013.07.08 14:17:40 | 002,953,504
s\SysNative\nvcuvid.dll
[2013.07.08 14:17:40 | 002,777,888
s\SysWow64\nvcuvid.dll
[2013.07.08 14:17:40 | 002,363,680
s\SysNative\nvcuvenc.dll
[2013.07.08 14:17:40 | 002,002,720
s\SysWow64\nvcuvenc.dll
[2013.07.08 14:17:40 | 001,832,224
s\SysNative\nvdispco6432049.dll
[2013.07.08 14:17:40 | 001,511,712
s\SysNative\nvdispgenco6432049.dll
[2013.07.08 14:17:40 | 000,572,704
s\SysNative\NvFBC64.dll
[2013.07.08 14:17:40 | 000,570,656
s\SysNative\NvIFR64.dll
[2013.07.08 14:17:40 | 000,467,232
s\SysWow64\NvIFR.dll
[2013.07.08 14:17:40 | 000,465,184
s\SysWow64\NvFBC.dll
[2013.07.08 14:16:29 | 000,000,000
g\Nero
[2013.07.08 14:16:22 | 000,000,000

| ---- | C] (BitDefender SRL) -- C:\Windows\S

| ---- | C] (BitDefender) -- C:\Windows\SysNa
| ---D | C] -- C:\Users\Andrea\AppData\Roamin
| ---D | C] -- C:\ProgramData\Bitdefender
| ---- | C] (BitDefender LLC) -- C:\Windows\S
| ---- | C] (BitDefender S.R.L.) -- C:\Window
| ---- | C] (Microsoft Corporation) -- C:\Win
| ---- | C] (Microsoft Corporation) -- C:\Win
| ---D | C] -- C:\Program Files (x86)\AGEIA T
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---- | C] (NVIDIA Corporation) -- C:\Window
| ---D | C] -- C:\Users\Andrea\AppData\Roamin
| ---D | C] -- C:\Users\Andrea\AppData\Local\

Nero
[2013.07.08 13:37:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common
Files\Nero
[2013.07.08 13:37:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo
ws\Start Menu\Programs\Nero
[2013.07.08 13:37:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2013.07.08 13:37:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2013.07.08 13:27:38 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Win
dows\SysWow64\d3dx11_43.dll
[2013.07.08 13:27:35 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Win
dows\SysWow64\d3dx10_43.dll
[2013.07.08 13:27:32 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Win
dows\SysWow64\d3dcsx_43.dll
[2013.07.08 13:23:25 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roamin
g\WinRAR
[2013.07.08 13:20:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla
Firefox
[2013.07.08 13:11:02 | 000,035,104 | ---- | C] (TuneUp Software) -- C:\Windows\S
ysNative\TURegOpt.exe
[2013.07.08 13:11:02 | 000,026,400 | ---- | C] (TuneUp Software) -- C:\Windows\S
ysNative\authuitu.dll
[2013.07.08 13:11:02 | 000,021,792 | ---- | C] (TuneUp Software) -- C:\Windows\S
ysWow64\authuitu.dll
[2013.07.08 13:11:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo
ws\Start Menu\Programs\TuneUp Utilities 2013
[2013.07.08 13:10:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp
Utilities 2013
[2013.07.08 11:53:50 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Window
s\SysWow64\javaws.exe
[2013.07.08 11:53:47 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Window
s\SysWow64\javaw.exe
[2013.07.08 11:53:47 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Window
s\SysWow64\java.exe
[2013.07.08 11:53:47 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Window
s\SysWow64\WindowsAccessBridge-32.dll
[2013.07.01 09:19:30 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roamin
g\QuickScan
[2013.06.29 22:50:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo
ws\Start Menu\Programs\Google Chrome
[2013.06.29 19:59:44 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roamin
g\Microsoft\Windows\Start Menu\Programs\Jawbone
[2013.06.29 19:59:39 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roamin
g\JawboneUpdater
[2013.06.29 19:59:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Jawbone
[2013.06.29 19:47:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo
ws\Start Menu\Programs\VideoLAN
[2013.06.25 15:44:15 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\
NVIDIA
[2013.06.25 15:15:17 | 012,427,240 | ---- | C] (NVIDIA Corporation) -- C:\Window
s\SysWow64\nvd3dum.dll
[2013.06.25 15:15:17 | 002,597,856 | ---- | C] (NVIDIA Corporation) -- C:\Window
s\SysWow64\nvapi.dll
[2013.06.25 15:15:17 | 001,832,224 | ---- | C] (NVIDIA Corporation) -- C:\Window
s\SysNative\nvdispco6432018.dll
[2013.06.25 15:15:17 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Window
s\SysNative\nvdispgenco6432018.dll
[2013.06.25 11:08:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2013.06.25 11:08:32 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013.07.23 11:00:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpda

teTaskMachineUA.job
[2013.07.23 10:59:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flas
h Player Updater.job
[2013.07.23 09:16:15 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpda
teTaskMachineCore.job
[2013.07.23 09:15:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.22 22:19:11 | 001,793,362 | ---- | M] () -- C:\Windows\SysNative\PerfSt
ringBackup.INI
[2013.07.22 22:19:11 | 000,799,736 | ---- | M] () -- C:\Windows\SysNative\perfh0
0C.dat
[2013.07.22 22:19:11 | 000,710,046 | ---- | M] () -- C:\Windows\SysNative\perfh0
09.dat
[2013.07.22 22:19:11 | 000,155,444 | ---- | M] () -- C:\Windows\SysNative\perfc0
0C.dat
[2013.07.22 22:19:11 | 000,132,416 | ---- | M] () -- C:\Windows\SysNative\perfc0
09.dat
[2013.07.22 21:46:56 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.07.22 21:46:07 | 1660,305,406 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.18 10:03:38 | 000,597,776 | ---- | M] (BitDefender) -- C:\Windows\SysNa
tive\drivers\avckf.sys
[2013.07.13 13:29:10 | 000,001,114 | ---- | M] () -- C:\Users\Andrea\Application
Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2013.07.08 16:01:42 | 000,078,752 | ---- | M] (BitDefender) -- C:\Windows\SysNa
tive\drivers\bdvedisk.sys
[2013.07.08 15:23:17 | 000,465,660 | ---- | M] () -- C:\ProgramData\1373289338.b
dinstall.bin
[2013.07.08 15:21:00 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2013.07.08 15:21:00 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2013.07.08 15:21:00 | 000,000,684 | -H-- | M] () -- C:\bdr-cf01
[2013.07.08 15:00:31 | 000,245,883 | ---- | M] () -- C:\ProgramData\1373288335.b
dinstall.bin
[2013.07.08 13:59:56 | 000,002,512 | ---- | M] () -- C:\Users\Andrea\Application
Data\Microsoft\Internet Explorer\Quick Launch\Nero MediaHome 4.lnk
[2013.07.08 13:31:06 | 000,000,010 | ---- | M] () -- C:\Users\Andrea\AppData\Loc
al\.HG88C586-G30G-2HE2-DGDE-8H3E1D530D30
[2013.07.08 13:31:06 | 000,000,010 | ---- | M] () -- C:\ProgramData\.F464B91F-G4
9F-3G3D-CFCD-9G7D2C141C96
[2013.07.08 11:53:38 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Window
s\SysWow64\WindowsAccessBridge-32.dll
[2013.07.08 11:53:37 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Window
s\SysWow64\npDeployJava1.dll
[2013.07.08 11:53:37 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Window
s\SysWow64\deployJava1.dll
[2013.07.08 11:53:37 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Window
s\SysWow64\javaws.exe
[2013.07.08 11:53:37 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Window
s\SysWow64\javaw.exe
[2013.07.08 11:53:37 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Window
s\SysWow64\java.exe
[2013.07.08 11:44:26 | 000,001,420 | ---- | M] () -- C:\Users\Andrea\AppData\Roa
ming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.07.01 09:04:27 | 000,001,456 | ---- | M] () -- C:\Users\Andrea\AppData\Loc
al\Adobe Enregistrer pour le Web 13.0 Prefs
[2013.07.01 08:02:08 | 000,007,680 | ---- | M] () -- C:\Users\Andrea\AppData\Loc
al\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.06.30 09:26:26 | 000,002,292 | ---- | M] () -- C:\Users\Andrea\Application
Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.06.28 00:04:51 | 000,693,112 | ---- | M] (Adobe Systems Incorporated) -- C

:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.28 00:04:51 | 000,078,200 | ---- | M] (Adobe Systems Incorporated) -- C
:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2013.07.18 10:19:07 | 000,386,642 | ---- | C] () -- C:\Windows\SysNative\ApnDat
abase.xml
[2013.07.08 15:23:17 | 000,465,660 | ---- | C] () -- C:\ProgramData\1373289338.b
dinstall.bin
[2013.07.08 15:21:00 | 000,000,684 | -H-- | C] () -- C:\bdr-cf01
[2013.07.08 15:20:09 | 038,516,263 | -H-- | C] () -- C:\bdr-im01.gz
[2013.07.08 15:20:09 | 002,510,608 | -H-- | C] () -- C:\bdr-bz01
[2013.07.08 15:20:09 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01
[2013.07.08 15:20:09 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr
[2013.07.08 15:00:31 | 000,245,883 | ---- | C] () -- C:\ProgramData\1373288335.b
dinstall.bin
[2013.07.08 13:59:56 | 000,002,512 | ---- | C] () -- C:\Users\Andrea\Application
Data\Microsoft\Internet Explorer\Quick Launch\Nero MediaHome 4.lnk
[2013.07.08 13:11:00 | 000,002,214 | ---- | C] () -- C:\ProgramData\Microsoft\Wi
ndows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013.06.29 22:50:54 | 000,002,292 | ---- | C] () -- C:\Users\Andrea\Application
Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.06.29 22:50:22 | 000,001,100 | ---- | C] () -- C:\Windows\tasks\GoogleUpda
teTaskMachineUA.job
[2013.06.29 22:50:21 | 000,001,096 | ---- | C] () -- C:\Windows\tasks\GoogleUpda
teTaskMachineCore.job
[2013.06.25 16:28:45 | 000,001,420 | ---- | C] () -- C:\Users\Andrea\AppData\Roa
ming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.06.01 22:03:14 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2013.05.26 10:39:34 | 000,466,454 | ---- | C] () -- C:\ProgramData\1369557145.b
dinstall.bin
[2013.05.18 16:36:29 | 000,000,043 | ---- | C] () -- C:\ProgramData\.ST150
[2013.05.18 16:36:23 | 000,000,010 | ---- | C] () -- C:\Users\Andrea\AppData\Loc
al\.HG88C586-G30G-2HE2-DGDE-8H3E1D530D30
[2013.05.18 16:36:23 | 000,000,010 | ---- | C] () -- C:\ProgramData\.F464B91F-G4
9F-3G3D-CFCD-9G7D2C141C96
[2013.05.18 08:33:47 | 000,007,680 | ---- | C] () -- C:\Users\Andrea\AppData\Loc
al\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.02.22 15:17:30 | 000,250,861 | ---- | C] () -- C:\Windows\hpoins30.dat.tem
p
[2013.02.22 15:17:30 | 000,000,582 | ---- | C] () -- C:\Windows\hpomdl30.dat.tem
p
[2013.02.09 14:26:59 | 000,250,917 | ---- | C] () -- C:\Windows\hpoins30.dat
[2013.02.09 14:26:59 | 000,000,582 | ---- | C] () -- C:\Windows\hpomdl30.dat
[2012.12.15 20:30:32 | 000,001,456 | ---- | C] () -- C:\Users\Andrea\AppData\Loc
al\Adobe Enregistrer pour le Web 13.0 Prefs
[2012.10.27 14:23:53 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLice
nse.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.d
at
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.D
AT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWConte
xtHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetol
edb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.d

at
[color=#E56717]========== ZeroAccess Check ==========[/color]
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}
\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0
c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}
\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-4
09d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1
}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | --- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a30c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | --- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F
}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,54
4 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDAD6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,8
96 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1
}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680
| ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB3285FFC23AF9C1}\InProcServer32]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 961 bytes -> C:\Users\Andrea\AppData\Local\Temp:a3GBz6x
L0Me4JkTfKMqOL
< End of report >

Upload
No ratings yet
Upload
926 pages
UsbFix Report
No ratings yet
UsbFix Report
752 pages
OTL
No ratings yet
OTL
44 pages
Otl
No ratings yet
Otl
49 pages
Extras
No ratings yet
Extras
8 pages
ZHPDiag
No ratings yet
ZHPDiag
48 pages
Dog Wif Tools
No ratings yet
Dog Wif Tools
202 pages
Handle
No ratings yet
Handle
24 pages
UsbFix Report
No ratings yet
UsbFix Report
194 pages
SpybotSD Results
No ratings yet
SpybotSD Results
103 pages
ZHP Diag
No ratings yet
ZHP Diag
41 pages
UsbFix Report
No ratings yet
UsbFix Report
7 pages
OTL
No ratings yet
OTL
19 pages
UsbFix Report
No ratings yet
UsbFix Report
8 pages
Otl
No ratings yet
Otl
18 pages
OTL
No ratings yet
OTL
27 pages
Mtputty - Copie
No ratings yet
Mtputty - Copie
66 pages
At Destroyer
No ratings yet
At Destroyer
6 pages
UsbFix Report 05
No ratings yet
UsbFix Report 05
4 pages
UsbFix Report
No ratings yet
UsbFix Report
8 pages
UsbFix Report
No ratings yet
UsbFix Report
8 pages
UsbFix Report
No ratings yet
UsbFix Report
8 pages
UsbFix Report1
No ratings yet
UsbFix Report1
2 pages
Zadia
No ratings yet
Zadia
55 pages
Extras
No ratings yet
Extras
9 pages
Bug Report
No ratings yet
Bug Report
31 pages
UsbFix Report
No ratings yet
UsbFix Report
5 pages
Otl
No ratings yet
Otl
18 pages
Bug Report
No ratings yet
Bug Report
8 pages
Otl
No ratings yet
Otl
16 pages
UsbFix Report
No ratings yet
UsbFix Report
4 pages
Bug Report
No ratings yet
Bug Report
9 pages
UsbFix Report
No ratings yet
UsbFix Report
3 pages
UsbFix Report
No ratings yet
UsbFix Report
8 pages
Bug Report
No ratings yet
Bug Report
7 pages
UsbFix Report
No ratings yet
UsbFix Report
3 pages
M CLeaner Log
No ratings yet
M CLeaner Log
15 pages
UsbFix Report
No ratings yet
UsbFix Report
4 pages
UsbFix Report
No ratings yet
UsbFix Report
9 pages
Lista Pastas Windows
No ratings yet
Lista Pastas Windows
3 pages
UsbFix Report
No ratings yet
UsbFix Report
3 pages
Files
No ratings yet
Files
17 pages
UsbFix Report
No ratings yet
UsbFix Report
4 pages
UsbFix Report
No ratings yet
UsbFix Report
4 pages
At Destroyer
No ratings yet
At Destroyer
5 pages
UsbFix Report
No ratings yet
UsbFix Report
6 pages
UsbFix Report 04
No ratings yet
UsbFix Report 04
4 pages
UsbFix Report
No ratings yet
UsbFix Report
6 pages
UsbFix Report
No ratings yet
UsbFix Report
4 pages
UsbFix Report
No ratings yet
UsbFix Report
4 pages
AdwCleaner (S1)
No ratings yet
AdwCleaner (S1)
4 pages
UsbFix Report
No ratings yet
UsbFix Report
3 pages
UsbFix Report
No ratings yet
UsbFix Report
3 pages
UsbFix Report
No ratings yet
UsbFix Report
6 pages
UsbFix Report
No ratings yet
UsbFix Report
3 pages
Bug Report 21
No ratings yet
Bug Report 21
5 pages
PC Essentials | Learn Basic Computing
From Everand
PC Essentials | Learn Basic Computing
Nolo Nob
No ratings yet
SolidWorks CAM 2023 Black Book
From Everand
SolidWorks CAM 2023 Black Book
Gaurav Verma
No ratings yet
SolidWorks CAM 2020 Black Book
From Everand
SolidWorks CAM 2020 Black Book
Gaurav Verma
No ratings yet
Evaluation of Some Android Emulators and Installation of Android OS on Virtualbox and VMware
From Everand
Evaluation of Some Android Emulators and Installation of Android OS on Virtualbox and VMware
Dr. Hidaia Mahmood Alassouli
No ratings yet