Divina

chiudo scusate mbam-log-2013-05-16 (14-05-01).txt hijackthis.log

ok con quest' ultimo file allegato credo di aver fatto tutto quello che mi hai chiesto, aspetto notizie grazie mille. MBR.rar

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2013-04-11 00:27:51 ----------------------------- 00:27:51.739 OS Version: Windows x64 6.1.7601 Service Pack 1 00:27:51.739 Number of processors: 4 586 0x2502 00:27:51.739 ComputerName: FRABA-PC UserName: Franca 00:27:53.596 Initialize success 00:28:25.288 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 00:28:25.288 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3 00:28:25.382 Disk 0 MBR read successfully 00:28:25.397 Disk 0 MBR scan 00:28:25.397 Disk 0 unknown MBR code 00:28:25.413 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048 00:28:25.413 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459624 MB offset 409600 00:28:25.444 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17012 MB offset 941719552 00:28:25.460 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128 00:28:25.507 Disk 0 scanning C:\Windows\system32\drivers 00:28:34.477 Service scanning 00:28:50.545 Modules scanning 00:28:50.560 Disk 0 trace - called modules: 00:28:50.576 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys 00:28:50.592 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800586d060] 00:28:50.592 3 CLASSPNP.SYS[fffff880010bb43f] -> nt!IofCallDriver -> [0xfffffa8005704b10] 00:28:50.607 5 hpdskflt.sys[fffff88001dea189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a37050] 00:28:50.623 Scan finished successfully 00:29:00.232 Disk 0 MBR has been saved successfully to "C:\Users\Franca\Desktop\MBR.dat" 00:29:00.232 The log file has been saved successfully to "C:\Users\Franca\Desktop\aswMBR.txt" aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2013-04-11 00:27:51 ----------------------------- 00:27:51.739 OS Version: Windows x64 6.1.7601 Service Pack 1 00:27:51.739 Number of processors: 4 586 0x2502 00:27:51.739 ComputerName: FRABA-PC UserName: Franca 00:27:53.596 Initialize success 00:28:25.288 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 00:28:25.288 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3 00:28:25.382 Disk 0 MBR read successfully 00:28:25.397 Disk 0 MBR scan 00:28:25.397 Disk 0 unknown MBR code 00:28:25.413 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048 00:28:25.413 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459624 MB offset 409600 00:28:25.444 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17012 MB offset 941719552 00:28:25.460 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128 00:28:25.507 Disk 0 scanning C:\Windows\system32\drivers 00:28:34.477 Service scanning 00:28:50.545 Modules scanning 00:28:50.560 Disk 0 trace - called modules: 00:28:50.576 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys 00:28:50.592 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800586d060] 00:28:50.592 3 CLASSPNP.SYS[fffff880010bb43f] -> nt!IofCallDriver -> [0xfffffa8005704b10] 00:28:50.607 5 hpdskflt.sys[fffff88001dea189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a37050] 00:28:50.623 Scan finished successfully 00:29:00.232 Disk 0 MBR has been saved successfully to "C:\Users\Franca\Desktop\MBR.dat" 00:29:00.232 The log file has been saved successfully to "C:\Users\Franca\Desktop\aswMBR.txt" aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2013-04-11 00:27:51 ----------------------------- 00:27:51.739 OS Version: Windows x64 6.1.7601 Service Pack 1 00:27:51.739 Number of processors: 4 586 0x2502 00:27:51.739 ComputerName: FRABA-PC UserName: Franca 00:27:53.596 Initialize success 00:28:25.288 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 00:28:25.288 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3 00:28:25.382 Disk 0 MBR read successfully 00:28:25.397 Disk 0 MBR scan 00:28:25.397 Disk 0 unknown MBR code 00:28:25.413 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048 00:28:25.413 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459624 MB offset 409600 00:28:25.444 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17012 MB offset 941719552 00:28:25.460 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128 00:28:25.507 Disk 0 scanning C:\Windows\system32\drivers 00:28:34.477 Service scanning 00:28:50.545 Modules scanning 00:28:50.560 Disk 0 trace - called modules: 00:28:50.576 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys 00:28:50.592 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800586d060] 00:28:50.592 3 CLASSPNP.SYS[fffff880010bb43f] -> nt!IofCallDriver -> [0xfffffa8005704b10] 00:28:50.607 5 hpdskflt.sys[fffff88001dea189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a37050] 00:28:50.623 Scan finished successfully 00:29:00.232 Disk 0 MBR has been saved successfully to "C:\Users\Franca\Desktop\MBR.dat" 00:29:00.232 The log file has been saved successfully to "C:\Users\Franca\Desktop\aswMBR.txt" aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2013-04-11 00:27:51 ----------------------------- 00:27:51.739 OS Version: Windows x64 6.1.7601 Service Pack 1 00:27:51.739 Number of processors: 4 586 0x2502 00:27:51.739 ComputerName: FRABA-PC UserName: Franca 00:27:53.596 Initialize success 00:28:25.288 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 00:28:25.288 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3 00:28:25.382 Disk 0 MBR read successfully 00:28:25.397 Disk 0 MBR scan 00:28:25.397 Disk 0 unknown MBR code 00:28:25.413 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048 00:28:25.413 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459624 MB offset 409600 00:28:25.444 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17012 MB offset 941719552 00:28:25.460 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128 00:28:25.507 Disk 0 scanning C:\Windows\system32\drivers 00:28:34.477 Service scanning 00:28:50.545 Modules scanning 00:28:50.560 Disk 0 trace - called modules: 00:28:50.576 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys 00:28:50.592 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800586d060] 00:28:50.592 3 CLASSPNP.SYS[fffff880010bb43f] -> nt!IofCallDriver -> [0xfffffa8005704b10] 00:28:50.607 5 hpdskflt.sys[fffff88001dea189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a37050] 00:28:50.623 Scan finished successfully 00:29:00.232 Disk 0 MBR has been saved successfully to "C:\Users\Franca\Desktop\MBR.dat" 00:29:00.232 The log file has been saved successfully to "C:\Users\Franca\Desktop\aswMBR.txt"

OTL Extras logfile created on: 10/04/2013 23:43:16 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Franca\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy 3,93 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 50,41% Memory free 7,86 Gb Paging File | 5,20 Gb Available in Paging File | 66,21% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 448,85 Gb Total Space | 352,66 Gb Free Space | 78,57% Space Free | Partition Type: NTFS Drive D: | 16,61 Gb Total Space | 2,71 Gb Free Space | 16,30% Space Free | Partition Type: NTFS Drive E: | 99,02 Mb Total Space | 95,10 Mb Free Space | 96,04% Space Free | Partition Type: FAT32 Computer Name: FRABA-PC | User Name: Franca | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0692267A-F246-4B5F-8395-6931034C5CD1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{0C273546-88B8-4529-A15B-8365EC69FA3D}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{0E1384D9-C932-401C-88E2-C9B023AF3834}" = lport=139 | protocol=6 | dir=in | app=system | "{0F69C157-4078-44A4-9E25-8E603384139B}" = lport=445 | protocol=6 | dir=in | app=system | "{199E6948-F205-45A7-B9CB-11C09A9D5285}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{37336A5B-FC83-4999-BA23-114F27369D23}" = rport=137 | protocol=17 | dir=out | app=system | "{375E808F-70A3-45B5-958A-CFB541CA903F}" = rport=138 | protocol=17 | dir=out | app=system | "{38FF5F99-EB90-415E-8597-8F9AF6726075}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{575A002D-9D1E-45D5-B827-B594C358BC9C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{5B9888AE-2F37-4678-B14A-317A9F92438E}" = lport=137 | protocol=17 | dir=in | app=system | "{613CF8AB-9E99-4A42-8AEE-166E4AC0632D}" = lport=49279 | protocol=6 | dir=in | name=akamai netsession interface | "{88678C8C-4D34-4168-A60A-789AECB0E08C}" = rport=139 | protocol=6 | dir=out | app=system | "{9A5C5436-0879-4CC1-9251-EE7B2EE6CED0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{A465DEC8-47E0-4AD9-8CB8-FC77D2AF7BC4}" = lport=138 | protocol=17 | dir=in | app=system | "{B389F7A5-616C-4A56-9D65-C89A7A9311DF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{C3E6A372-C75F-4A4D-A881-2B1A85D09F45}" = lport=2869 | protocol=6 | dir=in | app=system | "{C4836E19-7F17-46F5-B5E8-ED03CB7B4385}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CD683381-F278-4EDD-AB6F-F5C0FB6D5A99}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{CFFB2297-7AD7-43F2-8BA4-523D5B707B2B}" = rport=445 | protocol=6 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04465AEE-FD54-45D2-8567-24C1F1ACD5E2}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{092E4DBD-C7ED-4DF7-ACD4-3193C8048983}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{0B998B5A-0F84-41BD-BA36-42BE7D897896}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | "{142FBEF9-8562-426A-BBD7-95F1566A69BA}" = protocol=6 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe | "{1603F81F-3535-4C2E-83B0-BDC0729375F6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{2097940C-DEC4-4F74-8824-F32EC11B8E01}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{23EB6552-4009-42FB-9065-FAA08993BDED}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{3137D671-67FD-48FF-A5EA-4D0C46A8ADE3}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartphoto.exe | "{32DFD361-CE48-480E-980B-BDAEE4D6A159}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{355488C6-7078-458F-9A48-83236D10C07D}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{3806C9CC-B91A-40A8-844B-7ED9907FD8B0}" = protocol=17 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe | "{3C70DDDB-E35B-408E-9529-B30FBB40CBC2}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{3F07BD61-501B-4E73-A5DE-BD46D96050F4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | "{43019AAE-1888-4737-8767-445E5D5EBC6E}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version5 eamviewer.exe | "{43AC8B4F-F125-46E5-B6B7-4039660833CE}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{46C61275-F31D-4CF8-8E1A-DD401043FAEB}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{4B600AA2-D3C3-4426-8B01-1A7D682FDBD5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4D6BA36D-554F-4172-81A9-3DE8D1B5B33C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{5B4A2EE9-5E23-4482-8CB6-C21972B4A594}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5C8F6643-911E-45F8-80AD-5683439F7709}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | "{63A28933-BF80-4E31-9A24-4EE976F1FDB5}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | "{786024B3-67C9-49F5-8A7C-82B858990718}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{7E7BC48C-4ECB-4622-A73E-351869BAEE90}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{82E58F3C-AAAC-4CF6-8DBA-63B6A4F3B14E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{85C6E4DC-3DD7-4860-9A81-72D22443D3E9}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{88C61555-F7ED-4444-A09E-547F68916E0E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{8982ACA3-6D28-4856-ACA1-D934BD3AB357}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{8B7A72C4-B3B4-44ED-B22D-B68E0CEBB7B7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{8E312EB8-1BA2-45A2-ABEC-ACEF7FC7B66E}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "{90D9A99F-947F-4F83-B707-2BC01847C0FD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{93307741-EDDA-46CC-A121-EE638E9B1A29}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version5 eamviewer.exe | "{A24FEC84-3AAF-4BFE-8868-86A73769D4D5}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | "{A47A24B6-7AC8-4F7D-9631-B25E53AC3642}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{A8D44F34-FF04-417B-8E22-45CA6BD5E246}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartmusic.exe | "{AADEEEC2-6A2F-4408-A480-684FD869E00B}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{B10690A8-B574-4E02-AB01-EC7ADEFBB644}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{B569D587-2D90-4C43-AB6F-1D37CB530D13}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media smagent.exe | "{BB32D6F8-F38D-4752-8099-38CB6CE910AE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{BDC1C8DA-E2B6-4BD1-8A25-8C558CFB39CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C600BCFB-4EB2-4BF8-8499-4A62A719222B}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{C97F9A23-93DC-4496-B5B6-356BB5635BB3}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartvideo.exe | "{C9A03DA9-AE8B-40BC-9368-58F6A2952E3A}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "{CEDAC8AA-0E14-4A9B-896C-683FAF09E35D}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer_service.exe | "{D19F2EA5-1F2A-4729-983F-300A82347B42}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{DF8782C6-67F3-4084-A62B-FFFF1B43C458}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{E0AF229C-C041-4B6B-AFDC-E8672660F24B}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\kernel\clml\clmlsvc.exe | "{E506CD03-B9CA-4E0D-B27A-F32473AE6C0B}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{E628A6D0-F07B-4D39-9537-476C835893E6}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer.exe | "{E976DCF6-AE30-4DEC-9775-06905094656D}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer_service.exe | "{EF81C018-DE06-4DB3-BD91-3F8CB6333DD8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F422C145-67FF-420E-B9D6-963A1514FF61}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | "{F8D71038-31C5-470C-B5B6-C962820B7F20}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer.exe | "TCP Query User{7441EEC2-6EDD-48C5-92E1-A1E05E9EDA67}C:\program files (x86)\ea games\ultima online mondain's legacy\client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\ultima online mondain's legacy\client.exe | "TCP Query User{D6F385E4-8788-473B-811A-BE5A63270609}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "TCP Query User{E8D18DD5-06D6-4397-A17B-405D3540D476}C:\users\franca\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe | "TCP Query User{F9E34D85-6133-4DD6-A271-EF3D0778834B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "UDP Query User{419AC317-9323-4273-948C-B04157D5E7EC}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "UDP Query User{C5145141-E235-4F57-B5C1-0D328AEEAEF8}C:\users\franca\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe | "UDP Query User{E9ED0506-E373-435A-AC1F-8575E4DD73BC}C:\program files (x86)\ea games\ultima online mondain's legacy\client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\ultima online mondain's legacy\client.exe | "UDP Query User{F383AC72-139A-4072-95F2-FAB8F9CCC87C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01651F94-6956-4F93-8AFE-0A30DB230BDB}" = HP 3D DriveGuard "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{25B473DB-CC8D-384A-ACE7-7CFB119B7E03}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack "{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java 6 Update 22 (64-bit) "{27B3E5AA-5B75-414A-AC37-F5ADDFA68BDB}" = Windows Live Family Safety "{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.573 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java SE Development Kit 6 Update 15 (64-bit) "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Pannello di controllo NVIDIA 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver grafico 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aggiornamenti NVIDIA 1.12.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Driver audio HD 1.3.23.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter "CCleaner" = CCleaner "FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) "SynTPDeinstKey" = Synaptics Pointing Device Driver "WNLT" = IB Updater Service [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0B500125-92A7-40BF-ACF0-45A9221ADE21}_is1" = PowerOffer 2.0 "{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver "{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34A08914-7A33-4040-A959-1577BF5AFF8A}" = Microsoft Works "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7 "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4DAF72C7-78D4-4823-BA66-FE8FE3D5BD0A}" = Installazione Guidata Alice ADSL "{4E432692-A736-4F77-AF77-F9078CF88D31}" = HP Wireless Assistant "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3 "{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2 "{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite "{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger "{70C24EB5-5C57-4E24-B29D-AB425CE1866F}" = Aeria Ignite "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7 "{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update "{7C4196CA-CA41-4F34-9C08-7724E7705D52}" = Jasc Animation Shop 3 "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007 "{90120000-0015-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007 "{90120000-0016-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007 "{90120000-0018-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007 "{90120000-0019-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007 "{90120000-001A-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007 "{90120000-001B-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0410-1000-0000000FF1CE}_ENTERPRISE_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2007 "{90120000-0044-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007 "{90120000-006E-0410-0000-0000000FF1CE}_ENTERPRISE_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007 "{90120000-00A1-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2007 "{90120000-00BA-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Italiano "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154 "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C89F2092-B9E4-46FD-83BB-C6F2D7838CED}" = Windows Live Sync "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}" = Ultima Online: Mondain's Legacy "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX "{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = VideoStudio "{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5 "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Aeria Ignite" = Aeria Ignite "Aeria Ignite 1.11.2111" = Aeria Ignite "Akamai" = Akamai NetSession Interface Service "aTube Catcher" = aTube Catcher "Avira AntiVir Desktop" = Avira Free Antivirus "Cheat Engine 6.2_is1" = Cheat Engine 6.2 "EasyBits Magic Desktop" = Magic Desktop "ENTERPRISE" = Microsoft Office Enterprise 2007 "GinyasBrowserCompanion" = GinyasBrowserCompanion "HyperMediaCenter 3.5_is1" = HyperMediaCenter 3.5 "HyperMediaCenter_is1" = HyperMediaCenter Software "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = Corel VideoStudio 12 "InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.70.0.1100 "Mozilla Firefox 19.0.2 (x86 it)" = Mozilla Firefox 19.0.2 (x86 it) "MozillaMaintenanceService" = Mozilla Maintenance Service "PhotoScape" = PhotoScape "Revo Uninstaller" = Revo Uninstaller 1.94 "Shaiya-IT" = Shaiya-IT "Sqirlz Water Reflections" = Sqirlz Water Reflections "TeamViewer 5" = TeamViewer 5 "TeamViewer 6" = TeamViewer 6 "uTorrent" = µTorrent "uTorrentBar_IT Toolbar" = uTorrentBar_IT Toolbar "WildTangent hp Master Uninstall" = HP Games "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "Windows Media Encoder 9" = Windows Media Encoder 9 Series "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.20 (32-bit) ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Akamai" = Akamai NetSession Interface "NGM Phonesuite" = NGM Phonesuite ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 08/04/2013 05:07:22 | Computer Name = Fraba-PC | Source = VmbService | ID = 0 Description = conflictManagerTypeValue Error - 09/04/2013 04:31:02 | Computer Name = Fraba-PC | Source = VmbService | ID = 0 Description = conflictManagerTypeValue Error - 09/04/2013 04:31:08 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0 Description = Impossibile avviare il servizio. Handle non valido Error - 09/04/2013 05:20:10 | Computer Name = Fraba-PC | Source = SideBySide | ID = 16842815 Description = Generazione del contesto di attivazione non riuscita per "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Errore nel file manifesto o dei criteri "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll", riga 3. Il valore "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" dell'attributo "version" nell'elemento "assemblyIdentity" non è valido. Error - 09/04/2013 15:50:03 | Computer Name = Fraba-PC | Source = Application Error | ID = 1000 Description = Nome dell'applicazione che ha generato l'errore: tbhcn.exe, versione: 1.0.0.5, timestamp: 0x50f25761 Nome del modulo che ha generato l'errore: tbhcn.exe, versione: 1.0.0.5, timestamp: 0x50f25761 Codice eccezione: 0x40000015 Offset errore 0x0007a2fd ID processo che ha generato l'errore: 0x1e64 Ora di avvio dell'applicazione che ha generato l'errore: 0x01ce355b6bafcae7 Percorso dell'applicazione che ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe Percorso del modulo che ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe ID segnalazione: aafcae09-a14e-11e2-9a6e-8ab075bf2cba Error - 10/04/2013 05:58:13 | Computer Name = Fraba-PC | Source = VmbService | ID = 0 Description = conflictManagerTypeValue Error - 10/04/2013 05:58:16 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0 Description = Impossibile avviare il servizio. Handle non valido Error - 10/04/2013 05:58:17 | Computer Name = Fraba-PC | Source = Application Error | ID = 1000 Description = Nome dell'applicazione che ha generato l'errore: tbhcn.exe, versione: 1.0.0.5, timestamp: 0x50f25761 Nome del modulo che ha generato l'errore: tbhcn.exe, versione: 1.0.0.5, timestamp: 0x50f25761 Codice eccezione: 0x40000015 Offset errore 0x0007a2fd ID processo che ha generato l'errore: 0x7d8 Ora di avvio dell'applicazione che ha generato l'errore: 0x01ce35d1e31b0b03 Percorso dell'applicazione che ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe Percorso del modulo che ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe ID segnalazione: 2a0f3334-a1c5-11e2-aa62-d0ef4098ecb1 Error - 10/04/2013 14:22:19 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0 Description = Impossibile avviare il servizio. Handle non valido Error - 10/04/2013 14:22:24 | Computer Name = Fraba-PC | Source = VmbService | ID = 0 Description = conflictManagerTypeValue [ Hewlett-Packard Events ] Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean) Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean) Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean) Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:12 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261 in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) [ Media Center Events ] Error - 20/12/2010 05:31:36 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 10:31:36 - Errore di connessione a Internet. 10:31:36 - Impossibile contattare il server.. Error - 20/12/2010 05:32:14 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 10:32:05 - Errore di connessione a Internet. 10:32:05 - Impossibile contattare il server.. Error - 20/12/2010 06:32:45 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 11:32:45 - Errore di connessione a Internet. 11:32:45 - Impossibile contattare il server.. Error - 20/12/2010 06:33:15 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 11:33:14 - Errore di connessione a Internet. 11:33:14 - Impossibile contattare il server.. Error - 20/12/2010 07:33:47 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 12:33:47 - Errore di connessione a Internet. 12:33:47 - Impossibile contattare il server.. Error - 20/12/2010 07:34:16 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 12:34:16 - Errore di connessione a Internet. 12:34:16 - Impossibile contattare il server.. Error - 22/12/2010 15:07:38 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 20:07:38 - Errore di connessione a Internet. 20:07:38 - Impossibile contattare il server.. Error - 22/12/2010 15:08:11 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 20:08:07 - Errore di connessione a Internet. 20:08:07 - Impossibile contattare il server.. Error - 05/01/2011 08:41:35 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 13:41:31 - Errore di connessione a Internet. 13:41:31 - Impossibile contattare il server.. Error - 10/01/2011 02:58:41 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 07:58:38 - Errore di connessione a Internet. 07:58:38 - Impossibile contattare il server.. [ System Events ] Error - 01/04/2013 01:42:50 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Pos Service bloccato in partenza. Error - 01/04/2013 01:42:50 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Serv Updater bloccato in partenza. Error - 05/04/2013 14:14:42 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Pos Service bloccato in partenza. Error - 05/04/2013 18:23:11 | Computer Name = Fraba-PC | Source = DCOM | ID = 10010 Description = Error - 07/04/2013 12:48:29 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7031 Description = Il servizio Akamai NetSession Interface è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 1000 millisecondi: Riavvia il servizio. Error - 07/04/2013 12:48:29 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7034 Description = Arresto imprevista del servizio Easybits Shared Services for Windows. Questo evento si è già verificato 1 volta(e). Error - 07/04/2013 12:56:45 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7030 Description = Il servizio PEVSystemStart è contrassegnato come interattivo. Il sistema non è configurato per consentire servizi interattivi. Questo servizio potrà non funzionare correttamente. Error - 07/04/2013 12:59:42 | Computer Name = Fraba-PC | Source = Application Popup | ID = 1060 Description = Caricamento del driver \??\C:\ComboFix\catchme.sys bloccato a causa di incompatibilità con il sistema in uso. Rivolgersi al fornitore del software per richiedere una versione compatibile del driver. Error - 07/04/2013 12:59:43 | Computer Name = Fraba-PC | Source = Application Popup | ID = 1060 Description = Caricamento del driver \??\C:\ComboFix\catchme.sys bloccato a causa di incompatibilità con il sistema in uso. Rivolgersi al fornitore del software per richiedere una versione compatibile del driver. Error - 07/04/2013 13:00:23 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7030 Description = Il servizio PEVSystemStart è contrassegnato come interattivo. Il sistema non è configurato per consentire servizi interattivi. Questo servizio potrà non funzionare correttamente. < End of report >OTL Extras logfile created on: 10/04/2013 23:43:16 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Franca\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy 3,93 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 50,41% Memory free 7,86 Gb Paging File | 5,20 Gb Available in Paging File | 66,21% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 448,85 Gb Total Space | 352,66 Gb Free Space | 78,57% Space Free | Partition Type: NTFS Drive D: | 16,61 Gb Total Space | 2,71 Gb Free Space | 16,30% Space Free | Partition Type: NTFS Drive E: | 99,02 Mb Total Space | 95,10 Mb Free Space | 96,04% Space Free | Partition Type: FAT32 Computer Name: FRABA-PC | User Name: Franca | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0692267A-F246-4B5F-8395-6931034C5CD1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{0C273546-88B8-4529-A15B-8365EC69FA3D}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{0E1384D9-C932-401C-88E2-C9B023AF3834}" = lport=139 | protocol=6 | dir=in | app=system | "{0F69C157-4078-44A4-9E25-8E603384139B}" = lport=445 | protocol=6 | dir=in | app=system | "{199E6948-F205-45A7-B9CB-11C09A9D5285}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{37336A5B-FC83-4999-BA23-114F27369D23}" = rport=137 | protocol=17 | dir=out | app=system | "{375E808F-70A3-45B5-958A-CFB541CA903F}" = rport=138 | protocol=17 | dir=out | app=system | "{38FF5F99-EB90-415E-8597-8F9AF6726075}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{575A002D-9D1E-45D5-B827-B594C358BC9C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{5B9888AE-2F37-4678-B14A-317A9F92438E}" = lport=137 | protocol=17 | dir=in | app=system | "{613CF8AB-9E99-4A42-8AEE-166E4AC0632D}" = lport=49279 | protocol=6 | dir=in | name=akamai netsession interface | "{88678C8C-4D34-4168-A60A-789AECB0E08C}" = rport=139 | protocol=6 | dir=out | app=system | "{9A5C5436-0879-4CC1-9251-EE7B2EE6CED0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{A465DEC8-47E0-4AD9-8CB8-FC77D2AF7BC4}" = lport=138 | protocol=17 | dir=in | app=system | "{B389F7A5-616C-4A56-9D65-C89A7A9311DF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{C3E6A372-C75F-4A4D-A881-2B1A85D09F45}" = lport=2869 | protocol=6 | dir=in | app=system | "{C4836E19-7F17-46F5-B5E8-ED03CB7B4385}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CD683381-F278-4EDD-AB6F-F5C0FB6D5A99}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{CFFB2297-7AD7-43F2-8BA4-523D5B707B2B}" = rport=445 | protocol=6 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04465AEE-FD54-45D2-8567-24C1F1ACD5E2}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{092E4DBD-C7ED-4DF7-ACD4-3193C8048983}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{0B998B5A-0F84-41BD-BA36-42BE7D897896}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | "{142FBEF9-8562-426A-BBD7-95F1566A69BA}" = protocol=6 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe | "{1603F81F-3535-4C2E-83B0-BDC0729375F6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{2097940C-DEC4-4F74-8824-F32EC11B8E01}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{23EB6552-4009-42FB-9065-FAA08993BDED}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{3137D671-67FD-48FF-A5EA-4D0C46A8ADE3}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartphoto.exe | "{32DFD361-CE48-480E-980B-BDAEE4D6A159}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{355488C6-7078-458F-9A48-83236D10C07D}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{3806C9CC-B91A-40A8-844B-7ED9907FD8B0}" = protocol=17 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe | "{3C70DDDB-E35B-408E-9529-B30FBB40CBC2}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{3F07BD61-501B-4E73-A5DE-BD46D96050F4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | "{43019AAE-1888-4737-8767-445E5D5EBC6E}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version5 eamviewer.exe | "{43AC8B4F-F125-46E5-B6B7-4039660833CE}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{46C61275-F31D-4CF8-8E1A-DD401043FAEB}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{4B600AA2-D3C3-4426-8B01-1A7D682FDBD5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4D6BA36D-554F-4172-81A9-3DE8D1B5B33C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{5B4A2EE9-5E23-4482-8CB6-C21972B4A594}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5C8F6643-911E-45F8-80AD-5683439F7709}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | "{63A28933-BF80-4E31-9A24-4EE976F1FDB5}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | "{786024B3-67C9-49F5-8A7C-82B858990718}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{7E7BC48C-4ECB-4622-A73E-351869BAEE90}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{82E58F3C-AAAC-4CF6-8DBA-63B6A4F3B14E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{85C6E4DC-3DD7-4860-9A81-72D22443D3E9}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{88C61555-F7ED-4444-A09E-547F68916E0E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{8982ACA3-6D28-4856-ACA1-D934BD3AB357}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{8B7A72C4-B3B4-44ED-B22D-B68E0CEBB7B7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{8E312EB8-1BA2-45A2-ABEC-ACEF7FC7B66E}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "{90D9A99F-947F-4F83-B707-2BC01847C0FD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{93307741-EDDA-46CC-A121-EE638E9B1A29}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version5 eamviewer.exe | "{A24FEC84-3AAF-4BFE-8868-86A73769D4D5}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | "{A47A24B6-7AC8-4F7D-9631-B25E53AC3642}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{A8D44F34-FF04-417B-8E22-45CA6BD5E246}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartmusic.exe | "{AADEEEC2-6A2F-4408-A480-684FD869E00B}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{B10690A8-B574-4E02-AB01-EC7ADEFBB644}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{B569D587-2D90-4C43-AB6F-1D37CB530D13}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media smagent.exe | "{BB32D6F8-F38D-4752-8099-38CB6CE910AE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{BDC1C8DA-E2B6-4BD1-8A25-8C558CFB39CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C600BCFB-4EB2-4BF8-8499-4A62A719222B}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{C97F9A23-93DC-4496-B5B6-356BB5635BB3}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartvideo.exe | "{C9A03DA9-AE8B-40BC-9368-58F6A2952E3A}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "{CEDAC8AA-0E14-4A9B-896C-683FAF09E35D}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer_service.exe | "{D19F2EA5-1F2A-4729-983F-300A82347B42}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{DF8782C6-67F3-4084-A62B-FFFF1B43C458}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{E0AF229C-C041-4B6B-AFDC-E8672660F24B}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\kernel\clml\clmlsvc.exe | "{E506CD03-B9CA-4E0D-B27A-F32473AE6C0B}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{E628A6D0-F07B-4D39-9537-476C835893E6}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer.exe | "{E976DCF6-AE30-4DEC-9775-06905094656D}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer_service.exe | "{EF81C018-DE06-4DB3-BD91-3F8CB6333DD8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F422C145-67FF-420E-B9D6-963A1514FF61}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | "{F8D71038-31C5-470C-B5B6-C962820B7F20}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer.exe | "TCP Query User{7441EEC2-6EDD-48C5-92E1-A1E05E9EDA67}C:\program files (x86)\ea games\ultima online mondain's legacy\client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\ultima online mondain's legacy\client.exe | "TCP Query User{D6F385E4-8788-473B-811A-BE5A63270609}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "TCP Query User{E8D18DD5-06D6-4397-A17B-405D3540D476}C:\users\franca\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe | "TCP Query User{F9E34D85-6133-4DD6-A271-EF3D0778834B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "UDP Query User{419AC317-9323-4273-948C-B04157D5E7EC}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "UDP Query User{C5145141-E235-4F57-B5C1-0D328AEEAEF8}C:\users\franca\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe | "UDP Query User{E9ED0506-E373-435A-AC1F-8575E4DD73BC}C:\program files (x86)\ea games\ultima online mondain's legacy\client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\ultima online mondain's legacy\client.exe | "UDP Query User{F383AC72-139A-4072-95F2-FAB8F9CCC87C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01651F94-6956-4F93-8AFE-0A30DB230BDB}" = HP 3D DriveGuard "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{25B473DB-CC8D-384A-ACE7-7CFB119B7E03}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack "{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java 6 Update 22 (64-bit) "{27B3E5AA-5B75-414A-AC37-F5ADDFA68BDB}" = Windows Live Family Safety "{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.573 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java SE Development Kit 6 Update 15 (64-bit) "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Pannello di controllo NVIDIA 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver grafico 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aggiornamenti NVIDIA 1.12.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Driver audio HD 1.3.23.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter "CCleaner" = CCleaner "FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) "SynTPDeinstKey" = Synaptics Pointing Device Driver "WNLT" = IB Updater Service [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0B500125-92A7-40BF-ACF0-45A9221ADE21}_is1" = PowerOffer 2.0 "{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver "{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34A08914-7A33-4040-A959-1577BF5AFF8A}" = Microsoft Works "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7 "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4DAF72C7-78D4-4823-BA66-FE8FE3D5BD0A}" = Installazione Guidata Alice ADSL "{4E432692-A736-4F77-AF77-F9078CF88D31}" = HP Wireless Assistant "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3 "{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2 "{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite "{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger "{70C24EB5-5C57-4E24-B29D-AB425CE1866F}" = Aeria Ignite "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7 "{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update "{7C4196CA-CA41-4F34-9C08-7724E7705D52}" = Jasc Animation Shop 3 "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007 "{90120000-0015-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007 "{90120000-0016-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007 "{90120000-0018-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007 "{90120000-0019-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007 "{90120000-001A-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007 "{90120000-001B-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0410-1000-0000000FF1CE}_ENTERPRISE_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2007 "{90120000-0044-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007 "{90120000-006E-0410-0000-0000000FF1CE}_ENTERPRISE_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007 "{90120000-00A1-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2007 "{90120000-00BA-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Italiano "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154 "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C89F2092-B9E4-46FD-83BB-C6F2D7838CED}" = Windows Live Sync "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}" = Ultima Online: Mondain's Legacy "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX "{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = VideoStudio "{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5 "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Aeria Ignite" = Aeria Ignite "Aeria Ignite 1.11.2111" = Aeria Ignite "Akamai" = Akamai NetSession Interface Service "aTube Catcher" = aTube Catcher "Avira AntiVir Desktop" = Avira Free Antivirus "Cheat Engine 6.2_is1" = Cheat Engine 6.2 "EasyBits Magic Desktop" = Magic Desktop "ENTERPRISE" = Microsoft Office Enterprise 2007 "GinyasBrowserCompanion" = GinyasBrowserCompanion "HyperMediaCenter 3.5_is1" = HyperMediaCenter 3.5 "HyperMediaCenter_is1" = HyperMediaCenter Software "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = Corel VideoStudio 12 "InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.70.0.1100 "Mozilla Firefox 19.0.2 (x86 it)" = Mozilla Firefox 19.0.2 (x86 it) "MozillaMaintenanceService" = Mozilla Maintenance Service "PhotoScape" = PhotoScape "Revo Uninstaller" = Revo Uninstaller 1.94 "Shaiya-IT" = Shaiya-IT "Sqirlz Water Reflections" = Sqirlz Water Reflections "TeamViewer 5" = TeamViewer 5 "TeamViewer 6" = TeamViewer 6 "uTorrent" = µTorrent "uTorrentBar_IT Toolbar" = uTorrentBar_IT Toolbar "WildTangent hp Master Uninstall" = HP Games "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "Windows Media Encoder 9" = Windows Media Encoder 9 Series "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.20 (32-bit) ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Akamai" = Akamai NetSession Interface "NGM Phonesuite" = NGM Phonesuite ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 08/04/2013 05:07:22 | Computer Name = Fraba-PC | Source = VmbService | ID = 0 Description = conflictManagerTypeValue Error - 09/04/2013 04:31:02 | Computer Name = Fraba-PC | Source = VmbService | ID = 0 Description = conflictManagerTypeValue Error - 09/04/2013 04:31:08 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0 Description = Impossibile avviare il servizio. Handle non valido Error - 09/04/2013 05:20:10 | Computer Name = Fraba-PC | Source = SideBySide | ID = 16842815 Description = Generazione del contesto di attivazione non riuscita per "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Errore nel file manifesto o dei criteri "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll", riga 3. Il valore "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" dell'attributo "version" nell'elemento "assemblyIdentity" non è valido. Error - 09/04/2013 15:50:03 | Computer Name = Fraba-PC | Source = Application Error | ID = 1000 Description = Nome dell'applicazione che ha generato l'errore: tbhcn.exe, versione: 1.0.0.5, timestamp: 0x50f25761 Nome del modulo che ha generato l'errore: tbhcn.exe, versione: 1.0.0.5, timestamp: 0x50f25761 Codice eccezione: 0x40000015 Offset errore 0x0007a2fd ID processo che ha generato l'errore: 0x1e64 Ora di avvio dell'applicazione che ha generato l'errore: 0x01ce355b6bafcae7 Percorso dell'applicazione che ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe Percorso del modulo che ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe ID segnalazione: aafcae09-a14e-11e2-9a6e-8ab075bf2cba Error - 10/04/2013 05:58:13 | Computer Name = Fraba-PC | Source = VmbService | ID = 0 Description = conflictManagerTypeValue Error - 10/04/2013 05:58:16 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0 Description = Impossibile avviare il servizio. Handle non valido Error - 10/04/2013 05:58:17 | Computer Name = Fraba-PC | Source = Application Error | ID = 1000 Description = Nome dell'applicazione che ha generato l'errore: tbhcn.exe, versione: 1.0.0.5, timestamp: 0x50f25761 Nome del modulo che ha generato l'errore: tbhcn.exe, versione: 1.0.0.5, timestamp: 0x50f25761 Codice eccezione: 0x40000015 Offset errore 0x0007a2fd ID processo che ha generato l'errore: 0x7d8 Ora di avvio dell'applicazione che ha generato l'errore: 0x01ce35d1e31b0b03 Percorso dell'applicazione che ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe Percorso del modulo che ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe ID segnalazione: 2a0f3334-a1c5-11e2-aa62-d0ef4098ecb1 Error - 10/04/2013 14:22:19 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0 Description = Impossibile avviare il servizio. Handle non valido Error - 10/04/2013 14:22:24 | Computer Name = Fraba-PC | Source = VmbService | ID = 0 Description = conflictManagerTypeValue [ Hewlett-Packard Events ] Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean) Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean) Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean) Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:12 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261 in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) [ Media Center Events ] Error - 20/12/2010 05:31:36 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 10:31:36 - Errore di connessione a Internet. 10:31:36 - Impossibile contattare il server.. Error - 20/12/2010 05:32:14 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 10:32:05 - Errore di connessione a Internet. 10:32:05 - Impossibile contattare il server.. Error - 20/12/2010 06:32:45 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 11:32:45 - Errore di connessione a Internet. 11:32:45 - Impossibile contattare il server.. Error - 20/12/2010 06:33:15 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 11:33:14 - Errore di connessione a Internet. 11:33:14 - Impossibile contattare il server.. Error - 20/12/2010 07:33:47 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 12:33:47 - Errore di connessione a Internet. 12:33:47 - Impossibile contattare il server.. Error - 20/12/2010 07:34:16 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 12:34:16 - Errore di connessione a Internet. 12:34:16 - Impossibile contattare il server.. Error - 22/12/2010 15:07:38 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 20:07:38 - Errore di connessione a Internet. 20:07:38 - Impossibile contattare il server.. Error - 22/12/2010 15:08:11 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 20:08:07 - Errore di connessione a Internet. 20:08:07 - Impossibile contattare il server.. Error - 05/01/2011 08:41:35 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 13:41:31 - Errore di connessione a Internet. 13:41:31 - Impossibile contattare il server.. Error - 10/01/2011 02:58:41 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 07:58:38 - Errore di connessione a Internet. 07:58:38 - Impossibile contattare il server.. [ System Events ] Error - 01/04/2013 01:42:50 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Pos Service bloccato in partenza. Error - 01/04/2013 01:42:50 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Serv Updater bloccato in partenza. Error - 05/04/2013 14:14:42 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Pos Service bloccato in partenza. Error - 05/04/2013 18:23:11 | Computer Name = Fraba-PC | Source = DCOM | ID = 10010 Description = Error - 07/04/2013 12:48:29 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7031 Description = Il servizio Akamai NetSession Interface è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 1000 millisecondi: Riavvia il servizio. Error - 07/04/2013 12:48:29 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7034 Description = Arresto imprevista del servizio Easybits Shared Services for Windows. Questo evento si è già verificato 1 volta(e). Error - 07/04/2013 12:56:45 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7030 Description = Il servizio PEVSystemStart è contrassegnato come interattivo. Il sistema non è configurato per consentire servizi interattivi. Questo servizio potrà non funzionare correttamente. Error - 07/04/2013 12:59:42 | Computer Name = Fraba-PC | Source = Application Popup | ID = 1060 Description = Caricamento del driver \??\C:\ComboFix\catchme.sys bloccato a causa di incompatibilità con il sistema in uso. Rivolgersi al fornitore del software per richiedere una versione compatibile del driver. Error - 07/04/2013 12:59:43 | Computer Name = Fraba-PC | Source = Application Popup | ID = 1060 Description = Caricamento del driver \??\C:\ComboFix\catchme.sys bloccato a causa di incompatibilità con il sistema in uso. Rivolgersi al fornitore del software per richiedere una versione compatibile del driver. Error - 07/04/2013 13:00:23 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7030 Description = Il servizio PEVSystemStart è contrassegnato come interattivo. Il sistema non è configurato per consentire servizi interattivi. Questo servizio potrà non funzionare correttamente. < End of report >

OTL logfile created on: 10/04/2013 23:43:16 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Franca\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy 3,93 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 50,41% Memory free 7,86 Gb Paging File | 5,20 Gb Available in Paging File | 66,21% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 448,85 Gb Total Space | 352,66 Gb Free Space | 78,57% Space Free | Partition Type: NTFS Drive D: | 16,61 Gb Total Space | 2,71 Gb Free Space | 16,30% Space Free | Partition Type: NTFS Drive E: | 99,02 Mb Total Space | 95,10 Mb Free Space | 96,04% Space Free | Partition Type: FAT32 Computer Name: FRABA-PC | User Name: Franca | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/04/10 23:40:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Franca\Desktop\OTL.exe PRC - [2013/03/15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2013/01/29 15:28:32 | 000,188,760 | ---- | M] () -- C:\Programmi\Web Assistant\ExtensionUpdaterService.exe PRC - [2013/01/26 08:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Franca\AppData\Local\Akamai\netsession_win.exe PRC - [2012/12/18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/08/13 21:05:23 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012/08/13 21:05:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012/08/13 21:05:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011/12/16 18:44:50 | 000,762,368 | ---- | M] (PService) -- C:\Users\Public\Documents\AppData\PoApp\PService.exe PRC - [2011/11/03 20:25:08 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2010/09/08 16:44:16 | 000,008,704 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe PRC - [2010/08/25 12:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac PRC - [2010/05/21 13:27:04 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009/10/06 23:56:44 | 000,415,016 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe PRC - [2009/10/06 00:08:42 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe PRC - [2008/04/14 15:35:46 | 001,519,616 | ---- | M] () -- C:\Program Files (x86)\DIKOM Multimedia\HyperMediaCenter\DTVR\Scheduled.exe PRC - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe ========== Modules (No Company Name) ========== MOD - [2013/01/29 15:28:32 | 000,170,840 | ---- | M] () -- C:\Programmi\Web Assistant\Extension32.dll MOD - [2012/12/12 07:32:26 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MOD - [2012/10/05 12:53:24 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2012/10/05 12:53:24 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll MOD - [2012/08/31 12:59:19 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll MOD - [2010/11/13 01:50:53 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll MOD - [2010/11/05 03:58:14 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2010/11/05 03:58:10 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2010/11/05 03:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2010/11/05 03:58:04 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2010/11/05 03:57:46 | 000,610,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll MOD - [2009/10/06 23:57:02 | 000,279,976 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll MOD - [2009/10/06 23:57:02 | 000,120,232 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll MOD - [2009/10/06 23:57:00 | 000,464,168 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll MOD - [2009/10/06 00:08:38 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll MOD - [2009/06/10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll MOD - [2008/04/14 15:35:46 | 001,519,616 | ---- | M] () -- C:\Program Files (x86)\DIKOM Multimedia\HyperMediaCenter\DTVR\Scheduled.exe MOD - [2003/09/10 04:42:28 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\DIKOM Multimedia\HyperMediaCenter\DTVR\kwspnd.dll ========== Services (SafeList) ========== SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv) SRV:64bit: - [2010/03/23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe -- (STacSV) SRV:64bit: - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters) SRV - [2013/04/06 00:28:51 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/03/25 16:23:44 | 004,561,152 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll -- (Akamai) SRV - [2013/03/15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013/03/09 19:37:46 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/03/01 12:11:32 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/01/29 15:28:32 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Programmi\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater) SRV - [2012/12/18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/08/13 21:05:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012/08/13 21:05:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012/07/11 20:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programmi\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE) SRV - [2012/04/23 15:43:10 | 000,161,280 | ---- | M] (SoftwareUpdService) [Auto | Stopped] -- C:\Users\Franca\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe -- (SoftwareUpd) SRV - [2012/04/03 19:59:46 | 000,169,472 | ---- | M] (PowerOfferService) [Auto | Stopped] -- C:\Users\Franca\AppData\Local\PosService\Pos.exe -- (PowerOffer Service) SRV - [2011/12/16 18:44:48 | 000,156,160 | ---- | M] (ServiceUpd) [Auto | Stopped] -- C:\Users\Franca\AppData\Local\ServUpdater\ServiceUpd.exe -- (ServUpdater) SRV - [2011/11/03 20:25:08 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2011/03/28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programmi\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010/09/08 16:44:16 | 000,008,704 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService) SRV - [2010/05/21 13:27:04 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5) SRV - [2010/03/23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe -- (STacSV) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/06 02:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters) SRV - [2009/02/22 13:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc) SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/12/19 07:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/08/23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012/08/13 21:05:23 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012/08/13 21:05:23 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012/05/02 15:24:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/10/14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2011/08/08 20:13:12 | 000,198,480 | ---- | M] (SysProgs.org) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BazisVirtualCDBus.sys -- (BazisVirtualCDBus) DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt) DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer) DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010/09/01 14:33:12 | 000,088,064 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cdc_ecm.sys -- (vodafone_K3805-z_cdc_ecm) DRV:64bit: - [2010/09/01 14:33:12 | 000,078,336 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cdc_acm.sys -- (vodafone_K3805-z_cdc_acm) DRV:64bit: - [2010/09/01 14:33:12 | 000,075,776 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum) DRV:64bit: - [2010/09/01 14:33:12 | 000,013,824 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cpo.sys -- (vodafone_K3805-z_cpo) DRV:64bit: - [2010/03/23 14:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2010/01/05 02:29:01 | 002,838,008 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009/10/03 05:58:12 | 000,258,560 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009/08/08 06:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/07/21 05:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/29 20:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir) DRV:64bit: - [2009/06/10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009/06/10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009/06/10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/06/10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009/06/10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/04/29 09:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2011/07/22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programmi\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV - [2011/07/12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programmi\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {A38A93E6-3884-4CEA-8070-78B0654536AE} IE:64bit: - HKLM\..\SearchScopes\{A38A93E6-3884-4CEA-8070-78B0654536AE}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTo0.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = {A38A93E6-3884-4CEA-8070-78B0654536AE} IE - HKLM\..\SearchScopes\{A38A93E6-3884-4CEA-8070-78B0654536AE}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.igoogle.it/ IE - HKCU\..\SearchScopes,DefaultScope = {9E78F5CC-9671-4F76-9E03-863D0EC2C0B1} IE - HKCU\..\SearchScopes\{9E78F5CC-9671-4F76-9E03-863D0EC2C0B1}: "URL" = http://www.google.com/search?hl=en&q={searchTerms} IE - HKCU\..\SearchScopes\{A2BE91B7-047F-49E9-AC3F-77311F907DE4}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=it_IT&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^IT&apn_uid=7E3DBA4C-FB6D-4856-8B09-3CC096E92B8F&apn_sauid=CDACA0AF-0A8D-4FC1-8FE8-EFB932C8173C IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716 IE - HKCU\..\SearchScopes\{CC89926C-B516-4F89-A64F-847B3C15FC99}: "URL" = http://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=198484" FF - prefs.js..browser.search.selectedEngine: "Ask.com" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.igoogle.it" FF - prefs.js..extensions.enabledAddons: ffxtlbr%40incredibar.com:1.5.0 FF - prefs.js..extensions.enabledAddons: %7BFE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052%7D:2.0.0.573 FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.3 FF - prefs.js..extensions.enabledAddons: %7B3e0c7f3a-3f50-4730-beb5-4a9a10e2831c%7D:8.0 FF - prefs.js..extensions.enabledAddons: bbrs_002%40blabbers.com:1.0.5 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2013/03/01 17:48:08 | 000,000,000 | ---D | M] 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2013/03/01 17:48:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2013/03/01 17:48:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\Web Assistant\Firefox [2013/03/01 17:48:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/09 19:37:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/09 19:37:46 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/04/01 22:45:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\Extensions [2013/04/08 22:27:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions [2013/03/30 00:48:22 | 000,000,000 | ---D | M] (Browser Backgrounds) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\{3e0c7f3a-3f50-4730-beb5-4a9a10e2831c} [2012/09/25 12:01:01 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012/06/18 21:00:33 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} [2012/11/24 20:20:13 | 000,000,000 | ---D | M] (Ginyas Browser Companion) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com [2012/06/12 00:15:30 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\ffxtlbr@incredibar.com [2013/04/08 22:27:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\staged [2012/06/01 13:58:48 | 000,002,933 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\clocktab@vik.josh.xpi [2013/02/17 19:42:23 | 000,015,751 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\restartless.restart@erikvold.com.xpi [2013/03/30 00:48:19 | 000,117,153 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2013/01/11 22:31:21 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\00fa8af3e1afacabf63912c667597b88_expire [2013/04/04 19:24:43 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire [2013/02/02 21:53:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0bb66476c57d47d5a6fb7e7674377c0d_expire [2013/04/06 00:06:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\1048fa0383ec8c1a4365d4bd4fed1de5_expire [2013/03/30 13:56:42 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\13d5beed7af8587c97041140898f20fb_expire [2013/03/09 19:18:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\1d8715bd00dbafbff504a0b9666c85e1_expire [2013/02/02 22:58:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\21fdaa9a4d00888fb89ab4150c475afe_expire [2013/03/30 00:38:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2328e1768b820b18ab2f301c9ff88e2c_expire [2013/03/30 00:37:59 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658_expire [2012/09/25 11:55:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\29707677b08fb26b2f65143134a1da51_expire [2012/09/25 11:55:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\35c5ead7c694459d2b46d88482247348_expire [2013/04/08 22:23:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4bb79f13c77b1255dc49f0d657dfac7d_expire [2013/02/02 22:58:18 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4be754d05a1a132121d9fdfa869a2fe3_expire [2013/04/08 22:23:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26be41f_expire [2013/04/08 22:23:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4f58276013e8b7af7d3fbf813163d5c3_expire [2013/04/08 22:23:27 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\530e52021dc20843b1aa62957edeb9f8_expire [2013/01/11 22:52:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\57946d7296214a969f57f809acbbb2c9_expire [2013/03/30 00:38:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5c07ce6ac7fa7b9ff2f3fd7a4d77eef8_expire [2013/02/02 21:53:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5ccbc7d24e3f98d4fb183f06f125b58b_expire [2013/04/08 22:23:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5cdf8a7ef2ec84abac286c67587b78d9_expire [2013/03/30 00:38:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\6fdfbada841d5c35ed7e4cc440ebc0f7_expire [2013/01/07 13:03:16 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\719f6985083c6f0c2a8fef7aa1f75d63_expire [2013/03/30 13:56:43 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\72891ec935a3d247f2da6562ef29a005_expire [2013/03/30 00:38:00 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\79fb7d8c9c120c501ff74f2666f1ed76_expire [2013/01/11 22:31:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9238b45def093d2a9a5c06fb11a3c4e3_expire [2012/09/25 11:55:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9927ebf7c3c498c96c52b76f3a964e84_expire [2013/01/11 22:31:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\99a397b5eee6f1b4c020f519b74db96d_expire [2013/02/17 19:40:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9ef5e4c08312c8e6d81dfd42b7176e39_expire [2012/09/25 11:55:01 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a3305b130a0ed11cd68c58b262aa95b3_expire [2013/03/30 13:56:42 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0_expire [2013/01/11 22:31:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\adf275b6644b3fcac86a14ffe551dede_expire [2012/09/25 11:55:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\be618ea2f4f463a305fc75d122f2d990_expire [2013/02/17 19:40:23 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\c5538e5049ca9b04ad62d9a930947369_expire [2013/02/02 21:53:23 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ca7645042096dd3cfadc42109c394f16_expire [2013/03/09 19:18:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ceec6e4f46abde15a7f2536a318f4cfd_expire [2013/04/08 22:23:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e440d29f88739418e905adc0a155a174_expire [2013/04/08 22:23:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e5261abf2e11d65922ee31bdca03dca7_expire [2013/04/06 00:06:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e7d8325da90d91d3c4e7720f0e629e17_expire [2013/04/08 22:23:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e4264271_expire [2012/09/25 11:55:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ece71b71690fad200cbed95871ef4bb2_expire [2013/03/30 00:38:00 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ee1ab4cb8e86769e288abaa46407a623_expire [2013/04/06 00:06:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f03527c67e08602d2e4c18ae7867300d_expire [2013/04/08 22:23:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f2bead22a65ec461e339f02da757d445_expire [2013/04/08 22:23:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire [2013/04/08 22:23:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire [2013/04/05 20:15:11 | 000,002,308 | ---- | M] () -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\searchplugins\askcom.xml [2013/03/30 00:41:51 | 000,000,950 | ---- | M] () -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\searchplugins\icqplugin.xml [2012/06/12 00:15:17 | 000,002,203 | ---- | M] () -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\searchplugins\MyStart Search.xml [2013/03/09 19:37:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013/03/09 19:37:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013/03/09 19:37:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013/03/09 19:37:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013/03/01 17:48:08 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2013/03/09 19:37:46 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013/03/02 14:06:40 | 000,001,606 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-it.xml [2013/03/02 14:06:40 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013/03/02 14:06:40 | 000,000,957 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-it.xml [2013/03/02 14:06:40 | 000,001,030 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\hoepli.xml [2013/03/02 14:06:40 | 000,001,395 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-it.xml [2013/03/02 14:06:40 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-it.xml O1 HOSTS File: ([2013/04/07 19:00:20 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programmi\Web Assistant\Extension32.dll () O2 - BHO: (uTorrentBar_IT Toolbar) - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTo0.dll (Conduit Ltd.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - No CLSID value found. O3 - HKLM\..\Toolbar: (uTorrentBar_IT Toolbar) - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTo0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar_IT Toolbar) - {4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTo0.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Programmi\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe (PLauncher) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Franca\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKCU..\Run: [Center Agent] C:\Program Files (x86)\DIKOM Multimedia\HyperMediaCenter\DTVR\Scheduled.exe () O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Programmi\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O15 - HKCU\..Trusted Domains: aeriagames.com ([]http in Siti attendibili) O15 - HKCU\..Trusted Domains: aeriagames.com ([]https in Siti attendibili) O15 - HKCU\..Trusted Domains: youtube.com ([www] http in Siti attendibili) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/it/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{461EB543-71D3-4E92-BEDB-06A665E5432B}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73F93469-9074-41D9-AE3B-1154ECED3CF7}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A2D148E-8E75-4A62-AD35-1F274715FA59}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C0FA287-443A-4137-AB42-A57F6C71F1B8}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7C42932-7359-4F77-BF61-BB04DE227884}: NameServer = 8.8.8.8,8.8.4.4 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\livecall - No CLSID value found O18 - Protocol\Handler\msnim - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter ext/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.dvacm - C:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm (Corel TW Corp.) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.MPEGacm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.) Drivers32: msacm.ulmp3acm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2013/04/10 23:40:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Franca\Desktop\OTL.exe [2013/04/10 20:08:13 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013/04/10 20:08:12 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013/04/10 20:08:12 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013/04/10 20:08:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013/04/10 20:08:10 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013/04/10 20:08:10 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013/04/10 20:08:10 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013/04/10 20:08:10 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013/04/10 20:08:10 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013/04/10 20:08:10 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013/04/10 20:08:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013/04/10 20:08:09 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013/04/10 20:08:07 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013/04/10 20:08:07 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013/04/10 20:08:05 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013/04/10 12:06:46 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013/04/10 12:06:44 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013/04/10 12:06:43 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013/04/10 12:06:42 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2013/04/10 12:06:42 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013/04/10 12:06:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2013/04/07 19:13:33 | 000,000,000 | ---D | C] -- C:\Users\Franca\AppData\Roaming\SUPERAntiSpyware.com [2013/04/07 19:13:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2013/04/07 19:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2013/04/07 19:13:24 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2013/04/07 19:01:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013/04/07 19:00:19 | 000,000,000 | ---D | C] -- C:\Windows emp [2013/04/07 18:41:36 | 000,000,000 | ---D | C] -- C:\Users\Franca\Desktop\cugintour 6 aprile 2013 [2013/04/06 00:28:51 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/04/06 00:28:51 | 000,073,432 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/04/05 17:26:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013/04/05 17:26:14 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013/04/05 17:26:06 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013/04/05 17:26:06 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013/04/05 17:26:06 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013/04/05 16:36:15 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013/04/05 16:36:15 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013/04/05 16:36:15 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013/04/05 16:36:15 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013/04/05 16:36:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013/04/05 16:36:15 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013/04/05 16:36:15 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013/04/05 16:36:15 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013/04/05 16:36:15 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013/04/05 16:36:15 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013/04/05 16:36:15 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/04/05 16:36:15 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013/04/05 16:36:14 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013/04/05 16:36:14 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013/04/05 16:36:14 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013/04/05 16:36:14 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013/04/05 16:36:14 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013/04/05 16:36:14 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013/04/05 16:36:14 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/04/05 16:36:14 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013/04/05 16:36:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013/04/05 16:36:14 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013/04/05 16:36:14 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013/04/05 16:36:14 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013/04/05 16:36:14 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013/04/05 16:36:14 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64 dc.ocx [2013/04/05 16:36:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013/04/05 16:36:14 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013/04/05 16:36:14 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013/04/05 16:36:13 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013/04/05 16:36:13 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013/04/05 16:36:13 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013/04/05 16:36:13 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013/04/05 16:36:13 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013/04/05 16:36:13 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013/04/05 16:36:13 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/04/05 16:36:13 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013/04/05 16:36:13 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013/04/05 16:36:13 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013/04/05 16:36:13 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013/04/05 16:36:13 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013/04/05 16:36:13 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013/04/05 16:36:13 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013/04/05 16:36:13 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/04/05 16:36:13 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013/04/05 16:36:13 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013/04/05 16:36:13 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative dc.ocx [2013/04/05 16:36:13 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013/04/05 16:36:13 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013/04/05 16:36:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013/04/05 16:36:13 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013/04/05 16:36:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013/04/05 16:36:13 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013/04/05 15:57:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013/03/28 12:04:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies [2013/03/28 12:01:22 | 000,194,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys [2013/03/28 12:01:22 | 000,031,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2013/03/28 12:01:21 | 026,956,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013/03/28 12:01:21 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013/03/28 12:01:21 | 020,542,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013/03/28 12:01:21 | 017,990,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2013/03/28 12:01:21 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013/03/28 12:01:21 | 013,088,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2013/03/28 12:01:21 | 009,414,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013/03/28 12:01:21 | 007,959,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013/03/28 12:01:21 | 007,573,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013/03/28 12:01:21 | 006,271,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013/03/28 12:01:21 | 002,913,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013/03/28 12:01:21 | 002,728,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013/03/28 12:01:21 | 002,539,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2013/03/28 12:01:21 | 002,355,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013/03/28 12:01:21 | 001,995,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013/03/28 12:01:21 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6431422.dll [2013/03/28 12:01:21 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6431422.dll [2013/03/26 01:20:12 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys [2013/03/18 09:43:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecurityXploded [2013/03/14 15:44:08 | 000,000,000 | ---D | C] -- C:\Users\Franca\AppData\Roaming\Apple Computer [2012/12/31 15:34:06 | 008,358,176 | ---- | C] (Burnaware Technologies ) -- C:\Users\Franca\burnaware_free.exe [2011/03/21 23:08:51 | 000,399,736 | ---- | C] (BitTorrent, Inc.) -- C:\Users\Franca\utorrent.exe [2010/10/29 15:46:50 | 001,162,064 | ---- | C] (Microsoft Corporation) -- C:\Users\Franca\wlsetup-web-14.0.8091.0730.exe [2 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/04/10 23:40:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Franca\Desktop\OTL.exe [2013/04/10 22:54:00 | 000,000,978 | ---- | M] () -- C:\Windows asks\Adobe Flash Player Updater.job [2013/04/10 22:10:00 | 000,000,928 | ---- | M] () -- C:\Windows asks\GinyasBrowserCompanion Update Checker.job [2013/04/10 21:50:00 | 000,000,996 | ---- | M] () -- C:\Windows asks\GinyasBrowserCompanion Stats Report.job [2013/04/10 20:29:36 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/04/10 20:29:36 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/04/10 20:22:49 | 000,000,996 | ---- | M] () -- C:\Windows asks\GinyasBrowserCompanion Chrome Watcher.job [2013/04/10 20:22:47 | 000,000,996 | ---- | M] () -- C:\Windows asks\GinyasBrowserCompanion FireFox Watcher.job [2013/04/10 20:22:02 | 000,456,224 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/04/10 20:21:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/04/10 20:20:56 | 3163,709,440 | -HS- | M] () -- C:\hiberfil.sys [2013/04/10 19:13:00 | 000,000,512 | ---- | M] () -- C:\Windows asks\SUPERAntiSpyware Scheduled Task 8c2cf487-9f52-4f81-be88-7c623dac5100.job [2013/04/09 02:21:01 | 000,082,592 | ---- | M] () -- C:\Users\Franca\Desktop\123_big.gif [2013/04/09 02:00:00 | 000,000,512 | ---- | M] () -- C:\Windows asks\SUPERAntiSpyware Scheduled Task d6033922-2f0e-451b-b48c-56b66d2572ff.job [2013/04/08 17:47:10 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn [2013/04/08 17:46:51 | 000,000,848 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys [2013/04/08 16:39:47 | 007,067,641 | ---- | M] () -- C:\Users\Franca\Desktop\Audio 2 Zucchero Amaro.mp3 [2013/04/08 16:34:31 | 005,814,391 | ---- | M] () -- C:\Users\Franca\Desktop\SPECCHI RIFLESSI ~ Audio2.mp3 [2013/04/07 19:13:29 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2013/04/07 19:00:20 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013/04/07 18:39:32 | 001,541,618 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/04/07 18:39:32 | 000,698,804 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat [2013/04/07 18:39:32 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/04/07 18:39:32 | 000,127,998 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat [2013/04/07 18:39:32 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/04/06 00:33:38 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/04/06 00:33:38 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/04/05 17:26:01 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013/04/05 17:26:00 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll [2013/04/05 17:26:00 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013/04/05 17:26:00 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013/04/05 17:26:00 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013/04/05 17:26:00 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013/04/05 16:36:15 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013/04/05 16:36:15 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013/04/05 16:36:15 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013/04/05 16:36:15 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013/04/05 16:36:15 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013/04/05 16:36:15 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013/04/05 16:36:15 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013/04/05 16:36:15 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013/04/05 16:36:15 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013/04/05 16:36:15 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013/04/05 16:36:15 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/04/05 16:36:15 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013/04/05 16:36:14 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013/04/05 16:36:14 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013/04/05 16:36:14 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013/04/05 16:36:14 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013/04/05 16:36:14 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013/04/05 16:36:14 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013/04/05 16:36:14 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/04/05 16:36:14 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013/04/05 16:36:14 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013/04/05 16:36:14 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013/04/05 16:36:14 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013/04/05 16:36:14 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013/04/05 16:36:14 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013/04/05 16:36:14 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64 dc.ocx [2013/04/05 16:36:14 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013/04/05 16:36:14 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013/04/05 16:36:14 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013/04/05 16:36:14 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013/04/05 16:36:13 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013/04/05 16:36:13 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013/04/05 16:36:13 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013/04/05 16:36:13 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013/04/05 16:36:13 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013/04/05 16:36:13 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013/04/05 16:36:13 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/04/05 16:36:13 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013/04/05 16:36:13 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013/04/05 16:36:13 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013/04/05 16:36:13 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013/04/05 16:36:13 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013/04/05 16:36:13 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013/04/05 16:36:13 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013/04/05 16:36:13 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/04/05 16:36:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013/04/05 16:36:13 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013/04/05 16:36:13 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative dc.ocx [2013/04/05 16:36:13 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013/04/05 16:36:13 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013/04/05 16:36:13 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013/04/05 16:36:13 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013/04/05 16:36:13 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013/04/05 16:36:13 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013/04/05 16:36:13 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013/04/04 00:00:07 | 000,000,336 | ---- | M] () -- C:\Windows asks\HPCeeScheduleForFranca.job [2013/04/02 00:52:13 | 000,060,778 | ---- | M] () -- C:\Users\Franca\306158_1481375530068_6843674_n.jpg [2013/03/19 08:04:06 | 005,550,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013/03/19 07:46:56 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013/03/19 07:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013/03/19 07:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013/03/19 06:47:50 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2013/03/19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2013/03/15 07:53:06 | 026,956,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013/03/15 07:53:06 | 025,256,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013/03/15 07:53:06 | 020,542,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013/03/15 07:53:06 | 017,990,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2013/03/15 07:53:06 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013/03/15 07:53:06 | 015,508,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2013/03/15 07:53:06 | 015,042,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2013/03/15 07:53:06 | 013,088,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2013/03/15 07:53:06 | 009,414,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013/03/15 07:53:06 | 007,959,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013/03/15 07:53:06 | 007,573,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013/03/15 07:53:06 | 006,271,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013/03/15 07:53:06 | 002,913,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013/03/15 07:53:06 | 002,864,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2013/03/15 07:53:06 | 002,728,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013/03/15 07:53:06 | 002,539,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2013/03/15 07:53:06 | 002,355,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013/03/15 07:53:06 | 001,995,552 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013/03/15 07:53:06 | 001,807,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6431422.dll [2013/03/15 07:53:06 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6431422.dll [2013/03/15 07:53:06 | 000,017,738 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2013/03/15 06:16:18 | 003,477,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2013/03/15 06:16:17 | 006,398,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2013/03/15 06:16:10 | 002,555,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2013/03/15 06:16:10 | 000,237,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2013/03/15 06:16:10 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/04/09 02:21:07 | 000,082,592 | ---- | C] () -- C:\Users\Franca\Desktop\123_big.gif [2013/04/08 16:39:32 | 007,067,641 | ---- | C] () -- C:\Users\Franca\Desktop\Audio 2 Zucchero Amaro.mp3 [2013/04/08 16:34:22 | 005,814,391 | ---- | C] () -- C:\Users\Franca\Desktop\SPECCHI RIFLESSI ~ Audio2.mp3 [2013/04/07 19:13:41 | 000,000,512 | ---- | C] () -- C:\Windows asks\SUPERAntiSpyware Scheduled Task 8c2cf487-9f52-4f81-be88-7c623dac5100.job [2013/04/07 19:13:40 | 000,000,512 | ---- | C] () -- C:\Windows asks\SUPERAntiSpyware Scheduled Task d6033922-2f0e-451b-b48c-56b66d2572ff.job [2013/04/07 19:13:29 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2013/04/06 00:28:53 | 000,000,978 | ---- | C] () -- C:\Windows asks\Adobe Flash Player Updater.job [2013/04/05 16:36:14 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013/04/05 16:36:13 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013/04/02 00:52:21 | 000,060,778 | ---- | C] () -- C:\Users\Franca\306158_1481375530068_6843674_n.jpg [2012/12/31 15:35:57 | 000,000,503 | ---- | C] () -- C:\Users\Franca\AppData\Roaming\burnaware.ini [2012/12/30 20:14:24 | 000,843,506 | ---- | C] () -- C:\Users\Franca\cartamodellopigotta.png [2012/11/24 20:33:58 | 000,000,035 | ---- | C] () -- C:\Users\Franca\AppData\Roaming\mbam.context.scan [2012/11/01 14:56:42 | 000,221,299 | ---- | C] () -- C:\Users\Franca\halloween 2012.jpg [2012/09/10 21:11:49 | 1101,908,374 | ---- | C] () -- C:\Users\Franca\Ultima Online Mondain's Legacy.rar [2012/06/29 13:00:48 | 000,217,487 | ---- | C] () -- C:\Users\Franca\Risposta2363044_1_VER2.pdf [2012/06/27 18:13:55 | 000,010,777 | ---- | C] () -- C:\Users\Franca\Registrazione Tiscali Internet senza canone.htm [2012/06/27 11:45:29 | 000,029,511 | ---- | C] () -- C:\Users\Franca\ravvedimentoIMU.pdf [2012/06/12 01:10:31 | 000,007,544 | ---- | C] () -- C:\Users\Franca\AppData\Local\unins000.dat [2012/06/07 22:42:33 | 000,055,136 | ---- | C] () -- C:\Users\Franca\Metin2_it_20111216.exe.torrent [2012/05/10 11:51:46 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/05/10 11:51:46 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/05/10 11:51:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/05/10 11:51:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/05/10 11:51:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/01/21 21:24:52 | 001,073,004 | ---- | C] () -- C:\Users\Franca\io e leo.jpg [2011/04/14 12:46:50 | 000,000,011 | ---- | C] () -- C:\Windows\3DShadow.INI [2011/04/08 20:25:52 | 000,025,048 | -HS- | C] () -- C:\Users\Franca\Folder.jpg [2011/04/08 20:25:52 | 000,007,293 | -HS- | C] () -- C:\Users\Franca\AlbumArtSmall.jpg [2011/03/21 23:12:36 | 000,017,159 | ---- | C] () -- C:\Users\Franca\FW_Installer_OB.rar.torrent [2011/02/28 12:30:28 | 000,001,178 | ---- | C] () -- C:\Users\Franca\AppData\Roaming\wklnhst.dat [2011/02/05 18:25:50 | 000,001,854 | ---- | C] () -- C:\Users\Franca\AppData\Roaming\GhostObjGAFix.xml [2010/11/19 18:27:38 | 166,297,938 | ---- | C] () -- C:\Users\Franca\Microsoft Front Page 2003 + seriale - ITA.rar [2010/10/29 15:42:47 | 007,362,048 | ---- | C] () -- C:\Users\Franca\MM26_IT.msi [2010/09/16 17:20:52 | 000,126,116 | ---- | C] () -- C:\Users\Franca\LD-champagne2.zip [2010/09/08 11:07:40 | 000,159,464 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2010/06/01 14:37:46 | 000,001,235 | ---- | C] () -- C:\Users\Franca\HyperMediaCenter.lnk [2010/05/21 12:57:48 | 000,020,480 | ---- | C] () -- C:\Users\Franca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/05/21 12:49:52 | 001,933,603 | ---- | C] () -- C:\Users\Franca\AppData\Local mpDSCN0057.2 [2010/05/21 12:49:49 | 001,934,341 | ---- | C] () -- C:\Users\Franca\AppData\Local mpDSCN0057.1 [2010/05/21 12:49:47 | 005,416,154 | ---- | C] () -- C:\Users\Franca\AppData\Local mpDSCN0057.0 [2010/05/21 12:49:47 | 001,943,949 | ---- | C] () -- C:\Users\Franca\AppData\Local mpDSCN0057.JPG [2010/05/19 11:54:48 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Commands [2010/05/19 11:54:48 | 000,000,268 | RH-- | C] () -- C:\Users\Franca\AppData\Roaming\ColorTable [2010/05/19 11:54:48 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT [2010/05/19 11:50:11 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Comedy Noises [2010/05/19 11:50:11 | 000,000,268 | RH-- | C] () -- C:\Users\Franca\AppData\Roaming\Cocoa [2010/05/19 11:50:11 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT [2010/05/04 13:50:03 | 000,013,509 | ---- | C] () -- C:\Users\Franca\AppData\Local mpALESSIA 10.2 [2010/05/04 13:49:57 | 000,013,501 | ---- | C] () -- C:\Users\Franca\AppData\Local mpALESSIA 10.1 [2010/05/04 13:49:55 | 000,021,642 | ---- | C] () -- C:\Users\Franca\AppData\Local mpALESSIA 10.0 [2010/05/04 13:49:55 | 000,013,512 | ---- | C] () -- C:\Users\Franca\AppData\Local mpALESSIA 10.JPG [2010/04/17 23:11:00 | 000,000,017 | ---- | C] () -- C:\Users\Franca\AppData\Local\resmon.resmoncfg [2010/03/24 14:24:20 | 000,000,848 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys ========== ZeroAccess Check ========== [2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013/01/11 23:43:26 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Aeria Games & Entertainment [2012/08/11 17:30:10 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Alien Skin [2012/11/24 20:13:27 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\BrowserCompanion [2012/12/15 01:42:05 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\EmoticoonsToolbar [2012/08/04 23:10:37 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\FreeVideoConverter [2013/04/10 16:31:26 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\ICQ [2013/03/13 13:55:55 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\IObit [2010/05/04 16:31:28 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Jasc [2010/06/01 14:37:47 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\KWorld Multimedia [2010/05/19 12:03:43 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Nikon [2012/08/05 16:55:35 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\OpenCandy [2012/08/09 00:12:12 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\PhotoScape [2011/07/10 22:38:30 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Razor [2011/11/28 15:51:40 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\TeamViewer [2011/02/28 12:30:39 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Template [2010/04/28 19:25:05 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Ulead Systems [2010/05/23 19:16:29 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Uniblue [2013/04/06 00:02:49 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\uTorrent [2011/07/20 16:45:32 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Vodafone [2010/12/18 17:56:07 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\WildTangent [2011/03/03 16:37:11 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Windows Live Writer [2010/03/24 09:03:04 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\_MDLogs ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2013/02/26 13:46:58 | 000,000,000 | ---- | M] () -- C:\asc_rdflag [2009/07/14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2012/07/27 17:37:53 | 000,000,196 | ---- | M] () -- C:\ChromeHPLog.txt [2013/04/07 19:07:43 | 000,029,460 | ---- | M] () -- C:\ComboFix.txt [2012/11/24 20:20:14 | 000,000,043 | ---- | M] () -- C:\END [2013/04/10 20:20:56 | 3163,709,440 | -HS- | M] () -- C:\hiberfil.sys [2010/05/21 13:19:53 | 000,000,186 | ---- | M] () -- C:\hpqlb.log [2013/04/10 20:21:01 | 4218,281,984 | -HS- | M] () -- C:\pagefile.sys [2012/06/12 00:15:31 | 000,000,447 | ---- | M] () -- C:\user.js [2 C:\*.tmp files -> C:\*.tmp -> ] < %systemroot%\Fonts\*.com > [2009/07/14 07:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont [2009/07/14 07:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont [2009/07/14 07:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont [2009/07/14 07:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont < %systemroot%\Fonts\*.dll > < %systemroot%\Fonts\*.ini > [2009/06/10 22:49:50 | 000,000,065 | -H-- | M] () -- C:\Windows\Fonts\desktop.ini < %systemroot%\Fonts\*.ini2 > < %systemroot%\Fonts\*.exe > < %systemroot%\system32\spool\prtprocs\w32x86\*.* > < %systemroot%\REPAIR\*.bak1 > < %systemroot%\REPAIR\*.ini > < %systemroot%\system32\*.jpg > < %systemroot%\*.jpg > < %systemroot%\*.png > < %systemroot%\*.scr > [2012/03/08 18:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] < %systemroot%\*._sy > < %APPDATA%\Adobe\Update\*.* > < %ALLUSERSPROFILE%\Favorites\*.* > < %APPDATA%\Microsoft\*.* > [2012/04/27 16:52:35 | 000,001,734 | -HS- | M] () -- C:\Users\Franca\AppData\Roaming\Microsoft\LastFlashConfig.wfc < %PROGRAMFILES%\*.* > [2009/07/14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini < %APPDATA%\Update\*.* > < %systemroot%\*. /mp /s > < %systemroot%\System32\config\*.sav > < %PROGRAMFILES%\bak. /s > < %systemroot%\system32\bak. /s > < %ALLUSERSPROFILE%\Start Menu\*.lnk /x > < %systemroot%\system32\config\systemprofile\*.dat /x > < %systemroot%\*.config > < %systemroot%\system32\*.db > < %PROGRAMFILES%\Internet Explorer\*.dat > < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x > [2011/04/28 22:59:35 | 000,000,221 | -HS- | M] () -- C:\Users\Franca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini < %USERPROFILE%\Desktop\*.exe > [2012/11/11 01:59:34 | 001,109,504 | ---- | M] () -- C:\Users\Franca\Desktop\EUOX217.exe [2013/04/10 23:40:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Franca\Desktop\OTL.exe < %PROGRAMFILES%\Common Files\*.* > < %systemroot%\*.src > < %systemroot%\install\*.* > < %systemroot%\system32\DLL\*.* > < %systemroot%\system32\HelpFiles\*.* > < %systemroot%\system32\rundll\*.* > < %systemroot%\winn32\*.* > < %systemroot%\Java\*.* > < %systemroot%\system32 est\*.* > < %systemroot%\system32\Rundll32\*.* > < %systemroot%\AppPatch\Custom\*.* > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < End of report >

Allego i log richiesti per quanto riguarda superantipyware ho già effettuato la rimozione dei trheats.Grazie log combo fix.txt SUPERAntiSpyware Scan Log - 04-07-2013 - 19-24-51.log mbam-log-2013-04-07 (19-28-13).txt

ho aggiornato Explorer alla versione 10 , ma il problema l avevo anche con 8 flash player è aggiornato e anche java all' ultima versione

Buonasera, ho problemi con internet Explorer , è molto lento e non apre alcuni siti ne video si blocca e aggiorna la pagina molto spesso, problemi che con firefox non ho, allego log hijackthis.Grazie hijackthis.log

Cosa ne pensi di questo nel link? Dovrei collegare monitor, pc, modem, un hardisk esterno e le casse del pc

Ciao a tutti, come da titolo mi servirebbero dei pareri ed eventuali dei consigli su questo gruppo di continuità http://www.fc-electronik.net//foto_ebay/be700.pdf Ho letto che la marca APC è la migliore per quanto riguarda gli ups, però vorrei ulteriori pareri prima di acquistarlo ed eventuali consigli di altri gruppi se questo non va bene. Grazie in anticipo ciao

Buongiorno, all accensione del mio pc questa mattina mi è comparso un avviso di errore di Avira ( ieri ultimo aggiornamento ) e adesso non c'è più l icona di Avira vicino l orologio. Qualcuno sa dirmi cortesemente come posso risolvere il problema e a cosa sia dovuto. Grazie mille. Allego file log hijackthis e log malware hijackthis.log mbam-log-2012-04-20 (11-13-47).txt

Ecco l ultimo log di hijackthis.Resto in attesa a dita incrociate . Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19.12.43, on 10/06/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Panda USB Vaccine\USBVaccine.exe C:\Programmi\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\YoWindow\yowindow.exe C:\Programmi\Avira\AntiVir Desktop\avguard.exe C:\Programmi\Avira\AntiVir Desktop\avshadow.exe C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\wuauclt.exe C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Trend Micro\HijackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ig R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: YoWindow.lnk = C:\Programmi\YoWindow\yowindow.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{90371BFC-260E-4068-8F98-92479EF61294}: NameServer = 85.37.17.17 85.38.28.72 O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 5288 bytes

Allora ho disistallato e reistallato malwarebytes ( lo avevo fatto anche oggi) ma non mi appare la dicitura periodo di prova. stranamente malwarebytes conteneva in quarantena il trojan agent e tutti i report delle scansioni fatte in precedenza. Ti allego il log hijackthis e l altro di hitmanpro. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21.51.49, on 08/06/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Avira\AntiVir Desktop\sched.exe C:\Programmi\Panda USB Vaccine\USBVaccine.exe C:\Programmi\Avira\AntiVir Desktop\avguard.exe C:\Programmi\Avira\AntiVir Desktop\avshadow.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe C:\Programmi\Avira\AntiVir Desktop\avgnt.exe C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\YoWindow\yowindow.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Trend Micro\HijackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [HitmanPro35] "C:\Programmi\Hitman Pro 3.5\HitmanPro35.exe" /scan:boot O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: YoWindow.lnk = C:\Programmi\YoWindow\yowindow.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{90371BFC-260E-4068-8F98-92479EF61294}: NameServer = 85.37.17.17 85.38.28.72 O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 5421 bytes Log Hitmanpro - <Log computer="CECILIA" scan="Normal" version="3.5.8.121" date="2011-06-08T14:45:26" timeSpentInSecs="637" filesProcessed="13706"> - <Item type="Repair" score="0.0" status="Deleted"> <File path="C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt" /> </Item> - <Item type="Repair" score="0.0" status="Deleted"> <File path="C:\Documents and Settings\Administrator\Cookies\administrator@smartadserver[1].txt" /> </Item> - <Item type="Repair" score="0.0" status="Deleted"> <File path="C:\Documents and Settings\Administrator\Cookies\administrator@track.adform[1].txt" /> </Item> - <Item type="Repair" score="0.0" status="Deleted"> <File path="C:\Documents and Settings\Administrator\Cookies\administrator@xiti[1].txt" /> </Item> - <Item type="Suspicious" score="22.0" status="None"> <File path="C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\GoogleUpdates.exe" hash="FA6BEC9267ECA2B4479006889CC394B0D12725E506A28C1A2F22799BBBC937AB" /> - <Startup> <Key path="HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Google Update" /> </Startup> - <References> <Key path="HKU\S-1-5-21-1220945662-706699826-1801674531-500\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\GoogleUpdates.exe" /> </References> </Item> </Log> incrocio le dita e ti rinnovo il mio Grazie.