Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Cant turn off proxy server settings [Closed]


  • This topic is locked This topic is locked

#1
ghartmann

ghartmann

    New Member

  • Member
  • Pip
  • 2 posts

I have a problem where my internet connection is being cut off by a proxy server that I cannot disable. When I uncheck the box, it resets the settings back immediately after. I can only think that this is because of some program I accidentally installed. I've run malwarebytes but that hasn't fixed the problem.

 

Here's my OTL log:

 

OTL logfile created on: 9/12/2014 4:32:42 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Gabriele\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.89 Gb Total Physical Memory | 2.74 Gb Available Physical Memory | 70.34% Memory free
5.26 Gb Paging File | 3.96 Gb Available in Paging File | 75.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55.56 Gb Total Space | 37.11 Gb Free Space | 66.80% Space Free | Partition Type: NTFS
Drive E: | 14.91 Gb Total Space | 14.91 Gb Free Space | 99.99% Space Free | Partition Type: FAT32
 
Computer Name: GABI | User Name: Gabriele | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/09/12 16:32:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gabriele\Downloads\OTL.exe
PRC - [2014/09/12 13:20:04 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/04/18 00:07:50 | 004,672,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Gabriele\AppData\Local\Akamai\netsession_win.exe
PRC - [2011/12/14 20:55:40 | 008,453,376 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
PRC - [2011/12/14 20:53:44 | 000,303,360 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/09/12 13:19:57 | 003,716,720 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/12/14 20:55:40 | 008,453,376 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
MOD - [2011/12/14 13:43:04 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvcLib.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/08/14 03:24:04 | 000,324,424 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:64bit: - [2014/08/12 03:56:36 | 002,428,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/03/18 06:13:42 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/03/18 06:13:37 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/03/18 06:13:26 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/18 06:13:25 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/03/18 06:13:20 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/03/18 06:13:18 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/03/18 06:13:18 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/03/18 06:13:15 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/18 06:13:14 | 000,399,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/03/18 06:13:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/03/18 06:13:13 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/03/18 06:13:09 | 001,306,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/18 06:13:09 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 08:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/08/22 08:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 07:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 07:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 07:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 07:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 07:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 06:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 06:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 05:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 05:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 05:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 05:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 05:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 05:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 05:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 05:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 05:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2014/09/12 13:20:04 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/08/14 03:24:08 | 000,276,808 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/03/18 06:13:02 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 23:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 22:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2011/12/14 20:53:44 | 000,303,360 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe -- (WSWNDA3100v2)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/09/12 16:31:04 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/08/14 03:23:50 | 004,786,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/07/28 15:48:49 | 000,038,264 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2014/07/28 15:48:49 | 000,027,000 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2014/05/12 07:26:14 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/03/18 06:13:59 | 000,157,528 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/18 06:13:47 | 000,054,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/03/18 06:13:20 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/18 06:13:19 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/03/18 06:13:15 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/18 06:13:15 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/03/18 06:13:02 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/03/18 06:13:01 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/03/18 06:13:01 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/03/18 06:13:01 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/03/18 06:13:01 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/03/18 06:13:01 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/03/18 06:13:01 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/03/18 06:13:00 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/03/18 06:13:00 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/03/18 06:13:00 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/03/18 06:13:00 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/03/18 05:45:47 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/03/18 05:45:41 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 09:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 09:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 08:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 08:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 08:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 08:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 08:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 08:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 08:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 08:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 08:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 08:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 08:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 08:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 08:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 08:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 08:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 08:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 08:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 08:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 08:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 08:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 08:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 08:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 08:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 08:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 08:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/08/22 08:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 08:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 08:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 08:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/08/22 08:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/08/22 08:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/08/22 07:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 07:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 07:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 07:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 07:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 07:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 07:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 07:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 07:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 07:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 07:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 07:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 07:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 07:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 07:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 07:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 07:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 07:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 07:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 07:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 07:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 07:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 04:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 19:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 20:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 14:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 15:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 10:46:17 | 000,591,360 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2011/04/19 12:52:20 | 001,254,464 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmwlhigh664.sys -- (BCMH43XX)
DRV:64bit: - [2010/02/03 14:20:32 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2007/01/19 21:24:24 | 000,025,312 | R--- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SCMNdisP.sys -- (SCMNdisP)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49167;https=127.0.0.1:49167
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49167;https=127.0.0.1:49167
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0E 64 6C B7 7C CC CF 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Trovi search"
FF - prefs.js..browser.search.selectedEngine: "Trovi search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.1
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 32.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 32.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2014/09/09 18:48:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gabriele\AppData\Roaming\Mozilla\Extensions
[2014/09/09 18:59:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gabriele\AppData\Roaming\Mozilla\Firefox\Profiles\2fsrf22w.default\extensions
[2014/09/12 13:19:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/09/12 13:20:04 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2013/08/22 09:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Gabriele\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Driver Support] C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe (PC Drivers Headquarters)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{122E2B6B-4271-48B2-9869-E661E3219605}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AD739BE0-D5A4-4569-BE59-DB9424B9981B}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/09/12 16:15:44 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/09/12 16:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/09/12 16:15:33 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/09/12 16:15:33 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/09/12 16:15:33 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/09/12 16:15:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/09/12 16:15:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/09/12 16:05:56 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2014/09/12 16:05:56 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Local\PC_Drivers_Headquarters
[2014/09/12 16:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Support
[2014/09/12 16:05:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Support
[2014/09/12 16:04:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Driver Support
[2014/09/12 15:16:26 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\Documents\Custom Office Templates
[2014/09/12 15:10:05 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Local\Microsoft Help
[2014/09/12 13:19:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/09/10 19:03:37 | 000,000,000 | R--D | C] -- C:\Users\Gabriele\OneDrive
[2014/09/10 19:03:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2014/09/10 19:03:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/09/10 18:55:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2014/09/10 18:54:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2014/09/10 18:53:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2014/09/10 18:05:54 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Local\Akamai
[2014/09/10 17:25:47 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Local\Diagnostics
[2014/09/10 09:32:12 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/09/10 08:50:26 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\AppData\Local\EmieUserList
[2014/09/10 08:50:26 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\AppData\Local\EmieSiteList
[2014/09/10 08:39:55 | 000,000,000 | R--D | C] -- C:\Users\Gabriele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/09/10 08:39:55 | 000,000,000 | R--D | C] -- C:\Users\Gabriele\Searches
[2014/09/10 08:39:55 | 000,000,000 | R--D | C] -- C:\Users\Gabriele\Contacts
[2014/09/10 08:39:55 | 000,000,000 | R--D | C] -- C:\Users\Gabriele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/09/10 08:39:55 | 000,000,000 | -H-D | C] -- C:\Users\Gabriele\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/09/10 08:39:54 | 000,000,000 | --SD | C] -- C:\Users\Gabriele\AppData\Roaming\Microsoft
[2014/09/10 08:39:54 | 000,000,000 | R--D | C] -- C:\Users\Gabriele\Videos
[2014/09/10 08:39:54 | 000,000,000 | R--D | C] -- C:\Users\Gabriele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/09/10 08:39:54 | 000,000,000 | R--D | C] -- C:\Users\Gabriele\Saved Games
[2014/09/10 08:39:54 | 000,000,000 | R--D | C] -- C:\Users\Gabriele\Pictures
[2014/09/10 08:39:54 | 000,000,000 | R--D | C] -- C:\Users\Gabriele\Music
[2014/09/10 08:39:54 | 000,000,000 | R--D | C] -- C:\Users\Gabriele\Links
[2014/09/10 08:39:54 | 000,000,000 | R--D | C] -- C:\Users\Gabriele\Favorites
[2014/09/10 08:39:54 | 000,000,000 | R--D | C] -- C:\Users\Gabriele\Downloads
[2014/09/10 08:39:54 | 000,000,000 | R--D | C] -- C:\Users\Gabriele\Documents
[2014/09/10 08:39:54 | 000,000,000 | R--D | C] -- C:\Users\Gabriele\Desktop
[2014/09/10 08:39:54 | 000,000,000 | R--D | C] -- C:\Users\Gabriele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/09/10 08:39:54 | 000,000,000 | R--D | C] -- C:\Users\Gabriele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/09/10 08:39:54 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\AppData\Local\Temporary Internet Files
[2014/09/10 08:39:54 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\Templates
[2014/09/10 08:39:54 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\Start Menu
[2014/09/10 08:39:54 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\SendTo
[2014/09/10 08:39:54 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\Recent
[2014/09/10 08:39:54 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\PrintHood
[2014/09/10 08:39:54 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\NetHood
[2014/09/10 08:39:54 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\Documents\My Videos
[2014/09/10 08:39:54 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\Documents\My Pictures
[2014/09/10 08:39:54 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\Documents\My Music
[2014/09/10 08:39:54 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\My Documents
[2014/09/10 08:39:54 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\Local Settings
[2014/09/10 08:39:54 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\AppData\Local\History
[2014/09/10 08:39:54 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\Cookies
[2014/09/10 08:39:54 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\Application Data
[2014/09/10 08:39:54 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\AppData\Local\Application Data
[2014/09/10 08:39:54 | 000,000,000 | -H-D | C] -- C:\Users\Gabriele\AppData
[2014/09/10 08:39:54 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Local\VirtualStore
[2014/09/10 08:39:54 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Local\Temp
[2014/09/10 08:39:54 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Local\Packages
[2014/09/10 08:39:54 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Local\Microsoft
[2014/09/10 08:39:54 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/09/10 08:39:54 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Roaming\Adobe
[2014/09/10 08:39:51 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/09/10 08:32:45 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/09/10 08:32:35 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/09/09 19:30:54 | 000,000,000 | -HSD | C] -- C:\Users\Gabriele\IntelGraphicsProfiles
[2014/09/09 18:48:52 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Local\ElevatedDiagnostics
[2014/09/09 18:47:34 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Roaming\OpenSoftwareUpdater
[2014/09/09 18:45:15 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Roaming\Mozilla
[2014/09/09 18:45:15 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Local\Mozilla
[2014/09/09 18:45:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/09/09 18:45:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/09/09 18:44:31 | 000,000,000 | ---D | C] -- C:\ProgramData\pastaleads
[2014/09/09 18:44:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2014/09/09 18:44:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2014/09/09 18:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/09/09 18:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/09/09 18:43:27 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Roaming\Systweak
[2014/09/09 18:43:26 | 000,020,312 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2014/09/09 18:43:21 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Local\Programs
[2014/09/09 18:25:44 | 000,025,312 | R--- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\drivers\SCMNdisP.sys
[2014/09/09 18:25:29 | 000,281,104 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysWow64\wpcap.dll
[2014/09/09 18:25:29 | 000,096,784 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysWow64\Packet.dll
[2014/09/09 18:25:29 | 000,047,632 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys
[2014/09/09 18:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNDA3100v2 Genie
[2014/09/09 18:25:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NETGEAR
[2014/09/09 18:25:21 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/09/09 18:25:11 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Roaming\InstallShield
[2014/09/09 18:23:45 | 000,000,000 | ---D | C] -- C:\Users\Gabriele\AppData\Roaming\Macromedia
[2014/09/09 18:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer
[2014/09/09 18:22:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2014/09/09 18:22:31 | 000,082,432 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.DLL
[2014/09/09 18:22:31 | 000,074,752 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.DLL
[2014/09/09 18:22:31 | 000,000,000 | ---D | C] -- C:\Temp
[2014/09/09 18:22:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2014/09/09 18:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2014/09/09 18:22:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2014/09/09 18:22:26 | 000,000,000 | ---D | C] -- C:\Intel
[2014/08/14 03:24:12 | 000,082,432 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\Intel_OpenCL_ICD64.dll
[2014/08/14 03:24:12 | 000,074,752 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\Intel_OpenCL_ICD32.dll
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/09/12 16:31:04 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/09/12 16:30:13 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/09/12 16:30:13 | 000,730,408 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/09/12 16:30:13 | 000,135,520 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/09/12 16:25:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/09/12 16:23:24 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2014/09/12 16:23:23 | 3340,271,616 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/12 16:05:50 | 000,002,317 | ---- | M] () -- C:\Users\Public\Desktop\Driver Support.lnk
[2014/09/12 15:08:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/09/12 15:07:29 | 000,474,192 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/09/10 18:10:26 | 806,676,480 | ---- | M] () -- C:\Users\Gabriele\Documents\OfficeProfessionalPlus_x64_en-us.img
[2014/09/10 17:20:40 | 000,139,488 | ---- | M] () -- C:\Windows\SysWow64\XMLOperations.xml
[2014/09/10 08:49:55 | 000,001,436 | ---- | M] () -- C:\Users\Gabriele\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/09/10 08:33:18 | 000,047,137 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/09/10 08:33:18 | 000,047,137 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014/09/09 19:35:14 | 000,000,144 | ---- | M] () -- C:\Windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2014/09/09 19:35:02 | 000,021,976 | ---- | M] () -- C:\Windows\SysNative\drivers\SPPD.sys
[2014/09/09 19:30:51 | 000,000,510 | ---- | M] () -- C:\Windows\SysNative\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
[2014/09/09 18:45:10 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/09/09 18:34:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/09/09 18:25:39 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bcmwlhigh664_01005.Wdf
[2014/09/09 18:25:22 | 000,000,962 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Genie.lnk
[2014/09/09 18:25:22 | 000,000,944 | ---- | M] () -- C:\Users\Public\Desktop\NETGEAR WNDA3100v2 Genie.lnk
[2014/09/09 18:23:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
[2014/08/14 03:24:34 | 000,212,660 | ---- | M] () -- C:\Windows\SysNative\resTHA.cui
[2014/08/14 03:24:34 | 000,203,812 | ---- | M] () -- C:\Windows\SysNative\resELL.cui
[2014/08/14 03:24:34 | 000,199,652 | ---- | M] () -- C:\Windows\SysNative\resRUS.cui
[2014/08/14 03:24:34 | 000,182,356 | ---- | M] () -- C:\Windows\SysNative\resARA.cui
[2014/08/14 03:24:34 | 000,181,828 | ---- | M] () -- C:\Windows\SysNative\resJPN.cui
[2014/08/14 03:24:34 | 000,181,364 | ---- | M] () -- C:\Windows\SysNative\resHEB.cui
[2014/08/14 03:24:34 | 000,176,116 | ---- | M] () -- C:\Windows\SysNative\resFRA.cui
[2014/08/14 03:24:34 | 000,176,052 | ---- | M] () -- C:\Windows\SysNative\resHUN.cui
[2014/08/14 03:24:34 | 000,174,340 | ---- | M] () -- C:\Windows\SysNative\resKOR.cui
[2014/08/14 03:24:34 | 000,174,004 | ---- | M] () -- C:\Windows\SysNative\resDEU.cui
[2014/08/14 03:24:34 | 000,173,748 | ---- | M] () -- C:\Windows\SysNative\resITA.cui
[2014/08/14 03:24:34 | 000,173,492 | ---- | M] () -- C:\Windows\SysNative\resROM.cui
[2014/08/14 03:24:34 | 000,173,460 | ---- | M] () -- C:\Windows\SysNative\resESN.cui
[2014/08/14 03:24:34 | 000,173,444 | ---- | M] () -- C:\Windows\SysNative\resSKY.cui
[2014/08/14 03:24:34 | 000,173,044 | ---- | M] () -- C:\Windows\SysNative\resPLK.cui
[2014/08/14 03:24:34 | 000,172,676 | ---- | M] () -- C:\Windows\SysNative\resNLD.cui
[2014/08/14 03:24:34 | 000,171,876 | ---- | M] () -- C:\Windows\SysNative\resPTB.cui
[2014/08/14 03:24:34 | 000,171,860 | ---- | M] () -- C:\Windows\SysNative\resTRK.cui
[2014/08/14 03:24:34 | 000,171,796 | ---- | M] () -- C:\Windows\SysNative\resCSY.cui
[2014/08/14 03:24:34 | 000,171,332 | ---- | M] () -- C:\Windows\SysNative\resPTG.cui
[2014/08/14 03:24:34 | 000,171,156 | ---- | M] () -- C:\Windows\SysNative\resFIN.cui
[2014/08/14 03:24:34 | 000,170,548 | ---- | M] () -- C:\Windows\SysNative\resHRV.cui
[2014/08/14 03:24:34 | 000,170,020 | ---- | M] () -- C:\Windows\SysNative\resSLV.cui
[2014/08/14 03:24:34 | 000,170,004 | ---- | M] () -- C:\Windows\SysNative\resSVE.cui
[2014/08/14 03:24:34 | 000,168,788 | ---- | M] () -- C:\Windows\SysNative\resNOR.cui
[2014/08/14 03:24:34 | 000,168,132 | ---- | M] () -- C:\Windows\SysNative\resDAN.cui
[2014/08/14 03:24:34 | 000,166,660 | ---- | M] () -- C:\Windows\SysNative\resENU.cui
[2014/08/14 03:24:34 | 000,164,836 | ---- | M] () -- C:\Windows\SysNative\resCHT.cui
[2014/08/14 03:24:34 | 000,163,652 | ---- | M] () -- C:\Windows\SysNative\resCHS.cui
[2014/08/14 03:24:12 | 000,082,432 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.DLL
[2014/08/14 03:24:12 | 000,082,432 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\Intel_OpenCL_ICD64.dll
[2014/08/14 03:24:12 | 000,074,752 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.DLL
[2014/08/14 03:24:12 | 000,074,752 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\Intel_OpenCL_ICD32.dll
[2014/08/14 03:24:08 | 000,044,025 | ---- | M] () -- C:\Windows\SysNative\iglhxo64.vp
[2014/08/14 03:24:08 | 000,043,816 | ---- | M] () -- C:\Windows\SysNative\iglhxc64_dev.vp
[2014/08/14 03:24:08 | 000,043,298 | ---- | M] () -- C:\Windows\SysNative\iglhxg64_dev.vp
[2014/08/14 03:24:08 | 000,043,256 | ---- | M] () -- C:\Windows\SysNative\iglhxg64.vp
[2014/08/14 03:24:08 | 000,042,079 | ---- | M] () -- C:\Windows\SysNative\iglhxo64_dev.vp
[2014/08/14 03:24:08 | 000,003,920 | ---- | M] () -- C:\Windows\SysNative\iglhxs64.vp
[2014/08/14 03:24:06 | 002,813,952 | ---- | M] () -- C:\Windows\SysNative\iglhxa64.cpa
[2014/08/14 03:24:06 | 000,453,448 | ---- | M] () -- C:\Windows\SysNative\igfxTray.exe
[2014/08/14 03:24:06 | 000,043,494 | ---- | M] () -- C:\Windows\SysNative\iglhxc64.vp
[2014/08/14 03:24:06 | 000,005,120 | ---- | M] ( ) -- C:\Windows\SysNative\igfxLHMLibv2_0.dll
[2014/08/14 03:24:06 | 000,005,120 | ---- | M] ( ) -- C:\Windows\SysNative\igfxLHMLib.dll
[2014/08/14 03:24:06 | 000,001,125 | ---- | M] () -- C:\Windows\SysNative\iglhxa64.vp
[2014/08/14 03:24:04 | 000,254,976 | ---- | M] () -- C:\Windows\SysNative\igfxCPL.cpl
[2014/08/14 03:24:04 | 000,069,632 | ---- | M] () -- C:\Windows\SysNative\igfxCUIServicePS.dll
[2014/08/14 03:24:04 | 000,069,632 | ---- | M] ( ) -- C:\Windows\SysNative\igfxDHLibv2_0.dll
[2014/08/14 03:24:04 | 000,058,880 | ---- | M] ( ) -- C:\Windows\SysNative\igfxDHLib.dll
[2014/08/14 03:24:04 | 000,010,752 | ---- | M] ( ) -- C:\Windows\SysNative\igfxDILib.dll
[2014/08/14 03:24:04 | 000,010,240 | ---- | M] ( ) -- C:\Windows\SysNative\igfxEMLibv2_0.dll
[2014/08/14 03:24:04 | 000,010,240 | ---- | M] ( ) -- C:\Windows\SysNative\igfxEMLib.dll
[2014/08/14 03:24:04 | 000,010,240 | ---- | M] ( ) -- C:\Windows\SysNative\igfxDILibv2_0.dll
[2014/08/14 03:23:42 | 000,225,792 | ---- | M] () -- C:\Windows\SysNative\igdde64.dll
[2014/08/14 03:23:42 | 000,186,368 | ---- | M] () -- C:\Windows\SysWow64\igdde32.dll
[2014/08/14 03:23:40 | 013,199,432 | ---- | M] () -- C:\Windows\SysNative\igd11dxva64.dll
[2014/08/14 03:23:38 | 012,728,192 | ---- | M] () -- C:\Windows\SysWow64\igd11dxva32.dll
[2014/08/14 03:23:28 | 000,094,208 | ---- | M] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2014/08/14 03:23:28 | 000,000,889 | ---- | M] () -- C:\Windows\SysNative\Gfxv4_0.exe.config
[2014/08/14 03:23:26 | 000,000,895 | ---- | M] () -- C:\Windows\SysNative\Gfxv2_0.exe.config
[2014/08/14 03:23:26 | 000,000,895 | ---- | M] () -- C:\Windows\SysNative\DPTopologyAppv2_0.exe.config
[2014/08/14 03:23:26 | 000,000,889 | ---- | M] () -- C:\Windows\SysNative\DPTopologyApp.exe.config
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/09/12 16:05:50 | 000,002,317 | ---- | C] () -- C:\Users\Public\Desktop\Driver Support.lnk
[2014/09/12 15:08:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/09/10 18:06:50 | 806,676,480 | ---- | C] () -- C:\Users\Gabriele\Documents\OfficeProfessionalPlus_x64_en-us.img
[2014/09/10 17:20:40 | 000,139,488 | ---- | C] () -- C:\Windows\SysWow64\XMLOperations.xml
[2014/09/10 08:49:55 | 000,001,436 | ---- | C] () -- C:\Users\Gabriele\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/09/10 08:39:54 | 000,001,442 | ---- | C] () -- C:\Users\Gabriele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/09/10 08:39:54 | 000,000,369 | ---- | C] () -- C:\Users\Gabriele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2014/09/10 08:39:54 | 000,000,369 | ---- | C] () -- C:\Users\Gabriele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2014/09/10 08:39:54 | 000,000,352 | ---- | C] () -- C:\Users\Gabriele\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/09/10 08:39:54 | 000,000,334 | ---- | C] () -- C:\Users\Gabriele\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/09/10 08:33:38 | 3340,271,616 | -HS- | C] () -- C:\hiberfil.sys
[2014/09/10 08:32:35 | 016,777,216 | -HS- | C] () -- C:\swapfile.sys
[2014/09/09 19:35:14 | 000,000,144 | ---- | C] () -- C:\Windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2014/09/09 19:35:02 | 000,021,976 | ---- | C] () -- C:\Windows\SysNative\drivers\SPPD.sys
[2014/09/09 19:30:51 | 000,000,510 | ---- | C] () -- C:\Windows\SysNative\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
[2014/09/09 18:45:10 | 000,001,171 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/09/09 18:45:10 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/09/09 18:34:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/09/09 18:25:39 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bcmwlhigh664_01005.Wdf
[2014/09/09 18:25:29 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2014/09/09 18:25:22 | 000,000,962 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Genie.lnk
[2014/09/09 18:25:22 | 000,000,944 | ---- | C] () -- C:\Users\Public\Desktop\NETGEAR WNDA3100v2 Genie.lnk
[2014/09/09 18:23:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
[2014/08/14 03:24:34 | 000,212,660 | ---- | C] () -- C:\Windows\SysNative\resTHA.cui
[2014/08/14 03:24:34 | 000,203,812 | ---- | C] () -- C:\Windows\SysNative\resELL.cui
[2014/08/14 03:24:34 | 000,199,652 | ---- | C] () -- C:\Windows\SysNative\resRUS.cui
[2014/08/14 03:24:34 | 000,182,356 | ---- | C] () -- C:\Windows\SysNative\resARA.cui
[2014/08/14 03:24:34 | 000,181,828 | ---- | C] () -- C:\Windows\SysNative\resJPN.cui
[2014/08/14 03:24:34 | 000,181,364 | ---- | C] () -- C:\Windows\SysNative\resHEB.cui
[2014/08/14 03:24:34 | 000,176,116 | ---- | C] () -- C:\Windows\SysNative\resFRA.cui
[2014/08/14 03:24:34 | 000,176,052 | ---- | C] () -- C:\Windows\SysNative\resHUN.cui
[2014/08/14 03:24:34 | 000,174,340 | ---- | C] () -- C:\Windows\SysNative\resKOR.cui
[2014/08/14 03:24:34 | 000,174,004 | ---- | C] () -- C:\Windows\SysNative\resDEU.cui
[2014/08/14 03:24:34 | 000,173,748 | ---- | C] () -- C:\Windows\SysNative\resITA.cui
[2014/08/14 03:24:34 | 000,173,492 | ---- | C] () -- C:\Windows\SysNative\resROM.cui
[2014/08/14 03:24:34 | 000,173,460 | ---- | C] () -- C:\Windows\SysNative\resESN.cui
[2014/08/14 03:24:34 | 000,173,444 | ---- | C] () -- C:\Windows\SysNative\resSKY.cui
[2014/08/14 03:24:34 | 000,173,044 | ---- | C] () -- C:\Windows\SysNative\resPLK.cui
[2014/08/14 03:24:34 | 000,172,676 | ---- | C] () -- C:\Windows\SysNative\resNLD.cui
[2014/08/14 03:24:34 | 000,171,876 | ---- | C] () -- C:\Windows\SysNative\resPTB.cui
[2014/08/14 03:24:34 | 000,171,860 | ---- | C] () -- C:\Windows\SysNative\resTRK.cui
[2014/08/14 03:24:34 | 000,171,796 | ---- | C] () -- C:\Windows\SysNative\resCSY.cui
[2014/08/14 03:24:34 | 000,171,332 | ---- | C] () -- C:\Windows\SysNative\resPTG.cui
[2014/08/14 03:24:34 | 000,171,156 | ---- | C] () -- C:\Windows\SysNative\resFIN.cui
[2014/08/14 03:24:34 | 000,170,548 | ---- | C] () -- C:\Windows\SysNative\resHRV.cui
[2014/08/14 03:24:34 | 000,170,020 | ---- | C] () -- C:\Windows\SysNative\resSLV.cui
[2014/08/14 03:24:34 | 000,170,004 | ---- | C] () -- C:\Windows\SysNative\resSVE.cui
[2014/08/14 03:24:34 | 000,168,788 | ---- | C] () -- C:\Windows\SysNative\resNOR.cui
[2014/08/14 03:24:34 | 000,168,132 | ---- | C] () -- C:\Windows\SysNative\resDAN.cui
[2014/08/14 03:24:34 | 000,166,660 | ---- | C] () -- C:\Windows\SysNative\resENU.cui
[2014/08/14 03:24:34 | 000,164,836 | ---- | C] () -- C:\Windows\SysNative\resCHT.cui
[2014/08/14 03:24:34 | 000,163,652 | ---- | C] () -- C:\Windows\SysNative\resCHS.cui
[2014/08/14 03:24:08 | 000,044,025 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2014/08/14 03:24:08 | 000,043,816 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp
[2014/08/14 03:24:08 | 000,043,298 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp
[2014/08/14 03:24:08 | 000,043,256 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2014/08/14 03:24:08 | 000,042,079 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp
[2014/08/14 03:24:08 | 000,003,920 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2014/08/14 03:24:06 | 002,813,952 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2014/08/14 03:24:06 | 000,453,448 | ---- | C] () -- C:\Windows\SysNative\igfxTray.exe
[2014/08/14 03:24:06 | 000,043,494 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2014/08/14 03:24:06 | 000,005,120 | ---- | C] ( ) -- C:\Windows\SysNative\igfxLHMLibv2_0.dll
[2014/08/14 03:24:06 | 000,005,120 | ---- | C] ( ) -- C:\Windows\SysNative\igfxLHMLib.dll
[2014/08/14 03:24:06 | 000,001,125 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp
[2014/08/14 03:24:04 | 000,254,976 | ---- | C] () -- C:\Windows\SysNative\igfxCPL.cpl
[2014/08/14 03:24:04 | 000,069,632 | ---- | C] () -- C:\Windows\SysNative\igfxCUIServicePS.dll
[2014/08/14 03:24:04 | 000,069,632 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDHLibv2_0.dll
[2014/08/14 03:24:04 | 000,058,880 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDHLib.dll
[2014/08/14 03:24:04 | 000,010,752 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDILib.dll
[2014/08/14 03:24:04 | 000,010,240 | ---- | C] ( ) -- C:\Windows\SysNative\igfxEMLibv2_0.dll
[2014/08/14 03:24:04 | 000,010,240 | ---- | C] ( ) -- C:\Windows\SysNative\igfxEMLib.dll
[2014/08/14 03:24:04 | 000,010,240 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDILibv2_0.dll
[2014/08/14 03:23:42 | 000,225,792 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2014/08/14 03:23:42 | 000,186,368 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/08/14 03:23:40 | 013,199,432 | ---- | C] () -- C:\Windows\SysNative\igd11dxva64.dll
[2014/08/14 03:23:38 | 012,728,192 | ---- | C] () -- C:\Windows\SysWow64\igd11dxva32.dll
[2014/08/14 03:23:28 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2014/08/14 03:23:28 | 000,000,889 | ---- | C] () -- C:\Windows\SysNative\Gfxv4_0.exe.config
[2014/08/14 03:23:26 | 000,000,895 | ---- | C] () -- C:\Windows\SysNative\Gfxv2_0.exe.config
[2014/08/14 03:23:26 | 000,000,895 | ---- | C] () -- C:\Windows\SysNative\DPTopologyAppv2_0.exe.config
[2014/08/14 03:23:26 | 000,000,889 | ---- | C] () -- C:\Windows\SysNative\DPTopologyApp.exe.config
[2014/03/18 06:13:28 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/03/18 06:13:03 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
[2014/09/09 18:46:35 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/18 06:13:24 | 021,230,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/18 06:13:35 | 018,682,288 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/09/09 18:47:34 | 000,000,000 | ---D | M] -- C:\Users\Gabriele\AppData\Roaming\OpenSoftwareUpdater
[2014/09/12 16:22:59 | 000,000,000 | ---D | M] -- C:\Users\Gabriele\AppData\Roaming\Systweak
 
========== Purity Check ==========
 
 

< End of report >
 


  • 0

Advertisements


#2
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Hi. My name is Brian, and I would be happy to take a look for you.

.

I am currently in training and my posts will need to be reviewed by an expert, so expect a slight delay between posts.
 


- General Instructions -

  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-

 

All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

 

Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.

Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.

IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.

NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

 


- Finally Before We Start-

 

Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

 

OK, let's get started. When you ran OTL there was another file that was created named Extras.txt. It will be in the same directory as OTL (Downloads in your case). Can you post the contents of that log as well?

 

Thanks.


  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP