-
Numero contenuti
47 -
Iscritto
-
Ultima visita
Su Divina
-
Livello
Novizio
Contact Methods
-
ICQ
0
Profile Information
-
Sesso
Femmina
-
chiudo scusate mbam-log-2013-05-16 (14-05-01).txt hijackthis.log
-
-
ok con quest' ultimo file allegato credo di aver fatto tutto quello che mi hai chiesto, aspetto notizie grazie mille. MBR.rar
-
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2013-04-11 00:27:51 ----------------------------- 00:27:51.739 OS Version: Windows x64 6.1.7601 Service Pack 1 00:27:51.739 Number of processors: 4 586 0x2502 00:27:51.739 ComputerName: FRABA-PC UserName: Franca 00:27:53.596 Initialize success 00:28:25.288 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 00:28:25.288 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3 00:28:25.382 Disk 0 MBR read successfully 00:28:25.397 Disk 0 MBR scan 00:28:25.397 Disk 0 unknown MBR code 00:28:25.413 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048 00:28:25.413 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459624 MB offset 409600 00:28:25.444 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17012 MB offset 941719552 00:28:25.460 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128 00:28:25.507 Disk 0 scanning C:\Windows\system32\drivers 00:28:34.477 Service scanning 00:28:50.545 Modules scanning 00:28:50.560 Disk 0 trace - called modules: 00:28:50.576 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys 00:28:50.592 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800586d060] 00:28:50.592 3 CLASSPNP.SYS[fffff880010bb43f] -> nt!IofCallDriver -> [0xfffffa8005704b10] 00:28:50.607 5 hpdskflt.sys[fffff88001dea189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a37050] 00:28:50.623 Scan finished successfully 00:29:00.232 Disk 0 MBR has been saved successfully to "C:\Users\Franca\Desktop\MBR.dat" 00:29:00.232 The log file has been saved successfully to "C:\Users\Franca\Desktop\aswMBR.txt" aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2013-04-11 00:27:51 ----------------------------- 00:27:51.739 OS Version: Windows x64 6.1.7601 Service Pack 1 00:27:51.739 Number of processors: 4 586 0x2502 00:27:51.739 ComputerName: FRABA-PC UserName: Franca 00:27:53.596 Initialize success 00:28:25.288 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 00:28:25.288 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3 00:28:25.382 Disk 0 MBR read successfully 00:28:25.397 Disk 0 MBR scan 00:28:25.397 Disk 0 unknown MBR code 00:28:25.413 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048 00:28:25.413 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459624 MB offset 409600 00:28:25.444 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17012 MB offset 941719552 00:28:25.460 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128 00:28:25.507 Disk 0 scanning C:\Windows\system32\drivers 00:28:34.477 Service scanning 00:28:50.545 Modules scanning 00:28:50.560 Disk 0 trace - called modules: 00:28:50.576 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys 00:28:50.592 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800586d060] 00:28:50.592 3 CLASSPNP.SYS[fffff880010bb43f] -> nt!IofCallDriver -> [0xfffffa8005704b10] 00:28:50.607 5 hpdskflt.sys[fffff88001dea189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a37050] 00:28:50.623 Scan finished successfully 00:29:00.232 Disk 0 MBR has been saved successfully to "C:\Users\Franca\Desktop\MBR.dat" 00:29:00.232 The log file has been saved successfully to "C:\Users\Franca\Desktop\aswMBR.txt" aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2013-04-11 00:27:51 ----------------------------- 00:27:51.739 OS Version: Windows x64 6.1.7601 Service Pack 1 00:27:51.739 Number of processors: 4 586 0x2502 00:27:51.739 ComputerName: FRABA-PC UserName: Franca 00:27:53.596 Initialize success 00:28:25.288 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 00:28:25.288 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3 00:28:25.382 Disk 0 MBR read successfully 00:28:25.397 Disk 0 MBR scan 00:28:25.397 Disk 0 unknown MBR code 00:28:25.413 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048 00:28:25.413 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459624 MB offset 409600 00:28:25.444 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17012 MB offset 941719552 00:28:25.460 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128 00:28:25.507 Disk 0 scanning C:\Windows\system32\drivers 00:28:34.477 Service scanning 00:28:50.545 Modules scanning 00:28:50.560 Disk 0 trace - called modules: 00:28:50.576 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys 00:28:50.592 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800586d060] 00:28:50.592 3 CLASSPNP.SYS[fffff880010bb43f] -> nt!IofCallDriver -> [0xfffffa8005704b10] 00:28:50.607 5 hpdskflt.sys[fffff88001dea189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a37050] 00:28:50.623 Scan finished successfully 00:29:00.232 Disk 0 MBR has been saved successfully to "C:\Users\Franca\Desktop\MBR.dat" 00:29:00.232 The log file has been saved successfully to "C:\Users\Franca\Desktop\aswMBR.txt" aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2013-04-11 00:27:51 ----------------------------- 00:27:51.739 OS Version: Windows x64 6.1.7601 Service Pack 1 00:27:51.739 Number of processors: 4 586 0x2502 00:27:51.739 ComputerName: FRABA-PC UserName: Franca 00:27:53.596 Initialize success 00:28:25.288 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 00:28:25.288 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3 00:28:25.382 Disk 0 MBR read successfully 00:28:25.397 Disk 0 MBR scan 00:28:25.397 Disk 0 unknown MBR code 00:28:25.413 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048 00:28:25.413 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459624 MB offset 409600 00:28:25.444 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17012 MB offset 941719552 00:28:25.460 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128 00:28:25.507 Disk 0 scanning C:\Windows\system32\drivers 00:28:34.477 Service scanning 00:28:50.545 Modules scanning 00:28:50.560 Disk 0 trace - called modules: 00:28:50.576 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys 00:28:50.592 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800586d060] 00:28:50.592 3 CLASSPNP.SYS[fffff880010bb43f] -> nt!IofCallDriver -> [0xfffffa8005704b10] 00:28:50.607 5 hpdskflt.sys[fffff88001dea189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a37050] 00:28:50.623 Scan finished successfully 00:29:00.232 Disk 0 MBR has been saved successfully to "C:\Users\Franca\Desktop\MBR.dat" 00:29:00.232 The log file has been saved successfully to "C:\Users\Franca\Desktop\aswMBR.txt"
-
OTL Extras logfile created on: 10/04/2013 23:43:16 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Franca\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy 3,93 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 50,41% Memory free 7,86 Gb Paging File | 5,20 Gb Available in Paging File | 66,21% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 448,85 Gb Total Space | 352,66 Gb Free Space | 78,57% Space Free | Partition Type: NTFS Drive D: | 16,61 Gb Total Space | 2,71 Gb Free Space | 16,30% Space Free | Partition Type: NTFS Drive E: | 99,02 Mb Total Space | 95,10 Mb Free Space | 96,04% Space Free | Partition Type: FAT32 Computer Name: FRABA-PC | User Name: Franca | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0692267A-F246-4B5F-8395-6931034C5CD1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{0C273546-88B8-4529-A15B-8365EC69FA3D}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{0E1384D9-C932-401C-88E2-C9B023AF3834}" = lport=139 | protocol=6 | dir=in | app=system | "{0F69C157-4078-44A4-9E25-8E603384139B}" = lport=445 | protocol=6 | dir=in | app=system | "{199E6948-F205-45A7-B9CB-11C09A9D5285}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{37336A5B-FC83-4999-BA23-114F27369D23}" = rport=137 | protocol=17 | dir=out | app=system | "{375E808F-70A3-45B5-958A-CFB541CA903F}" = rport=138 | protocol=17 | dir=out | app=system | "{38FF5F99-EB90-415E-8597-8F9AF6726075}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{575A002D-9D1E-45D5-B827-B594C358BC9C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{5B9888AE-2F37-4678-B14A-317A9F92438E}" = lport=137 | protocol=17 | dir=in | app=system | "{613CF8AB-9E99-4A42-8AEE-166E4AC0632D}" = lport=49279 | protocol=6 | dir=in | name=akamai netsession interface | "{88678C8C-4D34-4168-A60A-789AECB0E08C}" = rport=139 | protocol=6 | dir=out | app=system | "{9A5C5436-0879-4CC1-9251-EE7B2EE6CED0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{A465DEC8-47E0-4AD9-8CB8-FC77D2AF7BC4}" = lport=138 | protocol=17 | dir=in | app=system | "{B389F7A5-616C-4A56-9D65-C89A7A9311DF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{C3E6A372-C75F-4A4D-A881-2B1A85D09F45}" = lport=2869 | protocol=6 | dir=in | app=system | "{C4836E19-7F17-46F5-B5E8-ED03CB7B4385}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CD683381-F278-4EDD-AB6F-F5C0FB6D5A99}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{CFFB2297-7AD7-43F2-8BA4-523D5B707B2B}" = rport=445 | protocol=6 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04465AEE-FD54-45D2-8567-24C1F1ACD5E2}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{092E4DBD-C7ED-4DF7-ACD4-3193C8048983}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{0B998B5A-0F84-41BD-BA36-42BE7D897896}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | "{142FBEF9-8562-426A-BBD7-95F1566A69BA}" = protocol=6 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe | "{1603F81F-3535-4C2E-83B0-BDC0729375F6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{2097940C-DEC4-4F74-8824-F32EC11B8E01}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{23EB6552-4009-42FB-9065-FAA08993BDED}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{3137D671-67FD-48FF-A5EA-4D0C46A8ADE3}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartphoto.exe | "{32DFD361-CE48-480E-980B-BDAEE4D6A159}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{355488C6-7078-458F-9A48-83236D10C07D}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{3806C9CC-B91A-40A8-844B-7ED9907FD8B0}" = protocol=17 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe | "{3C70DDDB-E35B-408E-9529-B30FBB40CBC2}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{3F07BD61-501B-4E73-A5DE-BD46D96050F4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | "{43019AAE-1888-4737-8767-445E5D5EBC6E}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version5 eamviewer.exe | "{43AC8B4F-F125-46E5-B6B7-4039660833CE}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{46C61275-F31D-4CF8-8E1A-DD401043FAEB}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{4B600AA2-D3C3-4426-8B01-1A7D682FDBD5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4D6BA36D-554F-4172-81A9-3DE8D1B5B33C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{5B4A2EE9-5E23-4482-8CB6-C21972B4A594}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5C8F6643-911E-45F8-80AD-5683439F7709}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | "{63A28933-BF80-4E31-9A24-4EE976F1FDB5}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | "{786024B3-67C9-49F5-8A7C-82B858990718}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{7E7BC48C-4ECB-4622-A73E-351869BAEE90}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{82E58F3C-AAAC-4CF6-8DBA-63B6A4F3B14E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{85C6E4DC-3DD7-4860-9A81-72D22443D3E9}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{88C61555-F7ED-4444-A09E-547F68916E0E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{8982ACA3-6D28-4856-ACA1-D934BD3AB357}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{8B7A72C4-B3B4-44ED-B22D-B68E0CEBB7B7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{8E312EB8-1BA2-45A2-ABEC-ACEF7FC7B66E}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "{90D9A99F-947F-4F83-B707-2BC01847C0FD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{93307741-EDDA-46CC-A121-EE638E9B1A29}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version5 eamviewer.exe | "{A24FEC84-3AAF-4BFE-8868-86A73769D4D5}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | "{A47A24B6-7AC8-4F7D-9631-B25E53AC3642}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{A8D44F34-FF04-417B-8E22-45CA6BD5E246}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartmusic.exe | "{AADEEEC2-6A2F-4408-A480-684FD869E00B}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{B10690A8-B574-4E02-AB01-EC7ADEFBB644}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{B569D587-2D90-4C43-AB6F-1D37CB530D13}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media smagent.exe | "{BB32D6F8-F38D-4752-8099-38CB6CE910AE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{BDC1C8DA-E2B6-4BD1-8A25-8C558CFB39CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C600BCFB-4EB2-4BF8-8499-4A62A719222B}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{C97F9A23-93DC-4496-B5B6-356BB5635BB3}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartvideo.exe | "{C9A03DA9-AE8B-40BC-9368-58F6A2952E3A}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "{CEDAC8AA-0E14-4A9B-896C-683FAF09E35D}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer_service.exe | "{D19F2EA5-1F2A-4729-983F-300A82347B42}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{DF8782C6-67F3-4084-A62B-FFFF1B43C458}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{E0AF229C-C041-4B6B-AFDC-E8672660F24B}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\kernel\clml\clmlsvc.exe | "{E506CD03-B9CA-4E0D-B27A-F32473AE6C0B}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{E628A6D0-F07B-4D39-9537-476C835893E6}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer.exe | "{E976DCF6-AE30-4DEC-9775-06905094656D}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer_service.exe | "{EF81C018-DE06-4DB3-BD91-3F8CB6333DD8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F422C145-67FF-420E-B9D6-963A1514FF61}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | "{F8D71038-31C5-470C-B5B6-C962820B7F20}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer.exe | "TCP Query User{7441EEC2-6EDD-48C5-92E1-A1E05E9EDA67}C:\program files (x86)\ea games\ultima online mondain's legacy\client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\ultima online mondain's legacy\client.exe | "TCP Query User{D6F385E4-8788-473B-811A-BE5A63270609}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "TCP Query User{E8D18DD5-06D6-4397-A17B-405D3540D476}C:\users\franca\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe | "TCP Query User{F9E34D85-6133-4DD6-A271-EF3D0778834B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "UDP Query User{419AC317-9323-4273-948C-B04157D5E7EC}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "UDP Query User{C5145141-E235-4F57-B5C1-0D328AEEAEF8}C:\users\franca\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe | "UDP Query User{E9ED0506-E373-435A-AC1F-8575E4DD73BC}C:\program files (x86)\ea games\ultima online mondain's legacy\client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\ultima online mondain's legacy\client.exe | "UDP Query User{F383AC72-139A-4072-95F2-FAB8F9CCC87C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01651F94-6956-4F93-8AFE-0A30DB230BDB}" = HP 3D DriveGuard "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{25B473DB-CC8D-384A-ACE7-7CFB119B7E03}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack "{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java 6 Update 22 (64-bit) "{27B3E5AA-5B75-414A-AC37-F5ADDFA68BDB}" = Windows Live Family Safety "{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.573 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java SE Development Kit 6 Update 15 (64-bit) "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Pannello di controllo NVIDIA 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver grafico 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aggiornamenti NVIDIA 1.12.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Driver audio HD 1.3.23.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter "CCleaner" = CCleaner "FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) "SynTPDeinstKey" = Synaptics Pointing Device Driver "WNLT" = IB Updater Service [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0B500125-92A7-40BF-ACF0-45A9221ADE21}_is1" = PowerOffer 2.0 "{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver "{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34A08914-7A33-4040-A959-1577BF5AFF8A}" = Microsoft Works "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7 "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4DAF72C7-78D4-4823-BA66-FE8FE3D5BD0A}" = Installazione Guidata Alice ADSL "{4E432692-A736-4F77-AF77-F9078CF88D31}" = HP Wireless Assistant "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3 "{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2 "{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite "{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger "{70C24EB5-5C57-4E24-B29D-AB425CE1866F}" = Aeria Ignite "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7 "{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update "{7C4196CA-CA41-4F34-9C08-7724E7705D52}" = Jasc Animation Shop 3 "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007 "{90120000-0015-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007 "{90120000-0016-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007 "{90120000-0018-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007 "{90120000-0019-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007 "{90120000-001A-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007 "{90120000-001B-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0410-1000-0000000FF1CE}_ENTERPRISE_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2007 "{90120000-0044-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007 "{90120000-006E-0410-0000-0000000FF1CE}_ENTERPRISE_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007 "{90120000-00A1-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2007 "{90120000-00BA-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Italiano "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154 "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C89F2092-B9E4-46FD-83BB-C6F2D7838CED}" = Windows Live Sync "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}" = Ultima Online: Mondain's Legacy "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX "{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = VideoStudio "{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5 "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Aeria Ignite" = Aeria Ignite "Aeria Ignite 1.11.2111" = Aeria Ignite "Akamai" = Akamai NetSession Interface Service "aTube Catcher" = aTube Catcher "Avira AntiVir Desktop" = Avira Free Antivirus "Cheat Engine 6.2_is1" = Cheat Engine 6.2 "EasyBits Magic Desktop" = Magic Desktop "ENTERPRISE" = Microsoft Office Enterprise 2007 "GinyasBrowserCompanion" = GinyasBrowserCompanion "HyperMediaCenter 3.5_is1" = HyperMediaCenter 3.5 "HyperMediaCenter_is1" = HyperMediaCenter Software "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = Corel VideoStudio 12 "InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.70.0.1100 "Mozilla Firefox 19.0.2 (x86 it)" = Mozilla Firefox 19.0.2 (x86 it) "MozillaMaintenanceService" = Mozilla Maintenance Service "PhotoScape" = PhotoScape "Revo Uninstaller" = Revo Uninstaller 1.94 "Shaiya-IT" = Shaiya-IT "Sqirlz Water Reflections" = Sqirlz Water Reflections "TeamViewer 5" = TeamViewer 5 "TeamViewer 6" = TeamViewer 6 "uTorrent" = µTorrent "uTorrentBar_IT Toolbar" = uTorrentBar_IT Toolbar "WildTangent hp Master Uninstall" = HP Games "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "Windows Media Encoder 9" = Windows Media Encoder 9 Series "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.20 (32-bit) ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Akamai" = Akamai NetSession Interface "NGM Phonesuite" = NGM Phonesuite ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 08/04/2013 05:07:22 | Computer Name = Fraba-PC | Source = VmbService | ID = 0 Description = conflictManagerTypeValue Error - 09/04/2013 04:31:02 | Computer Name = Fraba-PC | Source = VmbService | ID = 0 Description = conflictManagerTypeValue Error - 09/04/2013 04:31:08 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0 Description = Impossibile avviare il servizio. Handle non valido Error - 09/04/2013 05:20:10 | Computer Name = Fraba-PC | Source = SideBySide | ID = 16842815 Description = Generazione del contesto di attivazione non riuscita per "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Errore nel file manifesto o dei criteri "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll", riga 3. Il valore "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" dell'attributo "version" nell'elemento "assemblyIdentity" non è valido. Error - 09/04/2013 15:50:03 | Computer Name = Fraba-PC | Source = Application Error | ID = 1000 Description = Nome dell'applicazione che ha generato l'errore: tbhcn.exe, versione: 1.0.0.5, timestamp: 0x50f25761 Nome del modulo che ha generato l'errore: tbhcn.exe, versione: 1.0.0.5, timestamp: 0x50f25761 Codice eccezione: 0x40000015 Offset errore 0x0007a2fd ID processo che ha generato l'errore: 0x1e64 Ora di avvio dell'applicazione che ha generato l'errore: 0x01ce355b6bafcae7 Percorso dell'applicazione che ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe Percorso del modulo che ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe ID segnalazione: aafcae09-a14e-11e2-9a6e-8ab075bf2cba Error - 10/04/2013 05:58:13 | Computer Name = Fraba-PC | Source = VmbService | ID = 0 Description = conflictManagerTypeValue Error - 10/04/2013 05:58:16 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0 Description = Impossibile avviare il servizio. Handle non valido Error - 10/04/2013 05:58:17 | Computer Name = Fraba-PC | Source = Application Error | ID = 1000 Description = Nome dell'applicazione che ha generato l'errore: tbhcn.exe, versione: 1.0.0.5, timestamp: 0x50f25761 Nome del modulo che ha generato l'errore: tbhcn.exe, versione: 1.0.0.5, timestamp: 0x50f25761 Codice eccezione: 0x40000015 Offset errore 0x0007a2fd ID processo che ha generato l'errore: 0x7d8 Ora di avvio dell'applicazione che ha generato l'errore: 0x01ce35d1e31b0b03 Percorso dell'applicazione che ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe Percorso del modulo che ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe ID segnalazione: 2a0f3334-a1c5-11e2-aa62-d0ef4098ecb1 Error - 10/04/2013 14:22:19 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0 Description = Impossibile avviare il servizio. Handle non valido Error - 10/04/2013 14:22:24 | Computer Name = Fraba-PC | Source = VmbService | ID = 0 Description = conflictManagerTypeValue [ Hewlett-Packard Events ] Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean) Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean) Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean) Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:12 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261 in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) [ Media Center Events ] Error - 20/12/2010 05:31:36 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 10:31:36 - Errore di connessione a Internet. 10:31:36 - Impossibile contattare il server.. Error - 20/12/2010 05:32:14 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 10:32:05 - Errore di connessione a Internet. 10:32:05 - Impossibile contattare il server.. Error - 20/12/2010 06:32:45 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 11:32:45 - Errore di connessione a Internet. 11:32:45 - Impossibile contattare il server.. Error - 20/12/2010 06:33:15 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 11:33:14 - Errore di connessione a Internet. 11:33:14 - Impossibile contattare il server.. Error - 20/12/2010 07:33:47 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 12:33:47 - Errore di connessione a Internet. 12:33:47 - Impossibile contattare il server.. Error - 20/12/2010 07:34:16 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 12:34:16 - Errore di connessione a Internet. 12:34:16 - Impossibile contattare il server.. Error - 22/12/2010 15:07:38 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 20:07:38 - Errore di connessione a Internet. 20:07:38 - Impossibile contattare il server.. Error - 22/12/2010 15:08:11 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 20:08:07 - Errore di connessione a Internet. 20:08:07 - Impossibile contattare il server.. Error - 05/01/2011 08:41:35 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 13:41:31 - Errore di connessione a Internet. 13:41:31 - Impossibile contattare il server.. Error - 10/01/2011 02:58:41 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 07:58:38 - Errore di connessione a Internet. 07:58:38 - Impossibile contattare il server.. [ System Events ] Error - 01/04/2013 01:42:50 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Pos Service bloccato in partenza. Error - 01/04/2013 01:42:50 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Serv Updater bloccato in partenza. Error - 05/04/2013 14:14:42 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Pos Service bloccato in partenza. Error - 05/04/2013 18:23:11 | Computer Name = Fraba-PC | Source = DCOM | ID = 10010 Description = Error - 07/04/2013 12:48:29 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7031 Description = Il servizio Akamai NetSession Interface è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 1000 millisecondi: Riavvia il servizio. Error - 07/04/2013 12:48:29 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7034 Description = Arresto imprevista del servizio Easybits Shared Services for Windows. Questo evento si è già verificato 1 volta(e). Error - 07/04/2013 12:56:45 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7030 Description = Il servizio PEVSystemStart è contrassegnato come interattivo. Il sistema non è configurato per consentire servizi interattivi. Questo servizio potrà non funzionare correttamente. Error - 07/04/2013 12:59:42 | Computer Name = Fraba-PC | Source = Application Popup | ID = 1060 Description = Caricamento del driver \??\C:\ComboFix\catchme.sys bloccato a causa di incompatibilità con il sistema in uso. Rivolgersi al fornitore del software per richiedere una versione compatibile del driver. Error - 07/04/2013 12:59:43 | Computer Name = Fraba-PC | Source = Application Popup | ID = 1060 Description = Caricamento del driver \??\C:\ComboFix\catchme.sys bloccato a causa di incompatibilità con il sistema in uso. Rivolgersi al fornitore del software per richiedere una versione compatibile del driver. Error - 07/04/2013 13:00:23 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7030 Description = Il servizio PEVSystemStart è contrassegnato come interattivo. Il sistema non è configurato per consentire servizi interattivi. Questo servizio potrà non funzionare correttamente. < End of report >OTL Extras logfile created on: 10/04/2013 23:43:16 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Franca\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy 3,93 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 50,41% Memory free 7,86 Gb Paging File | 5,20 Gb Available in Paging File | 66,21% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 448,85 Gb Total Space | 352,66 Gb Free Space | 78,57% Space Free | Partition Type: NTFS Drive D: | 16,61 Gb Total Space | 2,71 Gb Free Space | 16,30% Space Free | Partition Type: NTFS Drive E: | 99,02 Mb Total Space | 95,10 Mb Free Space | 96,04% Space Free | Partition Type: FAT32 Computer Name: FRABA-PC | User Name: Franca | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0692267A-F246-4B5F-8395-6931034C5CD1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{0C273546-88B8-4529-A15B-8365EC69FA3D}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | "{0E1384D9-C932-401C-88E2-C9B023AF3834}" = lport=139 | protocol=6 | dir=in | app=system | "{0F69C157-4078-44A4-9E25-8E603384139B}" = lport=445 | protocol=6 | dir=in | app=system | "{199E6948-F205-45A7-B9CB-11C09A9D5285}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{37336A5B-FC83-4999-BA23-114F27369D23}" = rport=137 | protocol=17 | dir=out | app=system | "{375E808F-70A3-45B5-958A-CFB541CA903F}" = rport=138 | protocol=17 | dir=out | app=system | "{38FF5F99-EB90-415E-8597-8F9AF6726075}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{575A002D-9D1E-45D5-B827-B594C358BC9C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{5B9888AE-2F37-4678-B14A-317A9F92438E}" = lport=137 | protocol=17 | dir=in | app=system | "{613CF8AB-9E99-4A42-8AEE-166E4AC0632D}" = lport=49279 | protocol=6 | dir=in | name=akamai netsession interface | "{88678C8C-4D34-4168-A60A-789AECB0E08C}" = rport=139 | protocol=6 | dir=out | app=system | "{9A5C5436-0879-4CC1-9251-EE7B2EE6CED0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{A465DEC8-47E0-4AD9-8CB8-FC77D2AF7BC4}" = lport=138 | protocol=17 | dir=in | app=system | "{B389F7A5-616C-4A56-9D65-C89A7A9311DF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{C3E6A372-C75F-4A4D-A881-2B1A85D09F45}" = lport=2869 | protocol=6 | dir=in | app=system | "{C4836E19-7F17-46F5-B5E8-ED03CB7B4385}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CD683381-F278-4EDD-AB6F-F5C0FB6D5A99}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{CFFB2297-7AD7-43F2-8BA4-523D5B707B2B}" = rport=445 | protocol=6 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04465AEE-FD54-45D2-8567-24C1F1ACD5E2}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{092E4DBD-C7ED-4DF7-ACD4-3193C8048983}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{0B998B5A-0F84-41BD-BA36-42BE7D897896}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | "{142FBEF9-8562-426A-BBD7-95F1566A69BA}" = protocol=6 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe | "{1603F81F-3535-4C2E-83B0-BDC0729375F6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{2097940C-DEC4-4F74-8824-F32EC11B8E01}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{23EB6552-4009-42FB-9065-FAA08993BDED}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{3137D671-67FD-48FF-A5EA-4D0C46A8ADE3}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartphoto.exe | "{32DFD361-CE48-480E-980B-BDAEE4D6A159}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{355488C6-7078-458F-9A48-83236D10C07D}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{3806C9CC-B91A-40A8-844B-7ED9907FD8B0}" = protocol=17 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe | "{3C70DDDB-E35B-408E-9529-B30FBB40CBC2}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{3F07BD61-501B-4E73-A5DE-BD46D96050F4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | "{43019AAE-1888-4737-8767-445E5D5EBC6E}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version5 eamviewer.exe | "{43AC8B4F-F125-46E5-B6B7-4039660833CE}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{46C61275-F31D-4CF8-8E1A-DD401043FAEB}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{4B600AA2-D3C3-4426-8B01-1A7D682FDBD5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4D6BA36D-554F-4172-81A9-3DE8D1B5B33C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{5B4A2EE9-5E23-4482-8CB6-C21972B4A594}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5C8F6643-911E-45F8-80AD-5683439F7709}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | "{63A28933-BF80-4E31-9A24-4EE976F1FDB5}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | "{786024B3-67C9-49F5-8A7C-82B858990718}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{7E7BC48C-4ECB-4622-A73E-351869BAEE90}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{82E58F3C-AAAC-4CF6-8DBA-63B6A4F3B14E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{85C6E4DC-3DD7-4860-9A81-72D22443D3E9}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{88C61555-F7ED-4444-A09E-547F68916E0E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{8982ACA3-6D28-4856-ACA1-D934BD3AB357}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{8B7A72C4-B3B4-44ED-B22D-B68E0CEBB7B7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{8E312EB8-1BA2-45A2-ABEC-ACEF7FC7B66E}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "{90D9A99F-947F-4F83-B707-2BC01847C0FD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{93307741-EDDA-46CC-A121-EE638E9B1A29}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version5 eamviewer.exe | "{A24FEC84-3AAF-4BFE-8868-86A73769D4D5}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | "{A47A24B6-7AC8-4F7D-9631-B25E53AC3642}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{A8D44F34-FF04-417B-8E22-45CA6BD5E246}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartmusic.exe | "{AADEEEC2-6A2F-4408-A480-684FD869E00B}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{B10690A8-B574-4E02-AB01-EC7ADEFBB644}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{B569D587-2D90-4C43-AB6F-1D37CB530D13}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media smagent.exe | "{BB32D6F8-F38D-4752-8099-38CB6CE910AE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{BDC1C8DA-E2B6-4BD1-8A25-8C558CFB39CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C600BCFB-4EB2-4BF8-8499-4A62A719222B}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{C97F9A23-93DC-4496-B5B6-356BB5635BB3}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartvideo.exe | "{C9A03DA9-AE8B-40BC-9368-58F6A2952E3A}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "{CEDAC8AA-0E14-4A9B-896C-683FAF09E35D}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer_service.exe | "{D19F2EA5-1F2A-4729-983F-300A82347B42}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{DF8782C6-67F3-4084-A62B-FFFF1B43C458}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe | "{E0AF229C-C041-4B6B-AFDC-E8672660F24B}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\kernel\clml\clmlsvc.exe | "{E506CD03-B9CA-4E0D-B27A-F32473AE6C0B}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{E628A6D0-F07B-4D39-9537-476C835893E6}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer.exe | "{E976DCF6-AE30-4DEC-9775-06905094656D}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer_service.exe | "{EF81C018-DE06-4DB3-BD91-3F8CB6333DD8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F422C145-67FF-420E-B9D6-963A1514FF61}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe | "{F8D71038-31C5-470C-B5B6-C962820B7F20}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer.exe | "TCP Query User{7441EEC2-6EDD-48C5-92E1-A1E05E9EDA67}C:\program files (x86)\ea games\ultima online mondain's legacy\client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\ultima online mondain's legacy\client.exe | "TCP Query User{D6F385E4-8788-473B-811A-BE5A63270609}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "TCP Query User{E8D18DD5-06D6-4397-A17B-405D3540D476}C:\users\franca\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe | "TCP Query User{F9E34D85-6133-4DD6-A271-EF3D0778834B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "UDP Query User{419AC317-9323-4273-948C-B04157D5E7EC}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin | "UDP Query User{C5145141-E235-4F57-B5C1-0D328AEEAEF8}C:\users\franca\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe | "UDP Query User{E9ED0506-E373-435A-AC1F-8575E4DD73BC}C:\program files (x86)\ea games\ultima online mondain's legacy\client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\ultima online mondain's legacy\client.exe | "UDP Query User{F383AC72-139A-4072-95F2-FAB8F9CCC87C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01651F94-6956-4F93-8AFE-0A30DB230BDB}" = HP 3D DriveGuard "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{25B473DB-CC8D-384A-ACE7-7CFB119B7E03}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack "{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java 6 Update 22 (64-bit) "{27B3E5AA-5B75-414A-AC37-F5ADDFA68BDB}" = Windows Live Family Safety "{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.573 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java SE Development Kit 6 Update 15 (64-bit) "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Pannello di controllo NVIDIA 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver grafico 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aggiornamenti NVIDIA 1.12.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Driver audio HD 1.3.23.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter "CCleaner" = CCleaner "FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) "SynTPDeinstKey" = Synaptics Pointing Device Driver "WNLT" = IB Updater Service [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0B500125-92A7-40BF-ACF0-45A9221ADE21}_is1" = PowerOffer 2.0 "{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver "{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34A08914-7A33-4040-A959-1577BF5AFF8A}" = Microsoft Works "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7 "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4DAF72C7-78D4-4823-BA66-FE8FE3D5BD0A}" = Installazione Guidata Alice ADSL "{4E432692-A736-4F77-AF77-F9078CF88D31}" = HP Wireless Assistant "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3 "{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2 "{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite "{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger "{70C24EB5-5C57-4E24-B29D-AB425CE1866F}" = Aeria Ignite "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7 "{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update "{7C4196CA-CA41-4F34-9C08-7724E7705D52}" = Jasc Animation Shop 3 "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007 "{90120000-0015-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007 "{90120000-0016-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007 "{90120000-0018-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007 "{90120000-0019-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007 "{90120000-001A-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007 "{90120000-001B-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0410-1000-0000000FF1CE}_ENTERPRISE_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2007 "{90120000-0044-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007 "{90120000-006E-0410-0000-0000000FF1CE}_ENTERPRISE_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007 "{90120000-00A1-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2007 "{90120000-00BA-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Italiano "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154 "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C89F2092-B9E4-46FD-83BB-C6F2D7838CED}" = Windows Live Sync "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}" = Ultima Online: Mondain's Legacy "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX "{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = VideoStudio "{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5 "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Aeria Ignite" = Aeria Ignite "Aeria Ignite 1.11.2111" = Aeria Ignite "Akamai" = Akamai NetSession Interface Service "aTube Catcher" = aTube Catcher "Avira AntiVir Desktop" = Avira Free Antivirus "Cheat Engine 6.2_is1" = Cheat Engine 6.2 "EasyBits Magic Desktop" = Magic Desktop "ENTERPRISE" = Microsoft Office Enterprise 2007 "GinyasBrowserCompanion" = GinyasBrowserCompanion "HyperMediaCenter 3.5_is1" = HyperMediaCenter 3.5 "HyperMediaCenter_is1" = HyperMediaCenter Software "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV "InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = Corel VideoStudio 12 "InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.70.0.1100 "Mozilla Firefox 19.0.2 (x86 it)" = Mozilla Firefox 19.0.2 (x86 it) "MozillaMaintenanceService" = Mozilla Maintenance Service "PhotoScape" = PhotoScape "Revo Uninstaller" = Revo Uninstaller 1.94 "Shaiya-IT" = Shaiya-IT "Sqirlz Water Reflections" = Sqirlz Water Reflections "TeamViewer 5" = TeamViewer 5 "TeamViewer 6" = TeamViewer 6 "uTorrent" = µTorrent "uTorrentBar_IT Toolbar" = uTorrentBar_IT Toolbar "WildTangent hp Master Uninstall" = HP Games "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "Windows Media Encoder 9" = Windows Media Encoder 9 Series "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.20 (32-bit) ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Akamai" = Akamai NetSession Interface "NGM Phonesuite" = NGM Phonesuite ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 08/04/2013 05:07:22 | Computer Name = Fraba-PC | Source = VmbService | ID = 0 Description = conflictManagerTypeValue Error - 09/04/2013 04:31:02 | Computer Name = Fraba-PC | Source = VmbService | ID = 0 Description = conflictManagerTypeValue Error - 09/04/2013 04:31:08 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0 Description = Impossibile avviare il servizio. Handle non valido Error - 09/04/2013 05:20:10 | Computer Name = Fraba-PC | Source = SideBySide | ID = 16842815 Description = Generazione del contesto di attivazione non riuscita per "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Errore nel file manifesto o dei criteri "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll", riga 3. Il valore "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" dell'attributo "version" nell'elemento "assemblyIdentity" non è valido. Error - 09/04/2013 15:50:03 | Computer Name = Fraba-PC | Source = Application Error | ID = 1000 Description = Nome dell'applicazione che ha generato l'errore: tbhcn.exe, versione: 1.0.0.5, timestamp: 0x50f25761 Nome del modulo che ha generato l'errore: tbhcn.exe, versione: 1.0.0.5, timestamp: 0x50f25761 Codice eccezione: 0x40000015 Offset errore 0x0007a2fd ID processo che ha generato l'errore: 0x1e64 Ora di avvio dell'applicazione che ha generato l'errore: 0x01ce355b6bafcae7 Percorso dell'applicazione che ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe Percorso del modulo che ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe ID segnalazione: aafcae09-a14e-11e2-9a6e-8ab075bf2cba Error - 10/04/2013 05:58:13 | Computer Name = Fraba-PC | Source = VmbService | ID = 0 Description = conflictManagerTypeValue Error - 10/04/2013 05:58:16 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0 Description = Impossibile avviare il servizio. Handle non valido Error - 10/04/2013 05:58:17 | Computer Name = Fraba-PC | Source = Application Error | ID = 1000 Description = Nome dell'applicazione che ha generato l'errore: tbhcn.exe, versione: 1.0.0.5, timestamp: 0x50f25761 Nome del modulo che ha generato l'errore: tbhcn.exe, versione: 1.0.0.5, timestamp: 0x50f25761 Codice eccezione: 0x40000015 Offset errore 0x0007a2fd ID processo che ha generato l'errore: 0x7d8 Ora di avvio dell'applicazione che ha generato l'errore: 0x01ce35d1e31b0b03 Percorso dell'applicazione che ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe Percorso del modulo che ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe ID segnalazione: 2a0f3334-a1c5-11e2-aa62-d0ef4098ecb1 Error - 10/04/2013 14:22:19 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0 Description = Impossibile avviare il servizio. Handle non valido Error - 10/04/2013 14:22:24 | Computer Name = Fraba-PC | Source = VmbService | ID = 0 Description = conflictManagerTypeValue [ Hewlett-Packard Events ] Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean) Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean) Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean) Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:12 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261 in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT RAM: 4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean) [ Media Center Events ] Error - 20/12/2010 05:31:36 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 10:31:36 - Errore di connessione a Internet. 10:31:36 - Impossibile contattare il server.. Error - 20/12/2010 05:32:14 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 10:32:05 - Errore di connessione a Internet. 10:32:05 - Impossibile contattare il server.. Error - 20/12/2010 06:32:45 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 11:32:45 - Errore di connessione a Internet. 11:32:45 - Impossibile contattare il server.. Error - 20/12/2010 06:33:15 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 11:33:14 - Errore di connessione a Internet. 11:33:14 - Impossibile contattare il server.. Error - 20/12/2010 07:33:47 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 12:33:47 - Errore di connessione a Internet. 12:33:47 - Impossibile contattare il server.. Error - 20/12/2010 07:34:16 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 12:34:16 - Errore di connessione a Internet. 12:34:16 - Impossibile contattare il server.. Error - 22/12/2010 15:07:38 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 20:07:38 - Errore di connessione a Internet. 20:07:38 - Impossibile contattare il server.. Error - 22/12/2010 15:08:11 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 20:08:07 - Errore di connessione a Internet. 20:08:07 - Impossibile contattare il server.. Error - 05/01/2011 08:41:35 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 13:41:31 - Errore di connessione a Internet. 13:41:31 - Impossibile contattare il server.. Error - 10/01/2011 02:58:41 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0 Description = 07:58:38 - Errore di connessione a Internet. 07:58:38 - Impossibile contattare il server.. [ System Events ] Error - 01/04/2013 01:42:50 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Pos Service bloccato in partenza. Error - 01/04/2013 01:42:50 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Serv Updater bloccato in partenza. Error - 05/04/2013 14:14:42 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Pos Service bloccato in partenza. Error - 05/04/2013 18:23:11 | Computer Name = Fraba-PC | Source = DCOM | ID = 10010 Description = Error - 07/04/2013 12:48:29 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7031 Description = Il servizio Akamai NetSession Interface è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 1000 millisecondi: Riavvia il servizio. Error - 07/04/2013 12:48:29 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7034 Description = Arresto imprevista del servizio Easybits Shared Services for Windows. Questo evento si è già verificato 1 volta(e). Error - 07/04/2013 12:56:45 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7030 Description = Il servizio PEVSystemStart è contrassegnato come interattivo. Il sistema non è configurato per consentire servizi interattivi. Questo servizio potrà non funzionare correttamente. Error - 07/04/2013 12:59:42 | Computer Name = Fraba-PC | Source = Application Popup | ID = 1060 Description = Caricamento del driver \??\C:\ComboFix\catchme.sys bloccato a causa di incompatibilità con il sistema in uso. Rivolgersi al fornitore del software per richiedere una versione compatibile del driver. Error - 07/04/2013 12:59:43 | Computer Name = Fraba-PC | Source = Application Popup | ID = 1060 Description = Caricamento del driver \??\C:\ComboFix\catchme.sys bloccato a causa di incompatibilità con il sistema in uso. Rivolgersi al fornitore del software per richiedere una versione compatibile del driver. Error - 07/04/2013 13:00:23 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7030 Description = Il servizio PEVSystemStart è contrassegnato come interattivo. Il sistema non è configurato per consentire servizi interattivi. Questo servizio potrà non funzionare correttamente. < End of report >
-
OTL logfile created on: 10/04/2013 23:43:16 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Franca\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy 3,93 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 50,41% Memory free 7,86 Gb Paging File | 5,20 Gb Available in Paging File | 66,21% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 448,85 Gb Total Space | 352,66 Gb Free Space | 78,57% Space Free | Partition Type: NTFS Drive D: | 16,61 Gb Total Space | 2,71 Gb Free Space | 16,30% Space Free | Partition Type: NTFS Drive E: | 99,02 Mb Total Space | 95,10 Mb Free Space | 96,04% Space Free | Partition Type: FAT32 Computer Name: FRABA-PC | User Name: Franca | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/04/10 23:40:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Franca\Desktop\OTL.exe PRC - [2013/03/15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2013/01/29 15:28:32 | 000,188,760 | ---- | M] () -- C:\Programmi\Web Assistant\ExtensionUpdaterService.exe PRC - [2013/01/26 08:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Franca\AppData\Local\Akamai\netsession_win.exe PRC - [2012/12/18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/08/13 21:05:23 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012/08/13 21:05:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012/08/13 21:05:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011/12/16 18:44:50 | 000,762,368 | ---- | M] (PService) -- C:\Users\Public\Documents\AppData\PoApp\PService.exe PRC - [2011/11/03 20:25:08 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2010/09/08 16:44:16 | 000,008,704 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe PRC - [2010/08/25 12:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac PRC - [2010/05/21 13:27:04 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009/10/06 23:56:44 | 000,415,016 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe PRC - [2009/10/06 00:08:42 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe PRC - [2008/04/14 15:35:46 | 001,519,616 | ---- | M] () -- C:\Program Files (x86)\DIKOM Multimedia\HyperMediaCenter\DTVR\Scheduled.exe PRC - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe ========== Modules (No Company Name) ========== MOD - [2013/01/29 15:28:32 | 000,170,840 | ---- | M] () -- C:\Programmi\Web Assistant\Extension32.dll MOD - [2012/12/12 07:32:26 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MOD - [2012/10/05 12:53:24 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2012/10/05 12:53:24 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll MOD - [2012/08/31 12:59:19 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll MOD - [2010/11/13 01:50:53 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll MOD - [2010/11/05 03:58:14 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2010/11/05 03:58:10 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2010/11/05 03:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2010/11/05 03:58:04 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2010/11/05 03:57:46 | 000,610,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll MOD - [2009/10/06 23:57:02 | 000,279,976 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll MOD - [2009/10/06 23:57:02 | 000,120,232 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll MOD - [2009/10/06 23:57:00 | 000,464,168 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll MOD - [2009/10/06 00:08:38 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll MOD - [2009/06/10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll MOD - [2008/04/14 15:35:46 | 001,519,616 | ---- | M] () -- C:\Program Files (x86)\DIKOM Multimedia\HyperMediaCenter\DTVR\Scheduled.exe MOD - [2003/09/10 04:42:28 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\DIKOM Multimedia\HyperMediaCenter\DTVR\kwspnd.dll ========== Services (SafeList) ========== SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv) SRV:64bit: - [2010/03/23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe -- (STacSV) SRV:64bit: - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters) SRV - [2013/04/06 00:28:51 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/03/25 16:23:44 | 004,561,152 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll -- (Akamai) SRV - [2013/03/15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013/03/09 19:37:46 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/03/01 12:11:32 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/01/29 15:28:32 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Programmi\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater) SRV - [2012/12/18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/08/13 21:05:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012/08/13 21:05:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012/07/11 20:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programmi\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE) SRV - [2012/04/23 15:43:10 | 000,161,280 | ---- | M] (SoftwareUpdService) [Auto | Stopped] -- C:\Users\Franca\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe -- (SoftwareUpd) SRV - [2012/04/03 19:59:46 | 000,169,472 | ---- | M] (PowerOfferService) [Auto | Stopped] -- C:\Users\Franca\AppData\Local\PosService\Pos.exe -- (PowerOffer Service) SRV - [2011/12/16 18:44:48 | 000,156,160 | ---- | M] (ServiceUpd) [Auto | Stopped] -- C:\Users\Franca\AppData\Local\ServUpdater\ServiceUpd.exe -- (ServUpdater) SRV - [2011/11/03 20:25:08 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2011/03/28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programmi\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010/09/08 16:44:16 | 000,008,704 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService) SRV - [2010/05/21 13:27:04 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5) SRV - [2010/03/23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe -- (STacSV) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/06 02:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters) SRV - [2009/02/22 13:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc) SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/12/19 07:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/08/23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012/08/13 21:05:23 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012/08/13 21:05:23 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012/05/02 15:24:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/10/14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2011/08/08 20:13:12 | 000,198,480 | ---- | M] (SysProgs.org) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BazisVirtualCDBus.sys -- (BazisVirtualCDBus) DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt) DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer) DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010/09/01 14:33:12 | 000,088,064 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cdc_ecm.sys -- (vodafone_K3805-z_cdc_ecm) DRV:64bit: - [2010/09/01 14:33:12 | 000,078,336 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cdc_acm.sys -- (vodafone_K3805-z_cdc_acm) DRV:64bit: - [2010/09/01 14:33:12 | 000,075,776 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum) DRV:64bit: - [2010/09/01 14:33:12 | 000,013,824 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cpo.sys -- (vodafone_K3805-z_cpo) DRV:64bit: - [2010/03/23 14:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2010/01/05 02:29:01 | 002,838,008 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009/10/03 05:58:12 | 000,258,560 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009/08/08 06:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/07/21 05:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/29 20:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir) DRV:64bit: - [2009/06/10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009/06/10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009/06/10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/06/10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009/06/10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/04/29 09:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2011/07/22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programmi\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV - [2011/07/12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programmi\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {A38A93E6-3884-4CEA-8070-78B0654536AE} IE:64bit: - HKLM\..\SearchScopes\{A38A93E6-3884-4CEA-8070-78B0654536AE}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTo0.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = {A38A93E6-3884-4CEA-8070-78B0654536AE} IE - HKLM\..\SearchScopes\{A38A93E6-3884-4CEA-8070-78B0654536AE}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.igoogle.it/ IE - HKCU\..\SearchScopes,DefaultScope = {9E78F5CC-9671-4F76-9E03-863D0EC2C0B1} IE - HKCU\..\SearchScopes\{9E78F5CC-9671-4F76-9E03-863D0EC2C0B1}: "URL" = http://www.google.com/search?hl=en&q={searchTerms} IE - HKCU\..\SearchScopes\{A2BE91B7-047F-49E9-AC3F-77311F907DE4}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=it_IT&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^IT&apn_uid=7E3DBA4C-FB6D-4856-8B09-3CC096E92B8F&apn_sauid=CDACA0AF-0A8D-4FC1-8FE8-EFB932C8173C IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716 IE - HKCU\..\SearchScopes\{CC89926C-B516-4F89-A64F-847B3C15FC99}: "URL" = http://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=198484" FF - prefs.js..browser.search.selectedEngine: "Ask.com" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.igoogle.it" FF - prefs.js..extensions.enabledAddons: ffxtlbr%40incredibar.com:1.5.0 FF - prefs.js..extensions.enabledAddons: %7BFE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052%7D:2.0.0.573 FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.3 FF - prefs.js..extensions.enabledAddons: %7B3e0c7f3a-3f50-4730-beb5-4a9a10e2831c%7D:8.0 FF - prefs.js..extensions.enabledAddons: bbrs_002%40blabbers.com:1.0.5 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2013/03/01 17:48:08 | 000,000,000 | ---D | M] 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2013/03/01 17:48:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2013/03/01 17:48:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\Web Assistant\Firefox [2013/03/01 17:48:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/09 19:37:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/09 19:37:46 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/04/01 22:45:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\Extensions [2013/04/08 22:27:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions [2013/03/30 00:48:22 | 000,000,000 | ---D | M] (Browser Backgrounds) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\{3e0c7f3a-3f50-4730-beb5-4a9a10e2831c} [2012/09/25 12:01:01 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012/06/18 21:00:33 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} [2012/11/24 20:20:13 | 000,000,000 | ---D | M] (Ginyas Browser Companion) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com [2012/06/12 00:15:30 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\ffxtlbr@incredibar.com [2013/04/08 22:27:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\staged [2012/06/01 13:58:48 | 000,002,933 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\clocktab@vik.josh.xpi [2013/02/17 19:42:23 | 000,015,751 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\restartless.restart@erikvold.com.xpi [2013/03/30 00:48:19 | 000,117,153 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2013/01/11 22:31:21 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\00fa8af3e1afacabf63912c667597b88_expire [2013/04/04 19:24:43 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire [2013/02/02 21:53:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0bb66476c57d47d5a6fb7e7674377c0d_expire [2013/04/06 00:06:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\1048fa0383ec8c1a4365d4bd4fed1de5_expire [2013/03/30 13:56:42 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\13d5beed7af8587c97041140898f20fb_expire [2013/03/09 19:18:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\1d8715bd00dbafbff504a0b9666c85e1_expire [2013/02/02 22:58:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\21fdaa9a4d00888fb89ab4150c475afe_expire [2013/03/30 00:38:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2328e1768b820b18ab2f301c9ff88e2c_expire [2013/03/30 00:37:59 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658_expire [2012/09/25 11:55:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\29707677b08fb26b2f65143134a1da51_expire [2012/09/25 11:55:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\35c5ead7c694459d2b46d88482247348_expire [2013/04/08 22:23:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4bb79f13c77b1255dc49f0d657dfac7d_expire [2013/02/02 22:58:18 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4be754d05a1a132121d9fdfa869a2fe3_expire [2013/04/08 22:23:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26be41f_expire [2013/04/08 22:23:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4f58276013e8b7af7d3fbf813163d5c3_expire [2013/04/08 22:23:27 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\530e52021dc20843b1aa62957edeb9f8_expire [2013/01/11 22:52:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\57946d7296214a969f57f809acbbb2c9_expire [2013/03/30 00:38:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5c07ce6ac7fa7b9ff2f3fd7a4d77eef8_expire [2013/02/02 21:53:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5ccbc7d24e3f98d4fb183f06f125b58b_expire [2013/04/08 22:23:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5cdf8a7ef2ec84abac286c67587b78d9_expire [2013/03/30 00:38:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\6fdfbada841d5c35ed7e4cc440ebc0f7_expire [2013/01/07 13:03:16 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\719f6985083c6f0c2a8fef7aa1f75d63_expire [2013/03/30 13:56:43 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\72891ec935a3d247f2da6562ef29a005_expire [2013/03/30 00:38:00 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\79fb7d8c9c120c501ff74f2666f1ed76_expire [2013/01/11 22:31:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9238b45def093d2a9a5c06fb11a3c4e3_expire [2012/09/25 11:55:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9927ebf7c3c498c96c52b76f3a964e84_expire [2013/01/11 22:31:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\99a397b5eee6f1b4c020f519b74db96d_expire [2013/02/17 19:40:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9ef5e4c08312c8e6d81dfd42b7176e39_expire [2012/09/25 11:55:01 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a3305b130a0ed11cd68c58b262aa95b3_expire [2013/03/30 13:56:42 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0_expire [2013/01/11 22:31:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\adf275b6644b3fcac86a14ffe551dede_expire [2012/09/25 11:55:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\be618ea2f4f463a305fc75d122f2d990_expire [2013/02/17 19:40:23 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\c5538e5049ca9b04ad62d9a930947369_expire [2013/02/02 21:53:23 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ca7645042096dd3cfadc42109c394f16_expire [2013/03/09 19:18:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ceec6e4f46abde15a7f2536a318f4cfd_expire [2013/04/08 22:23:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e440d29f88739418e905adc0a155a174_expire [2013/04/08 22:23:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e5261abf2e11d65922ee31bdca03dca7_expire [2013/04/06 00:06:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e7d8325da90d91d3c4e7720f0e629e17_expire [2013/04/08 22:23:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e4264271_expire [2012/09/25 11:55:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ece71b71690fad200cbed95871ef4bb2_expire [2013/03/30 00:38:00 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ee1ab4cb8e86769e288abaa46407a623_expire [2013/04/06 00:06:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f03527c67e08602d2e4c18ae7867300d_expire [2013/04/08 22:23:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f2bead22a65ec461e339f02da757d445_expire [2013/04/08 22:23:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire [2013/04/08 22:23:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire [2013/04/05 20:15:11 | 000,002,308 | ---- | M] () -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\searchplugins\askcom.xml [2013/03/30 00:41:51 | 000,000,950 | ---- | M] () -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\searchplugins\icqplugin.xml [2012/06/12 00:15:17 | 000,002,203 | ---- | M] () -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\searchplugins\MyStart Search.xml [2013/03/09 19:37:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013/03/09 19:37:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013/03/09 19:37:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013/03/09 19:37:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013/03/01 17:48:08 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2013/03/09 19:37:46 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013/03/02 14:06:40 | 000,001,606 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-it.xml [2013/03/02 14:06:40 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013/03/02 14:06:40 | 000,000,957 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-it.xml [2013/03/02 14:06:40 | 000,001,030 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\hoepli.xml [2013/03/02 14:06:40 | 000,001,395 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-it.xml [2013/03/02 14:06:40 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-it.xml O1 HOSTS File: ([2013/04/07 19:00:20 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programmi\Web Assistant\Extension32.dll () O2 - BHO: (uTorrentBar_IT Toolbar) - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTo0.dll (Conduit Ltd.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - No CLSID value found. O3 - HKLM\..\Toolbar: (uTorrentBar_IT Toolbar) - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTo0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar_IT Toolbar) - {4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTo0.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Programmi\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe (PLauncher) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Franca\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKCU..\Run: [Center Agent] C:\Program Files (x86)\DIKOM Multimedia\HyperMediaCenter\DTVR\Scheduled.exe () O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Programmi\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O15 - HKCU\..Trusted Domains: aeriagames.com ([]http in Siti attendibili) O15 - HKCU\..Trusted Domains: aeriagames.com ([]https in Siti attendibili) O15 - HKCU\..Trusted Domains: youtube.com ([www] http in Siti attendibili) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/it/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{461EB543-71D3-4E92-BEDB-06A665E5432B}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73F93469-9074-41D9-AE3B-1154ECED3CF7}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A2D148E-8E75-4A62-AD35-1F274715FA59}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C0FA287-443A-4137-AB42-A57F6C71F1B8}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7C42932-7359-4F77-BF61-BB04DE227884}: NameServer = 8.8.8.8,8.8.4.4 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\livecall - No CLSID value found O18 - Protocol\Handler\msnim - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter ext/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.dvacm - C:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm (Corel TW Corp.) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.MPEGacm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.) Drivers32: msacm.ulmp3acm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2013/04/10 23:40:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Franca\Desktop\OTL.exe [2013/04/10 20:08:13 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013/04/10 20:08:12 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013/04/10 20:08:12 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013/04/10 20:08:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013/04/10 20:08:10 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013/04/10 20:08:10 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013/04/10 20:08:10 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013/04/10 20:08:10 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013/04/10 20:08:10 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013/04/10 20:08:10 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013/04/10 20:08:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013/04/10 20:08:09 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013/04/10 20:08:07 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013/04/10 20:08:07 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013/04/10 20:08:05 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013/04/10 12:06:46 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013/04/10 12:06:44 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013/04/10 12:06:43 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013/04/10 12:06:42 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2013/04/10 12:06:42 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013/04/10 12:06:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2013/04/07 19:13:33 | 000,000,000 | ---D | C] -- C:\Users\Franca\AppData\Roaming\SUPERAntiSpyware.com [2013/04/07 19:13:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2013/04/07 19:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2013/04/07 19:13:24 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2013/04/07 19:01:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013/04/07 19:00:19 | 000,000,000 | ---D | C] -- C:\Windows emp [2013/04/07 18:41:36 | 000,000,000 | ---D | C] -- C:\Users\Franca\Desktop\cugintour 6 aprile 2013 [2013/04/06 00:28:51 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/04/06 00:28:51 | 000,073,432 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/04/05 17:26:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013/04/05 17:26:14 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013/04/05 17:26:06 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013/04/05 17:26:06 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013/04/05 17:26:06 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013/04/05 16:36:15 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013/04/05 16:36:15 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013/04/05 16:36:15 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013/04/05 16:36:15 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013/04/05 16:36:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013/04/05 16:36:15 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013/04/05 16:36:15 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013/04/05 16:36:15 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013/04/05 16:36:15 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013/04/05 16:36:15 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013/04/05 16:36:15 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/04/05 16:36:15 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013/04/05 16:36:14 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013/04/05 16:36:14 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013/04/05 16:36:14 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013/04/05 16:36:14 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013/04/05 16:36:14 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013/04/05 16:36:14 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013/04/05 16:36:14 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/04/05 16:36:14 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013/04/05 16:36:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013/04/05 16:36:14 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013/04/05 16:36:14 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013/04/05 16:36:14 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013/04/05 16:36:14 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013/04/05 16:36:14 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64 dc.ocx [2013/04/05 16:36:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013/04/05 16:36:14 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013/04/05 16:36:14 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013/04/05 16:36:13 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013/04/05 16:36:13 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013/04/05 16:36:13 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013/04/05 16:36:13 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013/04/05 16:36:13 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013/04/05 16:36:13 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013/04/05 16:36:13 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/04/05 16:36:13 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013/04/05 16:36:13 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013/04/05 16:36:13 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013/04/05 16:36:13 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013/04/05 16:36:13 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013/04/05 16:36:13 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013/04/05 16:36:13 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013/04/05 16:36:13 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/04/05 16:36:13 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013/04/05 16:36:13 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013/04/05 16:36:13 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative dc.ocx [2013/04/05 16:36:13 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013/04/05 16:36:13 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013/04/05 16:36:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013/04/05 16:36:13 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013/04/05 16:36:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013/04/05 16:36:13 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013/04/05 15:57:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013/03/28 12:04:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies [2013/03/28 12:01:22 | 000,194,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys [2013/03/28 12:01:22 | 000,031,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2013/03/28 12:01:21 | 026,956,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013/03/28 12:01:21 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013/03/28 12:01:21 | 020,542,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013/03/28 12:01:21 | 017,990,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2013/03/28 12:01:21 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013/03/28 12:01:21 | 013,088,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2013/03/28 12:01:21 | 009,414,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013/03/28 12:01:21 | 007,959,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013/03/28 12:01:21 | 007,573,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013/03/28 12:01:21 | 006,271,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013/03/28 12:01:21 | 002,913,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013/03/28 12:01:21 | 002,728,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013/03/28 12:01:21 | 002,539,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2013/03/28 12:01:21 | 002,355,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013/03/28 12:01:21 | 001,995,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013/03/28 12:01:21 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6431422.dll [2013/03/28 12:01:21 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6431422.dll [2013/03/26 01:20:12 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys [2013/03/18 09:43:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecurityXploded [2013/03/14 15:44:08 | 000,000,000 | ---D | C] -- C:\Users\Franca\AppData\Roaming\Apple Computer [2012/12/31 15:34:06 | 008,358,176 | ---- | C] (Burnaware Technologies ) -- C:\Users\Franca\burnaware_free.exe [2011/03/21 23:08:51 | 000,399,736 | ---- | C] (BitTorrent, Inc.) -- C:\Users\Franca\utorrent.exe [2010/10/29 15:46:50 | 001,162,064 | ---- | C] (Microsoft Corporation) -- C:\Users\Franca\wlsetup-web-14.0.8091.0730.exe [2 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/04/10 23:40:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Franca\Desktop\OTL.exe [2013/04/10 22:54:00 | 000,000,978 | ---- | M] () -- C:\Windows asks\Adobe Flash Player Updater.job [2013/04/10 22:10:00 | 000,000,928 | ---- | M] () -- C:\Windows asks\GinyasBrowserCompanion Update Checker.job [2013/04/10 21:50:00 | 000,000,996 | ---- | M] () -- C:\Windows asks\GinyasBrowserCompanion Stats Report.job [2013/04/10 20:29:36 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/04/10 20:29:36 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/04/10 20:22:49 | 000,000,996 | ---- | M] () -- C:\Windows asks\GinyasBrowserCompanion Chrome Watcher.job [2013/04/10 20:22:47 | 000,000,996 | ---- | M] () -- C:\Windows asks\GinyasBrowserCompanion FireFox Watcher.job [2013/04/10 20:22:02 | 000,456,224 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/04/10 20:21:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/04/10 20:20:56 | 3163,709,440 | -HS- | M] () -- C:\hiberfil.sys [2013/04/10 19:13:00 | 000,000,512 | ---- | M] () -- C:\Windows asks\SUPERAntiSpyware Scheduled Task 8c2cf487-9f52-4f81-be88-7c623dac5100.job [2013/04/09 02:21:01 | 000,082,592 | ---- | M] () -- C:\Users\Franca\Desktop\123_big.gif [2013/04/09 02:00:00 | 000,000,512 | ---- | M] () -- C:\Windows asks\SUPERAntiSpyware Scheduled Task d6033922-2f0e-451b-b48c-56b66d2572ff.job [2013/04/08 17:47:10 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn [2013/04/08 17:46:51 | 000,000,848 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys [2013/04/08 16:39:47 | 007,067,641 | ---- | M] () -- C:\Users\Franca\Desktop\Audio 2 Zucchero Amaro.mp3 [2013/04/08 16:34:31 | 005,814,391 | ---- | M] () -- C:\Users\Franca\Desktop\SPECCHI RIFLESSI ~ Audio2.mp3 [2013/04/07 19:13:29 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2013/04/07 19:00:20 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013/04/07 18:39:32 | 001,541,618 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/04/07 18:39:32 | 000,698,804 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat [2013/04/07 18:39:32 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/04/07 18:39:32 | 000,127,998 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat [2013/04/07 18:39:32 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/04/06 00:33:38 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/04/06 00:33:38 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/04/05 17:26:01 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013/04/05 17:26:00 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll [2013/04/05 17:26:00 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013/04/05 17:26:00 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2013/04/05 17:26:00 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013/04/05 17:26:00 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013/04/05 16:36:15 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013/04/05 16:36:15 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013/04/05 16:36:15 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013/04/05 16:36:15 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013/04/05 16:36:15 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013/04/05 16:36:15 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013/04/05 16:36:15 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013/04/05 16:36:15 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013/04/05 16:36:15 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013/04/05 16:36:15 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013/04/05 16:36:15 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/04/05 16:36:15 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013/04/05 16:36:14 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013/04/05 16:36:14 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013/04/05 16:36:14 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013/04/05 16:36:14 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013/04/05 16:36:14 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013/04/05 16:36:14 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013/04/05 16:36:14 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/04/05 16:36:14 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013/04/05 16:36:14 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013/04/05 16:36:14 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013/04/05 16:36:14 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013/04/05 16:36:14 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013/04/05 16:36:14 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013/04/05 16:36:14 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64 dc.ocx [2013/04/05 16:36:14 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013/04/05 16:36:14 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013/04/05 16:36:14 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013/04/05 16:36:14 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013/04/05 16:36:13 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013/04/05 16:36:13 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013/04/05 16:36:13 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013/04/05 16:36:13 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013/04/05 16:36:13 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013/04/05 16:36:13 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013/04/05 16:36:13 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/04/05 16:36:13 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013/04/05 16:36:13 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013/04/05 16:36:13 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013/04/05 16:36:13 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013/04/05 16:36:13 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013/04/05 16:36:13 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013/04/05 16:36:13 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013/04/05 16:36:13 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/04/05 16:36:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013/04/05 16:36:13 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013/04/05 16:36:13 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative dc.ocx [2013/04/05 16:36:13 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013/04/05 16:36:13 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013/04/05 16:36:13 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013/04/05 16:36:13 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013/04/05 16:36:13 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013/04/05 16:36:13 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013/04/05 16:36:13 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013/04/04 00:00:07 | 000,000,336 | ---- | M] () -- C:\Windows asks\HPCeeScheduleForFranca.job [2013/04/02 00:52:13 | 000,060,778 | ---- | M] () -- C:\Users\Franca\306158_1481375530068_6843674_n.jpg [2013/03/19 08:04:06 | 005,550,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013/03/19 07:46:56 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013/03/19 07:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013/03/19 07:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013/03/19 06:47:50 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2013/03/19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2013/03/15 07:53:06 | 026,956,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013/03/15 07:53:06 | 025,256,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013/03/15 07:53:06 | 020,542,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013/03/15 07:53:06 | 017,990,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2013/03/15 07:53:06 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013/03/15 07:53:06 | 015,508,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2013/03/15 07:53:06 | 015,042,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2013/03/15 07:53:06 | 013,088,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2013/03/15 07:53:06 | 009,414,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013/03/15 07:53:06 | 007,959,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013/03/15 07:53:06 | 007,573,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013/03/15 07:53:06 | 006,271,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013/03/15 07:53:06 | 002,913,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013/03/15 07:53:06 | 002,864,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2013/03/15 07:53:06 | 002,728,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013/03/15 07:53:06 | 002,539,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2013/03/15 07:53:06 | 002,355,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013/03/15 07:53:06 | 001,995,552 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013/03/15 07:53:06 | 001,807,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6431422.dll [2013/03/15 07:53:06 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6431422.dll [2013/03/15 07:53:06 | 000,017,738 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2013/03/15 06:16:18 | 003,477,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2013/03/15 06:16:17 | 006,398,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2013/03/15 06:16:10 | 002,555,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2013/03/15 06:16:10 | 000,237,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2013/03/15 06:16:10 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2 C:\*.tmp files -> C:\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/04/09 02:21:07 | 000,082,592 | ---- | C] () -- C:\Users\Franca\Desktop\123_big.gif [2013/04/08 16:39:32 | 007,067,641 | ---- | C] () -- C:\Users\Franca\Desktop\Audio 2 Zucchero Amaro.mp3 [2013/04/08 16:34:22 | 005,814,391 | ---- | C] () -- C:\Users\Franca\Desktop\SPECCHI RIFLESSI ~ Audio2.mp3 [2013/04/07 19:13:41 | 000,000,512 | ---- | C] () -- C:\Windows asks\SUPERAntiSpyware Scheduled Task 8c2cf487-9f52-4f81-be88-7c623dac5100.job [2013/04/07 19:13:40 | 000,000,512 | ---- | C] () -- C:\Windows asks\SUPERAntiSpyware Scheduled Task d6033922-2f0e-451b-b48c-56b66d2572ff.job [2013/04/07 19:13:29 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2013/04/06 00:28:53 | 000,000,978 | ---- | C] () -- C:\Windows asks\Adobe Flash Player Updater.job [2013/04/05 16:36:14 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013/04/05 16:36:13 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013/04/02 00:52:21 | 000,060,778 | ---- | C] () -- C:\Users\Franca\306158_1481375530068_6843674_n.jpg [2012/12/31 15:35:57 | 000,000,503 | ---- | C] () -- C:\Users\Franca\AppData\Roaming\burnaware.ini [2012/12/30 20:14:24 | 000,843,506 | ---- | C] () -- C:\Users\Franca\cartamodellopigotta.png [2012/11/24 20:33:58 | 000,000,035 | ---- | C] () -- C:\Users\Franca\AppData\Roaming\mbam.context.scan [2012/11/01 14:56:42 | 000,221,299 | ---- | C] () -- C:\Users\Franca\halloween 2012.jpg [2012/09/10 21:11:49 | 1101,908,374 | ---- | C] () -- C:\Users\Franca\Ultima Online Mondain's Legacy.rar [2012/06/29 13:00:48 | 000,217,487 | ---- | C] () -- C:\Users\Franca\Risposta2363044_1_VER2.pdf [2012/06/27 18:13:55 | 000,010,777 | ---- | C] () -- C:\Users\Franca\Registrazione Tiscali Internet senza canone.htm [2012/06/27 11:45:29 | 000,029,511 | ---- | C] () -- C:\Users\Franca\ravvedimentoIMU.pdf [2012/06/12 01:10:31 | 000,007,544 | ---- | C] () -- C:\Users\Franca\AppData\Local\unins000.dat [2012/06/07 22:42:33 | 000,055,136 | ---- | C] () -- C:\Users\Franca\Metin2_it_20111216.exe.torrent [2012/05/10 11:51:46 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/05/10 11:51:46 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/05/10 11:51:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/05/10 11:51:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/05/10 11:51:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/01/21 21:24:52 | 001,073,004 | ---- | C] () -- C:\Users\Franca\io e leo.jpg [2011/04/14 12:46:50 | 000,000,011 | ---- | C] () -- C:\Windows\3DShadow.INI [2011/04/08 20:25:52 | 000,025,048 | -HS- | C] () -- C:\Users\Franca\Folder.jpg [2011/04/08 20:25:52 | 000,007,293 | -HS- | C] () -- C:\Users\Franca\AlbumArtSmall.jpg [2011/03/21 23:12:36 | 000,017,159 | ---- | C] () -- C:\Users\Franca\FW_Installer_OB.rar.torrent [2011/02/28 12:30:28 | 000,001,178 | ---- | C] () -- C:\Users\Franca\AppData\Roaming\wklnhst.dat [2011/02/05 18:25:50 | 000,001,854 | ---- | C] () -- C:\Users\Franca\AppData\Roaming\GhostObjGAFix.xml [2010/11/19 18:27:38 | 166,297,938 | ---- | C] () -- C:\Users\Franca\Microsoft Front Page 2003 + seriale - ITA.rar [2010/10/29 15:42:47 | 007,362,048 | ---- | C] () -- C:\Users\Franca\MM26_IT.msi [2010/09/16 17:20:52 | 000,126,116 | ---- | C] () -- C:\Users\Franca\LD-champagne2.zip [2010/09/08 11:07:40 | 000,159,464 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2010/06/01 14:37:46 | 000,001,235 | ---- | C] () -- C:\Users\Franca\HyperMediaCenter.lnk [2010/05/21 12:57:48 | 000,020,480 | ---- | C] () -- C:\Users\Franca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/05/21 12:49:52 | 001,933,603 | ---- | C] () -- C:\Users\Franca\AppData\Local mpDSCN0057.2 [2010/05/21 12:49:49 | 001,934,341 | ---- | C] () -- C:\Users\Franca\AppData\Local mpDSCN0057.1 [2010/05/21 12:49:47 | 005,416,154 | ---- | C] () -- C:\Users\Franca\AppData\Local mpDSCN0057.0 [2010/05/21 12:49:47 | 001,943,949 | ---- | C] () -- C:\Users\Franca\AppData\Local mpDSCN0057.JPG [2010/05/19 11:54:48 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Commands [2010/05/19 11:54:48 | 000,000,268 | RH-- | C] () -- C:\Users\Franca\AppData\Roaming\ColorTable [2010/05/19 11:54:48 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT [2010/05/19 11:50:11 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Comedy Noises [2010/05/19 11:50:11 | 000,000,268 | RH-- | C] () -- C:\Users\Franca\AppData\Roaming\Cocoa [2010/05/19 11:50:11 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT [2010/05/04 13:50:03 | 000,013,509 | ---- | C] () -- C:\Users\Franca\AppData\Local mpALESSIA 10.2 [2010/05/04 13:49:57 | 000,013,501 | ---- | C] () -- C:\Users\Franca\AppData\Local mpALESSIA 10.1 [2010/05/04 13:49:55 | 000,021,642 | ---- | C] () -- C:\Users\Franca\AppData\Local mpALESSIA 10.0 [2010/05/04 13:49:55 | 000,013,512 | ---- | C] () -- C:\Users\Franca\AppData\Local mpALESSIA 10.JPG [2010/04/17 23:11:00 | 000,000,017 | ---- | C] () -- C:\Users\Franca\AppData\Local\resmon.resmoncfg [2010/03/24 14:24:20 | 000,000,848 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys ========== ZeroAccess Check ========== [2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013/01/11 23:43:26 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Aeria Games & Entertainment [2012/08/11 17:30:10 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Alien Skin [2012/11/24 20:13:27 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\BrowserCompanion [2012/12/15 01:42:05 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\EmoticoonsToolbar [2012/08/04 23:10:37 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\FreeVideoConverter [2013/04/10 16:31:26 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\ICQ [2013/03/13 13:55:55 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\IObit [2010/05/04 16:31:28 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Jasc [2010/06/01 14:37:47 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\KWorld Multimedia [2010/05/19 12:03:43 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Nikon [2012/08/05 16:55:35 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\OpenCandy [2012/08/09 00:12:12 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\PhotoScape [2011/07/10 22:38:30 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Razor [2011/11/28 15:51:40 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\TeamViewer [2011/02/28 12:30:39 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Template [2010/04/28 19:25:05 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Ulead Systems [2010/05/23 19:16:29 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Uniblue [2013/04/06 00:02:49 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\uTorrent [2011/07/20 16:45:32 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Vodafone [2010/12/18 17:56:07 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\WildTangent [2011/03/03 16:37:11 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Windows Live Writer [2010/03/24 09:03:04 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\_MDLogs ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2013/02/26 13:46:58 | 000,000,000 | ---- | M] () -- C:\asc_rdflag [2009/07/14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2012/07/27 17:37:53 | 000,000,196 | ---- | M] () -- C:\ChromeHPLog.txt [2013/04/07 19:07:43 | 000,029,460 | ---- | M] () -- C:\ComboFix.txt [2012/11/24 20:20:14 | 000,000,043 | ---- | M] () -- C:\END [2013/04/10 20:20:56 | 3163,709,440 | -HS- | M] () -- C:\hiberfil.sys [2010/05/21 13:19:53 | 000,000,186 | ---- | M] () -- C:\hpqlb.log [2013/04/10 20:21:01 | 4218,281,984 | -HS- | M] () -- C:\pagefile.sys [2012/06/12 00:15:31 | 000,000,447 | ---- | M] () -- C:\user.js [2 C:\*.tmp files -> C:\*.tmp -> ] < %systemroot%\Fonts\*.com > [2009/07/14 07:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont [2009/07/14 07:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont [2009/07/14 07:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont [2009/07/14 07:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont < %systemroot%\Fonts\*.dll > < %systemroot%\Fonts\*.ini > [2009/06/10 22:49:50 | 000,000,065 | -H-- | M] () -- C:\Windows\Fonts\desktop.ini < %systemroot%\Fonts\*.ini2 > < %systemroot%\Fonts\*.exe > < %systemroot%\system32\spool\prtprocs\w32x86\*.* > < %systemroot%\REPAIR\*.bak1 > < %systemroot%\REPAIR\*.ini > < %systemroot%\system32\*.jpg > < %systemroot%\*.jpg > < %systemroot%\*.png > < %systemroot%\*.scr > [2012/03/08 18:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] < %systemroot%\*._sy > < %APPDATA%\Adobe\Update\*.* > < %ALLUSERSPROFILE%\Favorites\*.* > < %APPDATA%\Microsoft\*.* > [2012/04/27 16:52:35 | 000,001,734 | -HS- | M] () -- C:\Users\Franca\AppData\Roaming\Microsoft\LastFlashConfig.wfc < %PROGRAMFILES%\*.* > [2009/07/14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini < %APPDATA%\Update\*.* > < %systemroot%\*. /mp /s > < %systemroot%\System32\config\*.sav > < %PROGRAMFILES%\bak. /s > < %systemroot%\system32\bak. /s > < %ALLUSERSPROFILE%\Start Menu\*.lnk /x > < %systemroot%\system32\config\systemprofile\*.dat /x > < %systemroot%\*.config > < %systemroot%\system32\*.db > < %PROGRAMFILES%\Internet Explorer\*.dat > < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x > [2011/04/28 22:59:35 | 000,000,221 | -HS- | M] () -- C:\Users\Franca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini < %USERPROFILE%\Desktop\*.exe > [2012/11/11 01:59:34 | 001,109,504 | ---- | M] () -- C:\Users\Franca\Desktop\EUOX217.exe [2013/04/10 23:40:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Franca\Desktop\OTL.exe < %PROGRAMFILES%\Common Files\*.* > < %systemroot%\*.src > < %systemroot%\install\*.* > < %systemroot%\system32\DLL\*.* > < %systemroot%\system32\HelpFiles\*.* > < %systemroot%\system32\rundll\*.* > < %systemroot%\winn32\*.* > < %systemroot%\Java\*.* > < %systemroot%\system32 est\*.* > < %systemroot%\system32\Rundll32\*.* > < %systemroot%\AppPatch\Custom\*.* > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < End of report >
-
-
Allego i log richiesti per quanto riguarda superantipyware ho già effettuato la rimozione dei trheats.Grazie log combo fix.txt SUPERAntiSpyware Scan Log - 04-07-2013 - 19-24-51.log mbam-log-2013-04-07 (19-28-13).txt
-
ho aggiornato Explorer alla versione 10 , ma il problema l avevo anche con 8 flash player è aggiornato e anche java all' ultima versione
-
Buonasera, ho problemi con internet Explorer , è molto lento e non apre alcuni siti ne video si blocca e aggiorna la pagina molto spesso, problemi che con firefox non ho, allego log hijackthis.Grazie hijackthis.log
-
Cosa ne pensi di questo nel link? Dovrei collegare monitor, pc, modem, un hardisk esterno e le casse del pc
-
Ciao a tutti, come da titolo mi servirebbero dei pareri ed eventuali dei consigli su questo gruppo di continuità http://www.fc-electronik.net//foto_ebay/be700.pdf Ho letto che la marca APC è la migliore per quanto riguarda gli ups, però vorrei ulteriori pareri prima di acquistarlo ed eventuali consigli di altri gruppi se questo non va bene. Grazie in anticipo ciao
-
Buongiorno, all accensione del mio pc questa mattina mi è comparso un avviso di errore di Avira ( ieri ultimo aggiornamento ) e adesso non c'è più l icona di Avira vicino l orologio. Qualcuno sa dirmi cortesemente come posso risolvere il problema e a cosa sia dovuto. Grazie mille. Allego file log hijackthis e log malware hijackthis.log mbam-log-2012-04-20 (11-13-47).txt
-
Ecco l ultimo log di hijackthis.Resto in attesa a dita incrociate . Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19.12.43, on 10/06/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Programmi\Panda USB Vaccine\USBVaccine.exe C:\Programmi\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\YoWindow\yowindow.exe C:\Programmi\Avira\AntiVir Desktop\avguard.exe C:\Programmi\Avira\AntiVir Desktop\avshadow.exe C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\wuauclt.exe C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Trend Micro\HijackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ig R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: YoWindow.lnk = C:\Programmi\YoWindow\yowindow.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{90371BFC-260E-4068-8F98-92479EF61294}: NameServer = 85.37.17.17 85.38.28.72 O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 5288 bytes
-
Allora ho disistallato e reistallato malwarebytes ( lo avevo fatto anche oggi) ma non mi appare la dicitura periodo di prova. stranamente malwarebytes conteneva in quarantena il trojan agent e tutti i report delle scansioni fatte in precedenza. Ti allego il log hijackthis e l altro di hitmanpro. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21.51.49, on 08/06/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programmi\Avira\AntiVir Desktop\sched.exe C:\Programmi\Panda USB Vaccine\USBVaccine.exe C:\Programmi\Avira\AntiVir Desktop\avguard.exe C:\Programmi\Avira\AntiVir Desktop\avshadow.exe C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe C:\Programmi\Avira\AntiVir Desktop\avgnt.exe C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\ctfmon.exe C:\Programmi\YoWindow\yowindow.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Internet Explorer\iexplore.exe C:\Programmi\Trend Micro\HijackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [HitmanPro35] "C:\Programmi\Hitman Pro 3.5\HitmanPro35.exe" /scan:boot O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: YoWindow.lnk = C:\Programmi\YoWindow\yowindow.exe O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{90371BFC-260E-4068-8F98-92479EF61294}: NameServer = 85.37.17.17 85.38.28.72 O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 5421 bytes Log Hitmanpro - <Log computer="CECILIA" scan="Normal" version="3.5.8.121" date="2011-06-08T14:45:26" timeSpentInSecs="637" filesProcessed="13706"> - <Item type="Repair" score="0.0" status="Deleted"> <File path="C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt" /> </Item> - <Item type="Repair" score="0.0" status="Deleted"> <File path="C:\Documents and Settings\Administrator\Cookies\administrator@smartadserver[1].txt" /> </Item> - <Item type="Repair" score="0.0" status="Deleted"> <File path="C:\Documents and Settings\Administrator\Cookies\administrator@track.adform[1].txt" /> </Item> - <Item type="Repair" score="0.0" status="Deleted"> <File path="C:\Documents and Settings\Administrator\Cookies\administrator@xiti[1].txt" /> </Item> - <Item type="Suspicious" score="22.0" status="None"> <File path="C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\GoogleUpdates.exe" hash="FA6BEC9267ECA2B4479006889CC394B0D12725E506A28C1A2F22799BBBC937AB" /> - <Startup> <Key path="HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Google Update" /> </Startup> - <References> <Key path="HKU\S-1-5-21-1220945662-706699826-1801674531-500\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\GoogleUpdates.exe" /> </References> </Item> </Log> incrocio le dita e ti rinnovo il mio Grazie.