-
.CITAZIONEVicky vorrei sapere cosa fare di questi due programmi, tenerli nel caso si verifichino in seguito gli stessi problemi?
I 2 programmi puoi cancellarli perchč vengono aggiornati e quindi nel caso servino andranno riscaricati.CITAZIONEIo non lo trovo nel registro di sistema che ho aperto con Ccleaner... Come eliminarlo?
Per questo problema scarica il file che ti ho allegato in questo post,aprilo e copiane interamente il suo contenuto nel box bianco di OTL.Quindi clicca sul pulsante RUN FIX.
Al riavvio del pc non avrai pił il messaggio d'errore.CITAZIONEAltro problema: AVG mi apre un avviso di Minaccia: MalSign.Generic.C28 di aTube_Catcher.exe
E' un falso positivo di AVG,mettilo nella lista delle esclusioni per non avere piu' la segnalazione.File Allegato
. -
.
Salve anche io ho un problema simile.
Ecco qua:SPOILER (clicca per visualizzare)OTL logfile created on: 28/06/2014 14.35.33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\User\Documenti
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
1,99 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 59,25% Memory free
3,84 Gb Paging File | 2,99 Gb Available in Paging File | 77,88% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 465,75 Gb Total Space | 355,83 Gb Free Space | 76,40% Space Free | Partition Type: NTFS
Computer Name: NOME-8F31AA093A | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\User\Documenti\OTL.exe (OldTimer Tools)
PRC - C:\Programmi\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Programmi\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programmi\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programmi\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programmi\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programmi\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programmi\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programmi\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programmi\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Programmi\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\pgcchelper\pgcchelper.exe ()
PRC - C:\Programmi\File comuni\Java\Java Update\jusched.exe (Oracle Corporation)
PRC - C:\Documents and Settings\All Users\Dati applicazioni\Premium\OptimizerPro1\OptimizerPro1.exe ()
PRC - C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Programmi\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll ()
MOD - C:\Programmi\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
MOD - C:\Programmi\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8cd995f00848816e3ec49dc326e3d49b\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll ()
MOD - C:\Programmi\Samsung\Kies\Theme\Kies.Theme.dll ()
MOD - C:\Programmi\Samsung\Kies\Common\Kies.UI.dll ()
MOD - C:\Programmi\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll ()
MOD - C:\Programmi\Samsung\Kies\MVVM\Kies.MVVM.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb722edf9e1e738\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\159b4a6888004de346d499841ec088a7\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dad6af4d4f3b92adf0497c5ec9565236\PresentationFramework.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\89c032d0f8bccf31bb55b775a10c6992\PresentationCore.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\872e96c13f44bfaeff84d126fb847963\WindowsBase.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll ()
MOD - C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libGLESv2.dll ()
MOD - C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libEGL.dll ()
MOD - C:\Programmi\File comuni\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programmi\File comuni\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programmi\Samsung\Kies\External\MediaModules\ASF_cSharpAPI.dll ()
MOD - C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\pgcchelper\pgcchelper.exe ()
MOD - C:\Documents and Settings\All Users\Dati applicazioni\Premium\OptimizerPro1\OptimizerPro1.exe ()
MOD - C:\Programmi\Notepad++\NppShell_05.dll ()
MOD - C:\Programmi\WinRAR\RarExt.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\ESCom.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\ESSkin.esx ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\ESEmail.esx ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\VistaControls.esx ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\KFx.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\keml40.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\AppCore.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\Atlas.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\LocCamBack.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\kpries40.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\LocESEmail.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\LocVistaCDBackup.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\LocVistaControls.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\LocVistaAdapter.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\LocESUpload.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\LocVistaPrintOnLine.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\areaifdll.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\Pcd.esx ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\DibLibIP.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll ()
MOD - C:\Programmi\Kodak\Kodak EasyShare software\bin\locPcd.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
========== Services (SafeList) ==========
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (ACDaemon) -- C:\Programmi\File comuni\ArcSoft\Connection Service\Bin\ACService.exe File not found
SRV - (AntiVirSchedulerService) -- C:\Programmi\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Programmi\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programmi\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (JavaQuickStarterService) -- C:\Programmi\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (Apple Mobile Device) -- C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (SkypeUpdate) -- C:\Programmi\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (TomTomHOMEService) -- C:\Programmi\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\hpzipm12.exe (HP)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (prmvmouse) -- system32\DRIVERS\activmouse.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (MSICDSetup) -- D:\CDriver.sys File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (ssudmdm) -- C:\WINDOWS\system32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (dg_ssudbus) -- C:\WINDOWS\system32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (AFS2K) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (ActivHidSerMini) -- C:\WINDOWS\system32\drivers\activhidsermini.sys (Promethean Technologies Ltd)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={sea...referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerm...g}&sourceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://it.netlog.com
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.virgilio.it/ [binary data]
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.it/
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms...search&AF=13089
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerm...g}&sourceid=ie7
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004\..\SearchScopes\{8A97AD5B-6A58-4431-B9B4-C2B1AF13F5D7}: "URL" = http://it.netlog.com/opensearch/view=search&q={searchTerms}
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?...&ctid=CT2653012
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004\..\SearchScopes\{D4F6191B-D4D8-48DA-BB51-E11927B06418}: "URL" = http://websearch.ask.com/redirect?client=i...E-21EC6D531705&
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://it.netlog.com
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.virgilio.it/ [binary data]
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.it/
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms...search&AF=13089
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerm...g}&sourceid=ie7
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{8A97AD5B-6A58-4431-B9B4-C2B1AF13F5D7}: "URL" = http://it.netlog.com/opensearch/view=search&q={searchTerms}
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?...&ctid=CT2653012
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{D4F6191B-D4D8-48DA-BB51-E11927B06418}: "URL" = http://websearch.ask.com/redirect?client=i...E-21EC6D531705&
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.virgilio.it/"
FF - prefs.js..extensions.enabledAddons: {6226BA26-C017-4007-928C-DE9715C6FA67}:1.0.0
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programmi\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Programmi\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Programmi\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programmi\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Programmi\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Documents and Settings\User\Dati applicazioni\Mozilla\Firefox\Profiles\44zr1p89.default\extensions\[email protected] [2012/11/04 14.58.31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Documents and Settings\User\Dati applicazioni\Mozilla\Firefox\Profiles\44zr1p89.default\extensions\[email protected] [2013/04/01 15.43.54 | 000,000,000 | ---D | M]
[2011/01/07 15.00.47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dati applicazioni\Mozilla\Extensions
[2011/01/07 15.00.47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dati applicazioni\Mozilla\Extensions\[email protected]
[2013/04/01 15.43.54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dati applicazioni\Mozilla\Firefox\Profiles\44zr1p89.default\extensions
[2012/06/13 17.41.57 | 000,000,000 | ---D | M] (Veoh Web Player Community Toolbar) -- C:\Documents and Settings\User\Dati applicazioni\Mozilla\Firefox\Profiles\44zr1p89.default\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e}
[2012/11/04 14.58.31 | 000,000,000 | ---D | M] (SaveAs) -- C:\Documents and Settings\User\Dati applicazioni\Mozilla\Firefox\Profiles\44zr1p89.default\extensions\[email protected]
[2013/04/01 15.43.54 | 000,000,000 | ---D | M] (Browse22save) -- C:\Documents and Settings\User\Dati applicazioni\Mozilla\Firefox\Profiles\44zr1p89.default\extensions\[email protected]
[2012/11/06 18.19.24 | 000,214,034 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Dati applicazioni\Mozilla\Firefox\Profiles\44zr1p89.default\extensions\[email protected]
[2011/11/08 17.44.09 | 000,673,478 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Dati applicazioni\Mozilla\Firefox\Profiles\44zr1p89.default\extensions\[email protected]
[2011/06/11 12.03.24 | 000,061,818 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Dati applicazioni\Mozilla\Firefox\Profiles\44zr1p89.default\extensions\{6226BA26-C017-4007-928C-DE9715C6FA67}.xpi
[2012/06/18 18.31.03 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2011/07/09 10.57.00 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012/02/28 15.17.21 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2011/05/15 17.06.01 | 000,002,048 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\fcmdSrch.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Programmi\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programmi\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programmi\Google\Chrome\Application\35.0.1916.153\pdf.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\fealnpfjifonchkodiffbdkfaipmpkhe\10.11.5.4_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\fealnpfjifonchkodiffbdkfaipmpkhe\10.11.5.4_0\plugins/np-cwmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programmi\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Programmi\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Programmi\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Programmi\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Programmi\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Programmi\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Programmi\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Programmi\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: MicrosoftĀ® DRM (Enabled) = C:\Programmi\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programmi\Windows Media Player\npdsplay.dll
CHR - plugin: MicrosoftĀ® DRM (Enabled) = C:\Programmi\Windows Media Player\npwmsdrm.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Programmi\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U37 (Enabled) = C:\Programmi\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows LiveĀ® Photo Gallery (Enabled) = C:\Programmi\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Programmi\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Java Deployment Toolkit 6.0.370.6 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Programmi\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Drive = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Cherry Blossom = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\bgjmlcdjagebccdinhihcmlgenhaghem\1.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Facebook = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Ricerca Google = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Stardoll = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\dknkaepijclibocpmckgabmkoglbgmlk\1.2_0\
CHR - Extension: Rumore Bianco = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\ejkjpdnomgodmagfmhojepjlajpoicip\1.7_1\
CHR - Extension: Skyrama = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\jlehaidnnmjjkhgbbiombcdifogolhap\1.0.8_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2002/09/10 13.00.00 | 000,000,768 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (smartdownloader Class) - {F1AF26F8-1828-4279-ABCE-074EF3235BD7} - C:\Programmi\PutLockerDownloader\smarterdownloader.dll (TODO: <company name>)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programmi\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1229272821-573735546-682003330-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1229272821-573735546-682003330-1004\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programmi\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programmi\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programmi\File comuni\Apple\Mobile Device Support\AppleSyncNotifier.exe File not found
O4 - HKLM..\Run: [APSDaemon] C:\Programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programmi\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DXDllRegExe] dxdllreg.exe File not found
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programmi\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programmi\File comuni\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKU\S-1-5-21-1229272821-573735546-682003330-1004..\Run: [ares] "C:\Programmi\Ares\Ares.exe" -h File not found
O4 - HKU\S-1-5-21-1229272821-573735546-682003330-1004..\Run: [KiesAirMessage] C:\Programmi\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKU\S-1-5-21-1229272821-573735546-682003330-1004..\Run: [KiesPreload] C:\Programmi\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1229272821-573735546-682003330-1004..\Run: [pgcchelper] C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\pgcchelper\pgcchelper.exe ()
O4 - HKU\S-1-5-21-1229272821-573735546-682003330-1004..\Run: [TomTomHOME.exe] C:\Programmi\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-1229272821-573735546-682003330-1004..\Run: [uTorrent] C:\Documents and Settings\User\Dati applicazioni\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [ares] "C:\Programmi\Ares\Ares.exe" -h File not found
O4 - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [KiesAirMessage] C:\Programmi\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [KiesPreload] C:\Programmi\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [pgcchelper] C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\pgcchelper\pgcchelper.exe ()
O4 - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [TomTomHOME.exe] C:\Programmi\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [uTorrent] C:\Documents and Settings\User\Dati applicazioni\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Kodak EasyShare software.lnk = C:\Programmi\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1229272821-573735546-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1229272821-573735546-682003330-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programmi\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programmi\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programmi\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Programmi\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGam...S.cab109791.cab ()
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGam...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 91.80.36.136 91.80.37.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4328C3B0-C392-4A69-A23E-BFF8978830F1}: DhcpNameServer = 91.80.36.136 91.80.37.100
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - c:\Programmi\Bandoo\BndHook.dll (Discordia Limited)
O20 - AppInit_DLLs: (c:\progra~1\mocaflix\sprote~1.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~1\browse~1\sprote~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/12 17.33.57 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 60 Days ==========
[2014/06/28 14.25.42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Documenti\OTL.exe
[2014/06/28 13.47.01 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/06/28 13.46.13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Malwarebytes Anti-Malware
[2014/06/28 13.46.10 | 000,053,208 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/06/28 13.46.10 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014/06/28 13.46.10 | 000,000,000 | ---D | C] -- C:\Programmi\Malwarebytes Anti-Malware
[2014/06/28 13.46.10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
[2014/06/28 13.43.15 | 017,292,760 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\User\Documenti\mbam-setup-2.0.2.1012.exe
[2014/06/24 09.53.40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dati applicazioni\VOPackage
[2014/06/24 09.53.24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\pgcchelper
[2014/06/05 11.24.45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Desktop\PARISE GIOVANNINO TASI
[2014/06/01 20.49.13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\iTunes
[2014/06/01 20.48.31 | 000,000,000 | ---D | C] -- C:\Programmi\iPod
[2014/06/01 20.48.27 | 000,000,000 | ---D | C] -- C:\Programmi\iTunes
[2014/06/01 20.48.27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2014/05/27 09.40.54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\OpenOffice 4.1.0
[2014/05/19 21.13.36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\QuickTime
[2014/05/19 21.13.20 | 000,000,000 | ---D | C] -- C:\Programmi\QuickTime
[2014/04/29 18.21.16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Desktop\Foto Sammy Laurea
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 60 Days ==========
[2014/06/28 14.35.01 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/06/28 14.25.43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Documenti\OTL.exe
[2014/06/28 14.17.57 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/28 14.13.15 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/06/28 14.01.00 | 000,000,332 | ---- | M] () -- C:\WINDOWS\tasks\HP Photo Creations Messager.job
[2014/06/28 14.00.04 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2014/06/28 13.46.13 | 000,000,749 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/28 13.44.08 | 017,292,760 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\User\Documenti\mbam-setup-2.0.2.1012.exe
[2014/06/28 13.32.35 | 000,001,122 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/28 13.32.35 | 000,000,566 | -H-- | M] () -- C:\WINDOWS\tasks\OptimizerPro1UpdaterTask{7E93EBF8-35E8-4DD7-92AF-1BCBA26D6CC7}.job
[2014/06/28 13.32.35 | 000,000,220 | ---- | M] () -- C:\WINDOWS\tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Accesso.job
[2014/06/28 13.32.18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/06/27 18.45.00 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2014/06/25 20.40.00 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2014/06/25 10.10.00 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2014/06/24 18.19.30 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2014/06/24 08.54.42 | 000,002,300 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/06/21 15.08.00 | 000,000,434 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2014/06/09 18.58.14 | 000,000,830 | ---- | M] () -- C:\Documents and Settings\User\Desktop\µTorrent.lnk
[2014/06/08 16.03.11 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/06/08 15.13.37 | 000,000,214 | ---- | M] () -- C:\WINDOWS\tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Mensile.job
[2014/06/04 21.53.38 | 000,136,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2014/06/04 21.53.35 | 000,093,528 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2014/06/01 20.49.13 | 000,001,522 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2014/06/01 20.14.59 | 000,191,839 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0060.jpg
[2014/06/01 13.43.51 | 000,626,176 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0059.jpg
[2014/06/01 13.43.04 | 000,636,870 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0058.jpg
[2014/06/01 13.42.03 | 000,618,128 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0057.jpg
[2014/06/01 13.39.37 | 000,623,881 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0056.jpg
[2014/06/01 13.38.40 | 000,623,385 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0055.jpg
[2014/06/01 13.37.51 | 000,637,176 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0054.jpg
[2014/06/01 13.37.05 | 000,633,166 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0053.jpg
[2014/06/01 13.36.08 | 000,603,166 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0052.jpg
[2014/06/01 13.35.22 | 000,657,370 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0051.jpg
[2014/06/01 13.34.29 | 000,643,454 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0050.jpg
[2014/06/01 13.33.53 | 000,618,404 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0049.jpg
[2014/06/01 13.33.05 | 000,641,595 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0048.jpg
[2014/06/01 13.32.26 | 000,647,627 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0047.jpg
[2014/06/01 13.31.31 | 000,643,586 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0046.jpg
[2014/06/01 13.30.38 | 000,414,536 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0045.jpg
[2014/06/01 13.29.54 | 000,522,945 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0044.jpg
[2014/06/01 13.28.57 | 000,526,962 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0043.jpg
[2014/06/01 13.27.44 | 000,533,749 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0042.jpg
[2014/06/01 13.26.56 | 000,594,647 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0041.jpg
[2014/06/01 13.25.51 | 000,623,831 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0040.jpg
[2014/06/01 13.24.58 | 000,589,135 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0039.jpg
[2014/06/01 13.24.19 | 000,587,378 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0038.jpg
[2014/06/01 13.23.17 | 000,548,920 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0037.jpg
[2014/06/01 13.22.35 | 000,585,475 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0036.jpg
[2014/06/01 13.21.27 | 000,553,460 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0035.jpg
[2014/06/01 13.20.44 | 000,545,755 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0034.jpg
[2014/06/01 13.18.23 | 000,573,431 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0033.jpg
[2014/06/01 13.17.42 | 000,560,264 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0032.jpg
[2014/06/01 13.16.42 | 000,558,949 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0031.jpg
[2014/06/01 13.15.59 | 000,551,694 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0030.jpg
[2014/06/01 13.14.56 | 000,612,900 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0029.jpg
[2014/06/01 13.13.38 | 000,504,866 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0028.jpg
[2014/06/01 13.06.59 | 000,543,920 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0027.jpg
[2014/06/01 13.05.02 | 000,554,707 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0026.jpg
[2014/06/01 13.02.50 | 000,512,660 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0025.jpg
[2014/06/01 13.01.25 | 000,552,925 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0024.jpg
[2014/06/01 13.00.45 | 000,532,078 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0023.jpg
[2014/06/01 12.59.47 | 000,619,075 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0022.jpg
[2014/06/01 12.58.46 | 000,583,101 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0021.jpg
[2014/06/01 12.51.09 | 000,573,917 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0020.jpg
[2014/06/01 12.50.36 | 000,592,921 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0019.jpg
[2014/06/01 12.48.25 | 000,535,196 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0018.jpg
[2014/06/01 12.47.38 | 000,546,519 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0017.jpg
[2014/06/01 12.46.48 | 000,573,863 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0016.jpg
[2014/06/01 12.46.03 | 000,597,070 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0015.jpg
[2014/05/27 12.32.07 | 003,453,128 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/05/27 10.12.19 | 000,469,190 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0014.jpg
[2014/05/27 10.11.38 | 000,473,698 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0013.jpg
[2014/05/27 10.11.04 | 000,494,906 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0012.jpg
[2014/05/27 10.10.14 | 000,490,659 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0011.jpg
[2014/05/27 10.09.37 | 000,277,155 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0010.jpg
[2014/05/27 09.40.55 | 000,000,877 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice 4.1.0.lnk
[2014/05/22 10.20.33 | 000,489,846 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2014/05/22 10.20.33 | 000,441,696 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/05/22 10.20.33 | 000,084,592 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2014/05/22 10.20.33 | 000,071,632 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/05/19 21.13.36 | 000,001,584 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2014/05/14 20.14.05 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/05/14 20.14.04 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/05/12 20.14.54 | 000,622,966 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0009.jpg
[2014/05/12 20.14.01 | 000,732,565 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0008.jpg
[2014/05/12 07.26.02 | 000,053,208 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/05/12 07.25.54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014/05/11 17.30.02 | 000,747,575 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0007.jpg
[2014/05/11 17.28.32 | 000,470,777 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0006.jpg
[2014/05/09 14.34.20 | 000,669,639 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0005.jpg
[2014/05/07 18.47.26 | 000,373,075 | ---- | M] () -- C:\Documents and Settings\User\Documenti\Scan0004.jpg
[2014/05/03 10.03.55 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014/04/30 10.13.00 | 006,022,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/06/28 13.46.13 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/09 18.58.14 | 000,000,830 | ---- | C] () -- C:\Documents and Settings\User\Desktop\µTorrent.lnk
[2014/06/01 20.49.13 | 000,001,522 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2014/06/01 20.14.59 | 000,191,839 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0060.jpg
[2014/06/01 13.43.51 | 000,626,176 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0059.jpg
[2014/06/01 13.43.04 | 000,636,870 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0058.jpg
[2014/06/01 13.42.03 | 000,618,128 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0057.jpg
[2014/06/01 13.39.37 | 000,623,881 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0056.jpg
[2014/06/01 13.38.40 | 000,623,385 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0055.jpg
[2014/06/01 13.37.50 | 000,637,176 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0054.jpg
[2014/06/01 13.37.05 | 000,633,166 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0053.jpg
[2014/06/01 13.36.08 | 000,603,166 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0052.jpg
[2014/06/01 13.35.22 | 000,657,370 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0051.jpg
[2014/06/01 13.34.29 | 000,643,454 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0050.jpg
[2014/06/01 13.33.53 | 000,618,404 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0049.jpg
[2014/06/01 13.33.04 | 000,641,595 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0048.jpg
[2014/06/01 13.32.26 | 000,647,627 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0047.jpg
[2014/06/01 13.31.31 | 000,643,586 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0046.jpg
[2014/06/01 13.30.38 | 000,414,536 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0045.jpg
[2014/06/01 13.29.53 | 000,522,945 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0044.jpg
[2014/06/01 13.28.57 | 000,526,962 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0043.jpg
[2014/06/01 13.27.44 | 000,533,749 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0042.jpg
[2014/06/01 13.26.55 | 000,594,647 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0041.jpg
[2014/06/01 13.25.51 | 000,623,831 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0040.jpg
[2014/06/01 13.24.58 | 000,589,135 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0039.jpg
[2014/06/01 13.24.19 | 000,587,378 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0038.jpg
[2014/06/01 13.23.17 | 000,548,920 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0037.jpg
[2014/06/01 13.22.35 | 000,585,475 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0036.jpg
[2014/06/01 13.21.27 | 000,553,460 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0035.jpg
[2014/06/01 13.20.44 | 000,545,755 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0034.jpg
[2014/06/01 13.18.22 | 000,573,431 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0033.jpg
[2014/06/01 13.17.42 | 000,560,264 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0032.jpg
[2014/06/01 13.16.42 | 000,558,949 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0031.jpg
[2014/06/01 13.15.59 | 000,551,694 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0030.jpg
[2014/06/01 13.14.56 | 000,612,900 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0029.jpg
[2014/06/01 13.13.38 | 000,504,866 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0028.jpg
[2014/06/01 13.06.59 | 000,543,920 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0027.jpg
[2014/06/01 13.05.02 | 000,554,707 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0026.jpg
[2014/06/01 13.02.50 | 000,512,660 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0025.jpg
[2014/06/01 13.01.24 | 000,552,925 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0024.jpg
[2014/06/01 13.00.45 | 000,532,078 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0023.jpg
[2014/06/01 12.59.46 | 000,619,075 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0022.jpg
[2014/06/01 12.58.46 | 000,583,101 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0021.jpg
[2014/06/01 12.51.09 | 000,573,917 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0020.jpg
[2014/06/01 12.50.36 | 000,592,921 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0019.jpg
[2014/06/01 12.48.25 | 000,535,196 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0018.jpg
[2014/06/01 12.47.38 | 000,546,519 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0017.jpg
[2014/06/01 12.46.48 | 000,573,863 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0016.jpg
[2014/06/01 12.46.03 | 000,597,070 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0015.jpg
[2014/05/27 10.12.19 | 000,469,190 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0014.jpg
[2014/05/27 10.11.38 | 000,473,698 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0013.jpg
[2014/05/27 10.11.04 | 000,494,906 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0012.jpg
[2014/05/27 10.10.14 | 000,490,659 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0011.jpg
[2014/05/27 10.09.37 | 000,277,155 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0010.jpg
[2014/05/27 09.40.55 | 000,000,877 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice 4.1.0.lnk
[2014/05/19 21.13.36 | 000,001,584 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2014/05/12 20.14.54 | 000,622,966 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0009.jpg
[2014/05/12 20.14.01 | 000,732,565 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0008.jpg
[2014/05/11 17.30.02 | 000,747,575 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0007.jpg
[2014/05/11 17.28.32 | 000,470,777 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0006.jpg
[2014/05/09 14.34.20 | 000,669,639 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0005.jpg
[2014/05/07 18.47.25 | 000,373,075 | ---- | C] () -- C:\Documents and Settings\User\Documenti\Scan0004.jpg
[2013/12/25 20.07.44 | 000,988,088 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
[2013/10/30 13.07.00 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2013/10/30 13.06.54 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2013/10/30 13.06.54 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2013/10/30 13.06.54 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2013/10/30 13.06.54 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2013/10/06 22.08.42 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\recently-used.xbel
[2012/07/08 18.44.53 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\Ament.ini
[2012/07/08 18.43.28 | 001,929,576 | R--- | C] () -- C:\WINDOWS\System32\HPScanTRDrv_DJ3050A_J611.dll
[2012/07/03 21.24.23 | 000,558,133 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2012/04/18 20.05.01 | 000,000,059 | ---- | C] () -- C:\Documents and Settings\User\.simplerc1
[2011/02/18 16.42.08 | 000,000,862 | ---- | C] () -- C:\Documents and Settings\User\.lmmsrc.xml
[2010/12/14 16.24.10 | 000,002,043 | ---- | C] () -- C:\Documents and Settings\User\.powerupdate.user.properties
[2010/10/14 19.13.37 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\fusioncache.dat
[2010/10/12 17.38.09 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2010/10/14 19.04.40 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19.13.52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12.51.43 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19.13.58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014/06/01 20.49.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/06/10 13.26.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Activ Software
[2011/11/06 16.57.17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Ask
[2010/12/26 17.06.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Bandoo
[2013/04/01 15.45.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Browse22save
[2013/04/01 15.46.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\InstallMate
[2012/11/04 14.58.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Premium
[2012/04/18 19.11.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Promethean
[2011/07/07 16.42.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\regid.1986-12.com.adobe
[2013/12/25 19.39.55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Samsung
[2012/11/04 14.59.40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\SaveAs
[2013/04/01 15.46.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\SoftSafe
[2013/04/01 15.45.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Systweak
[2011/07/13 15.48.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TEMP
[2011/01/07 15.01.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TomTom
[2011/02/20 16.16.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\YoGen
[2010/10/13 17.12.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/09/08 15.37.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Anvil Studio
[2014/02/04 22.15.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Audacity
[2011/04/05 18.53.40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Azureus
[2010/12/26 17.02.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Bandoo
[2013/10/21 19.20.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\CmapTools
[2011/07/07 14.58.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/11/02 14.01.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Downloaded Installations
[2011/05/15 17.07.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\facemoods.com
[2011/03/01 16.45.11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\fltk.org
[2013/01/16 20.53.47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\LocalLow
[2011/01/22 11.36.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\MusE
[2012/03/31 10.59.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\NJStar
[2013/10/06 20.36.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Notepad++
[2012/06/13 17.41.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\OpenCandy
[2014/02/12 17.33.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\OpenOffice
[2010/10/12 18.50.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\OpenOffice.org
[2012/06/17 16.09.21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\PriceGong
[2012/06/10 13.25.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Promethean
[2010/10/13 16.43.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Raptr
[2014/02/25 20.11.20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Samsung
[2012/06/21 16.08.07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\SendSpace
[2010/10/14 20.26.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Skinux
[2011/07/07 16.46.50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/04/01 15.45.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Systweak
[2011/01/07 15.00.45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\TomTom
[2012/06/17 15.56.11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\TuneUpMedia
[2011/03/01 16.51.21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\TuxPaint
[2011/03/18 13.06.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Unity
[2014/06/28 13.34.21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\uTorrent
[2014/06/24 09.53.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\VOPackage
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2013/11/20 19.28.25 | 105,361,780 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\᱾哜6
[2013/11/20 19.28.25 | 105,361,780 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\᱾哜6
[2013/11/01 18.49.19 | 104,569,497 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\딘됌哜6
[2013/11/01 18.49.19 | 104,569,497 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\딘됌哜6
[2013/10/24 17.32.53 | 102,787,172 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\圤驪哜6
[2013/10/24 17.32.53 | 102,787,172 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\圤驪哜6
========== Alternate Data Streams ==========
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:9AB338B9
< End of report >. -
.
ciao Bubby_japan
Scarica il file in allegato sul desktop.Riapri OTL e copia interamente il suo contenuto nel box bianco di OTL.Clicca quindi su RUN FIX.
Riavvia il pc e controlla se le pagine pubblicitarie escono ancora.(nel caso dovessero ancora uscire allegami il log scaturito dal fix di OTL).
Poi concluderemo in caso il problema sia stato risolto la discussione.File Allegato
. -
.ciao Bubby_japan
Scarica il file in allegato sul desktop.Riapri OTL e copia interamente il suo contenuto nel box bianco di OTL.Clicca quindi su RUN FIX.
Riavvia il pc e controlla se le pagine pubblicitarie escono ancora.(nel caso dovessero ancora uscire allegami il log scaturito dal fix di OTL).
Poi concluderemo in caso il problema sia stato risolto la discussione.
Per ora non escono, grazie mille del tuo aiuto!
. -
.
Puoi cancellare il programma e la cartella OTL in C.ciao. -
clacla1950.
User deleted
Viky grazie sei un Grande! Ho risolto tutti i problemi mi manca solo Avg.. e l'eliminazione della pagina del broswer Ebay e "3" unite insieme. che prima aveva cessato di aprirsi, all'apertura del browser Firefox. Per farlo rifaccio il procedimento da te indicato?
Sarai anche un esperto ma credimi di Forum aiuto pc ne ho visitati in passato ma cosģ tempestivi e capaci davvero non molti. Mi sono gią complimentata sulla pagina di Fb Aiuto-Pc, e lo farņ ancora, inoltre voterņ ..
. -
.
CITAZIONEmi manca solo Avg.
Se non ho capito male ti esce qualcosa all'avvio di firefox riguardo ad avg?
Vai in strumenti-componenti aggiuntivi e clicca prima su estensioni,poi su componenti aggiuntivi.Dovrebbe esserci qualcosa che riguarda avg-disattivalo.Poi controlla dopo aver riavviato firefox.CITAZIONEl'eliminazione della pagina del broswer Ebay e "3" unite insieme
Ti colleghi con una chiavetta della 3.Alcune chiavette della 3 hanno nel firmware settato l'apertura della loro pagina al primo avvio che non puo' essere eliminato se č questo a cui ti riferisci e se non ho capito male.
Comunque verifica se anche con internet explorer si apre la stessa pagina.
Poi con ccleaner disattiva tramite le opzioni (strumenti-avvio) il software della chiavetta che comunque continuerą a funzionare ma dovrai avviarlo manualmente quando ti connetterai.. -
clacla1950.
User deleted
No per Avg la creazione della eccezione per aTube Catcher intendevo.
Si mi collego con la 3 e scusa, ma la pagina č della 3 soltanto. Ho provato con Internet Explorer e lą tutto bene, appare solo quella di Google.
Il fatto č che per un pņ in Firefox la pagina 3 non mi si apriva pił ed ora č ritornata. Attendo istruzioni se ce ne sono.. Graziee come sempre
Ora proverņ con CCleaner come tu dici..
Allora Viky io non vedo il software della 3, tra l'altro ogni volta che mi connetto devo prima cliccare sull'icona, fare auto-palay esecuzione setup.exe e dopo l'inizizlizzazione faccio connetti. Questo č connettermi manualmente mi pare! Si potrebbe evitare ogni volta di fare tutte queste operazioni per collegarsi?
Ho gią disattivato alcuni programmi che mi rallentano comunque ti allego il report di ccleaner cosģ mi dici quali altri posso disattivare. Ti do un gran da fare..grazie sempre di cuore.SPOILER (clicca per visualizzare)Si HKCU:Run ISUSPM Startup c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
Si HKCU:Run MyWirelessCard
Si HKCU:Run Google Update "C:\Users\CLAUDIA\AppData\Local\Google\Update\GoogleUpdate.exe" /c
Si HKCU:Run PC Suite Tray "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
Si HKLM:Run Windows Defender %ProgramFiles%\Windows Defender\MSASCui.exe -hide
Si HKLM:Run RtHDVCpl RtHDVCpl.exe
Si HKLM:Run Google Desktop Search "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
Si HKLM:Run ISUSScheduler "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
Si HKLM:Run Monitor C:\Windows\PixArt\PAC207\Monitor.exe
Si HKLM:Run Adobe ARM "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Si HKLM:Run TkBellExe "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
No HKLM:Run Skytel Skytel.exe
No HKLM:Run toolbar_eula_launcher C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
Si HKLM:Run QuickTime Task "C:\Program Files\QuickTime\QTTask.exe" -atboottime
No HKLM:Run NeroFilterCheck C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
No HKLM:Run NBKeyScan "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
Si HKLM:Run AVG_UI "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
Si HKLM:RunOnce AvgUninstallURL cmd.exe /c start http://www.avg.com/it.special-uninstallati...t;ver=10.0.1432. -
.
Per l'eccezione di avg dai un'occhiata qui
Per la pagina della 3 vuoi dire che la home page č quella della 3?Se in internet explorer non succede allora č un altra questione.
Vai nelle opzioni di firefox e setta come pagina iniziale www.google.it e vedi se come home ti dą la pagina di google.. -
clacla1950.
User deleted
Viky avevo gią creato eccezione per Avg, comunque ora non mi da pił problemi.
Nelle opzioni di Firefox come pag. iniziale c'č google come avevo messo fin dall'inizio comunque ho cliccato nuovamente su ok. La prossima volta vedrņ, in ogni caso se tornerą pazienza non č un problema grave.
Grazie. -
shardana11.
User deleted
Ciao ragazzi sono in difficoltą,ho eseguito i primi due step senza risolvere il problema,non riesco ad allegare i due file prodotti ,otl e estras ma li metto in Spoiler.Se mi potete aiutare vi ringrazio molto.Saluti. SPOILER (clicca per visualizzare)OTL Extras logfile created on: 09/09/2014 07:46:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\utente\Desktop
Starter Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
1013,42 Mb Total Physical Memory | 100,81 Mb Available Physical Memory | 9,95% Memory free
1,99 Gb Paging File | 0,76 Gb Available in Paging File | 38,06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 142,70 Gb Total Space | 55,28 Gb Free Space | 38,74% Space Free | Partition Type: NTFS
Computer Name: UTENTE-PC | User Name: utente | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-3792467525-130248280-1084041663-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Value error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D631B41-F26A-4E52-A0F4-DA47B110DD95}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2611DD40-BDED-436F-9D28-2B9727E98F53}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2AAA70B9-D12F-43C5-9E8E-9179A6FFAB45}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{32BEBC3B-0080-4C82-8BBD-73034610EBE0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5448A38D-A23F-4AD9-849F-EABD3F91DCEA}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{62DB5267-9302-4D10-B813-EA25EC9B7226}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{84F5F41F-DBA6-4847-9E2A-A88C9ED4C2FA}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{92E300F5-1309-465C-A3C8-2675CF04E167}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ABEFC2FC-FECE-4A4C-BEB7-8AB24E265A7B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01DDEB75-7935-4456-9E8C-8999DF8A3152}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{83839D02-4CE6-46CD-B63C-9A43745350C3}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{92012565-DD28-4FA7-8ED2-37254AB1B026}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{A0DF7184-A535-40A7-8CDD-01F17D182F08}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{B8CC3722-F83E-4A69-B793-D1DE52CF0EF9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F0FFAFC5-3BE3-4A3E-A90F-D8C97BF6B64F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{164714B6-46BC-4649-9A30-A6ED32F03B5A}" = Hotkey 3.0026
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{431A5BB6-E5E2-444E-8AF3-70E6BF16DEF6}" = SMP Webcam
"{457EACB3-A764-4C5A-90F3-9BB504723367}" = LibreOffice 3.5
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BB1DCED-84D3-47F9-B718-5947E904593E}" = BisonCam
"{4ceda886-a089-4f97-a408-27ae660d7760}" = Business Contact Manager per Outlook 2007 SP2
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4D2D9016-70A9-4D91-9AA7-686ACAF056D9}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{55D2E060-9CCB-47B7-BBC2-FE71A1604B65}" = Microsoft SQL Server Native Client
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{6379FD0A-8964-4A50-80A6-B20B65117905}" = File di supporto dell'installazione di Microsoft SQL Server (Italiano)
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{657E27C5-F4C2-48BE-A5B5-FBED9827A91B}" = Microsoft Antimalware Service IT-IT Language Pack
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{6F6873E3-5C92-4049-B511-231A138DD090}" = Kaspersky Internet Security
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype 6.18
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{90A40410-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 - Componenti Web
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{947B0EE7-B96C-46CE-ADDE-FB51F3BAB901}" = LibreOffice 3.5 Help Pack (Italian)
"{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}" = JMicron Ethernet Adapter NDIS Driver
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Componenti di connettivitą di Microsoft Office Small Business
"{AAE521B6-2F19-447F-8CB6-6D1E3A19F3ED}" = WebCam Installer
"{AC76BA86-7AD7-1040-7B44-A93000000001}" = Adobe Reader 9.3 - Italiano
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{D867B4B4-D6D7-40BC-AE63-742C9EC03023}" = Microsoft SQL Server VSS Writer
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"Business Contact Manager" = Business Contact Manager per Outlook 2007 SP2
"CCleaner" = CCleaner
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{164714B6-46BC-4649-9A30-A6ED32F03B5A}" = Hotkey 3.0026
"InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}" = Kaspersky Internet Security
"Life Network 1024_is1" = Life Network 1024
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 31.0 (x86 it)" = Mozilla Firefox 31.0 (x86 it)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PDF Creator" = PDF Creator
"PokerStars.it" = PokerStars.it
"TeamViewer 8" = TeamViewer 8
"Zune" = Zune
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17/07/2014 17:08:39 | Computer Name = utente-PC | Source = MsiInstaller | ID = 1024
Description =
Error - 17/07/2014 16:24:55 | Computer Name = utente-PC | Source = VSS | ID = 8194
Description =
Error - 17/07/2014 16:42:39 | Computer Name = utente-PC | Source = MsiInstaller | ID = 10005
Description =
Error - 17/07/2014 16:42:39 | Computer Name = utente-PC | Source = MsiInstaller | ID = 1024
Description =
Error - 17/07/2014 17:00:23 | Computer Name = utente-PC | Source = VSS | ID = 8194
Description =
Error - 17/07/2014 17:12:19 | Computer Name = utente-PC | Source = VSS | ID = 8194
Description =
Error - 17/07/2014 17:39:25 | Computer Name = utente-PC | Source = VSS | ID = 8194
Description =
Error - 19/07/2014 01:45:03 | Computer Name = utente-PC | Source = MsiInstaller | ID = 10005
Description =
Error - 19/07/2014 01:45:03 | Computer Name = utente-PC | Source = MsiInstaller | ID = 1024
Description =
Error - 19/07/2014 02:49:03 | Computer Name = utente-PC | Source = MsiInstaller | ID = 1043
Description =
[ System Events ]
Error - 06/09/2014 17:33:55 | Computer Name = utente-PC | Source = DCOM | ID = 10010
Description =
Error - 07/09/2014 01:53:43 | Computer Name = utente-PC | Source = Service Control Manager | ID = 7026
Description = All'avvio non č stato possibile caricare i seguenti driver: cdrom
Error - 07/09/2014 10:29:23 | Computer Name = utente-PC | Source = Service Control Manager | ID = 7026
Description = All'avvio non č stato possibile caricare i seguenti driver: cdrom
Error - 07/09/2014 13:35:07 | Computer Name = utente-PC | Source = Service Control Manager | ID = 7023
Description = Servizio Pubblicazione risorse per individuazione terminato con l'errore:
%%-2147014847
Error - 07/09/2014 13:35:13 | Computer Name = utente-PC | Source = Service Control Manager | ID = 7026
Description = All'avvio non č stato possibile caricare i seguenti driver: cdrom
Error - 07/09/2014 15:05:28 | Computer Name = utente-PC | Source = DCOM | ID = 10010
Description =
Error - 08/09/2014 14:26:27 | Computer Name = utente-PC | Source = Service Control Manager | ID = 7026
Description = All'avvio non č stato possibile caricare i seguenti driver: cdrom
Error - 08/09/2014 15:03:02 | Computer Name = utente-PC | Source = Service Control Manager | ID = 7026
Description = All'avvio non č stato possibile caricare i seguenti driver: cdrom
Error - 08/09/2014 15:56:07 | Computer Name = utente-PC | Source = Service Control Manager | ID = 7026
Description = All'avvio non č stato possibile caricare i seguenti driver: cdrom
Error - 09/09/2014 01:31:37 | Computer Name = utente-PC | Source = Service Control Manager | ID = 7026
Description = All'avvio non č stato possibile caricare i seguenti driver: cdrom
< End of report >SPOILER (clicca per visualizzare)OTL logfile created on: 09/09/2014 07:46:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\utente\Desktop
Starter Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
1013,42 Mb Total Physical Memory | 100,81 Mb Available Physical Memory | 9,95% Memory free
1,99 Gb Paging File | 0,76 Gb Available in Paging File | 38,06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 142,70 Gb Total Space | 55,28 Gb Free Space | 38,74% Space Free | Partition Type: NTFS
Computer Name: UTENTE-PC | User Name: utente | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/09/09 07:42:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\utente\Desktop\OTL.exe
PRC - [2014/08/30 22:21:09 | 000,874,144 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 14.0.0\plugin-nm-server.exe
PRC - [2014/08/30 22:20:53 | 001,004,864 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
PRC - [2014/08/30 04:49:43 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Programmi\Google\Chrome\Application\chrome.exe
PRC - [2014/07/17 23:14:36 | 000,428,032 | ---- | M] (MS) -- C:\Programmi\lsm\LSM.exe
PRC - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2013/10/15 09:53:38 | 000,214,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
PRC - [2013/03/06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Programmi\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/01/05 13:02:24 | 000,287,744 | ---- | M] (MS) -- C:\Programmi\lsm\aus.exe
PRC - [2013/01/04 04:59:29 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/08/05 12:29:56 | 000,159,456 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Zune\ZuneLauncher.exe
PRC - [2011/03/28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011/03/28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/12/10 18:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) -- c:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2010/12/10 18:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) -- c:\Programmi\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2009/10/28 18:25:24 | 002,410,496 | ---- | M] () -- C:\Programmi\Hotkey\Hotkey.exe
PRC - [2009/10/06 17:31:38 | 000,031,744 | ---- | M] () -- C:\Programmi\Hotkey\PowerBiosServer.exe
PRC - [2009/10/05 15:06:26 | 000,077,824 | ---- | M] (mychat) -- C:\Programmi\BisonCam\BisonHK.exe
PRC - [2009/08/11 18:01:04 | 000,061,440 | ---- | M] () -- C:\Programmi\Simplo Video Camera\DetectDev.exe
PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Windows Sidebar\sidebar.exe
PRC - [2009/07/14 03:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
PRC - [2009/02/23 17:58:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
========== Modules (No Company Name) ==========
MOD - [2014/08/30 04:49:41 | 000,331,592 | ---- | M] () -- C:\Programmi\Google\Chrome\Application\37.0.2062.103\ppgooglenaclpluginchrome.dll
MOD - [2014/08/30 04:49:40 | 014,669,128 | ---- | M] () -- C:\Programmi\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll
MOD - [2014/08/30 04:49:38 | 008,577,864 | ---- | M] () -- C:\Programmi\Google\Chrome\Application\37.0.2062.103\pdf.dll
MOD - [2014/08/30 04:49:30 | 001,660,232 | ---- | M] () -- C:\Programmi\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
MOD - [2014/02/10 13:44:24 | 004,592,128 | ---- | M] () -- C:\Users\utente\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
MOD - [2014/02/10 13:44:24 | 000,112,128 | ---- | M] () -- C:\Users\utente\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
MOD - [2013/06/17 12:35:10 | 000,478,400 | ---- | M] () -- C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
MOD - [2013/04/15 19:19:53 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\ba39e27ea796912fce296963622dfbae\WindowsFormsIntegration.ni.dll
MOD - [2013/04/15 19:18:31 | 018,080,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\a0445401f2473a1aa4b66c9c0791c7f6\System.ServiceModel.ni.dll
MOD - [2013/04/11 15:29:41 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll
MOD - [2013/03/24 22:10:54 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\bfceac53dda4bf7ba2f5020573f80163\System.ServiceProcess.ni.dll
MOD - [2013/03/24 22:09:07 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll
MOD - [2013/02/15 16:53:47 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\ee4683cbfd60ee35d95e2e6d32fc3981\System.Management.ni.dll
MOD - [2013/01/11 15:06:13 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll
MOD - [2013/01/11 15:05:38 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\612bad9f3a4f378c9c09cbb7460e3a93\Accessibility.ni.dll
MOD - [2013/01/11 15:03:02 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll
MOD - [2013/01/11 15:02:24 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll
MOD - [2013/01/09 21:46:43 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\14f511c47523f19ca591eb207e9e2084\PresentationFramework.ni.dll
MOD - [2013/01/09 21:45:58 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013/01/09 21:45:41 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll
MOD - [2013/01/09 21:45:39 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e10fd15441d278c04a03302880a3e231\PresentationCore.ni.dll
MOD - [2013/01/09 21:45:18 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll
MOD - [2013/01/09 21:44:53 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\7a9ff5ce3a909d075179a2ac70d8f388\WindowsBase.ni.dll
MOD - [2013/01/09 21:44:44 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll
MOD - [2013/01/09 21:44:40 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013/01/09 21:44:14 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2009/10/28 18:25:24 | 002,410,496 | ---- | M] () -- C:\Programmi\Hotkey\Hotkey.exe
MOD - [2009/06/06 14:50:32 | 000,019,968 | ---- | M] () -- C:\Programmi\Hotkey\Audiodll.dll
MOD - [2009/02/18 21:57:54 | 000,028,672 | ---- | M] () -- C:\Programmi\BisonCam\KBHookDLL.dll
MOD - [2006/12/11 02:10:26 | 000,049,152 | ---- | M] () -- C:\Programmi\Hotkey\AudioControlDLL.dll
========== Services (SafeList) ==========
SRV - [2014/07/17 23:14:36 | 000,428,032 | ---- | M] (MS) [Auto | Running] -- C:\Programmi\lsm\LSM.exe -- (LSM)
SRV - [2014/07/17 23:14:36 | 000,428,032 | ---- | M] (MS) [Auto | Running] -- C:\Programmi\lsm\LSM.exe -- (Log S.M.)
SRV - [2014/07/17 07:42:17 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/04/03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programmi\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/10/15 09:53:38 | 000,214,512 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe -- (AVP)
SRV - [2013/03/06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programmi\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/01/05 13:02:24 | 000,287,744 | ---- | M] (MS) [Auto | Running] -- C:\Programmi\lsm\aus.exe -- (AUS)
SRV - [2011/08/05 12:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011/08/05 12:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011/08/05 12:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2011/03/28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/12/10 18:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2010/12/10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programmi\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ)
SRV - [2010/12/10 18:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programmi\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2010/12/10 18:29:30 | 000,044,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programmi\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2009/10/06 17:31:38 | 000,031,744 | ---- | M] () [Auto | Running] -- C:\Programmi\Hotkey\PowerBiosServer.exe -- (PowerBiosServer)
SRV - [2009/08/11 18:01:04 | 000,061,440 | ---- | M] () [Auto | Running] -- C:\Programmi\Simplo Video Camera\DetectDev.exe -- (PCAM Serivce)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programmi\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009/02/23 17:58:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programmi\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - [2014/08/30 22:48:45 | 000,576,608 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2014/08/30 22:48:45 | 000,144,992 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kneps.sys -- (kneps)
DRV - [2014/08/30 22:48:45 | 000,025,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klkbdflt.sys -- (klkbdflt)
DRV - [2014/08/30 22:48:44 | 000,135,776 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2014/08/30 22:48:44 | 000,094,304 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\klflt.sys -- (klflt)
DRV - [2013/10/15 09:53:34 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2013/10/15 09:53:32 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2013/05/14 17:34:44 | 000,045,024 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kltdi.sys -- (kltdi)
DRV - [2013/04/12 15:34:48 | 000,014,432 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klpd.sys -- (klpd)
DRV - [2012/08/22 10:29:37 | 000,044,032 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fspad_wlh32.sys -- (fspad_wlh32)
DRV - [2010/09/01 14:33:12 | 000,079,360 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vodafone_K3805-z_cdc_ecm.sys -- (vodafone_K3805-z_cdc_ecm)
DRV - [2010/09/01 14:33:12 | 000,067,584 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vodafone_K3805-z_cdc_acm.sys -- (vodafone_K3805-z_cdc_acm)
DRV - [2010/09/01 14:33:12 | 000,061,952 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)
DRV - [2010/09/01 14:33:12 | 000,009,728 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vodafone_K3805-z_cpo.sys -- (vodafone_K3805-z_cpo)
DRV - [2010/04/01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2009/11/09 15:47:18 | 000,126,064 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2009/10/15 18:34:46 | 000,091,248 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\JME.sys -- (JME)
DRV - [2009/09/08 10:55:44 | 001,180,272 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BisonC07.sys -- (Cam5607)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3792467525-130248280-1084041663-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.telecomitalia.it
IE - HKU\S-1-5-21-3792467525-130248280-1084041663-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3792467525-130248280-1084041663-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3792467525-130248280-1084041663-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3792467525-130248280-1084041663-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-3792467525-130248280-1084041663-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/08/30 22:49:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/08/30 22:49:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/08/30 22:49:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/08/30 22:49:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/08/30 22:49:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2014/08/09 14:16:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\utente\AppData\Roaming\mozilla\Extensions
[2012/09/14 17:24:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2014/08/09 14:16:11 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\browser\extensions
[2014/08/09 14:16:12 | 000,000,000 | ---D | M] (Default) -- C:\Programmi\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Kaspersky Protection = C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa\3.1.0.122_0\
CHR - Extension: Controllo URL Kaspersky = C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\14.0.0.4651_0\
CHR - Extension: Skype Click to Call = C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\
CHR - Extension: Google Wallet = C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Anti-Banner = C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\14.0.0.4651_0\
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [BisonHK] C:\Programmi\BisonCam\BisonHK.exe (mychat)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Aggiungi ad Anti-Banner - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm ()
O9 - Extra Button: Tastiera Virtuale - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars.it - {C4046502-6524-4d87-896C-878F57D1FF07} - C:\Programmi\PokerStars.IT\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Controllo URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programmi\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{069B56F0-7A31-440A-A2F8-1C3051E4C334}: NameServer = 83.224.66.138 83.224.70.94
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{096B9113-5EB2-4F9D-BA42-D64DCEFAC599}: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D064476E-2BD7-4CFC-A19B-C7F14C4DB4B6}: DhcpNameServer = 83.224.70.62 83.224.70.78
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D064476E-2BD7-4CFC-A19B-C7F14C4DB4B6}: NameServer = 83.224.70.62 83.224.70.78
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmi\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3792467525-130248280-1084041663-1003 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6c20b9b8-ee39-11e1-829c-0002721bed07}\Shell - "" = AutoRun
O33 - MountPoints2\{6c20b9b8-ee39-11e1-829c-0002721bed07}\Shell\AutoRun\command - "" = D:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{906487c4-0c7e-11e2-85ab-0090f5a0268d}\Shell - "" = AutoRun
O33 - MountPoints2\{906487c4-0c7e-11e2-85ab-0090f5a0268d}\Shell\AutoRun\command - "" = D:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{911c8a4e-22d1-11e2-a86b-97b6a551180e}\Shell - "" = AutoRun
O33 - MountPoints2\{911c8a4e-22d1-11e2-a86b-97b6a551180e}\Shell\AutoRun\command - "" = D:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{c1b0ee44-c2d6-11e2-9b70-0002721bed07}\Shell - "" = AutoRun
O33 - MountPoints2\{c1b0ee44-c2d6-11e2-9b70-0002721bed07}\Shell\AutoRun\command - "" = D:\autorun.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk /k:C *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/09/09 07:42:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\utente\Desktop\OTL.exe
[2014/09/08 20:58:24 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014/09/08 20:50:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/08/30 22:10:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
[2014/08/30 22:08:34 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2014/08/30 22:08:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2014/08/30 22:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2014/08/30 22:07:56 | 000,576,608 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klif.sys
[2014/08/30 22:07:56 | 000,094,304 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klflt.sys
[2014/08/15 21:03:47 | 000,000,000 | ---D | C] -- C:\Users\utente\Documents\posizione icone desktop
========== Files - Modified Within 30 Days ==========
[2014/09/09 07:42:27 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/09/09 07:42:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\utente\Desktop\OTL.exe
[2014/09/09 07:38:50 | 000,010,864 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/09 07:38:50 | 000,010,864 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/09 07:31:25 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/09/09 07:31:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/09/09 07:31:02 | 796,987,392 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/05 20:46:40 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/08/30 22:48:45 | 000,576,608 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klif.sys
[2014/08/30 22:48:45 | 000,144,992 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\kneps.sys
[2014/08/30 22:48:45 | 000,025,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klkbdflt.sys
[2014/08/30 22:48:44 | 000,135,776 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\kl1.sys
[2014/08/30 22:48:44 | 000,094,304 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klflt.sys
[2014/08/30 22:11:44 | 000,002,278 | ---- | M] () -- C:\Users\utente\Desktop\Safe Money.lnk
[2014/08/30 22:10:04 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
[2014/08/26 19:54:12 | 000,000,000 | -H-- | M] () -- C:\Users\utente\Documents\Default.rdp
========== Files Created - No Company Name ==========
[2014/08/30 22:11:44 | 000,002,278 | ---- | C] () -- C:\Users\utente\Desktop\Safe Money.lnk
[2014/08/30 22:10:38 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
[2014/08/26 19:54:12 | 000,000,000 | -H-- | C] () -- C:\Users\utente\Documents\Default.rdp
[2014/07/19 12:04:23 | 000,000,229 | ---- | C] () -- C:\Windows\OEM.ini
[2013/04/16 14:49:30 | 000,000,004 | ---- | C] () -- C:\Users\utente\AppData\Roaming\skype.ini
[2012/09/14 17:23:59 | 000,086,016 | ---- | C] () -- C:\Windows\System32\custmon32i.dll
========== ZeroAccess Check ==========
[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012/08/21 11:15:11 | 000,000,000 | ---D | M] -- C:\Users\utente\AppData\Roaming\LibreOffice
[2012/10/02 12:57:28 | 000,000,000 | ---D | M] -- C:\Users\utente\AppData\Roaming\Vodafone
< End of report >. -
.
ciao shardana11
Scarica il file in allegato sul desktop e copia interamente il suo contenuto nel box bianco di OTL.Clicca quindi su run fix.
Allega il log generato e controlla se il problema č risolto.File Allegato
. -
shardana11.
User deleted
Ciao Vicki 67.Oppure Genio,se Preferisci,ho eseguito il 3 passaggio ,come da te consigliato,ho navigato per quasi un ora,e al contrario di prima,sembra che sia tutto a posto.Quindi la tua genialitą ha colpito ancora,ritieniti debitore di un cafč.mi dirai probabilmente che non mi sono rovinato,ma tante!Ringrazio e alla prossima. . -
.
. -
Antoonino.
User deleted
Salve ragazzi.
Vicky, pensi di poter fare lo stesso con Lasaoren.com ?? A prima vista sembra facile l'eliminazione, ma non riesco a disinstallarlo. Mi dice che non ho sufficienti diritti per rimuovere ... contattare l'amministratore. Ma io sono l'amministratore.
Qui c'č una quida. E alla fine č solo uno browser hijacker o č ache piu di questo?
Grazie in anticipo..
(RISOLTO) Rimozione pagine pubblicitarie (GUIDA e SUPPORTO) |
