gianman
Utenti-
Numero contenuti
87 -
Iscritto
-
Ultima visita
-
ComboFix 15-04-28.01 - Gianni 04/05/2015 14:27:17.1.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.4095.1355 [GMT 2:00] Eseguito da: c:\users\Gianni\Downloads\ComboFix.exe AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859} SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Error Repair Professional c:\programdata\ntuser.pol c:\users\Gianni\AppData\Local\lollipop c:\users\Gianni\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll c:\users\Gianni\AppData\Roaming\A9A.tmp c:\users\Gianni\AppData\Roaming\A9A.tmp.exe c:\users\Public\AlexaNSISPlugin.1828.dll c:\windows\SysWow64\Packet.dll c:\windows\SysWow64\wpcap.dll . La copia infetta di c:\windows\system32\Services.exe è stata trovata e disinfettata ipristinata copia da - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe . . ((((((((((((((((((((((((((((((((((((((( Driver/Servizi ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_NPF -------\Service_NPF . . ((((((((((((((((((((((((( Files Creati Da 2015-04-04 al 2015-05-04 ))))))))))))))))))))))))))))))))))) . . 2015-05-04 12:35 . 2015-05-04 12:35 -------- d-----w- c:\users\Ragazzi\AppData\Local emp 2015-05-04 12:35 . 2015-05-04 12:35 -------- d-----w- c:\users\Linda\AppData\Local emp 2015-05-04 12:35 . 2015-05-04 12:35 -------- d-----w- c:\users\Default\AppData\Local emp 2015-04-21 10:07 . 2015-04-21 10:07 -------- d-----w- c:\users\Gianni\AppData\Local\Skype 2015-04-21 10:07 . 2015-04-21 10:07 -------- d-----w- c:\program files (x86)\Common Files\Skype 2015-04-21 10:07 . 2015-04-21 10:07 -------- d-----r- c:\program files (x86)\Skype 2015-04-18 16:24 . 2015-04-18 16:24 -------- d-----w- c:\users\Ragazzi\AppData\Roaming\Steam 2015-04-18 16:22 . 2015-04-18 16:22 -------- d-----w- c:\users\Gianni\AppData\Roaming\Steam 2015-04-15 08:58 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys 2015-04-15 08:58 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll 2015-04-15 08:58 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll 2015-04-07 14:33 . 2015-04-07 14:34 -------- d-----w- c:\users\Gianni\AppData\Roaming\Apowersoft . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-04-29 11:12 . 2012-04-13 17:43 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2015-04-29 11:12 . 2012-01-26 16:39 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2015-04-15 09:46 . 2012-01-26 15:11 128913832 ----a-w- c:\windows\system32\MRT.exe 2015-03-30 13:25 . 2015-03-31 17:18 33856 ---ha-w- c:\windows\system32\hamachi.sys 2015-03-20 11:40 . 2015-02-27 10:11 73728 ----a-w- c:\windows\SysWow64 asks.dll 2015-03-17 04:56 . 2015-04-15 09:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2015-03-15 09:34 . 2015-03-15 09:34 228408 ----a-w- c:\windows\system32\drivers\droidcamvideo.sys 2015-03-15 09:34 . 2015-03-15 09:34 33080 ----a-w- c:\windows\system32\drivers\droidcam.sys 2015-03-12 10:59 . 2015-03-22 13:29 373864 ----a-w- c:\windows\system32\LavasoftTcpService64.dll 2015-03-12 10:58 . 2015-03-22 13:29 326288 ----a-w- c:\windows\SysWow64\LavasoftTcpService.dll 2015-03-10 16:54 . 2015-03-08 12:19 44088 ----a-w- c:\windows\system32\drivers\avnetflt.sys 2015-03-10 16:54 . 2015-03-08 12:19 132120 ----a-w- c:\windows\system32\drivers\avipbb.sys 2015-03-10 16:54 . 2015-03-08 12:19 128536 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2015-02-26 09:52 . 2015-02-26 09:52 239104 ----a-w- c:\windows\mlwps.exe 2015-02-26 03:25 . 2015-03-11 08:31 3204096 ----a-w- c:\windows\system32\win32k.sys 2015-02-24 02:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe 2015-02-20 04:41 . 2015-03-11 08:32 41984 ----a-w- c:\windows\system32\lpk.dll 2015-02-20 04:40 . 2015-03-11 08:32 100864 ----a-w- c:\windows\system32\fontsub.dll 2015-02-20 04:40 . 2015-03-11 08:32 14336 ----a-w- c:\windows\system32\dciman32.dll 2015-02-20 04:40 . 2015-03-11 08:32 46080 ----a-w- c:\windows\system32\atmlib.dll 2015-02-20 04:13 . 2015-03-11 08:32 70656 ----a-w- c:\windows\SysWow64\fontsub.dll 2015-02-20 04:13 . 2015-03-11 08:32 10240 ----a-w- c:\windows\SysWow64\dciman32.dll 2015-02-20 04:13 . 2015-03-11 08:32 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2015-02-20 04:12 . 2015-03-11 08:32 25600 ----a-w- c:\windows\SysWow64\lpk.dll 2015-02-20 03:29 . 2015-03-11 08:32 372224 ----a-w- c:\windows\system32\atmfd.dll 2015-02-20 03:09 . 2015-03-11 08:32 299008 ----a-w- c:\windows\SysWow64\atmfd.dll 2015-02-16 15:20 . 2015-02-16 15:20 33856 ---ha-w- c:\windows\system32\drivers\hamachi.sys 2015-02-16 03:21 . 2015-03-06 13:09 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A32DE48D-C36A-417D-83D6-982955F8E383}\mpengine.dll 2015-02-13 05:22 . 2015-03-11 08:31 14177280 ----a-w- c:\windows\system32\shell32.dll 2015-02-04 10:23 . 2015-02-04 10:23 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll 2015-02-04 10:13 . 2015-02-04 10:13 869536 ----a-w- c:\windows\system32\msvcr120_clr0400.dll 2015-02-04 03:16 . 2015-03-11 08:30 465920 ----a-w- c:\windows\system32\WMPhoto.dll 2015-02-04 02:54 . 2015-03-11 08:30 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll . . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_6E947845E1E6E078F3F4C3EE3D46F8A2"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-04-28 812872] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "V0420Mon.exe"="c:\windows\V0420Mon.exe" [2007-04-30 32768] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-04-07 726320] "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-03-30 3978600] "Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2015-04-10 130048] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "Userinit"="userinit.exe" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux9"=wdmaud.drv . R0 ArcSec;ArcSec;c:\windows\system32\drivers\ArcSec.sys;c:\windows\SYSNATIVE\drivers\ArcSec.sys [x] R2 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x] R2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x] R2 Ca1528av;SPCA1528 Video Camera Service;c:\windows\system32\Drivers\Ca1528av.sys;c:\windows\SYSNATIVE\Drivers\Ca1528av.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 BoxSyncUpdateService;Box Sync Update Service;c:\program files\Box\Box Sync\SyncUpdaterService.exe;c:\program files\Box\Box Sync\SyncUpdaterService.exe [x] R3 Bulk1528;SPCA1528 Still Camera Service;c:\windows\system32\Drivers\Bulk1528.sys;c:\windows\SYSNATIVE\Drivers\Bulk1528.sys [x] R3 cpuz134;cpuz134;c:\users\Gianni\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Gianni\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 SaiH0461;SaiH0461;c:\windows\system32\DRIVERS\SaiH0461.sys;c:\windows\SYSNATIVE\DRIVERS\SaiH0461.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers erminpt.sys;c:\windows\SYSNATIVE\drivers erminpt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers susbflt.sys;c:\windows\SYSNATIVE\drivers susbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers susbhub.sys;c:\windows\SYSNATIVE\drivers susbhub.sys [x] R3 V0420VID;Live! Cam Vista IM (VF0420);c:\windows\system32\DRIVERS\V0420Vid.sys;c:\windows\SYSNATIVE\DRIVERS\V0420Vid.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] R4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S2 AntiVirSchedulerService;Avira Pianificatore;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x] S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x] S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x] S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x] S2 Live Malware Protection;Live Malware Protection;c:\windows\mlwps.exe;c:\windows\mlwps.exe [x] S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x] S2 PrivoxyService;Privoxy (PrivoxyService);c:\program files (x86)\Jelbrus Secure Web\privoxy.exe;c:\program files (x86)\Jelbrus Secure Web\privoxy.exe [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x] S3 DroidCam;DroidCam Virtual Audio;c:\windows\system32\DRIVERS\droidcam.sys;c:\windows\SYSNATIVE\DRIVERS\droidcam.sys [x] S3 DroidCamVideo;DroidCam Source 3;c:\windows\system32\DRIVERS\droidcamvideo.sys;c:\windows\SYSNATIVE\DRIVERS\droidcamvideo.sys [x] S3 RTL8167;Driver Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-05-01 19:45 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe . Contenuto della cartella 'Scheduled Tasks' . 2015-05-04 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 11:12] . 2015-05-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1000Core.job - c:\users\Gianni\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-20 17:22] . 2015-05-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1000UA.job - c:\users\Gianni\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-20 17:22] . 2015-05-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1005Core.job - c:\users\Ragazzi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-06 19:07] . 2015-05-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1005UA.job - c:\users\Ragazzi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-06 19:07] . 2015-04-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1006Core.job - c:\users\Linda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-12-01 08:42] . 2015-05-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1006UA.job - c:\users\Linda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-12-01 08:42] . 2015-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cef76396945453.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-27 11:17] . 2015-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-27 11:17] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ BoxSyncFileLocked] @="{9a216f5d-3530-3b1a-8006-9a1233402fba}" [HKEY_CLASSES_ROOT\CLSID\{9a216f5d-3530-3b1a-8006-9a1233402fba}] 2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ BoxSyncNotSynced] @="{4c3d7a5e-7476-3c21-9717-0614ce209c44}" [HKEY_CLASSES_ROOT\CLSID\{4c3d7a5e-7476-3c21-9717-0614ce209c44}] 2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ BoxSyncProblem] @="{aa0bacc8-a5df-34b0-acd8-e6739d92010e}" [HKEY_CLASSES_ROOT\CLSID\{aa0bacc8-a5df-34b0-acd8-e6739d92010e}] 2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ BoxSyncSynced] @="{0f20db5b-365d-3cc6-82eb-41207f77bb71}" [HKEY_CLASSES_ROOT\CLSID\{0f20db5b-365d-3cc6-82eb-41207f77bb71}] 2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "c:\windows\system32\V0420Ext.ax"="c:\windows\system32\V0420Ext.ax" [X] "BoxSync"="c:\program files\Box\Box Sync\BoxSync.exe" [2014-11-13 5609176] . ------- Scansione supplementare ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = 00 mDefault_Search_URL = 00 mDefault_Page_URL = 00 mStart Page = 00 mLocal Page = c:\windows\SysWOW64\blank.htm mSearch Page = 00 uInternet Settings,ProxyServer = 127.0.0.1:8118 IE: Aggiungere a AMV/AVI Video Converter... - c:\program files (x86)\Media Player Utilities 4.45\AMVConverter\grab.html IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: {{54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - FF - ProfilePath - c:\users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\x06m84j9.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: keyword.URL - hxxps://it.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=614363&p= FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - 009438de000000000000001e8c6f16a6 FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15907 FF - user.js: extensions.delta.vrsn - 1.8.21.5 FF - user.js: extensions.delta.vrsni - 1.8.21.5 FF - user.js: extensions.delta.vrsnTs - 1.8.21.511:11 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - it FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta_i.babTrack - affID=119357&tl=4-8873-8580-180000000891127442-1325557895-1372926731-1375518731&tsp=4950 FF - user.js: extensions.delta_i.babExt - FF - user.js: extensions.delta_i.srcExt - ss FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false FF - user.js: extensions.Softonic.hpOld0 - FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MOY00010/tb_v1?SearchSource=1&cc=&mi=009438de000000000000001e8c6f16a6&toi=16049&q= FF - user.js: extensions.Softonic.id - 009438de000000000000001e8c6f16a6 FF - user.js: extensions.Softonic.appId - {7ABBFE1C-E485-44AA-8F36-353751B4124D} FF - user.js: extensions.Softonic.instlDay - 16049 FF - user.js: extensions.Softonic.vrsn - 1.8.28.14 FF - user.js: extensions.Softonic.vrsni - 1.8.28.14 FF - user.js: extensions.Softonic.vrsnTs - 1.8.28.1414:08 FF - user.js: extensions.Softonic.prtnrId - softonic FF - user.js: extensions.Softonic.prdct - Softonic FF - user.js: extensions.Softonic.aflt - SD FF - user.js: extensions.Softonic.smplGrp - none FF - user.js: extensions.Softonic.tlbrId - 2013desingbrand FF - user.js: extensions.Softonic.instlRef - MOY00010 FF - user.js: extensions.Softonic.dfltLng - it FF - user.js: extensions.Softonic.excTlbr - false FF - user.js: extensions.Softonic.ffxUnstlRst - false FF - user.js: extensions.Softonic.admin - false FF - user.js: extensions.Softonic.autoRvrt - false FF - user.js: extensions.Softonic.rvrt - false FF - user.js: extensions.Softonic.hmpg - true FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/MOY00010/tb_v1?SearchSource=13&cc=&mi=009438de000000000000001e8c6f16a6&toi=16049 FF - user.js: extensions.Softonic.dfltSrch - true FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic) FF - user.js: extensions.Softonic.kw_url - hxxp://search.softonic.com/MOY00010/tb_v1?SearchSource=2&cc=&mi=009438de000000000000001e8c6f16a6&toi=16049&q= FF - user.js: extensions.Softonic.dnsErr - true FF - user.js: extensions.Softonic.newTab - true FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/MOY00010/tb_v1/?SearchSource=15&cc=&mi=009438de000000000000001e8c6f16a6&toi=16049 FF - user.js: extensions.irmysearch.aflt - vit_14_18 FF - user.js: extensions.irmysearch.instlRef - vit_14_18 FF - user.js: extensions.irmysearch.cr - 1797477874 FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1QzutDtDtC0Ezz0CyC0FtCyC0AyCtAzz0D0EtN0D0Tzu0SzzyByCtN1L2XzutBtFtBtDtFtCyDtFtDtN1L1Czu2X1L2Z1VtCyE1VtCzztN1L1G1B1V1N2Y1L1Qzu2StCyByB0F0D0DzzyEtG0EyB0ByCtG0DtB0CyBtGtD0D0DtAtGtD0Bzy0AtByE0C0AyD0Ezy0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtC0ByD0F0D0CzztGzytAyC0BtGtCzy0EtCtGzztAyDyBtGtA0EtA0B0F0DtA0FtCyByBzy2Q . - - - - CHIAVI ORFANE RIMOSSE - - - - . Wow6432Node-HKCU-Run-Search Protection - c:\users\Gianni\AppData\Roaming\Search Protection\SP.EXE Wow6432Node-HKLM-Run-fst_it_55 - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start AddRemove-Search Protection - c:\users\Gianni\AppData\Roaming\Search Protection\uninstall.exe . . . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.16" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Alias] @="" "0"="ActionsPane Schema for Add-Ins" . ------------------------ Altri processi in esecuzione ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe . ************************************************************************** . Ora fine scansione: 2015-05-04 14:44:23 - Il pc è stato riavviato ComboFix-quarantined-files.txt 2015-05-04 12:44 . Pre-Run: 94.541.496.320 byte disponibili Post-Run: 99.973.988.352 byte disponibili . - - End Of File - - 72A85897219994C284D5A2C34A2AD1F6 A36C5E4F47E84449FF07ED3517B43A31
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:45:09, on 23/04/2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17728) Boot mode: Normal Running processes: C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Windows\V0420Mon.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: Guida per l'accesso all'account Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O4 - HKLM\..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe O4 - HKCU\..\Run: [search Protection] "C:\Users\Gianni\AppData\Roaming\Search Protection\SP.EXE" /autostart O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6E947845E1E6E078F3F4C3EE3D46F8A2] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O8 - Extra context menu item: Aggiungere a AMV/AVI Video Converter... - C:\Program Files (x86)\Media Player Utilities 4.45\AMVConverter\grab.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file) O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file) O9 - Extra button: iRobinHood Partners Addon - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - (no file) O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file) O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe O23 - Service: Box Sync Update Service (BoxSyncUpdateService) - Box, Inc. - C:\Program Files\Box\Box Sync\SyncUpdaterService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Malware Protection - AV Security Software - C:\Windows\mlwps.exe O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Privoxy (PrivoxyService) (PrivoxyService) - The Privoxy team - www.privoxy.org - C:\Program Files (x86)\Jelbrus Secure Web\privoxy.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9783 bytes
-
Salve i miei figli mi hanno riempito il pc di così tanti virus che penso ci voglia un esorcista per salvarlo Ecco il log ma premetto che a metà scansione mi ha dato un messaggio d'errore Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:51:53, on 29/05/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17041) Boot mode: Normal Running processes: C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Users\Ciao\AppData\Local\pgcchelper\pgcchelper.exe C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe C:\Program Files\Lenovo\LVT\LJYZ.exe C:\Program Files (x86)\Lenovo\Rapidboot\FBConsole.exe C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe C:\Windows\V0420Mon.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Ciao\Desktop\HiJackThis (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1399431470&from=cor&uid=ST1000DM003-9YN162_S1D3CL10XXXXS1D3CL10&q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1401051391&from=cor&uid=ST1000DM003-9YN162_S1D3CL10XXXXS1D3CL10&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file) O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file) O4 - HKLM\..\Run: [Lenovo Silver Silk Wireless Keyboard] C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe O4 - HKLM\..\Run: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" O4 - HKLM\..\Run: [LVT] C:\Program Files\Lenovo\LVT\LJYZ.exe 1 O4 - HKLM\..\Run: [Fastboot] C:\Program Files (x86)\Lenovo\Rapidboot\FBConsole.exe O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" O4 - HKLM\..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot O4 - HKLM\..\Run: [V0420Mon.exe] C:\windows\V0420Mon.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun O4 - HKLM\..\Run: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Ciao\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [uTorrent] "C:\Users\Ciao\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [pgcchelper] C:\Users\Ciao\AppData\Local\pgcchelper\pgcchelper.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file) O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file) O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file) O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: FastbootService - 1206 Lab - C:\Program Files (x86)\Lenovo\Rapidboot\FBService.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10790 bytes
-
Devo aprire il pc? ci proverò ma non vorrei peggiorare la situazione
-
Salve, non so se questo è un problema di Win7 ma ho il pc che mi si blocca sempre tanto che o lo devo riavviare io o si riavvia da solo. Succede quando va in standby, oppure quando masterizzo su dvd o quando sposto dati di grandi dimensioni (almeno 2gb) verso una penna usb o hard disk esterno, da cosa può dipendere? Se faccio scandisk lo schermo dopo un po diventa tutto nero e lo devo ancora riavviare come se non avessi fatto niente. Succede anche se cambio HD esterno o se cambio porta usb. Buon 2013!!!
-
Il problema è che mi si blocca quando faccio trasferimento su grossi file verso un HD esterno o anche in fase di masterizzazione. Si blocca sempre lo devo riavviare
-
Per ora tutto bene, rinnovo ringraziamenti calorosi, resta in zona
-
Ho finito che devo postare qualcosa adesso?
-
sto facendo, intanto ti ringrazio per l'assistenza
-
# AdwCleaner v2.101 - Logfile creato il 19/12/2012 alle 15:10:46 # Aggiornamento 16/12/2012 by Xplode # Sistema Operativo : Windows 7 Ultimate Service Pack 1 (64 bits) # Utente : Gianni - GIANNI-PC # Modalità Avvio : Modalità Normale # Eseguito da : C:\Users\Gianni\Downloads\adwcleaner.exe # Opzioni [Elimina] ***** [servizi] ***** ***** [File / Cartelle] ***** Cartella Eliminato : C:\Program Files (x86)\Conduit Cartella Eliminato : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com Cartella Eliminato : C:\Program Files (x86)\uTorrentBar_IT Cartella Eliminato : C:\ProgramData\Babylon Cartella Eliminato : C:\Users\Gianni\AppData\Local\Conduit Cartella Eliminato : C:\Users\Gianni\AppData\LocalLow\Conduit Cartella Eliminato : C:\Users\Gianni\AppData\LocalLow\uTorrentBar_IT Cartella Eliminato : C:\Users\Gianni\AppData\Roaming\Babylon Cartella Eliminato : C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\x06m84j9.default\ConduitCommon Cartella Eliminato : C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\x06m84j9.default\CT2851640 Cartella Eliminato : C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\x06m84j9.default\extensions\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} Cartella Eliminato : C:\Users\Gianni\AppData\Roaming\OpenCandy File Eliminato : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml File Eliminato : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml File Eliminato : C:\user.js File Eliminato : C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\cfl6pfir.default-1343600262549\searchplugins\browsemngr.xml ***** [Registro] ***** Chiave Eliminata : HKCU\Software\AppDataLow\Software\Conduit Chiave Eliminata : HKCU\Software\AppDataLow\Software\Crossrider Chiave Eliminata : HKCU\Software\AppDataLow\Software\SmartBar Chiave Eliminata : HKCU\Software\AppDataLow\Software\uTorrentBar_IT Chiave Eliminata : HKCU\Software\AppDataLow\Toolbar Chiave Eliminata : HKCU\Software\Conduit Chiave Eliminata : HKCU\Software\Cr_Installer Chiave Eliminata : HKCU\Software\DataMngr Chiave Eliminata : HKCU\Software\DataMngr_Toolbar Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1} Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1} Chiave Eliminata : HKCU\Software\Softonic Chiave Eliminata : HKCU\Software\SweetIM Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Chiave Eliminata : HKLM\Software\Babylon Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Chiave Eliminata : HKLM\SOFTWARE\Classes\Prod.cap Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar.CT2851640 Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Chiave Eliminata : HKLM\Software\Conduit Chiave Eliminata : HKLM\Software\DataMngr Chiave Eliminata : HKLM\Software\Iminent Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179} Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{854145C6-B95A-408D-BE86-367DC393A219} Chiave Eliminata : HKLM\Software\SweetIM Chiave Eliminata : HKLM\Software\uTorrentBar_IT Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{854145C6-B95A-408D-BE86-367DC393A219} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3EDC4984-32D3-4FE1-B0B9-9261CBEB111F} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E3B1241-7F57-46F7-9D95-0AF0676BC349} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_IT Toolbar Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope] Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}] Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}] Valore Eliminata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}] ***** [browser Internet] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Registro Pulito. -\\ Mozilla Firefox v17.0.1 (it) Nome Profilo : default File : C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\x06m84j9.default\prefs.js C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\x06m84j9.default\user.js ... Eliminato ! Eliminata : user_pref("CT2851640..clientLogIsEnabled", false); Eliminata : user_pref("CT2851640..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Eliminata : user_pref("CT2851640..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Eliminata : user_pref("CT2851640.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); Eliminata : user_pref("CT2851640.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Eliminata : user_pref("CT2851640.AppTrackingLastCheckTime", "Wed May 23 2012 08:14:38 GMT+0200 (ora legale Europ[...] Eliminata : user_pref("CT2851640.CTID", "CT2851640"); Eliminata : user_pref("CT2851640.CurrentServerDate", "29-7-2012"); Eliminata : user_pref("CT2851640.DSInstall", false); Eliminata : user_pref("CT2851640.DialogsAlignMode", "LTR"); Eliminata : user_pref("CT2851640.DialogsGetterLastCheckTime", "Fri Jul 27 2012 14:23:22 GMT+0200 (ora legale Eur[...] Eliminata : user_pref("CT2851640.DownloadReferralCookieData", ""); Eliminata : user_pref("CT2851640.EMailNotifierPollDate", "Fri Jul 27 2012 14:28:21 GMT+0200 (ora legale Europa o[...] Eliminata : user_pref("CT2851640.FeedLastCount6743962842994482530", 501); Eliminata : user_pref("CT2851640.FeedPollDate2429156812186649977", "Mon May 28 2012 11:50:42 GMT+0200 (ora legal[...] Eliminata : user_pref("CT2851640.FeedPollDate2429156813040823546", "Mon May 28 2012 11:50:41 GMT+0200 (ora legal[...] Eliminata : user_pref("CT2851640.FeedPollDate2429156813130095866", "Mon May 28 2012 11:50:41 GMT+0200 (ora legal[...] Eliminata : user_pref("CT2851640.FeedPollDate2429156813224203613", "Mon May 28 2012 11:50:41 GMT+0200 (ora legal[...] Eliminata : user_pref("CT2851640.FeedPollDate2429156813230837251", "Mon May 28 2012 11:50:41 GMT+0200 (ora legal[...] Eliminata : user_pref("CT2851640.FeedPollDate2429156813454291735", "Mon May 28 2012 11:50:41 GMT+0200 (ora legal[...] Eliminata : user_pref("CT2851640.FeedPollDate2429156813729834876", "Mon May 28 2012 11:50:41 GMT+0200 (ora legal[...] Eliminata : user_pref("CT2851640.FeedPollDate2429156813860870021", "Mon May 28 2012 11:50:42 GMT+0200 (ora legal[...] Eliminata : user_pref("CT2851640.FeedPollDate2429156814264681793", "Mon May 28 2012 11:50:42 GMT+0200 (ora legal[...] Eliminata : user_pref("CT2851640.FeedPollDate2429156814863075366", "Mon May 28 2012 11:50:41 GMT+0200 (ora legal[...] Eliminata : user_pref("CT2851640.FeedPollDate2429156815257761081", "Mon May 28 2012 11:50:41 GMT+0200 (ora legal[...] Eliminata : user_pref("CT2851640.FeedTTL2429156813040823546", 15); Eliminata : user_pref("CT2851640.FeedTTL2429156813130095866", 10); Eliminata : user_pref("CT2851640.FeedTTL2429156813454291735", 5); Eliminata : user_pref("CT2851640.FeedTTL2429156814264681793", 5); Eliminata : user_pref("CT2851640.FirstServerDate", "26-1-2012"); Eliminata : user_pref("CT2851640.FirstTime", false); Eliminata : user_pref("CT2851640.FirstTimeFF3", false); Eliminata : user_pref("CT2851640.FixPageNotFoundErrors", false); Eliminata : user_pref("CT2851640.GroupingServerCheckInterval", 1440); Eliminata : user_pref("CT2851640.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Eliminata : user_pref("CT2851640.HPInstall", false); Eliminata : user_pref("CT2851640.HasUserGlobalKeys", false); Eliminata : user_pref("CT2851640.HomePageProtectorEnabled", false); Eliminata : user_pref("CT2851640.HomepageBeforeUnload", "www.google.it"); Eliminata : user_pref("CT2851640.Initialize", false); Eliminata : user_pref("CT2851640.InitializeCommonPrefs", false); Eliminata : user_pref("CT2851640.InstallationAndCookieDataSentCount", 3); Eliminata : user_pref("CT2851640.InstallationId", "ConduitXPEIntegration"); Eliminata : user_pref("CT2851640.InstallationType", "ConduitXPEIntegration"); Eliminata : user_pref("CT2851640.InstalledDate", "Thu Jan 26 2012 17:39:17 GMT+0100 (ora solare Europa occidenta[...] Eliminata : user_pref("CT2851640.IsAlertDBUpdated", false); Eliminata : user_pref("CT2851640.IsGrouping", false); Eliminata : user_pref("CT2851640.IsInitSetupIni", false); Eliminata : user_pref("CT2851640.IsMulticommunity", false); Eliminata : user_pref("CT2851640.IsOpenThankYouPage", false); Eliminata : user_pref("CT2851640.IsOpenUninstallPage", false); Eliminata : user_pref("CT2851640.LanguagePackLastCheckTime", "Sun Jul 29 2012 11:06:44 GMT+0200 (ora legale Euro[...] Eliminata : user_pref("CT2851640.LanguagePackReloadIntervalMM", 1440); Eliminata : user_pref("CT2851640.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Eliminata : user_pref("CT2851640.LastLogin_3.10.0.1", "Wed Apr 18 2012 12:48:39 GMT+0200 (ora legale Europa occi[...] Eliminata : user_pref("CT2851640.LastLogin_3.12.0.7", "Fri Apr 27 2012 17:14:18 GMT+0200 (ora legale Europa occi[...] Eliminata : user_pref("CT2851640.LastLogin_3.12.2.3", "Wed May 30 2012 08:07:37 GMT+0200 (ora legale Europa occi[...] Eliminata : user_pref("CT2851640.LastLogin_3.13.0.6", "Tue Jul 17 2012 13:57:42 GMT+0200 (ora legale Europa occi[...] Eliminata : user_pref("CT2851640.LastLogin_3.14.1.0", "Sun Jul 29 2012 22:13:30 GMT+0200 (ora legale Europa occi[...] Eliminata : user_pref("CT2851640.LastLogin_3.9.0.3", "Thu Mar 08 2012 14:05:22 GMT+0100 (ora solare Europa occid[...] Eliminata : user_pref("CT2851640.LatestVersion", "3.14.1.0"); Eliminata : user_pref("CT2851640.Locale", "it"); Eliminata : user_pref("CT2851640.MCDetectTooltipHeight", "83"); Eliminata : user_pref("CT2851640.MCDetectTooltipShow", false); Eliminata : user_pref("CT2851640.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Eliminata : user_pref("CT2851640.MCDetectTooltipWidth", "295"); Eliminata : user_pref("CT2851640.MyStuffEnabledAtInstallation", false); Eliminata : user_pref("CT2851640.OriginalFirstVersion", "3.9.0.3"); Eliminata : user_pref("CT2851640.SHRINK_TOOLBAR", 1); Eliminata : user_pref("CT2851640.SearchCaption", "uTorrentBar_IT Customized Web Search"); Eliminata : user_pref("CT2851640.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties"); Eliminata : user_pref("CT2851640.SearchFromAddressBarIsInit", false); Eliminata : user_pref("CT2851640.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...] Eliminata : user_pref("CT2851640.SearchInNewTabEnabled", false); Eliminata : user_pref("CT2851640.SearchInNewTabIntervalMM", 1440); Eliminata : user_pref("CT2851640.SearchInNewTabLastCheckTime", "Sun Jul 29 2012 11:06:52 GMT+0200 (ora legale Eu[...] Eliminata : user_pref("CT2851640.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Eliminata : user_pref("CT2851640.SearchProtectorEnabled", false); Eliminata : user_pref("CT2851640.SearchProtectorToolbarDisabled", false); Eliminata : user_pref("CT2851640.SendProtectorDataViaLogin", false); Eliminata : user_pref("CT2851640.ServiceMapLastCheckTime", "Sun Jul 29 2012 11:06:52 GMT+0200 (ora legale Europa[...] Eliminata : user_pref("CT2851640.SettingsLastCheckTime", "Sun Jul 29 2012 22:04:42 GMT+0200 (ora legale Europa o[...] Eliminata : user_pref("CT2851640.SettingsLastUpdate", "1342353865"); Eliminata : user_pref("CT2851640.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2851640&SearchSource=13"); Eliminata : user_pref("CT2851640.ThirdPartyComponentsInterval", 504); Eliminata : user_pref("CT2851640.ThirdPartyComponentsLastCheck", "Sun Jul 15 2012 11:24:54 GMT+0200 (ora legale [...] Eliminata : user_pref("CT2851640.ThirdPartyComponentsLastUpdate", "1331806005"); Eliminata : user_pref("CT2851640.ToolbarDisabled", false); Eliminata : user_pref("CT2851640.ToolbarShrinkedFromSetup", false); Eliminata : user_pref("CT2851640.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2851640"); Eliminata : user_pref("CT2851640.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...] Eliminata : user_pref("CT2851640.UserID", "UN56960296296813533"); Eliminata : user_pref("CT2851640.ValidationData_Search", 2); Eliminata : user_pref("CT2851640.ValidationData_Toolbar", 2); Eliminata : user_pref("CT2851640.WeatherNetwork", ""); Eliminata : user_pref("CT2851640.WeatherPollDate", "Sun Jul 29 2012 22:43:52 GMT+0200 (ora legale Europa occiden[...] Eliminata : user_pref("CT2851640.WeatherUnit", "C"); Eliminata : user_pref("CT2851640.alertChannelId", "1243675"); Eliminata : user_pref("CT2851640.approveUntrustedApps", false); Eliminata : user_pref("CT2851640.autoDisableScopes", -1); Eliminata : user_pref("CT2851640.backendstorage.cb_experience_000", "3935"); Eliminata : user_pref("CT2851640.backendstorage.cb_firstuse0100", "31"); Eliminata : user_pref("CT2851640.backendstorage.cb_user_id_000", "43423233313131303938393730335F46697265666F78")[...] Eliminata : user_pref("CT2851640.backendstorage.cbcountry_000", "5553"); Eliminata : user_pref("CT2851640.backendstorage.cbcountry_001", "4954"); Eliminata : user_pref("CT2851640.backendstorage.cbfirsttime", "546875204A616E20323620323031322031373A33393A35342[...] Eliminata : user_pref("CT2851640.backendstorage.facebook_mode", "32"); Eliminata : user_pref("CT2851640.backendstorage.facebook_user_locale", "6974"); Eliminata : user_pref("CT2851640.backendstorage.pairingkey", "36324533344442303832373037434639374442454333423743[...] Eliminata : user_pref("CT2851640.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...] Eliminata : user_pref("CT2851640.backendstorage.url_history0001", "687474703A2F2F7777772E676F6F676C652E69742F757[...] Eliminata : user_pref("CT2851640.backendstorage.uttorrents", "7B226275696C64223A32373232302C226C6162656C223A5B5D[...] Eliminata : user_pref("CT2851640.components.1000034", false); Eliminata : user_pref("CT2851640.components.1000234", false); Eliminata : user_pref("CT2851640.components.129351530189806964", false); Eliminata : user_pref("CT2851640.components.129351530189806965", false); Eliminata : user_pref("CT2851640.components.129422838925300967", false); Eliminata : user_pref("CT2851640.components.6743962842994482530", false); Eliminata : user_pref("CT2851640.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Eliminata : user_pref("CT2851640.globalFirstTimeInfoLastCheckTime", "Fri Jul 27 2012 17:08:18 GMT+0200 (ora lega[...] Eliminata : user_pref("CT2851640.homepageProtectorEnableByLogin", false); Eliminata : user_pref("CT2851640.initDone", false); Eliminata : user_pref("CT2851640.isAppTrackingManagerOn", false); Eliminata : user_pref("CT2851640.myStuffEnabled", false); Eliminata : user_pref("CT2851640.myStuffPublihserMinWidth", 400); Eliminata : user_pref("CT2851640.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Eliminata : user_pref("CT2851640.myStuffServiceIntervalMM", 1440); Eliminata : user_pref("CT2851640.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Eliminata : user_pref("CT2851640.oldAppsList", "129351530187150545,129351530187463046,1000234,129791410467997787[...] Eliminata : user_pref("CT2851640.revertSettingsEnabled", false); Eliminata : user_pref("CT2851640.searchProtectorDialogDelayInSec", 10); Eliminata : user_pref("CT2851640.searchProtectorEnableByLogin", false); Eliminata : user_pref("CT2851640.testingCtid", ""); Eliminata : user_pref("CT2851640.toolbarAppMetaDataLastCheckTime", "Sun Jul 29 2012 11:06:52 GMT+0200 (ora legal[...] Eliminata : user_pref("CT2851640.toolbarContextMenuLastCheckTime", "Sun Jul 29 2012 13:53:19 GMT+0200 (ora legal[...] Eliminata : user_pref("CT2851640.usagesFlag", 2); Eliminata : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2851640/CT2851640[...] Eliminata : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1243675/1239348/IT", "\"0\"[...] Eliminata : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851640", [...] Eliminata : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Eliminata : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Eliminata : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Eliminata : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Eliminata : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Eliminata : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...] Eliminata : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...] Eliminata : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...] Eliminata : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...] Eliminata : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...] Eliminata : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...] Eliminata : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851640",[...] Eliminata : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=it", "\"b6a[...] Eliminata : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Gianni\\AppData\\Roaming\\Mozilla\\[...] Eliminata : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0"); Eliminata : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://facebook.conduitapps.com/v3.13/gadget.html", [...] Eliminata : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://youtube.conduitapps.com/v115/gadget.php?appMo[...] Eliminata : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", ""); Eliminata : user_pref("CommunityToolbar.ToolbarsList", "CT2851640"); Eliminata : user_pref("CommunityToolbar.ToolbarsList2", "CT2851640"); Eliminata : user_pref("CommunityToolbar.ToolbarsList4", "CT2851640"); Eliminata : user_pref("CommunityToolbar.facebook.sessionKey", "2.AQDv2aR_zM1knlt6.86400.1328533200.0-10000296617[...] Eliminata : user_pref("CommunityToolbar.facebook.sessionSecret", "GaqZBb0td5UXiC8lMJtXaw__"); Eliminata : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Apr 18 2012 12:48:35 GMT+0200 (ora[...] Eliminata : user_pref("CommunityToolbar.facebook.userId", "100002966177461"); Eliminata : user_pref("CommunityToolbar.globalUserId", "1f4e4c81-e32e-4249-a6d6-65f303a53fcc"); Eliminata : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", false); Eliminata : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", false); Eliminata : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2851640"); Eliminata : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Jul 29 2012 18:02:4[...] Eliminata : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440); Eliminata : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Jul 29 2012 11:07:01 GMT+020[...] Eliminata : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Eliminata : user_pref("CommunityToolbar.notifications.locale", "en"); Eliminata : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Eliminata : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Jul 29 2012 11:06:52 GMT+0200 (o[...] Eliminata : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Eliminata : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Eliminata : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Eliminata : user_pref("CommunityToolbar.notifications.showTrayIcon", false); Eliminata : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Eliminata : user_pref("CommunityToolbar.notifications.userId", "a87f378d-aa3c-4af4-a03c-bc0302227cfd"); Eliminata : user_pref("CommunityToolbar.originalHomepage", "www.google.it"); Eliminata : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...] Eliminata : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Eliminata : user_pref("extensions.BabylonToolbar.admin", false); Eliminata : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Eliminata : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Eliminata : user_pref("extensions.BabylonToolbar.excTlbr", false); Eliminata : user_pref("extensions.BabylonToolbar.id", "009438de000000000000001e8c6f16a6"); Eliminata : user_pref("extensions.BabylonToolbar.instlDay", "15547"); Eliminata : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Eliminata : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Eliminata : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Eliminata : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Eliminata : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q="); Eliminata : user_pref("extensions.BabylonToolbar.vrsn", "1.5.29.1"); Eliminata : user_pref("extensions.BabylonToolbar.vrsni", "1.5.29.1"); Eliminata : user_pref("extensions.BabylonToolbar_i.babExt", ""); Eliminata : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109217&tt=3012_2"); Eliminata : user_pref("extensions.BabylonToolbar_i.newTab", false); Eliminata : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=109217&tt=3012_[...] Eliminata : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Eliminata : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Eliminata : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.29.118:41:18"); Nome Profilo : default-1343600262549 [Profil par défaut] File : C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\cfl6pfir.default-1343600262549\prefs.js C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\cfl6pfir.default-1343600262549\user.js ... Eliminato ! Eliminata : user_pref("browser.search.selectedEngine", "Search the web (Babylon)"); Eliminata : user_pref("extensions.BabylonToolbar.admin", false); Eliminata : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Eliminata : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); Eliminata : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Eliminata : user_pref("extensions.BabylonToolbar.excTlbr", false); Eliminata : user_pref("extensions.BabylonToolbar.id", "009438de000000000000001e8c6f16a6"); Eliminata : user_pref("extensions.BabylonToolbar.instlDay", "15656"); Eliminata : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Eliminata : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Eliminata : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Eliminata : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Eliminata : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...] Eliminata : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8"); Eliminata : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8"); Eliminata : user_pref("extensions.BabylonToolbar_i.newTab", true); Eliminata : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=117223&tt=4612_[...] Eliminata : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Eliminata : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.818:12:25"); -\\ Google Chrome v23.0.1271.97 File : C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File Pulito. ************************* AdwCleaner[s1].txt - [27149 octets] - [19/12/2012 15:10:46] ########## EOF - C:\AdwCleaner[s1].txt - [27210 octets] ##########
-
All processes killed ========== OTL ========== No active process named PService.exe was found! Service SoftwareUpd stopped successfully! Service SoftwareUpd deleted successfully! C:\Users\Gianni\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe moved successfully. Service PowerOffer Service stopped successfully! Service PowerOffer Service deleted successfully! C:\Users\Gianni\AppData\Local\PosService\Pos.exe moved successfully. Service ServUpdater stopped successfully! Service ServUpdater deleted successfully! C:\Users\Gianni\AppData\Local\ServUpdater\ServiceUpd.exe moved successfully. Prefs.js: "Search the web (Babylon)" removed from browser.search.selectedEngine HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{41C21FC2-A23E-4D26-A6DE-FB5139732F86}\\NameServer| /E : value set successfully! HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\\NameServer| /E : value set successfully! ADS C:\ProgramData\TEMP:5E73E1C2 deleted successfully. ADS C:\ProgramData\TEMP:363E775E deleted successfully. ========== FILES ========== C:\Users\Gianni\AppData\Local\PosService\settings folder moved successfully. C:\Users\Gianni\AppData\Local\PosService folder moved successfully. C:\Users\Gianni\AppData\Local\PowerOffer folder moved successfully. C:\Users\Gianni\AppData\Local\ServUpdater\settings folder moved successfully. C:\Users\Gianni\AppData\Local\ServUpdater folder moved successfully. C:\Users\Gianni\AppData\Local\SoftwareUpdater\settings folder moved successfully. C:\Users\Gianni\AppData\Local\SoftwareUpdater folder moved successfully. C:\Users\Gianni\AppData\Local\unins000.exe moved successfully. C:\Users\Gianni\AppData\Local\unins000.dat moved successfully. < ipconfig /flushdns /c > Configurazione IP di Windows Cache del resolver DNS svuotata. C:\Users\Gianni\Downloads\cmd.bat deleted successfully. C:\Users\Gianni\Downloads\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Gianni ->Temp folder emptied: 2108364378 bytes ->Temporary Internet Files folder emptied: 184794202 bytes ->Java cache emptied: 2232146 bytes ->FireFox cache emptied: 141718029 bytes ->Google Chrome cache emptied: 184533758 bytes ->Flash cache emptied: 550 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 259344486 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67740 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 2.748,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 12192012_150011 Files\Folders moved on Reboot... C:\Users\Gianni\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File\Folder C:\Users\Gianni\AppData\Local\Temp\~DF629A8C8969F70140.TMP not found! File\Folder C:\Users\Gianni\AppData\Local\Temp\~DFD67D22B67C1A885F.TMP not found! File\Folder C:\Users\Gianni\AppData\Local\Temp\~PIE7C7.tmp not found! File\Folder C:\Users\Gianni\AppData\Local\Temp\~PIE7C8.tmp not found! File\Folder C:\Users\Gianni\AppData\Local\Temp\~PIE8A5.tmp not found! PendingFileRenameOperations files... Registry entries deleted on Reboot...
-
OTL Extras logfile created on: 19/12/2012 13:40:48 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gianni\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 0,84 Gb Available Physical Memory | 20,96% Memory free 8,00 Gb Paging File | 2,37 Gb Available in Paging File | 29,61% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 195,31 Gb Total Space | 95,80 Gb Free Space | 49,05% Space Free | Partition Type: NTFS Drive D: | 736,20 Gb Total Space | 425,08 Gb Free Space | 57,74% Space Free | Partition Type: NTFS Computer Name: GIANNI-PC | User Name: Gianni | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0803AE82-1903-4953-93F0-88EE466CF7CF}" = rport=139 | protocol=6 | dir=out | app=system | "{187326E0-9CCE-4490-A626-B5943E907322}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{1936D248-76E6-4509-A10B-9C4C221EB8CD}" = lport=138 | protocol=17 | dir=in | app=system | "{1F0AF96C-EAC2-435A-8A1D-4C68716D2901}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{28998700-32D9-4C5E-B8C6-1C3C1BDB2F7D}" = lport=2869 | protocol=6 | dir=in | app=system | "{2F0A8AC2-0570-4A36-9450-1E60259F9631}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{2F58ECC2-DD95-48F7-99B8-B7E1A38B5421}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{39748C2F-D4D5-4252-B639-FDADF9FFA9A8}" = lport=139 | protocol=6 | dir=in | app=system | "{3A6F9CB6-DC80-4463-8727-7DAE07485520}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{45B8842F-5D3C-4400-87D9-A4286A4FFC75}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{4A459D3E-97AE-41D4-B3A6-A7372FE63F41}" = rport=138 | protocol=17 | dir=out | app=system | "{5ED6A917-52BD-4FE4-B276-1D48B4513B7D}" = rport=10243 | protocol=6 | dir=out | app=system | "{652CF442-A9BE-4C71-A72B-F66E18BB19AE}" = rport=445 | protocol=6 | dir=out | app=system | "{656C6209-609A-47E0-8F7E-A94C290CBCA3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{802EBE90-CD51-4147-B2CF-890109024209}" = lport=10243 | protocol=6 | dir=in | app=system | "{80D2480B-F15E-4C09-B4A5-077A9629A7E2}" = lport=137 | protocol=17 | dir=in | app=system | "{907EB076-FF44-4089-B958-2E1F4F3CDF3C}" = lport=445 | protocol=6 | dir=in | app=system | "{95C79019-8F13-44E5-82C8-C01B0B4220EC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A4F40691-1679-470D-8923-9C545F7EA7EF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B19CA567-BE0A-469E-BD17-BD1D197C38BE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{CED48894-C05D-4170-9DDD-4565E902534A}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{D316B413-EDC9-4AAE-A5B7-4D4DF82796C5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{EAE2BE10-432F-4A66-B548-CAC4100F4770}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{ED7F9B8C-21DD-4331-BA9A-36E917050364}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F2E3826D-B444-48A5-8D53-BCAEF1ED4B98}" = rport=137 | protocol=17 | dir=out | app=system | "{FB900B20-573D-44DF-8291-5D64478969F1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0142AF90-C16A-4BD1-9D2A-C0153B723A6C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{05AD542F-F65F-4051-958B-D5C3825D313F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{08228FA9-F960-496E-89D4-B405F72D7FBE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{12D51294-26E1-4FAF-A44D-7E76F14050D0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{1B9D90C2-1729-46E4-89EF-B04435609E95}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{1FC2EAAE-731A-4E6F-ABF0-056981B4A0AC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{23CDD1A9-B6F6-45E9-9B34-9A8FAE5472D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013\fm.exe | "{263DC768-9906-4751-BC49-9B46AA9839F7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{26729BF7-DA8B-42D7-99A6-5ABA2AACEE00}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 resource archiver\resource archiver.exe | "{2A7EE6D8-7ACD-4D56-8C19-0E13F78FE793}" = protocol=6 | dir=out | app=system | "{2B5626AA-09BD-4592-8EF4-7C084706158F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{2BB117DF-665D-4D3F-9088-F15548BE0107}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3106D60D-D135-42E8-8624-1173FA553526}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{382E8C93-221D-4C64-A11B-086E5793B745}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{3E52E13F-D4E9-4344-A5AC-999AA833C52B}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{3F578A10-2D4C-4951-9147-B7FB7C24C846}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 demo\fm.exe | "{3FAD5162-273E-428E-8B7B-0699413E3B46}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 resource archiver\resource archiver.exe | "{4906EA1C-C62C-46CA-B53D-1CEDBE6B6554}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{555FB3AC-F6E1-48FD-A1D6-104454B796EE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{592BFE74-229B-47DF-A175-D84CD978865B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{5B01FBBE-66B6-44AF-AF97-7CB00F15E644}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{651EFC58-36D5-488B-91BF-7B5ACDF9DD20}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{66C35BA0-3624-44F0-9228-D0436F76101C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 editor\editor.exe | "{700ED68A-3A58-4224-8E0C-0CC061796486}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{7EF9918D-C6B9-4BBE-A75A-FFD20EA800F0}" = dir=in | app=c:\users\gianni\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{7FF7713C-E346-43FB-AEF2-1BA030D35AEA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{84EEF122-6915-4C5B-B4A8-0D552A612A4A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{8EC7146C-EBD6-4F89-88CE-38D8D7B5EC3E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{AD92F434-0D9D-4EA1-B55C-CE376B5307E7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{C12224E6-6932-4C03-91F4-0345ED426B99}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{C48BCC3D-BD19-4499-A16B-B5BFA8314B29}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 editor\editor.exe | "{CF081CA9-D75B-4D9E-8AEF-305FDD463548}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013\fm.exe | "{D2B84192-83E4-40DE-9E86-531034E7D123}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 demo\fm.exe | "{F8FD076A-2038-46F6-B337-DC63F0DAF5EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{FA764038-B1E0-455A-9FC7-80A975B82B30}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{13D99FDD-E507-4227-B8D9-2D949FD17389}C:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe | "TCP Query User{21285A39-92F4-463F-A513-DE623C2A01D6}D:\fifa 12\game\fifa.exe" = protocol=6 | dir=in | app=d:\fifa 12\game\fifa.exe | "TCP Query User{272AC4C2-8868-4770-8EAF-AC00AFB8FC66}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe | "TCP Query User{276DF23F-7014-4A27-9A52-894207646B7E}D: mnationsforever mforever.exe" = protocol=6 | dir=in | app=d: mnationsforever mforever.exe | "TCP Query User{2E1AE588-CEDD-414A-A6C6-C2E7194BC017}D:\fifa13\game\game\fifa13.exe" = protocol=6 | dir=in | app=d:\fifa13\game\game\fifa13.exe | "TCP Query User{3CF66FF0-2BCA-4688-9F70-51B2FBA1BE4D}D:\ea sport\fifa 12\game\fifa.exe" = protocol=6 | dir=in | app=d:\ea sport\fifa 12\game\fifa.exe | "TCP Query User{4FE4F985-0657-49FD-B21A-77F3E9CEF101}D: mnationsforever mforever.exe" = protocol=6 | dir=in | app=d: mnationsforever mforever.exe | "TCP Query User{A978FB32-A665-4441-9704-8A5CF0BBE1D1}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | "TCP Query User{CA8DC527-B577-4DE7-B9FF-21357B35D93C}C:\users\gianni\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\gianni\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe | "TCP Query User{E0260065-7735-45A2-926C-5D772FAD4DE9}C:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe | "UDP Query User{05620D2E-FEF5-4909-AF57-A84AF80B6DA3}D:\fifa13\game\game\fifa13.exe" = protocol=17 | dir=in | app=d:\fifa13\game\game\fifa13.exe | "UDP Query User{374E5F1F-6E50-4C16-ACE2-D239D367DF42}C:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe | "UDP Query User{3CE44F98-EB83-4516-B41D-24239F9D0D66}D: mnationsforever mforever.exe" = protocol=17 | dir=in | app=d: mnationsforever mforever.exe | "UDP Query User{49E1CE12-F2BB-493A-BCDF-42AAAC543074}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe | "UDP Query User{5AE796F9-E889-46C2-A9A8-A90627EB92F6}C:\users\gianni\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\gianni\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe | "UDP Query User{687D5421-9790-4923-8114-A99B93BFF414}D:\fifa 12\game\fifa.exe" = protocol=17 | dir=in | app=d:\fifa 12\game\fifa.exe | "UDP Query User{869817CD-687A-4736-9AA1-4143EF5D4DAA}D: mnationsforever mforever.exe" = protocol=17 | dir=in | app=d: mnationsforever mforever.exe | "UDP Query User{A0E02C3F-DEE0-4F79-8DA1-A13E31AF602E}C:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe | "UDP Query User{A1224D47-03B2-4C32-9A96-255C95E26591}D:\ea sport\fifa 12\game\fifa.exe" = protocol=17 | dir=in | app=d:\ea sport\fifa 12\game\fifa.exe | "UDP Query User{FDD2AD1B-CE74-4400-9A9B-D4DA2A7E2A41}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0B500125-92A7-40BF-ACF0-45A9221ADE21}_is1" = PowerOffer 2.0 "{0F7A6FD0-87F5-FB5D-973C-CF604DE1BC6B}" = CCC Help Polish "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{1A9BE3D6-4D53-2C9D-B77D-562D85936B91}" = CCC Help Norwegian "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{210DFA65-F805-1A2B-4F83-8E27279AE385}" = Catalyst Control Center Graphics Previews Common "{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{29822CAD-C76A-0BEE-55F5-AAA524DA814F}" = CCC Help Greek "{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{3A1293DF-7D09-BB0F-9576-EC47EE4A9362}" = CCC Help Italian "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{47416F0B-6589-591E-C6F8-4235D2230B14}" = Catalyst Control Center InstallProxy "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{570C2A84-A145-4DF0-AE9D-012584DF09DC}" = SPCA1528 PC Driver "{625FC7D1-656D-1BEC-F86F-3EACAFDAA8FE}" = CCC Help English "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Supporto applicazioni Apple "{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = Parser MSXML 4.0 SP2 e SDK "{7351EEF8-9D6C-5F46-5A19-F2C7456CE132}" = CCC Help German "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{7F172E34-4107-8964-6AEA-5051FFD265FF}" = CCC Help Portuguese "{7F92FF5F-C7EA-40BA-9481-02B6B4479C93}" = calibre "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{86095E92-1959-8364-920E-82E81F64F8FB}" = Catalyst Control Center "{89D05F35-933A-89C0-B935-C92BEE4229BD}" = CCC Help French "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010 "{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2010 "{90140000-0015-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2010 "{90140000-0016-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0017-0410-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Italian) 2010 "{90140000-0017-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{71D73EA6-F837-4368-B9D2-10D0D112ED74}" = Microsoft SharePoint Designer 2010 Service Pack 1 (SP1) "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2010 "{90140000-0018-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2010 "{90140000-0019-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2010 "{90140000-001A-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2010 "{90140000-001B-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.it-it_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.OMUI.it-it_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARD_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.OMUI.it-it_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}_Office14.STANDARD_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.STANDARD_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARD_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0409-1000-0000000FF1CE}_Office14.STANDARD_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0410-1000-0000000FF1CE}_Office14.OMUI.it-it_{6664EABC-4985-4C45-925C-6E23AB142266}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-002C-0409-0000-0000000FF1CE}_Office14.STANDARD_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2010 "{90140000-002C-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{711BC808-AC64-48E2-82B2-6B53BB802142}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2010 "{90140000-0044-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}_Office14.STANDARD_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2010 "{90140000-006E-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{C9172EE7-BDCA-4E57-9217-4C589947298B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2010 "{90140000-00A1-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2010 "{90140000-00BA-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0100-0410-0000-0000000FF1CE}" = Microsoft Office O MUI (Italian) 2010 "{90140000-0100-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{2C8C6BB6-81E2-407E-9780-FD04147198ED}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1) "{90140000-0101-0410-0000-0000000FF1CE}" = Microsoft Office X MUI (Italian) 2010 "{90140000-0101-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{645C632B-EE9F-43B0-87E1-2546E9232C7F}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1) "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}_Office14.STANDARD_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0116-0409-1000-0000000FF1CE}_Office14.STANDARD_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{959E4378-CCA1-E4E4-2425-793DA92E8D95}" = CCC Help Czech "{96BB3C67-4EB4-9757-E0C2-C0D2FE9053B1}" = CCC Help Turkish "{974F4B73-2017-E174-9070-3F58F01B341F}" = CCC Help Danish "{98E20A18-3C29-86FA-50B4-918C2B34A082}" = CCC Help Hungarian "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9E2E5EB3-DC6E-9277-E9DB-13175E7DDA39}" = CCC Help Dutch "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAACC0A5-4382-04D0-C75E-0669C7B949B6}" = CCC Help Japanese "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Italiano "{ACEF4078-9B86-2455-E18D-34D52D37D9D5}" = CCC Help Chinese Standard "{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}" = Mobipocket Creator 4.2 "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B55FB422-B803-11F5-5582-B3666EA1B9AC}" = Catalyst Control Center Localization All "{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB "{B8010864-15F8-613B-20EF-AC35B14B3E0D}" = CCC Help Russian "{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287 "{C1342411-5A98-DE8A-5629-D0C518E1C280}" = CCC Help Finnish "{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D08B4177-5160-6B66-8934-2F9012134D61}" = CCC Help Thai "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D34A6029-FB1A-9EA8-A938-5393F82A3A00}" = CCC Help Korean "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode versione 3.1.1.8 "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding "{E3A09D13-4D40-3CF8-7D32-8BD55F8D1533}" = CCC Help Spanish "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F2C35491-9323-3AE7-6023-6B4128045153}" = CCC Help Swedish "{FC66A32F-1A57-AC5C-4F12-DAC2F4CB77A0}" = CCC Help Chinese Traditional "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "1ClickDownload" = 1ClickDownloader "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Avira AntiVir Desktop" = Avira Free Antivirus "BFGC" = Big Fish Games: Game Manager "BFG-Grim Tales - La sposa" = Grim Tales: La sposa "BFG-Grim Tales - Maledizione di famiglia" = Grim Tales: Maledizione di famiglia "Freemake Video Converter_is1" = Freemake Video Converter versione 3.1.2 "InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "Mozilla Firefox 17.0.1 (x86 it)" = Mozilla Firefox 17.0.1 (x86 it) "MozillaMaintenanceService" = Mozilla Maintenance Service "Office14.OMUI.it-it" = Microsoft Office Language Pack 2010 - Italian/Italiano "Office14.STANDARD" = Microsoft Office Standard 2010 "PowerISO" = PowerISO "RealPlayer 15.0" = RealPlayer "Steam App 207890" = Football Manager 2013 "Steam App 220600" = Football Manager 2013 Editor "Steam App 220620" = Football Manager 2013 Resource Archiver "uTorrent" = µTorrent "uTorrentBar_IT Toolbar" = uTorrentBar_IT Toolbar "VirtualCloneDrive" = VirtualCloneDrive "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.10 (32-bit) "XP Codec Pack" = XP Codec Pack ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1539135573-1650222560-1094068503-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "Octoshape Streaming Services" = Octoshape Streaming Services "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 19/07/2012 04:51:15 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 19/07/2012 07:19:05 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 19/07/2012 07:58:56 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 19/07/2012 11:57:28 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 20/07/2012 02:42:05 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 20/07/2012 04:31:08 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 20/07/2012 05:14:45 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 20/07/2012 07:54:14 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 20/07/2012 10:12:14 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 20/07/2012 11:16:58 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = [ Media Center Events ] Error - 10/06/2012 01:42:21 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0 Description = 07:42:21 - Errore di connessione a Internet. 07:42:21 - Impossibile contattare il server.. Error - 10/06/2012 01:42:30 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0 Description = 07:42:26 - Errore di connessione a Internet. 07:42:26 - Impossibile contattare il server.. Error - 04/07/2012 02:29:21 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0 Description = 08:29:21 - Errore di connessione a Internet. 08:29:21 - Impossibile contattare il server.. Error - 04/07/2012 02:29:31 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0 Description = 08:29:26 - Errore di connessione a Internet. 08:29:26 - Impossibile contattare il server.. Error - 19/07/2012 03:05:22 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0 Description = 09:05:22 - Errore di connessione a Internet. 09:05:22 - Impossibile contattare il server.. [ System Events ] Error - 18/12/2012 11:29:59 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7026 Description = All'avvio non è stato possibile caricare i seguenti driver: ArcSec Error - 18/12/2012 14:38:41 | Computer Name = Gianni-PC | Source = Microsoft-Windows-Diagnostics-Networking | ID = 5300 Description = Framework di diagnostica di rete: impossibile completare la fase di ripristino dell'operazione. Errore. È stata generata una segnalazione errore di Windows. [2147942487] Error - 19/12/2012 00:01:39 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7000 Description = Il servizio SPCA1528 Video Camera Service non è stato avviato per il seguente errore: %%2 Error - 19/12/2012 00:03:15 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Pos Service bloccato in partenza. Error - 19/12/2012 00:03:15 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Serv Updater bloccato in partenza. Error - 19/12/2012 00:03:15 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7026 Description = All'avvio non è stato possibile caricare i seguenti driver: ArcSec Error - 19/12/2012 03:05:01 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7000 Description = Il servizio SPCA1528 Video Camera Service non è stato avviato per il seguente errore: %%2 Error - 19/12/2012 03:06:36 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Pos Service bloccato in partenza. Error - 19/12/2012 03:06:36 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Serv Updater bloccato in partenza. Error - 19/12/2012 03:06:36 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7026 Description = All'avvio non è stato possibile caricare i seguenti driver: ArcSec < End of report >
-
OTL logfile created on: 19/12/2012 13:40:48 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gianni\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 0,84 Gb Available Physical Memory | 20,96% Memory free 8,00 Gb Paging File | 2,37 Gb Available in Paging File | 29,61% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 195,31 Gb Total Space | 95,80 Gb Free Space | 49,05% Space Free | Partition Type: NTFS Drive D: | 736,20 Gb Total Space | 425,08 Gb Free Space | 57,74% Space Free | Partition Type: NTFS Computer Name: GIANNI-PC | User Name: Gianni | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days ========== Processes (SafeList) ========== PRC - C:\Users\Gianni\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) PRC - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) PRC - C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2013\fm.exe (Sports Interactive) PRC - C:\Program Files (x86)\Steam\GameOverlayUI.exe (Valve Corporation) PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Users\Public\Documents\AppData\PoApp\PService.exe (PService) PRC - C:\Users\Gianni\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS) PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) PRC - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) PRC - C:\Windows\V0420Mon.exe (Creative Technology Ltd.) ========== Modules (No Company Name) ========== MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll () MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll () MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll () MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\libglesv2.dll () MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\libegl.dll () MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\avutil-51.dll () MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\avformat-54.dll () MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\4a29fb5e489e57ccc97b19ca70db94a8\Microsoft.VisualBasic.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\70705382a499703e7a595fada80b04e6\Accessibility.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll () MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\npFreemake.dll () MOD - C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2013\IntelLaptopGamingVista.dll () MOD - C:\Program Files (x86)\Steam\bin\libcef.dll () MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll () MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL () MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll () MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (SoftwareUpd) -- C:\Users\Gianni\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe (SoftwareUpdService) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (PowerOffer Service) -- C:\Users\Gianni\AppData\Local\PosService\Pos.exe (PowerOfferService) SRV - (ServUpdater) -- C:\Users\Gianni\AppData\Local\ServUpdater\ServiceUpd.exe (ServiceUpd) SRV - (wlidsvc) -- C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (osppsvc) -- C:\Programmi\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\..\URLSearchHook: {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 06 33 EB E6 30 DC CC 01 [binary data] IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\..\URLSearchHook: {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll (Conduit Ltd.) IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&r= IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=117223&tt=4612_5&babsrc=SP_ss&mntrId=009438de000000000000001e8c6f16a6 IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={3FB49B8C-2FCC-44F5-AA97-A17D3A8AF311}&mid=2a05b754417347d19945d157ca8bff55-5a4473c1cc9e44870379b5564e7119bd1325dc1d〈=en&ds=ir011&pr=sa&d=2012-02-04 21:44:17&v=10.0.0.7&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)" FF - prefs.js..browser.startup.homepage: "http://www.google.it/" FF - prefs.js..extensions.enabledAddons: %7B0153E448-190B-4987-BDE1-F256CADA672F%7D:15.0.6 FF - prefs.js..extensions.enabledAddons: fmconverter%40gmail.com:1.0.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Gianni\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Gianni\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Gianni\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Gianni\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Gianni\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/08/15 15:42:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012/11/28 08:43:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/09 14:57:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/09 14:56:57 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/09 14:57:00 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/09 14:56:57 | 000,000,000 | ---D | M] [2012/01/26 15:28:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gianni\AppData\Roaming\mozilla\Extensions [2012/07/26 17:40:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gianni\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions [2012/10/23 16:18:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gianni\AppData\Roaming\mozilla\Firefox\Profiles\cfl6pfir.default-1343600262549\extensions [2012/10/07 08:13:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gianni\AppData\Roaming\mozilla\Firefox\Profiles\x06m84j9.default\extensions [2012/07/17 15:53:03 | 000,000,000 | ---D | M] (uTorrentBar_IT Community Toolbar) -- C:\Users\Gianni\AppData\Roaming\mozilla\Firefox\Profiles\x06m84j9.default\extensions\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} [2012/07/26 17:40:47 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Gianni\AppData\Roaming\mozilla\Firefox\Profiles\x06m84j9.default\extensions\OneClickDownload@OneClickDownload.com [2012/10/07 08:13:32 | 000,002,547 | ---- | M] () -- C:\Users\Gianni\AppData\Roaming\mozilla\firefox\profiles\cfl6pfir.default-1343600262549\searchplugins\browsemngr.xml [2012/12/09 14:56:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012/12/09 14:57:00 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012/12/09 14:56:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\ffxtlbr@babylon.com [2012/11/28 08:43:37 | 000,000,000 | ---D | M] (Freemake Video Converter Plugin) -- C:\PROGRAM FILES (X86)\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX [2012/08/15 15:42:42 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2012/12/09 14:57:00 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2007/04/10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2012/07/27 21:51:30 | 000,184,248 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012/08/15 15:42:38 | 000,150,736 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2012/08/15 15:42:54 | 000,011,776 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll [2012/08/15 15:42:31 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2012/12/09 14:56:59 | 000,001,606 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-it.xml [2012/02/04 21:44:13 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012/11/12 18:12:04 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2012/08/30 18:41:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/12/09 14:56:59 | 000,000,957 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-it.xml [2012/08/30 18:41:12 | 000,003,581 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml [2012/12/09 14:56:59 | 000,001,030 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\hoepli.xml [2012/12/09 14:56:59 | 000,001,395 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-it.xml [2012/12/09 14:56:59 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-it.xml ========== Chrome ========== CHR - homepage: https://www.google.it/webhp?hl=it&tab=ww CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: https://www.google.it/webhp?hl=it&tab=ww CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Unity Player (Enabled) = C:\Users\Gianni\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Google Update (Enabled) = C:\Users\Gianni\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: YouTube = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Ricerca Google = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Freemake Video Converter = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\ CHR - Extension: Gmail = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ CHR - Extension: OneClickDownload = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco\1.2_0\ O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (uTorrentBar_IT Toolbar) - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll (Conduit Ltd.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Guida per l'accesso a Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (uTorrentBar_IT Toolbar) - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll (Conduit Ltd.) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe (PLauncher) O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000..\Run: [ErrorRepairPro] C:\Program Files (x86)\Error Repair Professional\autostart.exe File not found O4 - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000..\Run: [Facebook Update] C:\Users\Gianni\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000..\Run: [Google Update] C:\Users\Gianni\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) O4 - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000..\Run: [Octoshape Streaming Services] C:\Users\Gianni\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS) O4 - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found O9 - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41C21FC2-A23E-4D26-A6DE-FB5139732F86}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41C21FC2-A23E-4D26-A6DE-FB5139732F86}: NameServer = 176.31.229.24,176.31.229.25 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 176.31.229.24,176.31.229.25 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler v {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter ext/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64 spkg.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 60 Days ========== [2012/12/19 06:58:08 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{89177569-C3B4-46CA-BF5D-490D2E5297AE} [2012/12/18 18:57:41 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{2E70FD3D-D3DA-4703-BF41-07286621B60B} [2012/12/18 06:18:16 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{BC5B1F3C-B055-43A6-9844-BBCB70E6562A} [2012/12/17 18:17:50 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{DBED45C9-645A-45C1-9813-E4C0853EF0E7} [2012/12/17 06:16:05 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{22DAE3C0-273A-45F0-9DD1-BA68AD679E59} [2012/12/16 11:04:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012/12/16 11:04:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012/12/16 11:04:35 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2012/12/16 11:04:34 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012/12/16 11:04:34 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012/12/16 11:04:22 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012/12/16 11:04:22 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012/12/16 11:04:22 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2012/12/16 11:04:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012/12/16 08:13:38 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{2992A1C1-0C36-42E1-8F8F-91C25150C1AA} [2012/12/15 13:46:58 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\Programs [2012/12/15 13:46:46 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\ArcSoft [2012/12/15 13:45:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft [2012/12/15 13:45:24 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\PCDLIB32.DLL [2012/12/15 13:39:55 | 040,384,592 | ---- | C] (ArcSoft ) -- C:\Users\Gianni\Desktop\photostudio6_retail_tbyb_all-6.0.0.157.exe [2012/12/15 13:27:23 | 000,000,000 | ---D | C] -- C:\Users\Gianni\Documents\ArcSoft [2012/12/15 13:27:17 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\ArcSoft [2012/12/15 13:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft [2012/12/15 09:23:10 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{CA502B37-CBEF-46B2-A309-BACF71E7C691} [2012/12/14 10:15:06 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{6EA8E82D-1E14-4D2F-B73C-C28969C5D91A} [2012/12/13 09:55:25 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{1614D51D-C122-4881-A540-38D8C843D6E9} [2012/12/12 10:22:19 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/12/12 10:22:18 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/12/12 10:22:18 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/12/12 10:22:18 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/12/12 10:22:18 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012/12/12 10:22:16 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/12/12 09:00:26 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{C67B3B50-2165-40F3-BD64-E493F655FF64} [2012/12/12 06:13:04 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2012/12/12 06:13:04 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012/12/12 06:12:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2012/12/12 06:12:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2012/12/12 06:12:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2012/12/12 06:12:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012/12/12 06:12:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2012/12/12 06:12:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012/12/12 06:12:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012/12/12 06:12:57 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012/12/12 06:12:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012/12/12 06:12:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012/12/12 06:12:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012/12/12 06:12:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012/12/12 06:12:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012/12/12 06:12:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2012/12/12 06:12:17 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll [2012/12/11 21:00:00 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{9343CD7B-4831-4C37-8B1B-D44CF175A6E3} [2012/12/11 12:11:26 | 000,000,000 | ---D | C] -- C:\Users\Gianni\Documents\Glenn Cooper - 06 - Il Tempo Della Verita [2012/12/11 08:59:34 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{5CABCFD2-52A6-4F87-932F-BA54C781EEC0} [2012/12/10 20:59:09 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{978B2FAA-A974-4C1C-BB4C-17C2F57F441A} [2012/12/10 06:28:01 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{D8FA9B7F-03FD-4D79-9F4A-ECD79FE85DAE} [2012/12/09 14:56:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012/12/09 09:01:19 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{56B23AC3-9F0B-41FC-A9D9-FE02E551E61B} [2012/12/08 10:43:50 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{D1D6B951-5E7A-424C-809D-E14A9BB047EB} [2012/12/08 10:21:23 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{EAF54CC2-781B-410F-B38B-6D849AF25DAD} [2012/12/07 09:50:34 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{39A1F395-A145-4460-931A-D50DA8C3D2DC} [2012/12/07 09:15:59 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{6CF0F7A9-2D78-46A5-821B-CFDEA2189037} [2012/12/07 09:12:36 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{DA639BFA-A3B2-4C79-A7FF-E39CC7B178AD} [2012/12/06 08:16:16 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{E13AB49C-BBF1-4A3B-BBC0-33F4985E139F} [2012/12/05 06:13:50 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{0065A979-1F36-4329-9F71-14848AD9934F} [2012/12/04 10:54:08 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{BE99D386-F7B1-4FF0-BC0B-43B873527144} [2012/12/03 22:25:21 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{B614235A-AB74-4F7C-A565-E882C38F6A62} [2012/12/03 08:33:27 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{A28D7D81-FF1B-4785-B1C0-6D1C38C29C49} [2012/12/02 09:59:27 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{FE819DD6-9B81-41A6-B7AC-E95D13E38364} [2012/12/01 08:10:16 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{EC780C51-F3A5-44CE-8C60-30E6AE575427} [2012/11/30 08:06:02 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{AA46CE54-1463-41E4-B100-B259BEE36F75} [2012/11/29 08:32:45 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{2FEA18B9-F579-452C-9EB3-09CB4CA51BC6} [2012/11/28 18:07:21 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{4834BF15-6407-48B4-A71A-6E60BC526285} [2012/11/28 10:40:44 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\ServUpdater [2012/11/28 10:40:44 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\PowerOffer [2012/11/28 10:40:44 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\PosService [2012/11/28 10:40:44 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AppData [2012/11/28 08:43:59 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634896890393452430 [2012/11/28 08:43:51 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\SoftwareUpdater [2012/11/28 08:43:29 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\OpenCandy [2012/11/28 06:06:56 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{E5AB336A-8C6C-4987-A21F-8EC3F7B57377} [2012/11/27 18:06:30 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{3E998279-6FDB-4B4C-8135-DF10230ED7AD} [2012/11/27 05:54:26 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{2486DC21-467D-45BA-8657-0238203CC7F6} [2012/11/26 17:54:01 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{C5B331C6-75FF-48F9-A8E1-7A19F773EBB0} [2012/11/26 05:53:31 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{D05C9F4A-9EB5-4279-8C26-89AFC3A67050} [2012/11/25 08:10:14 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{112EBB04-DD78-4EFD-97AE-2D003A25F8FB} [2012/11/24 11:29:38 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{503AB96C-4A59-4055-94B0-B5C964C96A94} [2012/11/23 09:31:13 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{E476C886-EE94-4FCB-9FA7-318C52B144E2} [2012/11/22 10:06:54 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{53BEF999-5D58-4ED5-9C2C-2C1A1B9AE8F3} [2012/11/21 06:24:37 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{B34689F5-B901-44D6-A104-FCF4FAF08183} [2012/11/20 18:24:12 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{B1C68386-1B41-409E-BDDE-12014CC2E805} [2012/11/20 05:09:42 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{0054C625-47C5-41AC-BF21-42C73FC346D2} [2012/11/19 17:36:06 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634889433667273825 [2012/11/19 16:42:26 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{8DA09B06-99DB-4769-A736-326BF3F77336} [2012/11/19 04:45:44 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634888971440370213 [2012/11/19 04:41:47 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{CF5E7291-5EFF-4B74-A83B-048FBC1FED23} [2012/11/18 10:24:58 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634888310988533612 [2012/11/18 09:58:29 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634888295090664306 [2012/11/18 09:55:57 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634888293571977442 [2012/11/18 09:50:48 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634888290483310780 [2012/11/18 09:37:45 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{CD415BCC-C441-4EF3-841F-E941927831D5} [2012/11/18 09:20:27 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{684BFD35-78A9-42FC-93CF-A3526D40E8B6} [2012/11/17 09:49:37 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{2CAB7F56-0292-4649-BC57-2F677184338C} [2012/11/16 09:13:19 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2012/11/16 09:13:15 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll [2012/11/16 09:13:15 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll [2012/11/16 09:13:15 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll [2012/11/16 09:03:00 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll [2012/11/16 07:51:27 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{5828666D-0DDB-4681-8FFC-4EB212BE66BC} [2012/11/15 09:24:19 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{E1822C00-B0CA-40A2-91EA-340C7B8BBBD8} [2012/11/14 06:40:39 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{3DFBF59D-723E-491F-BB9D-7CFC9ACF6DFB} [2012/11/13 17:07:04 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{742BF4CB-29F3-4DEE-87FB-78FD11C7E6A1} [2012/11/13 05:06:39 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{335E16F1-172C-4580-948C-3E8805EAB2B7} [2012/11/12 20:59:57 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634883507978981835 [2012/11/12 20:40:29 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder [2012/11/12 20:28:23 | 000,000,000 | ---D | C] -- C:\Users\Gianni\Documents\Freemake [2012/11/12 20:28:22 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake [2012/11/12 20:28:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake [2012/11/12 20:28:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake [2012/11/12 20:28:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake [2012/11/12 18:11:33 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\Babylon [2012/11/12 09:15:15 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{98D865DE-7079-4DD5-BC96-A97DB215CA1B} [2012/11/11 21:14:49 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{E035BE31-F071-4E7B-AC8B-4A654CFC4E7F} [2012/11/11 10:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012/11/11 10:22:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012/11/11 10:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2012/11/11 09:14:20 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{428C8EAD-7AA5-4F7A-8D7D-7668673B1052} [2012/11/10 20:05:45 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{A6DE7F0B-3618-407B-965E-A9C72A0FEB62} [2012/11/10 15:44:09 | 000,811,008 | ---- | C] (Pizzolato Davide - www.xdp.it) -- C:\Windows\SysWow64\cximage.dll [2012/11/10 15:44:09 | 000,282,624 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\V0420Cvw.crl [2012/11/10 15:44:09 | 000,278,528 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\V0420Cvw.dll [2012/11/10 15:44:09 | 000,108,032 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\CtDrvIns.exe [2012/11/10 15:44:09 | 000,098,304 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\V0420Ext.ax [2012/11/10 15:44:09 | 000,061,440 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\V0420Ext.crl [2012/11/10 15:44:09 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\CtCamMgr.dll [2012/11/10 15:44:09 | 000,000,000 | ---D | C] -- C:\Live! Cam [2012/11/10 15:31:29 | 000,000,000 | ---D | C] -- C:\Users\Gianni\Documents\File ricevuti [2012/11/10 14:54:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode [2012/11/10 14:54:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XMedia Recode [2012/11/10 14:38:41 | 000,000,000 | ---D | C] -- C:\Users\Gianni\Documents\FIFA 13 [2012/11/10 08:05:18 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{A1AB5F5F-2E7F-4FA6-B23F-99718B150561} [2012/11/09 20:04:51 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{36397C6D-56FA-456A-A61C-089D08C029D9} [2012/11/09 08:04:25 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{F96B9D06-4AF8-4114-BBAB-EF7F9095EFE9} [2012/11/08 20:04:00 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{C4B5296A-3364-4341-B510-E31EBBD84FDA} [2012/11/08 09:47:11 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\FMRTE13 [2012/11/08 09:45:24 | 000,000,000 | ---D | C] -- C:\BraCa Soft [2012/11/08 07:36:08 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{B2D2D1BC-F79B-46B3-A9F8-7F8B2DC803BE} [2012/11/07 07:53:31 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{42A4ABAA-15C2-4188-A034-27DD0D3152E9} [2012/11/06 20:38:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012/11/06 20:38:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip [2012/11/06 07:52:48 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{6D6082AA-07A9-49F8-B54A-7AB7A4121C00} [2012/11/05 19:28:01 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{35782295-0A4F-47DE-945A-24BCCBCCF92C} [2012/11/05 11:29:53 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2012/11/05 11:18:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2012/11/05 11:18:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2012/11/05 07:41:30 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive [2012/11/05 07:41:30 | 000,000,000 | ---D | C] -- C:\Users\Gianni\Documents\Sports Interactive [2012/11/05 07:27:36 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{37C494F9-4DF4-4652-9202-AE8502FC9C58} [2012/11/04 07:28:12 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{618A3D34-4207-42E1-BB21-A36D5C092869} [2012/11/03 10:37:04 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{D314CF97-FC79-416D-A45B-41CA8D9CF729} [2012/11/02 11:28:22 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{2F7C09ED-A468-488C-BAD6-95154E616A50} [2012/11/02 08:46:57 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{39E84469-E556-4090-8083-C75D1AB82E68} [2012/11/01 11:04:44 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{BB14918D-F547-4DE8-A46A-0A7EC9C498D3} [2012/11/01 10:47:50 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{4EE6B47E-1DFC-4296-8652-BF2130CAD51F} [2012/10/31 08:57:34 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{6D841192-2E47-4886-8BFB-18D915E0769A} [2012/10/30 17:25:07 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\Chromium [2012/10/30 17:18:46 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\Sports Interactive [2012/10/30 17:18:46 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\Sports Interactive [2012/10/30 12:09:33 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{17CE8207-D9A2-4DB2-AF3E-ACF9EFD3D3B6} [2012/10/29 22:54:47 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{B3717CED-D065-46CD-94AA-CC30F0692974} [2012/10/29 17:30:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2012/10/29 09:48:49 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{68D3B81C-2E85-4379-9FC6-2125863F464E} [2012/10/29 09:04:42 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{9DAC89B7-A152-4FAF-ABAC-E6768BFB6829} [2012/10/28 18:52:51 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grim Tales - La sposa [2012/10/28 18:52:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grim Tales - La sposa [2012/10/28 18:52:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Grim Tales - La sposa [2012/10/28 13:13:06 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{0F1A0CC1-B2DE-4BCA-AB6D-0CE1F0E18CEF} [2012/10/27 10:21:47 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{0B8DC3E9-64E0-4530-84DC-8C173A628669} [2012/10/26 07:54:03 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{C29F0E1F-6DB0-478E-AAAE-8F4C6ABC06F9} [2012/10/25 19:18:21 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\Elephant Games [2012/10/25 19:18:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Elephant Games [2012/10/25 19:16:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2012/10/25 19:14:51 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grim Tales - Maledizione di famiglia [2012/10/25 19:14:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grim Tales - Maledizione di famiglia [2012/10/25 19:14:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Grim Tales - Maledizione di famiglia [2012/10/25 18:04:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\{3002E08A-4925-4821-8D06-D5FC4EBFF034} [2012/10/25 18:03:59 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\PackageAware [2012/10/25 17:01:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Big Fish Games [2012/10/25 17:01:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bfgclient [2012/10/25 16:55:11 | 000,000,000 | ---D | C] -- C:\BigFishGamesCache [2012/10/25 08:57:34 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{0262E2EE-C5A5-47E4-A447-9297CC0C8E59} [2012/10/25 07:18:44 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{568F2C69-5B8B-428E-8E07-460CF7514AB4} [2012/10/24 10:03:32 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{7025B88C-39B8-42EF-B862-2D21CF9FFC52} [2012/10/23 22:03:07 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{B1AF26E8-AB89-45DD-B448-D95705A91FA7} [2012/10/23 10:02:43 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{CA9EB897-7C8C-4ECA-AD7F-44C0D647D916} [2012/10/22 21:58:37 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{8FDE902E-4AC8-4F07-8E9E-F3780D5C4D12} [2012/10/22 08:15:28 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{39841513-171E-4802-86D5-1FC8D918104D} [2012/10/22 07:23:32 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\Diagnostics [2012/10/22 07:19:33 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{7858542C-84B7-4BD7-A089-E6899E446F05} [2012/10/21 12:03:47 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{7EA223EC-FEFD-4E8A-B6D4-B36B7CD3BEE5} [2012/10/21 09:30:36 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{F18EA4A7-4C8D-4F87-957D-28A714EBABF2} [2012/10/21 09:14:07 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{09098D13-FDD3-407B-B14E-6C1691001C7E} ========== Files - Modified Within 60 Days ========== [2012/12/19 13:41:00 | 000,001,164 | ---- | M] () -- C:\Windows asks\GoogleUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1000UA.job [2012/12/19 13:36:02 | 000,000,978 | ---- | M] () -- C:\Windows asks\Adobe Flash Player Updater.job [2012/12/19 13:27:02 | 000,001,182 | ---- | M] () -- C:\Windows asks\FacebookUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1000UA.job [2012/12/19 11:56:00 | 000,000,266 | ---- | M] () -- C:\Windows asks\AutoKMS.job [2012/12/19 09:47:39 | 000,102,892 | ---- | M] () -- C:\Users\Gianni\Desktop\facebook nascita.JPG [2012/12/19 08:04:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/12/19 08:04:45 | 3220,664,320 | -HS- | M] () -- C:\hiberfil.sys [2012/12/18 22:41:00 | 000,001,112 | ---- | M] () -- C:\Windows asks\GoogleUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1000Core.job [2012/12/18 19:27:01 | 000,001,160 | ---- | M] () -- C:\Windows asks\FacebookUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1000Core.job [2012/12/16 11:04:16 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2012/12/16 11:04:14 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012/12/16 11:04:14 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2012/12/16 11:04:14 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2012/12/16 11:04:14 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012/12/16 11:04:14 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012/12/15 13:44:45 | 040,384,592 | ---- | M] (ArcSoft ) -- C:\Users\Gianni\Desktop\photostudio6_retail_tbyb_all-6.0.0.157.exe [2012/12/14 10:43:33 | 000,002,493 | ---- | M] () -- C:\Users\Gianni\Desktop\Google Chrome.lnk [2012/12/12 11:39:36 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/12/12 11:39:36 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/11/28 10:40:45 | 000,004,082 | ---- | M] () -- C:\Users\Gianni\AppData\Local\unins000.dat [2012/11/28 10:40:43 | 000,715,038 | ---- | M] () -- C:\Users\Gianni\AppData\Local\unins000.exe [2012/11/28 08:43:38 | 000,001,324 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk [2012/11/22 11:47:28 | 000,007,605 | ---- | M] () -- C:\Users\Gianni\AppData\Local\resmon.resmoncfg [2012/11/14 02:58:15 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/11/14 02:55:46 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/11/14 02:49:25 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012/11/14 02:49:19 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/11/14 02:45:01 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/11/14 02:41:30 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/11/12 21:06:54 | 000,010,240 | ---- | M] () -- C:\Users\Gianni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/11/10 14:54:22 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\XMedia Recode.lnk [2012/11/10 14:38:13 | 000,001,053 | ---- | M] () -- C:\Users\Gianni\Desktop\fifa13 - collegamento.lnk [2012/11/10 05:14:50 | 000,000,635 | ---- | M] () -- C:\Users\Gianni\Desktop\FM13 - collegamento.lnk [2012/11/05 21:32:16 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2012/11/05 21:32:09 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012/11/05 11:29:53 | 000,000,222 | ---- | M] () -- C:\Users\Gianni\Desktop\Football Manager 2013.url [2012/11/05 11:18:51 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2012/11/02 06:11:31 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll ========== Files Created - No Company Name ========== [2012/12/19 09:47:39 | 000,102,892 | ---- | C] () -- C:\Users\Gianni\Desktop\facebook nascita.JPG [2012/11/28 10:40:44 | 000,715,038 | ---- | C] () -- C:\Users\Gianni\AppData\Local\unins000.exe [2012/11/28 10:40:44 | 000,004,082 | ---- | C] () -- C:\Users\Gianni\AppData\Local\unins000.dat [2012/11/12 20:28:22 | 000,001,324 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk [2012/11/10 15:44:09 | 000,195,215 | ---- | C] () -- C:\Windows\SysWow64\V0420Cvw.bff [2012/11/10 15:44:09 | 000,005,022 | ---- | C] () -- C:\Windows\VF0420.uns [2012/11/10 14:54:22 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\XMedia Recode.lnk [2012/11/10 14:38:13 | 000,001,053 | ---- | C] () -- C:\Users\Gianni\Desktop\fifa13 - collegamento.lnk [2012/11/10 05:14:50 | 000,000,635 | ---- | C] () -- C:\Users\Gianni\Desktop\FM13 - collegamento.lnk [2012/11/05 11:29:53 | 000,000,222 | ---- | C] () -- C:\Users\Gianni\Desktop\Football Manager 2013.url [2012/11/05 11:18:51 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2012/10/25 17:01:50 | 000,001,931 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk [2012/10/25 17:01:50 | 000,001,250 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Altri giochi super.lnk [2012/07/16 10:58:33 | 000,007,605 | ---- | C] () -- C:\Users\Gianni\AppData\Local\resmon.resmoncfg [2012/05/30 18:07:00 | 000,014,115 | ---- | C] () -- C:\Windows wspmm.ini [2012/03/09 05:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012/03/09 05:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012/02/04 21:44:52 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini [2012/01/28 10:42:30 | 000,010,240 | ---- | C] () -- C:\Users\Gianni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/01/26 15:03:24 | 001,630,920 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/01/26 14:38:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011/09/13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat ========== ZeroAccess Check ========== [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012/11/12 18:11:33 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\Babylon [2012/02/01 14:36:43 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\calibre [2012/03/19 17:20:15 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\Canneverbe Limited [2012/11/01 16:51:06 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\Elephant Games [2012/11/08 09:47:11 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\FMRTE13 [2012/08/29 20:20:32 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\Octoshape [2012/11/28 08:43:29 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\OpenCandy [2012/04/20 17:33:51 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\SanDisk SecureAccess [2012/11/06 08:54:15 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\Sports Interactive [2012/10/07 08:14:49 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\SumatraPDF [2012/02/14 11:51:06 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\Unity [2012/12/19 13:44:07 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\uTorrent [2012/01/26 20:41:45 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\Windows Live Writer [2012/01/28 10:41:26 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\XMedia Recode ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 235 bytes -> C:\ProgramData\TEMP:5E73E1C2 @Alternate Data Stream - 231 bytes -> C:\ProgramData\TEMP:363E775E < End of report >
-
Ok chiedo venia di non aver letto prima
-
OTL Extras logfile created on: 19/12/2012 13:09:35 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gianni\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 0,80 Gb Available Physical Memory | 19,95% Memory free 8,00 Gb Paging File | 2,78 Gb Available in Paging File | 34,73% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 195,31 Gb Total Space | 95,76 Gb Free Space | 49,03% Space Free | Partition Type: NTFS Drive D: | 736,20 Gb Total Space | 425,08 Gb Free Space | 57,74% Space Free | Partition Type: NTFS Computer Name: GIANNI-PC | User Name: Gianni | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0803AE82-1903-4953-93F0-88EE466CF7CF}" = rport=139 | protocol=6 | dir=out | app=system | "{187326E0-9CCE-4490-A626-B5943E907322}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{1936D248-76E6-4509-A10B-9C4C221EB8CD}" = lport=138 | protocol=17 | dir=in | app=system | "{1F0AF96C-EAC2-435A-8A1D-4C68716D2901}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{28998700-32D9-4C5E-B8C6-1C3C1BDB2F7D}" = lport=2869 | protocol=6 | dir=in | app=system | "{2F0A8AC2-0570-4A36-9450-1E60259F9631}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{2F58ECC2-DD95-48F7-99B8-B7E1A38B5421}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{39748C2F-D4D5-4252-B639-FDADF9FFA9A8}" = lport=139 | protocol=6 | dir=in | app=system | "{3A6F9CB6-DC80-4463-8727-7DAE07485520}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{45B8842F-5D3C-4400-87D9-A4286A4FFC75}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{4A459D3E-97AE-41D4-B3A6-A7372FE63F41}" = rport=138 | protocol=17 | dir=out | app=system | "{5ED6A917-52BD-4FE4-B276-1D48B4513B7D}" = rport=10243 | protocol=6 | dir=out | app=system | "{652CF442-A9BE-4C71-A72B-F66E18BB19AE}" = rport=445 | protocol=6 | dir=out | app=system | "{656C6209-609A-47E0-8F7E-A94C290CBCA3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{802EBE90-CD51-4147-B2CF-890109024209}" = lport=10243 | protocol=6 | dir=in | app=system | "{80D2480B-F15E-4C09-B4A5-077A9629A7E2}" = lport=137 | protocol=17 | dir=in | app=system | "{907EB076-FF44-4089-B958-2E1F4F3CDF3C}" = lport=445 | protocol=6 | dir=in | app=system | "{95C79019-8F13-44E5-82C8-C01B0B4220EC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A4F40691-1679-470D-8923-9C545F7EA7EF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B19CA567-BE0A-469E-BD17-BD1D197C38BE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe | "{CED48894-C05D-4170-9DDD-4565E902534A}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{D316B413-EDC9-4AAE-A5B7-4D4DF82796C5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{EAE2BE10-432F-4A66-B548-CAC4100F4770}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{ED7F9B8C-21DD-4331-BA9A-36E917050364}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F2E3826D-B444-48A5-8D53-BCAEF1ED4B98}" = rport=137 | protocol=17 | dir=out | app=system | "{FB900B20-573D-44DF-8291-5D64478969F1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0142AF90-C16A-4BD1-9D2A-C0153B723A6C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{05AD542F-F65F-4051-958B-D5C3825D313F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{08228FA9-F960-496E-89D4-B405F72D7FBE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{12D51294-26E1-4FAF-A44D-7E76F14050D0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{1B9D90C2-1729-46E4-89EF-B04435609E95}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{1FC2EAAE-731A-4E6F-ABF0-056981B4A0AC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{23CDD1A9-B6F6-45E9-9B34-9A8FAE5472D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013\fm.exe | "{263DC768-9906-4751-BC49-9B46AA9839F7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{26729BF7-DA8B-42D7-99A6-5ABA2AACEE00}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 resource archiver\resource archiver.exe | "{2A7EE6D8-7ACD-4D56-8C19-0E13F78FE793}" = protocol=6 | dir=out | app=system | "{2B5626AA-09BD-4592-8EF4-7C084706158F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{2BB117DF-665D-4D3F-9088-F15548BE0107}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3106D60D-D135-42E8-8624-1173FA553526}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{382E8C93-221D-4C64-A11B-086E5793B745}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{3E52E13F-D4E9-4344-A5AC-999AA833C52B}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{3F578A10-2D4C-4951-9147-B7FB7C24C846}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 demo\fm.exe | "{3FAD5162-273E-428E-8B7B-0699413E3B46}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 resource archiver\resource archiver.exe | "{4906EA1C-C62C-46CA-B53D-1CEDBE6B6554}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{555FB3AC-F6E1-48FD-A1D6-104454B796EE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{592BFE74-229B-47DF-A175-D84CD978865B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{5B01FBBE-66B6-44AF-AF97-7CB00F15E644}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{651EFC58-36D5-488B-91BF-7B5ACDF9DD20}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{66C35BA0-3624-44F0-9228-D0436F76101C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 editor\editor.exe | "{700ED68A-3A58-4224-8E0C-0CC061796486}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{7EF9918D-C6B9-4BBE-A75A-FFD20EA800F0}" = dir=in | app=c:\users\gianni\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{7FF7713C-E346-43FB-AEF2-1BA030D35AEA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{84EEF122-6915-4C5B-B4A8-0D552A612A4A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{8EC7146C-EBD6-4F89-88CE-38D8D7B5EC3E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{AD92F434-0D9D-4EA1-B55C-CE376B5307E7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{C12224E6-6932-4C03-91F4-0345ED426B99}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{C48BCC3D-BD19-4499-A16B-B5BFA8314B29}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 editor\editor.exe | "{CF081CA9-D75B-4D9E-8AEF-305FDD463548}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013\fm.exe | "{D2B84192-83E4-40DE-9E86-531034E7D123}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 demo\fm.exe | "{F8FD076A-2038-46F6-B337-DC63F0DAF5EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{FA764038-B1E0-455A-9FC7-80A975B82B30}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{13D99FDD-E507-4227-B8D9-2D949FD17389}C:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe | "TCP Query User{21285A39-92F4-463F-A513-DE623C2A01D6}D:\fifa 12\game\fifa.exe" = protocol=6 | dir=in | app=d:\fifa 12\game\fifa.exe | "TCP Query User{272AC4C2-8868-4770-8EAF-AC00AFB8FC66}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe | "TCP Query User{276DF23F-7014-4A27-9A52-894207646B7E}D: mnationsforever mforever.exe" = protocol=6 | dir=in | app=d: mnationsforever mforever.exe | "TCP Query User{2E1AE588-CEDD-414A-A6C6-C2E7194BC017}D:\fifa13\game\game\fifa13.exe" = protocol=6 | dir=in | app=d:\fifa13\game\game\fifa13.exe | "TCP Query User{3CF66FF0-2BCA-4688-9F70-51B2FBA1BE4D}D:\ea sport\fifa 12\game\fifa.exe" = protocol=6 | dir=in | app=d:\ea sport\fifa 12\game\fifa.exe | "TCP Query User{4FE4F985-0657-49FD-B21A-77F3E9CEF101}D: mnationsforever mforever.exe" = protocol=6 | dir=in | app=d: mnationsforever mforever.exe | "TCP Query User{A978FB32-A665-4441-9704-8A5CF0BBE1D1}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | "TCP Query User{CA8DC527-B577-4DE7-B9FF-21357B35D93C}C:\users\gianni\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\gianni\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe | "TCP Query User{E0260065-7735-45A2-926C-5D772FAD4DE9}C:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe | "UDP Query User{05620D2E-FEF5-4909-AF57-A84AF80B6DA3}D:\fifa13\game\game\fifa13.exe" = protocol=17 | dir=in | app=d:\fifa13\game\game\fifa13.exe | "UDP Query User{374E5F1F-6E50-4C16-ACE2-D239D367DF42}C:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe | "UDP Query User{3CE44F98-EB83-4516-B41D-24239F9D0D66}D: mnationsforever mforever.exe" = protocol=17 | dir=in | app=d: mnationsforever mforever.exe | "UDP Query User{49E1CE12-F2BB-493A-BCDF-42AAAC543074}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe | "UDP Query User{5AE796F9-E889-46C2-A9A8-A90627EB92F6}C:\users\gianni\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\gianni\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe | "UDP Query User{687D5421-9790-4923-8114-A99B93BFF414}D:\fifa 12\game\fifa.exe" = protocol=17 | dir=in | app=d:\fifa 12\game\fifa.exe | "UDP Query User{869817CD-687A-4736-9AA1-4143EF5D4DAA}D: mnationsforever mforever.exe" = protocol=17 | dir=in | app=d: mnationsforever mforever.exe | "UDP Query User{A0E02C3F-DEE0-4F79-8DA1-A13E31AF602E}C:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe | "UDP Query User{A1224D47-03B2-4C32-9A96-255C95E26591}D:\ea sport\fifa 12\game\fifa.exe" = protocol=17 | dir=in | app=d:\ea sport\fifa 12\game\fifa.exe | "UDP Query User{FDD2AD1B-CE74-4400-9A9B-D4DA2A7E2A41}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{46DA7FD9-8BC1-7BA8-98D1-27F46647871B}" = AMD Catalyst Install Manager "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{57580625-C673-7FEA-8791-E84B7AAF5069}" = ccc-utility64 "{5F92DAD2-FD95-DD12-50DF-A6F66C7E67C8}" = AMD Drag and Drop Transcoding "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Creative VF0420" = Creative Live! Cam Vista IM (VF0420) Driver (1.01.01.00) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0B500125-92A7-40BF-ACF0-45A9221ADE21}_is1" = PowerOffer 2.0 "{0F7A6FD0-87F5-FB5D-973C-CF604DE1BC6B}" = CCC Help Polish "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{1A9BE3D6-4D53-2C9D-B77D-562D85936B91}" = CCC Help Norwegian "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{210DFA65-F805-1A2B-4F83-8E27279AE385}" = Catalyst Control Center Graphics Previews Common "{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{29822CAD-C76A-0BEE-55F5-AAA524DA814F}" = CCC Help Greek "{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{3A1293DF-7D09-BB0F-9576-EC47EE4A9362}" = CCC Help Italian "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{47416F0B-6589-591E-C6F8-4235D2230B14}" = Catalyst Control Center InstallProxy "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{570C2A84-A145-4DF0-AE9D-012584DF09DC}" = SPCA1528 PC Driver "{625FC7D1-656D-1BEC-F86F-3EACAFDAA8FE}" = CCC Help English "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Supporto applicazioni Apple "{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = Parser MSXML 4.0 SP2 e SDK "{7351EEF8-9D6C-5F46-5A19-F2C7456CE132}" = CCC Help German "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{7F172E34-4107-8964-6AEA-5051FFD265FF}" = CCC Help Portuguese "{7F92FF5F-C7EA-40BA-9481-02B6B4479C93}" = calibre "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{86095E92-1959-8364-920E-82E81F64F8FB}" = Catalyst Control Center "{89D05F35-933A-89C0-B935-C92BEE4229BD}" = CCC Help French "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010 "{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2010 "{90140000-0015-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2010 "{90140000-0016-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0017-0410-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Italian) 2010 "{90140000-0017-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{71D73EA6-F837-4368-B9D2-10D0D112ED74}" = Microsoft SharePoint Designer 2010 Service Pack 1 (SP1) "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2010 "{90140000-0018-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2010 "{90140000-0019-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2010 "{90140000-001A-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2010 "{90140000-001B-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.it-it_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.OMUI.it-it_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARD_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.OMUI.it-it_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}_Office14.STANDARD_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.STANDARD_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARD_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0409-1000-0000000FF1CE}_Office14.STANDARD_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0410-1000-0000000FF1CE}_Office14.OMUI.it-it_{6664EABC-4985-4C45-925C-6E23AB142266}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-002C-0409-0000-0000000FF1CE}_Office14.STANDARD_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2010 "{90140000-002C-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{711BC808-AC64-48E2-82B2-6B53BB802142}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2010 "{90140000-0044-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}_Office14.STANDARD_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2010 "{90140000-006E-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{C9172EE7-BDCA-4E57-9217-4C589947298B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2010 "{90140000-00A1-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2010 "{90140000-00BA-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0100-0410-0000-0000000FF1CE}" = Microsoft Office O MUI (Italian) 2010 "{90140000-0100-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{2C8C6BB6-81E2-407E-9780-FD04147198ED}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1) "{90140000-0101-0410-0000-0000000FF1CE}" = Microsoft Office X MUI (Italian) 2010 "{90140000-0101-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{645C632B-EE9F-43B0-87E1-2546E9232C7F}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1) "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}_Office14.STANDARD_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0116-0409-1000-0000000FF1CE}_Office14.STANDARD_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{959E4378-CCA1-E4E4-2425-793DA92E8D95}" = CCC Help Czech "{96BB3C67-4EB4-9757-E0C2-C0D2FE9053B1}" = CCC Help Turkish "{974F4B73-2017-E174-9070-3F58F01B341F}" = CCC Help Danish "{98E20A18-3C29-86FA-50B4-918C2B34A082}" = CCC Help Hungarian "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9E2E5EB3-DC6E-9277-E9DB-13175E7DDA39}" = CCC Help Dutch "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAACC0A5-4382-04D0-C75E-0669C7B949B6}" = CCC Help Japanese "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Italiano "{ACEF4078-9B86-2455-E18D-34D52D37D9D5}" = CCC Help Chinese Standard "{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}" = Mobipocket Creator 4.2 "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B55FB422-B803-11F5-5582-B3666EA1B9AC}" = Catalyst Control Center Localization All "{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB "{B8010864-15F8-613B-20EF-AC35B14B3E0D}" = CCC Help Russian "{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287 "{C1342411-5A98-DE8A-5629-D0C518E1C280}" = CCC Help Finnish "{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D08B4177-5160-6B66-8934-2F9012134D61}" = CCC Help Thai "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D34A6029-FB1A-9EA8-A938-5393F82A3A00}" = CCC Help Korean "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode versione 3.1.1.8 "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding "{E3A09D13-4D40-3CF8-7D32-8BD55F8D1533}" = CCC Help Spanish "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F2C35491-9323-3AE7-6023-6B4128045153}" = CCC Help Swedish "{FC66A32F-1A57-AC5C-4F12-DAC2F4CB77A0}" = CCC Help Chinese Traditional "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "1ClickDownload" = 1ClickDownloader "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Avira AntiVir Desktop" = Avira Free Antivirus "BFGC" = Big Fish Games: Game Manager "BFG-Grim Tales - La sposa" = Grim Tales: La sposa "BFG-Grim Tales - Maledizione di famiglia" = Grim Tales: Maledizione di famiglia "Freemake Video Converter_is1" = Freemake Video Converter versione 3.1.2 "InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "Mozilla Firefox 17.0.1 (x86 it)" = Mozilla Firefox 17.0.1 (x86 it) "MozillaMaintenanceService" = Mozilla Maintenance Service "Office14.OMUI.it-it" = Microsoft Office Language Pack 2010 - Italian/Italiano "Office14.STANDARD" = Microsoft Office Standard 2010 "PowerISO" = PowerISO "RealPlayer 15.0" = RealPlayer "Steam App 207890" = Football Manager 2013 "Steam App 220600" = Football Manager 2013 Editor "Steam App 220620" = Football Manager 2013 Resource Archiver "uTorrent" = µTorrent "uTorrentBar_IT Toolbar" = uTorrentBar_IT Toolbar "VirtualCloneDrive" = VirtualCloneDrive "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.10 (32-bit) "XP Codec Pack" = XP Codec Pack ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "Octoshape Streaming Services" = Octoshape Streaming Services "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 19/07/2012 04:51:15 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 19/07/2012 07:19:05 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 19/07/2012 07:58:56 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 19/07/2012 11:57:28 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 20/07/2012 02:42:05 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 20/07/2012 04:31:08 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 20/07/2012 05:14:45 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 20/07/2012 07:54:14 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 20/07/2012 10:12:14 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = Error - 20/07/2012 11:16:58 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10 Description = [ Media Center Events ] Error - 10/06/2012 01:42:21 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0 Description = 07:42:21 - Errore di connessione a Internet. 07:42:21 - Impossibile contattare il server.. Error - 10/06/2012 01:42:30 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0 Description = 07:42:26 - Errore di connessione a Internet. 07:42:26 - Impossibile contattare il server.. Error - 04/07/2012 02:29:21 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0 Description = 08:29:21 - Errore di connessione a Internet. 08:29:21 - Impossibile contattare il server.. Error - 04/07/2012 02:29:31 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0 Description = 08:29:26 - Errore di connessione a Internet. 08:29:26 - Impossibile contattare il server.. Error - 19/07/2012 03:05:22 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0 Description = 09:05:22 - Errore di connessione a Internet. 09:05:22 - Impossibile contattare il server.. [ System Events ] Error - 18/12/2012 11:29:59 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7026 Description = All'avvio non è stato possibile caricare i seguenti driver: ArcSec Error - 18/12/2012 14:38:41 | Computer Name = Gianni-PC | Source = Microsoft-Windows-Diagnostics-Networking | ID = 5300 Description = Framework di diagnostica di rete: impossibile completare la fase di ripristino dell'operazione. Errore. È stata generata una segnalazione errore di Windows. [2147942487] Error - 19/12/2012 00:01:39 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7000 Description = Il servizio SPCA1528 Video Camera Service non è stato avviato per il seguente errore: %%2 Error - 19/12/2012 00:03:15 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Pos Service bloccato in partenza. Error - 19/12/2012 00:03:15 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Serv Updater bloccato in partenza. Error - 19/12/2012 00:03:15 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7026 Description = All'avvio non è stato possibile caricare i seguenti driver: ArcSec Error - 19/12/2012 03:05:01 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7000 Description = Il servizio SPCA1528 Video Camera Service non è stato avviato per il seguente errore: %%2 Error - 19/12/2012 03:06:36 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Pos Service bloccato in partenza. Error - 19/12/2012 03:06:36 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7022 Description = Servizio Serv Updater bloccato in partenza. Error - 19/12/2012 03:06:36 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7026 Description = All'avvio non è stato possibile caricare i seguenti driver: ArcSec < End of report >