Olimpo Informatico

[salvosp]

Salve a tutti, da fine dicembre ho notato che il mio pc non aggiornava più automaticamente avira antivirus e anche forzandolo a scaricare l'aggiornamento questo non si connetteva al server di avira. Così ho disinstallato e reinstallato, ma nulla. Dopodiché ho provato a cambiare antivirus (Panda) ma anche lui non riusciva a scaricare gli aggiornamenti, e una volta disinstallato al primo riavvio è comparsa la schermata blu di crash di windows. Sono tornato all'ultima configurazione funzionante ed il pc è ripartito. Ogni antivirus che installo(ne ho provati diversi, anche kaspersky), non si connette con il server per la definizione virus ed al primo riavvio da schermata blu. Ora sono senza antivirus e prima di formattare volevo dei consigli. Posto il log di antimalware. Grazie

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software


Data scansione: 17/01/2015
Ora scansione: 10:44:17
File di log: Mab.txt
Amministratore: Si


Versione: 2.00.4.1028
Database malware: v2015.01.17.02
Database rootkit: v2015.01.14.01
Licenza: Free
Protezione da malware: Disattivata
Protezione da siti web nocivi: Disattivata
Autoprotezione: Disattivata


SO: Windows 7 Service Pack 1
CPU: x64
File system: NTFS
Utente: Proprietario


Tipo di scansione: Scansione elementi nocivi
Risultati: Completata
Elementi analizzati: 444499
Tempo impiegato: 24 min, 49 sec


Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Disattivata
Euristica: Attivata
PUP: Attivata
PUM: Attivata


Processi: 0
(Nessun elemento malevolo rilevato)


Moduli: 0
(Nessun elemento malevolo rilevato)


Chiavi di registro: 2
PUM.Chrome.EXTPOL, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME\EXTENSIONINST ALLFORCELIST, , [d0a604f42663ca6cb1c29b5cac5816ea],
PUM.Chrome.EXTPOL, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME\E XTENSIONINSTALLFORCELIST, , [b0c612e67b0ef14586eda45362a27090],


Valori di registro: 2
PUM.Chrome.EXTPOL, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME\EXTENSIONINST ALLFORCELIST|1, hgbdklilllegdfdjllpdknlobmfaablk;file:///C:/ProgramData/YoutubeAdblocker/hgbdklilllegdfdjllpdknlobmfaablk/hgbdklilllegdfdjllpdknlobmfaablk.crx.update.xml, , [d0a604f42663ca6cb1c29b5cac5816ea]
PUM.Chrome.EXTPOL, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME\E XTENSIONINSTALLFORCELIST|1, hgbdklilllegdfdjllpdknlobmfaablk;file:///C:/ProgramData/YoutubeAdblocker/hgbdklilllegdfdjllpdknlobmfaablk/hgbdklilllegdfdjllpdknlobmfaablk.crx.update.xml, , [b0c612e67b0ef14586eda45362a27090]


Dati di registro: 0
(Nessun elemento malevolo rilevato)


Cartelle: 0
(Nessun elemento malevolo rilevato)


File: 0
(Nessun elemento malevolo rilevato)


Settori fisici: 0
(Nessun elemento malevolo rilevato)




(end)

[R16]

Ciao e benvenuto.

Fai una pulizia con CCleaner, compreso anche il registro.
Riavvia il pc.

Al riavvio:

Scarica FRST sul Desktop. (è obligatorio)

Installa la versione adatta al tuo Sistema Operativo (32 bit oppure 64 bit )

link

Avvialo e clicca Esegui.

Sulla finestra che ti compare clicca SI.

Clicca Scan.

Aspetta pazientemente la fine della scansione.

Posta i 2 log log che rilascia sul desktop (FRST.txt e Addition.txt)

Per postare i log:

Collegati ad internet e vai alla pagina WikiSend:
link
Clicca sul bottone "Sfoglia"
Seleziona il file appena salvato
Clicca su Upload file
Dopo qualche secondo, vieni spostato su una nuova pagina con il link in diversi formati:
Download Link / Forum Link
Seleziona Forum Link, copialo e incollalo in un nuovo messaggio per il forum.

[salvosp]

ok appena fatto, questi i risultati:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-01-2015
Ran by Proprietario (administrator) on PROPRIETARIO-PC on 18-01-2015 12:14:02
Running from C:\Users\Proprietario\Desktop
Loaded Profiles: Proprietario (Available profiles: Proprietario & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Italiano (Italia)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe
(New Softwares.net) C:\Windows\SysWOW64\WinFLService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Proprietario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
( New Softwares.net) C:\Windows\SysWOW64\WinFLTray.exe
(New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
( New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServ.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [UXTheme Launcher] => C:\Program Files (x86)\UXTheme Multi-Patcher\themeengine.exe [239887 2014-10-15] (Windows X)
HKU\S-1-5-21-1222679979-25554070-2732178706-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1222679979-25554070-2732178706-1000\...\Run: [Spotify Web Helper] => C:\Users\Proprietario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-20] (Spotify Ltd)
HKU\S-1-5-21-1222679979-25554070-2732178706-1000\...\Run: [WinFLTray] => C:\Windows\SysWow64\WinFLTray.exe [322360 2014-08-22] ( New Softwares.net)
HKU\S-1-5-21-1222679979-25554070-2732178706-1000\...\Run: [FLBackup] => C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe [275768 2014-08-22] (New Softwares.net)
HKU\S-1-5-21-1222679979-25554070-2732178706-1000\...\MountPoints2: {383daed9-d75e-11e2-8ce5-f46d041e1fae} - F:\LaunchU3.exe -a
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:53210;https=127.0.0.1:53210;
HKU\S-1-5-21-1222679979-25554070-2732178706-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Guida per l'accesso a Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1222679979-25554070-2732178706-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Proprietario\AppData\Roaming\Mozilla\Firefox\Profiles\67gkwanl.default
FF DefaultSearchEngine:
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1222679979-25554070-2732178706-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Proprietario\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF user.js: detected! => C:\Users\Proprietario\AppData\Roaming\Mozilla\Firefox\Profiles\67gkwanl.default\user.js
FF Extension: Ant Video Downloader - C:\Users\Proprietario\AppData\Roaming\Mozilla\Firefox\Profiles\67gkwanl.default\Extensions\anttoolbar@ant.com [2014-09-05]
FF Extension: Media Hint - C:\Users\Proprietario\AppData\Roaming\Mozilla\Firefox\Profiles\67gkwanl.default\Extensions\mediahint@jetpack.xpi [2014-03-20]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR StartupUrls: Default -> "hxxp://www.google.it/ig", "https://www.google.com/", "hxxp://start.iminent.com/?appId=C8C12520-1D2A-41F0-8B2C-6CFB836BB304"
CHR Profile: C:\Users\Proprietario\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Presentazioni Google) - C:\Users\Proprietario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-17]
CHR Extension: (Documenti Google) - C:\Users\Proprietario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-17]
CHR Extension: (Google Drive) - C:\Users\Proprietario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-17]
CHR Extension: (YouTube) - C:\Users\Proprietario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-17]
CHR Extension: (Ricerca Google) - C:\Users\Proprietario\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-17]
CHR Extension: (Fogli Google) - C:\Users\Proprietario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-17]
CHR Extension: (Dark atmosphere) - C:\Users\Proprietario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfpikgkkfdoabncoileilaglepbpdhek [2015-01-17]
CHR Extension: (Skype Click to Call) - C:\Users\Proprietario\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-17]
CHR Extension: (Google Wallet) - C:\Users\Proprietario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-17]
CHR Extension: (Gmail) - C:\Users\Proprietario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-07-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe [56648 2014-12-15] (Google Inc.)
R2 FLService; C:\Windows\SysWow64\WinFLService.exe [92984 2014-08-22] (New Softwares.net)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2000-01-01] (Realtek Semiconductor)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-12-12] (Microsoft Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 A2DDA; C:\EEK\RUN\a2ddax64.sys [26176 2014-03-18] (Emsisoft GmbH)
S3 cleanhlp; C:\EEK\Run\cleanhlp64.sys [57024 2014-03-18] (Emsisoft GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-10-11] (DT Soft Ltd)
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-17] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2013-06-17] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2015-01-13] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [36384 2014-08-22] ()
R2 WinVDEDrv; C:\Windows\SysWow64\WinVDEdrv.sys [225680 2014-08-22] (NewSoftwares.net, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-18 12:14 - 2015-01-18 12:14 - 00016073 _____ () C:\Users\Proprietario\Desktop\FRST.txt
2015-01-18 12:13 - 2015-01-18 12:14 - 00000000 ____D () C:\FRST
2015-01-18 12:13 - 2015-01-18 12:13 - 02126336 _____ (Farbar) C:\Users\Proprietario\Desktop\FRST64.exe
2015-01-18 00:17 - 2015-01-18 00:17 - 00000000 ____D () C:\Users\Proprietario\Desktop\Mp3
2015-01-17 23:09 - 2015-01-18 10:48 - 00000224 _____ () C:\Windows\setupact.log
2015-01-17 23:09 - 2015-01-17 23:09 - 00001268 _____ () C:\Windows\PFRO.log
2015-01-17 23:09 - 2015-01-17 23:09 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-17 14:44 - 2015-01-17 14:50 - 00000000 ____D () C:\Users\Proprietario\AppData\Local\Popcorn-Time
2015-01-17 13:28 - 2015-01-17 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-17 11:12 - 2015-01-17 11:12 - 00001964 _____ () C:\Users\Proprietario\Desktop\Mab.txt
2015-01-17 10:40 - 2015-01-17 10:44 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-17 10:40 - 2015-01-17 10:40 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-17 10:40 - 2015-01-17 10:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-17 10:40 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-17 10:40 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-17 10:40 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-16 23:10 - 2015-01-17 10:21 - 00000000 ____D () C:\Program Files\EqualizerAPO
2015-01-16 23:10 - 2015-01-16 23:10 - 00000000 ____D () C:\Users\Proprietario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Equalizer APO 0.9.1
2015-01-16 22:58 - 2015-01-16 22:58 - 00880784 _____ (Google Inc.) C:\Users\Proprietario\Downloads\ChromeSetup.exe
2015-01-16 12:53 - 2015-01-16 12:53 - 00001065 _____ () C:\Users\Proprietario\Desktop\reposrt.txt
2015-01-16 12:15 - 2015-01-17 10:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-16 12:15 - 2015-01-16 12:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-16 11:55 - 2015-01-16 11:55 - 00000000 ____D () C:\ProgramData\Shared Space
2015-01-16 11:53 - 2015-01-16 11:54 - 00000000 ____D () C:\Program Files\COMODO
2015-01-16 11:52 - 2015-01-16 11:52 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2015-01-13 13:23 - 2015-01-13 13:23 - 00000000 ____D () C:\Program Files\AMD
2015-01-13 13:23 - 2015-01-13 13:23 - 00000000 ____D () C:\Program Files (x86)\AMD
2015-01-13 12:37 - 2015-01-13 12:37 - 00003132 _____ () C:\Windows\System32\Tasks\RTKCPL
2015-01-13 12:37 - 2015-01-13 12:37 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-01-13 12:37 - 2015-01-13 12:37 - 00000000 ____D () C:\Windows\system32\SRSLabs
2015-01-13 12:37 - 2015-01-13 12:37 - 00000000 ____D () C:\Program Files\Realtek
2015-01-13 12:35 - 2000-01-01 01:00 - 04263128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-01-13 12:35 - 2000-01-01 01:00 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 02827120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-01-13 12:35 - 2000-01-01 01:00 - 01550528 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-13 12:35 - 2000-01-01 01:00 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 00629464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-01-13 12:35 - 2000-01-01 01:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-01-13 12:04 - 2015-01-13 12:40 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-01-13 12:04 - 2000-01-01 01:00 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-12-25 13:47 - 2014-12-25 13:47 - 00061477 _____ () C:\Users\Proprietario\Desktop\bookmarks_25_12_14.html
2014-12-25 10:49 - 2014-12-25 10:50 - 00000002 _____ () C:\Users\Proprietario\uninstall.log
2014-12-25 10:22 - 2015-01-16 13:49 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-12-24 21:48 - 2014-12-24 21:48 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-12-24 21:27 - 2014-12-24 21:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-12-24 21:27 - 2014-12-24 21:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-12-24 20:02 - 2014-12-25 14:14 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-12-24 20:02 - 2014-12-25 02:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-12-24 18:43 - 2014-12-24 22:38 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-12-24 18:02 - 2014-12-24 18:02 - 00000000 ____D () C:\Users\MATTEO\AppData\Roaming\ATI
2014-12-24 18:02 - 2014-12-24 18:02 - 00000000 ____D () C:\Users\MATTEO\AppData\Local\ATI
2014-12-24 17:57 - 2014-12-24 17:57 - 00000000 ____D () C:\Users\MATTEO\AppData\Roaming\Apple Computer
2014-12-24 17:56 - 2014-12-25 02:03 - 00000000 ____D () C:\Users\MATTEO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-24 17:56 - 2014-12-25 02:03 - 00000000 ____D () C:\Users\MATTEO
2014-12-24 17:56 - 2014-12-25 02:01 - 00000000 ___RD () C:\Users\MATTEO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-24 17:56 - 2014-12-24 17:57 - 00000000 ____D () C:\Users\MATTEO\AppData\Local\Google
2014-12-24 17:56 - 2014-12-24 17:56 - 00000000 _SHDL () C:\Users\MATTEO\Risorse di stampa
2014-12-24 17:56 - 2014-12-24 17:56 - 00000000 _SHDL () C:\Users\MATTEO\Risorse di rete
2014-12-24 17:56 - 2014-12-24 17:56 - 00000000 _SHDL () C:\Users\MATTEO\Recenti
2014-12-24 17:56 - 2014-12-24 17:56 - 00000000 _SHDL () C:\Users\MATTEO\Modelli
2014-12-24 17:56 - 2014-12-24 17:56 - 00000000 _SHDL () C:\Users\MATTEO\Menu Avvio
2014-12-24 17:56 - 2014-12-24 17:56 - 00000000 _SHDL () C:\Users\MATTEO\Impostazioni locali
2014-12-24 17:56 - 2014-12-24 17:56 - 00000000 _SHDL () C:\Users\MATTEO\Documents\Video
2014-12-24 17:56 - 2014-12-24 17:56 - 00000000 _SHDL () C:\Users\MATTEO\Documents\Musica
2014-12-24 17:56 - 2014-12-24 17:56 - 00000000 _SHDL () C:\Users\MATTEO\Documents\Immagini
2014-12-24 17:56 - 2014-12-24 17:56 - 00000000 _SHDL () C:\Users\MATTEO\Documenti
2014-12-24 17:56 - 2014-12-24 17:56 - 00000000 _SHDL () C:\Users\MATTEO\Dati applicazioni
2014-12-24 17:56 - 2014-12-24 17:56 - 00000000 _SHDL () C:\Users\MATTEO\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2014-12-24 17:56 - 2014-12-24 17:56 - 00000000 _SHDL () C:\Users\MATTEO\AppData\Local\Dati applicazioni
2014-12-24 17:56 - 2014-12-24 17:56 - 00000000 _SHDL () C:\Users\MATTEO\AppData\Local\Cronologia
2014-12-24 17:56 - 2014-12-24 17:56 - 00000000 ____D () C:\Users\MATTEO\AppData\Local\VirtualStore
2014-12-24 17:56 - 2013-06-17 18:08 - 00000000 ____D () C:\Users\MATTEO\AppData\Roaming\TuneUp Software
2014-12-24 16:25 - 2015-01-16 14:16 - 00000000 ____D () C:\ProgramData\Comodo
2014-12-24 15:30 - 2014-12-25 19:42 - 00000000 ____D () C:\Users\Proprietario\AppData\Roaming\Panda Security
2014-12-24 15:26 - 2014-12-25 19:42 - 00000000 ____D () C:\ProgramData\Panda Security
2014-12-24 15:21 - 2014-12-25 14:14 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-24 15:14 - 2014-12-24 15:14 - 00000318 _____ () C:\Windows\system32\ayboot.ini
2014-12-24 15:14 - 2014-12-24 15:14 - 00000000 ____D () C:\Users\Proprietario\AppData\Roaming\EstSoft
2014-12-24 15:07 - 2014-12-25 14:14 - 00000000 ____D () C:\Program Files\Roboscan
2014-12-20 16:46 - 2014-12-20 16:46 - 00000000 ____D () C:\Users\Proprietario\AppData\Roaming\11bitstudios

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-18 12:13 - 2013-06-17 16:37 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-18 12:12 - 2014-12-11 11:34 - 01276100 _____ () C:\Windows\WindowsUpdate.log
2015-01-18 12:12 - 2014-03-20 00:36 - 00000978 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-18 12:12 - 2013-06-24 07:59 - 00000956 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1222679979-25554070-2732178706-1000UA.job
2015-01-18 10:55 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-18 10:55 - 2009-07-14 05:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-18 10:48 - 2013-09-08 15:45 - 00000440 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-01-18 10:48 - 2013-06-17 16:37 - 00001146 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-18 10:48 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-18 00:48 - 2014-03-20 00:36 - 00003916 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-18 00:48 - 2013-06-17 14:48 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-18 00:48 - 2013-06-17 14:48 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-17 20:53 - 2013-06-24 07:59 - 00000934 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1222679979-25554070-2732178706-1000Core.job
2015-01-17 14:46 - 2014-01-03 20:51 - 00000000 ____D () C:\Users\Proprietario\AppData\Roaming\uTorrent
2015-01-17 14:45 - 2013-08-29 16:56 - 00000000 ____D () C:\Windows\Minidump
2015-01-17 14:42 - 2013-06-18 08:42 - 00000000 ____D () C:\Users\Proprietario\Documents\Film
2015-01-17 13:28 - 2013-06-17 16:37 - 00000000 ____D () C:\Users\Proprietario\AppData\Local\Google
2015-01-17 13:28 - 2013-06-17 16:37 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-17 12:53 - 2014-02-23 11:43 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-17 12:53 - 2013-06-18 16:42 - 00000000 ____D () C:\ProgramData\Avira
2015-01-16 14:18 - 2013-10-15 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-01-16 14:18 - 2013-06-17 11:46 - 00000000 ____D () C:\Users\Proprietario
2015-01-16 14:17 - 2014-02-19 18:54 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2015-01-16 14:17 - 2014-02-19 18:54 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2015-01-16 14:17 - 2014-02-19 18:54 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2015-01-16 14:17 - 2014-02-19 18:54 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2015-01-16 14:17 - 2013-10-08 19:53 - 00000000 ____D () C:\Users\Administrator
2015-01-16 14:17 - 2013-06-17 16:24 - 00000000 ____D () C:\Users\Proprietario\AppData\Roaming\vlc
2015-01-16 14:17 - 2013-06-17 14:48 - 00000000 ____D () C:\Windows\system32\Macromed
2015-01-16 14:17 - 2010-11-21 16:41 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-01-16 14:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-16 14:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-01-16 14:13 - 2014-05-16 16:32 - 00000000 ____D () C:\Program Files\ATI
2015-01-16 14:13 - 2014-05-10 18:00 - 00000000 ____D () C:\EEK
2015-01-16 14:13 - 2013-11-13 15:04 - 00000000 ____D () C:\Program Files (x86)\steam
2015-01-14 22:20 - 2013-06-18 20:02 - 00000000 ____D () C:\Users\Proprietario\AppData\Local\Spotify
2015-01-13 12:44 - 2014-05-16 16:15 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2015-01-13 12:35 - 2013-06-17 14:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-13 12:35 - 2013-06-17 14:31 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-13 11:21 - 2013-06-18 19:55 - 00000000 ___RD () C:\Users\Proprietario\Dropbox
2015-01-13 11:20 - 2010-11-21 16:30 - 00743446 _____ () C:\Windows\system32\perfh010.dat
2015-01-13 11:20 - 2010-11-21 16:30 - 00148096 _____ () C:\Windows\system32\perfc010.dat
2015-01-13 11:20 - 2009-07-14 06:13 - 01666026 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-13 11:17 - 2013-06-18 19:49 - 00000000 ____D () C:\Users\Proprietario\AppData\Roaming\Dropbox
2015-01-11 17:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-08 22:02 - 2013-06-18 08:42 - 00000000 ____D () C:\Users\Proprietario\Desktop\Appunti
2015-01-06 13:02 - 2013-06-18 20:01 - 00000000 ____D () C:\Users\Proprietario\AppData\Roaming\Spotify
2014-12-25 21:47 - 2013-06-17 15:49 - 00115400 _____ () C:\Users\Proprietario\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-25 14:16 - 2014-11-05 10:54 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-12-25 14:16 - 2010-11-21 16:41 - 00000000 ____D () C:\Windows\ShellNew
2014-12-25 14:16 - 2010-11-21 16:41 - 00000000 ____D () C:\Program Files\Windows Journal
2014-12-25 14:14 - 2014-12-12 09:33 - 00000000 ____D () C:\Program Files (x86)\UXTheme Multi-Patcher
2014-12-25 14:14 - 2014-11-05 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-12-25 14:14 - 2014-11-05 10:54 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-25 14:14 - 2014-11-05 10:54 - 00000000 ____D () C:\Program Files\iTunes
2014-12-25 14:14 - 2014-11-05 10:54 - 00000000 ____D () C:\Program Files\iPod
2014-12-25 14:14 - 2014-10-30 15:34 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-25 14:14 - 2014-08-22 16:41 - 00000000 ____D () C:\Users\Proprietario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Folder Lock
2014-12-25 14:14 - 2014-08-22 16:41 - 00000000 ____D () C:\Program Files (x86)\NewSoftware's
2014-12-25 14:14 - 2014-02-19 18:54 - 00000000 ____D () C:\Users\Proprietario\AppData\Local\Comodo
2014-12-25 14:14 - 2014-02-19 18:54 - 00000000 ____D () C:\ProgramData\56ddd064177efe04
2014-12-25 14:14 - 2013-11-26 19:24 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-12-25 14:14 - 2013-06-17 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2014-12-25 14:14 - 2013-06-17 17:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-12-25 14:14 - 2010-11-21 16:30 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-12-25 14:14 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-25 14:14 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-25 14:14 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media
2014-12-25 14:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-12-25 14:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-12-25 14:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-12-25 14:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-12-25 14:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2014-12-25 14:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\schemas
2014-12-25 14:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-25 14:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-12-25 14:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-25 14:09 - 2013-06-17 16:35 - 00000000 ____D () C:\Users\Proprietario\AppData\Local\Mozilla
2014-12-25 14:09 - 2013-06-17 16:32 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-12-25 14:08 - 2013-06-17 17:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-12-25 14:08 - 2013-06-17 17:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-12-24 15:01 - 2009-07-14 06:08 - 00032548 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-24 14:16 - 2013-06-18 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-12-24 14:16 - 2013-06-18 15:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-21 19:44 - 2013-06-18 09:29 - 00000000 ____D () C:\Users\Proprietario\Documents\My Games
2014-12-20 16:19 - 2014-08-22 16:43 - 00015939 ___SH () C:\Windows\SysWOW64\win_fldb_sys.dat
2014-12-20 16:12 - 2014-08-22 16:42 - 00011781 ___SH () C:\Windows\SysWOW64\win_flfiles_sys.dat
2014-12-20 10:21 - 2014-08-22 16:42 - 00003465 ___SH () C:\Windows\SysWOW64\win_stlthdb_sys.dat

==================== Files in the root of some directories =======
2014-01-30 10:02 - 2014-01-30 10:07 - 0000092 _____ () C:\Users\Proprietario\AppData\Roaming\regsvr32.exe_log.txt
2013-06-17 18:35 - 2013-06-17 18:35 - 0000000 _____ () C:\Users\Proprietario\AppData\Roaming\wklnhst.dat
2014-09-24 20:39 - 2014-09-24 20:39 - 0000000 ___SH () C:\Users\Proprietario\AppData\Local\LumaEmu
2014-04-10 22:26 - 2014-04-10 22:26 - 0000017 _____ () C:\Users\Proprietario\AppData\Local\resmon.resmoncfg
2013-08-27 10:37 - 2013-08-28 14:24 - 0002667 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\MATTEO\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-14 08:59

==================== End Of Log


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2015
Ran by Proprietario at 2015-01-18 12:15:20
Running from C:\Users\Proprietario\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1222679979-25554070-2732178706-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
4K Stogram 1.6 (HKLM-x32\...\4K Stogram_is1) (Version: 1.6.2.650 - Open Media LLC)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{4B5124DF-F465-2BA6-FCCF-82C149E1223D}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assistente per l'accesso a Windows Live (HKLM-x32\...\{6F695BCF-9BDC-48AB-8D46-D57CFAD7A248}) (Version: 5.000.818.5 - Microsoft Corporation)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0007 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
calibre (HKLM-x32\...\{092888A8-8F3B-4C31-8636-F9632030C971}) (Version: 2.5.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.4003 - CDBurnerXP)
Chrome Remote Desktop Host (HKLM-x32\...\{6FC79C95-F54F-4515-8012-01F33D894492}) (Version: 40.0.2214.44 - Google Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DJ_AIO_06_F2400_SW_Min (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-1222679979-25554070-2732178706-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 0.9.1 - )
F2400 (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Folder Lock (HKLM-x32\...\Folder Lock) (Version: - New Softwares.net)
Free M4a to MP3 Converter 8.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}) (Version: 13.0 - HP)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java(TM) 6 Update 7 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Kindle Comic Converter (HKLM\...\{7D279A59-C65E-4DA7-B165-56DD06596216}_is1) (Version: 4.3 - Ciro Mattia Gonano, Paweł Jastrzębski)
Malwarebytes Anti-Malware versione 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (Italian) (HKLM-x32\...\{95120000-00AF-0410-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{34A08914-7A33-4040-A959-1577BF5AFF8A}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
mkv2vob (HKLM-x32\...\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}) (Version: 2.4.9 - 3r1c)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 30.0 (x86 it) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 it)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NBA 2K14 (HKLM-x32\...\{4FE0545A-1BF3-4B9B-A044-6E1EE719E197}) (Version: 1.0.0 - 2K Sports)
OpenOffice.org 3.0 (HKLM-x32\...\{85F0337D-33AC-43B4-A003-DF35061F1D8D}) (Version: 3.0.9379 - OpenOffice.org)
Pacchetto di compatibilità per Office System 2007 (HKLM-x32\...\{90120000-0020-0410-0000-0000000FF1CE}) (Version: 12.0.4518.1018 - Microsoft Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.9.5 - pdfforge)
PlayCamera (HKLM-x32\...\{804F1285-8CBF-408D-8CDC-D4D40003B2E4}) (Version: 1.0.1.7 - )
Popcorn Time (HKLM-x32\...\{38B39D8E-1AEF-4F01-82BE-36F3307244F5}) (Version: 2.0.0 - Time4Popcorn)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Raccolta foto di Windows Live (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.)
Rogue Legacy (HKLM-x32\...\GOGPACKROGUELEGACY_is1) (Version: 2.2.0.10 - GOG.com)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.10.13089 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.5.8.4 - Splashtop Inc.)
Spotify (HKU\S-1-5-21-1222679979-25554070-2732178706-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Strumento di caricamento di Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Supporto applicazioni Apple (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
The Walking DeadSeason 2 Edizione completa versione 5.0.0.0 (HKLM-x32\...\The Walking DeadSeason 2 Edizione completa_is1) (Version: 5.0.0.0 - oLtJoN)
TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Nome società)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Twin USB Vibration Gamepad (HKLM-x32\...\{1BBDD6C0-ED6F-43C3-8A9C-84E3249A5615}) (Version: 2007.01.01 - )
USB 2.0 VGA UVC WebCam (HKLM\...\USB 2.0 VGA UVC WebCam) (Version: - )
USB Force Wheel (HKLM-x32\...\{D5778AE9-6376-4CE6-AD4A-8712F4EC3302}) (Version: 2002.10.8 - )
USB Vibration Joystick (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
Veetle TV (HKLM-x32\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinDjView 2.0.2 (HKLM\...\WinDjView) (Version: 2.0.2 - Andrew Zhezherun)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{C89F2092-B9E4-46FD-83BB-C6F2D7838CED}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip (HKLM-x32\...\WinZip) (Version: 8.1 (4331) - WinZip Computing, Inc.)
World of Tanks (HKU\S-1-5-21-1222679979-25554070-2732178706-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1222679979-25554070-2732178706-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Proprietario\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1222679979-25554070-2732178706-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Proprietario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1222679979-25554070-2732178706-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Proprietario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1222679979-25554070-2732178706-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Proprietario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1222679979-25554070-2732178706-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Proprietario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1222679979-25554070-2732178706-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Proprietario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1222679979-25554070-2732178706-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Proprietario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1222679979-25554070-2732178706-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Proprietario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1222679979-25554070-2732178706-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Proprietario\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

13-01-2015 11:06:36 SlimDrivers Installing Drivers
13-01-2015 11:59:09 SlimDrivers Installing Drivers
13-01-2015 12:35:34 Installato Realtek High Definition Audio Driver
13-01-2015 12:45:51 SlimDrivers Installing Drivers
16-01-2015 11:53:58 Installing COMODO Firewall
16-01-2015 11:55:49 Installazione pacchetto driver di dispositivo: COMODO Servizi di rete
16-01-2015 13:45:55 Removed GeekBuddy.
16-01-2015 13:48:20 Removed COMODO Firewall
16-01-2015 13:51:01 Removed COMODO Firewall

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2013-10-08 17:55 - 00001487 ___RA C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 csc3-2010-crl.verisign.com
127.0.0.1 ocsp.verisign.com
127.0.0.1 crl.verisign.com
127.0.0.1 download.dm.origin.com
127.0.0.1 secure.download.dm.origin.com
127.0.0.1 loginregistration.dm.origin.com
127.0.0.1 achievements.gameservices.ea.com
127.0.0.1 friends.dm.origin.com
127.0.0.1 avatar.dm.origin.com
127.0.0.1 ecommerce.dm.origin.com
127.0.0.1 static.cdn.ea.com
127.0.0.1 tealium.hs.llnwd.net
127.0.0.1 heartbeat.dm.origin.com
127.0.0.1 web.dm.origin.com
127.0.0.1 store.origin.com
127.0.0.1 ec2-54-243-231-82.compute-1.amazonaws.com
127.0.0.1 eaassets-a.akamaihd.net
127.0.0.1 ssl.resources.ea.com
127.0.0.1 akamai.cdn.ea.com
127.0.0.1 novafusion.ea.com
127.0.0.1 proxy.novafusion.ea.com
127.0.0.1 ec2-23-23-167-200.compute-1.amazonaws.com
127.0.0.1 dirtybits.dm.origin.com
127.0.0.1 chat.dm.origin.com
127.0.0.1 easo.ea.com
127.0.0.1 ea.com
127.0.0.1 telemetry.simcity.com
127.0.0.1 ec2-54-228-227-181.eu-west-1.compute.amazonaws.com
127.0.0.1 ec2-46-137-177-16.eu-west-1.compute.amazonaws.com

There are 11 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {043FFC62-8E9E-4BFE-9E6D-523C05C034A7} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1222679979-25554070-2732178706-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {0DE28F55-293A-4B41-B6EE-4B21A702D75B} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ATTENTION
Task: {148483C6-891D-443C-92B4-BD3A6F89B76B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2000-01-01] (Realtek Semiconductor)
Task: {150826EA-A550-4D55-BA4B-841EEA31BEC7} - System32\Tasks\{91356923-FB88-4BC1-B6D1-8B23FC1B0A09} => C:\Users\Proprietario\Documents\Film\SimCity 2000\SC2000.EXE
Task: {1A1261E5-3A38-45C9-89C4-1AD03AA6CB7B} - System32\Tasks\{6D98BF0D-DC22-42A7-9133-50B510C295B9} => Chrome.exe http://ui.skype.com/ui/0/6.14.60.104/it/abandoninstall?page=tsProgressBar
Task: {21460EE7-BE1B-4E43-A8F6-3E0D33536940} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {2A6FD9A8-6EB9-4005-BA97-05A0EBDBAA21} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {31181A88-9E11-4C3F-BEDD-10F09AC7F10B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1222679979-25554070-2732178706-1000Core => C:\Users\Proprietario\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {3F4E2BED-98B5-4689-B073-8CB74BF45E3F} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {46FCA7DD-87C5-4E9F-94BD-96A8AF086CD6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-17] (Google Inc.)
Task: {49799862-0C0A-49C1-AB65-7BBDB06F15B2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-18] (Adobe Systems Incorporated)
Task: {49B16178-7CD8-4AF9-828D-9B2BD8CC79E4} - System32\Tasks\{567BAB10-3BB0-4A69-B0FC-0F87B5E09376} => C:\Users\Proprietario\Documents\Film\SimCity 2000\SC2000.EXE
Task: {5E8A11E2-5574-4AC0-B578-0A0C842D2ECD} - System32\Tasks\{17078986-6146-4F98-A4A2-FBA51DB41437} => Chrome.exe http://ui.skype.com/ui/0/6.14.60.104/it/abandoninstall?page=tsProgressBar
Task: {6095CE50-07D2-4165-88BE-323E618C81BB} - System32\Tasks\{FE9C22A1-BEED-4CAD-822A-D544463EE2C3} => C:\Users\Proprietario\Documents\Film\SimCity 2000\SC2000.EXE
Task: {6F4DFCAE-8B2F-4ADF-9037-CE5546F633E1} - System32\Tasks\UNELEVATE_17495 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1384\jsdrv.exe <==== ATTENTION
Task: {72C05842-2B02-4084-BEEB-7FA40B4621BB} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {8B1779FF-4906-4D21-A65C-3033B1492DD0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1222679979-25554070-2732178706-1000UA => C:\Users\Proprietario\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {96091428-957B-4628-977A-6CCCD37B44D8} - System32\Tasks\{FF92E344-5109-4AAC-BDBD-3352EE0E5D7B} => C:\Users\Proprietario\Documents\Film\SimCity 2000\SC2000.EXE
Task: {ACF7AB68-898F-40B9-97C3-FA7353083B12} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C1C0AC77-B99D-4AC1-9FB9-0B464FD223B9} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {D1DAEB78-9E1E-4042-BE44-3EB85786AC8E} - System32\Tasks\{B236C0A7-3E50-444B-9207-0AA3B4335F8F} => C:\Users\Proprietario\Documents\Film\SimCity 2000\SC2000.EXE
Task: {D86677ED-970F-4C07-9E6C-CA3708FE2941} - System32\Tasks\{3982AE32-35D0-4BCC-B08E-6A1BEE2701FE} => pcalua.exe -a D:\setup.exe -d D:\
Task: {E13C88C6-BBA5-4F61-8387-B05AD35938E5} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
Task: {E594F8DF-4AFA-4BC5-8E36-59F33C7C51A0} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1222679979-25554070-2732178706-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {F1A6D086-5C5D-4FB1-BE6C-63BEC4532B5E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-17] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1222679979-25554070-2732178706-1000Core.job => C:\Users\Proprietario\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1222679979-25554070-2732178706-1000UA.job => C:\Users\Proprietario\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-02 20:51 - 2014-09-02 20:51 - 00537600 _____ () C:\Program Files\EqualizerAPO\EqualizerAPO.dll
2013-03-28 21:30 - 2013-03-28 21:30 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 ____R () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Proprietario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-1222679979-25554070-2732178706-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-1222679979-25554070-2732178706-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1222679979-25554070-2732178706-1003 - Limited - Enabled)
Proprietario (S-1-5-21-1222679979-25554070-2732178706-1000 - Administrator - Enabled) => C:\Users\Proprietario

==================== Faulty Device Manager Devices =============

Name: Scheda miniport WiFi virtuale Microsoft
Description: Scheda miniport WiFi virtuale Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Teredo Tunneling Pseudo-Interface
Description: Scheda Microsoft Teredo Tunneling
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/18/2015 10:48:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/17/2015 11:09:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/17/2015 00:56:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/17/2015 11:14:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/17/2015 10:44:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/17/2015 10:33:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/17/2015 09:38:31 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generazione del contesto di attivazione non riuscita per "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Errore nel file manifesto o dei criteri "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2", riga WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
L'identità del componente trovata nel manifesto non corrisponde all'identità del componente richiesto.
Il riferimento è WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
La definizione è WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Utilizzare sxstrace.exe per ottenere una diagnosi dettagliata.

Error: (01/17/2015 09:37:14 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Errore nel file manifesto o dei criteri "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2", alla riga C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.1751

[R16]

Ciao.
Avevo indicato un modo diverso per postare i log.

scarica questo file sul desktop: (dove si trova FRST)

link

Avvia FRST e clicca su FIX.

Attendi la fine della scansione.
Posta il file fixlog.txt.

Poi fai un ripristino di Chrome:
link

Se non si è risolto si dovrà provare con una scansione con Combofix:
Segui le istruzioni di questo topic per usare Combofix: ( ricorda di salvarlo sul Desktop)
http://forum.zeusnews.com/viewtopic.php?t=45224

N.B:
Per favore posta i log come indicato in rosso nel post sopra.

P.S:
Hai provato a scaricare qualche antivirus con un browser diverso da Chrome?

[salvosp]

Scusami per prima, non avevo letto per bene. Ho provato a scaricare con un altro browser ma nulla, sempre lo stesso problema.

Ti posto il fixlog

Fixlog.txt

[R16]

Forse hai sbagliato qualcosa perchè non è stato eliminato nulla di quello che volevo eliminare.

Sicuro di avere posizionato il file di testo dove si trova FRST ?

Elimina i file di testo (fixlist.txt e fixlog.txt ).

Scarica questo nuovo file di testo sul DESKTOP:

link

Apri FRST e clicca su FIX 1 sola volta.

Attendi la fine della scansione.
Posta il file fixlog.txt.

Poi fai questa scansione con Combofix:
Segui le istruzioni di questo topic per usare Combofix: ( ricorda di salvarlo sul Desktop)
http://forum.zeusnews.com/viewtopic.php?t=45224

[salvosp]

Ho fatto la scansione, con combofix seguendo la guida da te postata. Ha trovato un po di roba, però al riavvio è una mezz'ora che sta tentando di creare il reporter e non va avanti. Appena finisce lo posto e rieseguita fsrt. Grazie per l'interessamento comunque.

[salvosp]

ti posto il report di combofix

ComboFix.txt

E i due report di Frst fatti dopo combofix

Addition.txt

FRST.txt

[R16]

Ciao.

Apri un file di testo con il Block Note sul Desktop
Ci incolli il codice che vedi qui sotto, e salvi il file di testo obbligatoriamente con il nome CFScript.txt

[salvosp]

ti posto il log aggiornato di combofix, ora faccio la scansione con l'altro programma consigliato

ComboFix.txt

[salvosp]

Fatta anche la scansione adware, ti ringrazio ancora per l'aiuto!

.txt]AdwCleaner[S0].txt

.txt]AdwCleaner[R0].txt

[R16]

Ok.
Adesso vediamo come si trova lo stato generale del pc:
Fai questa scansione con OTL.
http://forum.zeusnews.com/viewtopic.php?t=51382
Posta i log come hai fatto con Combofix.

[salvosp]

fatto la scansione:

OTL.Txt

Extras.Txt

[R16]

Ciao.
Il log di OTL non presenta particolari problemi.
Vorrei sapere se conosci e usi questi software:
NewSoftware's
Splashtop
Fammi sapere come funziona il pc.

[salvosp]

Ciao, oggi non l'ho ancora acceso però già ieri sera il browser chrome mi è sembrato più reattivo. Ho provato ad installare ancora avira ma nulla, solito problema di connessione.
I due programmi che mi hai chiesto gli ho installati io,quindi si li conosco.

Mi sono dimenticato di dire che un po di tempo fa presi un virus che cambiava le impostazioni del DNS e apriva pagine casuali, ma resettando il router tornava a funzionare il tutto, ma fino a pochi giorni fa si ripresentava abbastanza frequentemente. Dopo la scansione con combofix di ieri ( ho navigato parecchio in rete) sembra non avvenire più.

Grazie per l'aiuto che mi hai dato, molto probabilmente c'è casino nei file di sistema ed occorre una formattazione.

[R16]

[salvosp]

Certo, ti seguo al 100%

[R16]

Ok.
Leggi attentamente queste istruzioni:

Scarica ripristino di Windows da Tweaking.com sul desktop.

link

Doppio click su "Repair_Windows"

Eseguilo, e installalo.

Clicca sulla scheda "Repairs".

Clicca su "Open Repairs".

Metti la spunta a: (se trovi le caselline tutte spuntate clicca su : "Unselect All")

[salvosp]

Fatto, ma ancora nulla. oltretutto ha ricominciato ad aprirmi pagine da solo mentre navigo e mi ha cambiato i server DNS. Misteri!!

[R16]

Ciao.