Accedi per seguire   
Seguaci 0
gianman

Ho Il Pc Che Ogni Tanto Si Blocca

21 messaggi in questa discussione

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 05:12:52, on 19/12/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16457)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Users\Gianni\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

C:\Windows\V0420Mon.exe

C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Users\Public\Documents\AppData\PoApp\PService.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Users\Gianni\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gianni\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gianni\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gianni\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gianni\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gianni\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gianni\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gianni\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gianni\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2013\fm.exe

C:\Program Files (x86)\Steam\GameOverlayUI.exe

C:\Users\Gianni\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gianni\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gianni\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gianni\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gianni\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gianni\Downloads\HijackThis.exe

C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: uTorrentBar_IT - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll

O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe

O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\Gianni\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [ErrorRepairPro] C:\Program Files (x86)\Error Repair Professional\autostart.exe

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Gianni\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\Gianni\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)

O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)

O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)

O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{41C21FC2-A23E-4D26-A6DE-FB5139732F86}: NameServer = 176.31.229.24,176.31.229.25

O17 - HKLM\System\CCS\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 176.31.229.24,176.31.229.25

O17 - HKLM\System\CS1\Services\Tcpip\..\{41C21FC2-A23E-4D26-A6DE-FB5139732F86}: NameServer = 176.31.229.24,176.31.229.25

O17 - HKLM\System\CS2\Services\Tcpip\..\{41C21FC2-A23E-4D26-A6DE-FB5139732F86}: NameServer = 176.31.229.24,176.31.229.25

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Users\Gianni\AppData\Local\PosService\Pos.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Users\Gianni\AppData\Local\ServUpdater\ServiceUpd.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: Software Upd (SoftwareUpd) - SoftwareUpdService - C:\Users\Gianni\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 12347 bytes

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

OTL logfile created on: 19/12/2012 13:09:35 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gianni\Downloads

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 0,80 Gb Available Physical Memory | 19,95% Memory free

8,00 Gb Paging File | 2,78 Gb Available in Paging File | 34,73% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 195,31 Gb Total Space | 95,76 Gb Free Space | 49,03% Space Free | Partition Type: NTFS

Drive D: | 736,20 Gb Total Space | 425,08 Gb Free Space | 57,74% Space Free | Partition Type: NTFS

Computer Name: GIANNI-PC | User Name: Gianni | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/19 13:08:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gianni\Downloads\OTL.exe

PRC - [2012/12/10 06:30:50 | 001,354,736 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe

PRC - [2012/12/10 06:28:19 | 000,969,104 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe

PRC - [2012/11/21 06:23:12 | 040,391,320 | ---- | M] (Sports Interactive) -- C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2013\fm.exe

PRC - [2012/11/05 11:24:15 | 000,071,464 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\GameOverlayUI.exe

PRC - [2012/11/05 11:24:14 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe

PRC - [2012/08/15 15:42:25 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

PRC - [2012/08/11 12:43:40 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2012/05/08 18:35:13 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2012/05/08 18:35:13 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2011/12/16 18:44:50 | 000,762,368 | ---- | M] (PService) -- C:\Users\Public\Documents\AppData\PoApp\PService.exe

PRC - [2011/03/24 16:11:18 | 000,107,800 | ---- | M] (Octoshape ApS) -- C:\Users\Gianni\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe

PRC - [2011/03/15 14:44:30 | 000,428,384 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

PRC - [2011/03/15 14:44:28 | 000,650,080 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

PRC - [2010/04/12 09:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

PRC - [2007/04/30 02:00:00 | 000,032,768 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\V0420Mon.exe

========== Modules (No Company Name) ==========

MOD - [2012/12/05 02:15:15 | 012,456,040 | ---- | M] () -- C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll

MOD - [2012/12/05 02:15:15 | 000,460,904 | ---- | M] () -- C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll

MOD - [2012/12/05 02:15:14 | 004,008,040 | ---- | M] () -- C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll

MOD - [2012/12/05 02:14:29 | 000,587,880 | ---- | M] () -- C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\libglesv2.dll

MOD - [2012/12/05 02:14:28 | 000,124,520 | ---- | M] () -- C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\libegl.dll

MOD - [2012/12/05 02:14:21 | 000,157,304 | ---- | M] () -- C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\avutil-51.dll

MOD - [2012/12/05 02:14:20 | 000,275,576 | ---- | M] () -- C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\avformat-54.dll

MOD - [2012/12/05 02:14:19 | 002,168,952 | ---- | M] () -- C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll

MOD - [2012/11/16 16:31:38 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\4a29fb5e489e57ccc97b19ca70db94a8\Microsoft.VisualBasic.ni.dll

MOD - [2012/11/16 11:00:50 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll

MOD - [2012/11/16 11:00:48 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll

MOD - [2012/11/16 11:00:26 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll

MOD - [2012/11/16 11:00:21 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll

MOD - [2012/11/16 11:00:19 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\70705382a499703e7a595fada80b04e6\Accessibility.ni.dll

MOD - [2012/11/16 11:00:06 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll

MOD - [2012/11/16 11:00:04 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll

MOD - [2012/11/16 11:00:03 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll

MOD - [2012/11/16 10:59:56 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll

MOD - [2012/11/12 20:40:19 | 000,057,344 | ---- | M] () -- C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\npFreemake.dll

MOD - [2012/11/05 14:00:11 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2013\IntelLaptopGamingVista.dll

MOD - [2012/11/05 11:24:14 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll

MOD - [2012/11/05 11:24:14 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll

MOD - [2012/11/05 11:24:14 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL

MOD - [2012/11/05 11:24:14 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll

MOD - [2012/11/05 11:24:14 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll

MOD - [2010/11/21 04:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

MOD - [2010/11/13 00:50:53 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll

========== Services (SafeList) ==========

SRV:64bit: - [2012/09/28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2012/12/12 11:39:36 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/12/09 14:56:59 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/11/05 11:24:14 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012/06/14 17:52:34 | 000,161,280 | ---- | M] (SoftwareUpdService) [Auto | Stopped] -- C:\Users\Gianni\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe -- (SoftwareUpd)

SRV - [2012/05/08 18:35:13 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2012/05/08 18:35:13 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2012/04/03 19:59:46 | 000,169,472 | ---- | M] (PowerOfferService) [Auto | Stopped] -- C:\Users\Gianni\AppData\Local\PosService\Pos.exe -- (PowerOffer Service)

SRV - [2011/12/16 18:44:48 | 000,156,160 | ---- | M] (ServiceUpd) [Auto | Stopped] -- C:\Users\Gianni\AppData\Local\ServUpdater\ServiceUpd.exe -- (ServUpdater)

SRV - [2011/03/28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV - [2011/03/15 14:44:30 | 000,428,384 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)

SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2012/09/28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2012/05/14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2012/05/08 18:35:13 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2012/05/08 18:35:13 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/09/15 23:55:03 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)

DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/12/16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)

DRV:64bit: - [2010/11/21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers susbhub.sys -- (tsusbhub)

DRV:64bit: - [2010/11/21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)

DRV:64bit: - [2010/11/21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)

DRV:64bit: - [2010/11/21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers erminpt.sys -- (terminpt)

DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2010/04/12 09:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)

DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/04/08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

DRV:64bit: - [2007/05/31 02:33:32 | 000,107,072 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\V0420Vid.sys -- (V0420VID)

DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\URLSearchHook: {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll (Conduit Ltd.)

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 06 33 EB E6 30 DC CC 01 [binary data]

IE - HKCU\..\URLSearchHook: {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll (Conduit Ltd.)

IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&r=

IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=117223&tt=4612_5&babsrc=SP_ss&mntrId=009438de000000000000001e8c6f16a6

IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={3FB49B8C-2FCC-44F5-AA97-A17D3A8AF311}&mid=2a05b754417347d19945d157ca8bff55-5a4473c1cc9e44870379b5564e7119bd1325dc1d〈=en&ds=ir011&pr=sa&d=2012-02-04 21:44:17&v=10.0.0.7&sap=dsp&q={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"

FF - prefs.js..browser.startup.homepage: "http://www.google.it/"

FF - prefs.js..extensions.enabledAddons: %7B0153E448-190B-4987-BDE1-F256CADA672F%7D:15.0.6

FF - prefs.js..extensions.enabledAddons: fmconverter%40gmail.com:1.0.0

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Gianni\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)

FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Gianni\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Gianni\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Gianni\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Gianni\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/08/15 15:42:42 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012/11/28 08:43:37 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/09 14:57:00 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/09 14:56:57 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/09 14:57:00 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/09 14:56:57 | 000,000,000 | ---D | M]

[2012/01/26 15:28:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gianni\AppData\Roaming\mozilla\Extensions

[2012/07/26 17:40:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gianni\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions

[2012/10/23 16:18:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gianni\AppData\Roaming\mozilla\Firefox\Profiles\cfl6pfir.default-1343600262549\extensions

[2012/10/07 08:13:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gianni\AppData\Roaming\mozilla\Firefox\Profiles\x06m84j9.default\extensions

[2012/07/17 15:53:03 | 000,000,000 | ---D | M] (uTorrentBar_IT Community Toolbar) -- C:\Users\Gianni\AppData\Roaming\mozilla\Firefox\Profiles\x06m84j9.default\extensions\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}

[2012/07/26 17:40:47 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Gianni\AppData\Roaming\mozilla\Firefox\Profiles\x06m84j9.default\extensions\OneClickDownload@OneClickDownload.com

[2012/10/07 08:13:32 | 000,002,547 | ---- | M] () -- C:\Users\Gianni\AppData\Roaming\mozilla\firefox\profiles\cfl6pfir.default-1343600262549\searchplugins\browsemngr.xml

[2012/12/09 14:56:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2012/12/09 14:56:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\ffxtlbr@babylon.com

[2012/11/28 08:43:37 | 000,000,000 | ---D | M] (Freemake Video Converter Plugin) -- C:\PROGRAM FILES (X86)\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX

[2012/08/15 15:42:42 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT

[2012/12/09 14:57:00 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012/08/15 15:42:31 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll

[2012/12/09 14:56:59 | 000,001,606 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-it.xml

[2012/02/04 21:44:13 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml

[2012/11/12 18:12:04 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml

[2012/08/30 18:41:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012/12/09 14:56:59 | 000,000,957 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-it.xml

[2012/12/09 14:56:59 | 000,001,030 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\hoepli.xml

[2012/12/09 14:56:59 | 000,001,395 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-it.xml

[2012/12/09 14:56:59 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-it.xml

========== Chrome ==========

CHR - homepage: https://www.google.it/webhp?hl=it&tab=ww

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}

CHR - homepage: https://www.google.it/webhp?hl=it&tab=ww

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Unity Player (Enabled) = C:\Users\Gianni\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Gianni\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - Extension: YouTube = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\

CHR - Extension: Ricerca Google = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\

CHR - Extension: Freemake Video Converter = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\

CHR - Extension: Gmail = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

CHR - Extension: OneClickDownload = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco\1.2_0\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programmi\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (uTorrentBar_IT Toolbar) - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll (Conduit Ltd.)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (uTorrentBar_IT Toolbar) - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll (Conduit Ltd.)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)

O4 - HKLM..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe (PLauncher)

O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe (Creative Technology Ltd.)

O4 - HKCU..\Run: [ErrorRepairPro] C:\Program Files (x86)\Error Repair Professional\autostart.exe File not found

O4 - HKCU..\Run: [Facebook Update] C:\Users\Gianni\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Users\Gianni\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)

O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found

O9:64bit: - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found

O9:64bit: - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found

O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found

O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found

O9 - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found

O9 - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41C21FC2-A23E-4D26-A6DE-FB5139732F86}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41C21FC2-A23E-4D26-A6DE-FB5139732F86}: NameServer = 176.31.229.24,176.31.229.25

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 176.31.229.24,176.31.229.25

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18:64bit: - Protocol\Filter ext/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll) - File not found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/19 06:58:08 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{89177569-C3B4-46CA-BF5D-490D2E5297AE}

[2012/12/18 18:57:41 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{2E70FD3D-D3DA-4703-BF41-07286621B60B}

[2012/12/18 06:18:16 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{BC5B1F3C-B055-43A6-9844-BBCB70E6562A}

[2012/12/17 18:17:50 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{DBED45C9-645A-45C1-9813-E4C0853EF0E7}

[2012/12/17 06:16:05 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{22DAE3C0-273A-45F0-9DD1-BA68AD679E59}

[2012/12/16 11:04:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2012/12/16 11:04:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2012/12/16 11:04:35 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll

[2012/12/16 11:04:34 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll

[2012/12/16 11:04:34 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2012/12/16 11:04:22 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2012/12/16 11:04:22 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2012/12/16 11:04:22 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2012/12/16 11:04:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java

[2012/12/16 08:13:38 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{2992A1C1-0C36-42E1-8F8F-91C25150C1AA}

[2012/12/15 13:46:58 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\Programs

[2012/12/15 13:46:46 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\ArcSoft

[2012/12/15 13:45:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft

[2012/12/15 13:45:24 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\PCDLIB32.DLL

[2012/12/15 13:39:55 | 040,384,592 | ---- | C] (ArcSoft ) -- C:\Users\Gianni\Desktop\photostudio6_retail_tbyb_all-6.0.0.157.exe

[2012/12/15 13:27:23 | 000,000,000 | ---D | C] -- C:\Users\Gianni\Documents\ArcSoft

[2012/12/15 13:27:17 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\ArcSoft

[2012/12/15 13:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft

[2012/12/15 09:23:10 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{CA502B37-CBEF-46B2-A309-BACF71E7C691}

[2012/12/14 10:15:06 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{6EA8E82D-1E14-4D2F-B73C-C28969C5D91A}

[2012/12/13 09:55:25 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{1614D51D-C122-4881-A540-38D8C843D6E9}

[2012/12/12 10:22:19 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2012/12/12 10:22:19 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2012/12/12 10:22:18 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2012/12/12 10:22:18 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2012/12/12 10:22:18 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2012/12/12 10:22:18 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2012/12/12 10:22:18 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2012/12/12 10:22:18 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2012/12/12 10:22:18 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2012/12/12 10:22:17 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2012/12/12 10:22:17 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2012/12/12 10:22:17 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2012/12/12 10:22:16 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2012/12/12 10:22:16 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012/12/12 10:22:16 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2012/12/12 09:00:26 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{C67B3B50-2165-40F3-BD64-E493F655FF64}

[2012/12/12 06:13:04 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll

[2012/12/12 06:13:04 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll

[2012/12/12 06:13:04 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll

[2012/12/12 06:13:04 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll

[2012/12/12 06:12:59 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll

[2012/12/12 06:12:59 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll

[2012/12/12 06:12:58 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll

[2012/12/12 06:12:58 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe

[2012/12/12 06:12:58 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll

[2012/12/12 06:12:58 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll

[2012/12/12 06:12:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe

[2012/12/12 06:12:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll

[2012/12/12 06:12:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll

[2012/12/12 06:12:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll

[2012/12/12 06:12:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe

[2012/12/12 06:12:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

[2012/12/12 06:12:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll

[2012/12/12 06:12:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

[2012/12/12 06:12:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

[2012/12/12 06:12:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll

[2012/12/12 06:12:57 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

[2012/12/12 06:12:57 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll

[2012/12/12 06:12:57 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll

[2012/12/12 06:12:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

[2012/12/12 06:12:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll

[2012/12/12 06:12:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll

[2012/12/12 06:12:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll

[2012/12/12 06:12:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

[2012/12/12 06:12:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll

[2012/12/12 06:12:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

[2012/12/12 06:12:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

[2012/12/12 06:12:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll

[2012/12/12 06:12:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll

[2012/12/12 06:12:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll

[2012/12/12 06:12:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe

[2012/12/12 06:12:17 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll

[2012/12/12 06:12:17 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll

[2012/12/11 21:00:00 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{9343CD7B-4831-4C37-8B1B-D44CF175A6E3}

[2012/12/11 12:11:26 | 000,000,000 | ---D | C] -- C:\Users\Gianni\Documents\Glenn Cooper - 06 - Il Tempo Della Verita

[2012/12/11 08:59:34 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{5CABCFD2-52A6-4F87-932F-BA54C781EEC0}

[2012/12/10 20:59:09 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{978B2FAA-A974-4C1C-BB4C-17C2F57F441A}

[2012/12/10 06:28:01 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{D8FA9B7F-03FD-4D79-9F4A-ECD79FE85DAE}

[2012/12/09 14:56:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2012/12/09 09:01:19 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{56B23AC3-9F0B-41FC-A9D9-FE02E551E61B}

[2012/12/08 10:43:50 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{D1D6B951-5E7A-424C-809D-E14A9BB047EB}

[2012/12/08 10:21:23 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{EAF54CC2-781B-410F-B38B-6D849AF25DAD}

[2012/12/07 09:50:34 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{39A1F395-A145-4460-931A-D50DA8C3D2DC}

[2012/12/07 09:15:59 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{6CF0F7A9-2D78-46A5-821B-CFDEA2189037}

[2012/12/07 09:12:36 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{DA639BFA-A3B2-4C79-A7FF-E39CC7B178AD}

[2012/12/06 08:16:16 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{E13AB49C-BBF1-4A3B-BBC0-33F4985E139F}

[2012/12/05 06:13:50 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{0065A979-1F36-4329-9F71-14848AD9934F}

[2012/12/04 10:54:08 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{BE99D386-F7B1-4FF0-BC0B-43B873527144}

[2012/12/03 22:25:21 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{B614235A-AB74-4F7C-A565-E882C38F6A62}

[2012/12/03 08:33:27 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{A28D7D81-FF1B-4785-B1C0-6D1C38C29C49}

[2012/12/02 09:59:27 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{FE819DD6-9B81-41A6-B7AC-E95D13E38364}

[2012/12/01 08:10:16 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{EC780C51-F3A5-44CE-8C60-30E6AE575427}

[2012/11/30 08:06:02 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{AA46CE54-1463-41E4-B100-B259BEE36F75}

[2012/11/29 08:32:45 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{2FEA18B9-F579-452C-9EB3-09CB4CA51BC6}

[2012/11/28 18:07:21 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{4834BF15-6407-48B4-A71A-6E60BC526285}

[2012/11/28 10:40:44 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\ServUpdater

[2012/11/28 10:40:44 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\PowerOffer

[2012/11/28 10:40:44 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\PosService

[2012/11/28 10:40:44 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AppData

[2012/11/28 08:43:59 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634896890393452430

[2012/11/28 08:43:51 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\SoftwareUpdater

[2012/11/28 08:43:29 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\OpenCandy

[2012/11/28 06:06:56 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{E5AB336A-8C6C-4987-A21F-8EC3F7B57377}

[2012/11/27 18:06:30 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{3E998279-6FDB-4B4C-8135-DF10230ED7AD}

[2012/11/27 05:54:26 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{2486DC21-467D-45BA-8657-0238203CC7F6}

[2012/11/26 17:54:01 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{C5B331C6-75FF-48F9-A8E1-7A19F773EBB0}

[2012/11/26 05:53:31 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{D05C9F4A-9EB5-4279-8C26-89AFC3A67050}

[2012/11/25 08:10:14 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{112EBB04-DD78-4EFD-97AE-2D003A25F8FB}

[2012/11/24 11:29:38 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{503AB96C-4A59-4055-94B0-B5C964C96A94}

[2012/11/23 09:31:13 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{E476C886-EE94-4FCB-9FA7-318C52B144E2}

[2012/11/22 10:06:54 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{53BEF999-5D58-4ED5-9C2C-2C1A1B9AE8F3}

[2012/11/21 06:24:37 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{B34689F5-B901-44D6-A104-FCF4FAF08183}

[2012/11/20 18:24:12 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{B1C68386-1B41-409E-BDDE-12014CC2E805}

[2012/11/20 05:09:42 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{0054C625-47C5-41AC-BF21-42C73FC346D2}

[2012/11/19 17:36:06 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634889433667273825

[2012/11/19 16:42:26 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{8DA09B06-99DB-4769-A736-326BF3F77336}

========== Files - Modified Within 30 Days ==========

[2012/12/19 12:41:01 | 000,001,164 | ---- | M] () -- C:\Windows asks\GoogleUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1000UA.job

[2012/12/19 12:36:00 | 000,000,978 | ---- | M] () -- C:\Windows asks\Adobe Flash Player Updater.job

[2012/12/19 11:56:00 | 000,000,266 | ---- | M] () -- C:\Windows asks\AutoKMS.job

[2012/12/19 10:27:01 | 000,001,182 | ---- | M] () -- C:\Windows asks\FacebookUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1000UA.job

[2012/12/19 09:47:39 | 000,102,892 | ---- | M] () -- C:\Users\Gianni\Desktop\facebook nascita.JPG

[2012/12/19 08:13:40 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/12/19 08:13:40 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/12/19 08:04:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/12/19 08:04:45 | 3220,664,320 | -HS- | M] () -- C:\hiberfil.sys

[2012/12/18 22:41:00 | 000,001,112 | ---- | M] () -- C:\Windows asks\GoogleUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1000Core.job

[2012/12/18 19:27:01 | 000,001,160 | ---- | M] () -- C:\Windows asks\FacebookUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1000Core.job

[2012/12/16 11:04:16 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2012/12/16 11:04:14 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll

[2012/12/16 11:04:14 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll

[2012/12/16 11:04:14 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2012/12/16 11:04:14 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2012/12/16 11:04:14 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2012/12/15 13:44:45 | 040,384,592 | ---- | M] (ArcSoft ) -- C:\Users\Gianni\Desktop\photostudio6_retail_tbyb_all-6.0.0.157.exe

[2012/12/14 10:43:33 | 000,002,493 | ---- | M] () -- C:\Users\Gianni\Desktop\Google Chrome.lnk

[2012/12/12 11:39:36 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2012/12/12 11:39:36 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2012/12/12 07:55:33 | 000,418,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012/12/10 22:01:37 | 001,653,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012/12/10 22:01:37 | 000,739,004 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat

[2012/12/10 22:01:37 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012/12/10 22:01:37 | 000,146,076 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat

[2012/12/10 22:01:37 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012/11/28 10:40:45 | 000,004,082 | ---- | M] () -- C:\Users\Gianni\AppData\Local\unins000.dat

[2012/11/28 10:40:43 | 000,715,038 | ---- | M] () -- C:\Users\Gianni\AppData\Local\unins000.exe

[2012/11/28 08:43:38 | 000,001,324 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk

[2012/11/22 11:47:28 | 000,007,605 | ---- | M] () -- C:\Users\Gianni\AppData\Local\resmon.resmoncfg

========== Files Created - No Company Name ==========

[2012/12/19 09:47:39 | 000,102,892 | ---- | C] () -- C:\Users\Gianni\Desktop\facebook nascita.JPG

[2012/11/28 10:40:44 | 000,715,038 | ---- | C] () -- C:\Users\Gianni\AppData\Local\unins000.exe

[2012/11/28 10:40:44 | 000,004,082 | ---- | C] () -- C:\Users\Gianni\AppData\Local\unins000.dat

[2012/07/16 10:58:33 | 000,007,605 | ---- | C] () -- C:\Users\Gianni\AppData\Local\resmon.resmoncfg

[2012/05/30 18:07:00 | 000,014,115 | ---- | C] () -- C:\Windows wspmm.ini

[2012/03/09 05:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat

[2012/03/09 05:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

[2012/02/04 21:44:52 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini

[2012/01/28 10:42:30 | 000,010,240 | ---- | C] () -- C:\Users\Gianni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/01/26 15:03:24 | 001,630,920 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2012/01/26 14:38:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2011/09/13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 235 bytes -> C:\ProgramData\TEMP:5E73E1C2

@Alternate Data Stream - 231 bytes -> C:\ProgramData\TEMP:363E775E

< End of report >

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

OTL Extras logfile created on: 19/12/2012 13:09:35 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gianni\Downloads

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 0,80 Gb Available Physical Memory | 19,95% Memory free

8,00 Gb Paging File | 2,78 Gb Available in Paging File | 34,73% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 195,31 Gb Total Space | 95,76 Gb Free Space | 49,03% Space Free | Partition Type: NTFS

Drive D: | 736,20 Gb Total Space | 425,08 Gb Free Space | 57,74% Space Free | Partition Type: NTFS

Computer Name: GIANNI-PC | User Name: Gianni | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0803AE82-1903-4953-93F0-88EE466CF7CF}" = rport=139 | protocol=6 | dir=out | app=system |

"{187326E0-9CCE-4490-A626-B5943E907322}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{1936D248-76E6-4509-A10B-9C4C221EB8CD}" = lport=138 | protocol=17 | dir=in | app=system |

"{1F0AF96C-EAC2-435A-8A1D-4C68716D2901}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |

"{28998700-32D9-4C5E-B8C6-1C3C1BDB2F7D}" = lport=2869 | protocol=6 | dir=in | app=system |

"{2F0A8AC2-0570-4A36-9450-1E60259F9631}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{2F58ECC2-DD95-48F7-99B8-B7E1A38B5421}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{39748C2F-D4D5-4252-B639-FDADF9FFA9A8}" = lport=139 | protocol=6 | dir=in | app=system |

"{3A6F9CB6-DC80-4463-8727-7DAE07485520}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{45B8842F-5D3C-4400-87D9-A4286A4FFC75}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{4A459D3E-97AE-41D4-B3A6-A7372FE63F41}" = rport=138 | protocol=17 | dir=out | app=system |

"{5ED6A917-52BD-4FE4-B276-1D48B4513B7D}" = rport=10243 | protocol=6 | dir=out | app=system |

"{652CF442-A9BE-4C71-A72B-F66E18BB19AE}" = rport=445 | protocol=6 | dir=out | app=system |

"{656C6209-609A-47E0-8F7E-A94C290CBCA3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{802EBE90-CD51-4147-B2CF-890109024209}" = lport=10243 | protocol=6 | dir=in | app=system |

"{80D2480B-F15E-4C09-B4A5-077A9629A7E2}" = lport=137 | protocol=17 | dir=in | app=system |

"{907EB076-FF44-4089-B958-2E1F4F3CDF3C}" = lport=445 | protocol=6 | dir=in | app=system |

"{95C79019-8F13-44E5-82C8-C01B0B4220EC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{A4F40691-1679-470D-8923-9C545F7EA7EF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{B19CA567-BE0A-469E-BD17-BD1D197C38BE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |

"{CED48894-C05D-4170-9DDD-4565E902534A}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |

"{D316B413-EDC9-4AAE-A5B7-4D4DF82796C5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{EAE2BE10-432F-4A66-B548-CAC4100F4770}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{ED7F9B8C-21DD-4331-BA9A-36E917050364}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{F2E3826D-B444-48A5-8D53-BCAEF1ED4B98}" = rport=137 | protocol=17 | dir=out | app=system |

"{FB900B20-573D-44DF-8291-5D64478969F1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0142AF90-C16A-4BD1-9D2A-C0153B723A6C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{05AD542F-F65F-4051-958B-D5C3825D313F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{08228FA9-F960-496E-89D4-B405F72D7FBE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |

"{12D51294-26E1-4FAF-A44D-7E76F14050D0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{1B9D90C2-1729-46E4-89EF-B04435609E95}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"{1FC2EAAE-731A-4E6F-ABF0-056981B4A0AC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{23CDD1A9-B6F6-45E9-9B34-9A8FAE5472D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013\fm.exe |

"{263DC768-9906-4751-BC49-9B46AA9839F7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{26729BF7-DA8B-42D7-99A6-5ABA2AACEE00}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 resource archiver\resource archiver.exe |

"{2A7EE6D8-7ACD-4D56-8C19-0E13F78FE793}" = protocol=6 | dir=out | app=system |

"{2B5626AA-09BD-4592-8EF4-7C084706158F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{2BB117DF-665D-4D3F-9088-F15548BE0107}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{3106D60D-D135-42E8-8624-1173FA553526}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |

"{382E8C93-221D-4C64-A11B-086E5793B745}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{3E52E13F-D4E9-4344-A5AC-999AA833C52B}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |

"{3F578A10-2D4C-4951-9147-B7FB7C24C846}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 demo\fm.exe |

"{3FAD5162-273E-428E-8B7B-0699413E3B46}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 resource archiver\resource archiver.exe |

"{4906EA1C-C62C-46CA-B53D-1CEDBE6B6554}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{555FB3AC-F6E1-48FD-A1D6-104454B796EE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{592BFE74-229B-47DF-A175-D84CD978865B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{5B01FBBE-66B6-44AF-AF97-7CB00F15E644}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{651EFC58-36D5-488B-91BF-7B5ACDF9DD20}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |

"{66C35BA0-3624-44F0-9228-D0436F76101C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 editor\editor.exe |

"{700ED68A-3A58-4224-8E0C-0CC061796486}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{7EF9918D-C6B9-4BBE-A75A-FFD20EA800F0}" = dir=in | app=c:\users\gianni\appdata\local\facebook\video\skype\facebookvideocalling.exe |

"{7FF7713C-E346-43FB-AEF2-1BA030D35AEA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{84EEF122-6915-4C5B-B4A8-0D552A612A4A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{8EC7146C-EBD6-4F89-88CE-38D8D7B5EC3E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |

"{AD92F434-0D9D-4EA1-B55C-CE376B5307E7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{C12224E6-6932-4C03-91F4-0345ED426B99}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{C48BCC3D-BD19-4499-A16B-B5BFA8314B29}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 editor\editor.exe |

"{CF081CA9-D75B-4D9E-8AEF-305FDD463548}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013\fm.exe |

"{D2B84192-83E4-40DE-9E86-531034E7D123}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 demo\fm.exe |

"{F8FD076A-2038-46F6-B337-DC63F0DAF5EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{FA764038-B1E0-455A-9FC7-80A975B82B30}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"TCP Query User{13D99FDD-E507-4227-B8D9-2D949FD17389}C:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe |

"TCP Query User{21285A39-92F4-463F-A513-DE623C2A01D6}D:\fifa 12\game\fifa.exe" = protocol=6 | dir=in | app=d:\fifa 12\game\fifa.exe |

"TCP Query User{272AC4C2-8868-4770-8EAF-AC00AFB8FC66}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |

"TCP Query User{276DF23F-7014-4A27-9A52-894207646B7E}D: mnationsforever mforever.exe" = protocol=6 | dir=in | app=d: mnationsforever mforever.exe |

"TCP Query User{2E1AE588-CEDD-414A-A6C6-C2E7194BC017}D:\fifa13\game\game\fifa13.exe" = protocol=6 | dir=in | app=d:\fifa13\game\game\fifa13.exe |

"TCP Query User{3CF66FF0-2BCA-4688-9F70-51B2FBA1BE4D}D:\ea sport\fifa 12\game\fifa.exe" = protocol=6 | dir=in | app=d:\ea sport\fifa 12\game\fifa.exe |

"TCP Query User{4FE4F985-0657-49FD-B21A-77F3E9CEF101}D: mnationsforever mforever.exe" = protocol=6 | dir=in | app=d: mnationsforever mforever.exe |

"TCP Query User{A978FB32-A665-4441-9704-8A5CF0BBE1D1}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |

"TCP Query User{CA8DC527-B577-4DE7-B9FF-21357B35D93C}C:\users\gianni\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\gianni\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |

"TCP Query User{E0260065-7735-45A2-926C-5D772FAD4DE9}C:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe |

"UDP Query User{05620D2E-FEF5-4909-AF57-A84AF80B6DA3}D:\fifa13\game\game\fifa13.exe" = protocol=17 | dir=in | app=d:\fifa13\game\game\fifa13.exe |

"UDP Query User{374E5F1F-6E50-4C16-ACE2-D239D367DF42}C:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe |

"UDP Query User{3CE44F98-EB83-4516-B41D-24239F9D0D66}D: mnationsforever mforever.exe" = protocol=17 | dir=in | app=d: mnationsforever mforever.exe |

"UDP Query User{49E1CE12-F2BB-493A-BCDF-42AAAC543074}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |

"UDP Query User{5AE796F9-E889-46C2-A9A8-A90627EB92F6}C:\users\gianni\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\gianni\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |

"UDP Query User{687D5421-9790-4923-8114-A99B93BFF414}D:\fifa 12\game\fifa.exe" = protocol=17 | dir=in | app=d:\fifa 12\game\fifa.exe |

"UDP Query User{869817CD-687A-4736-9AA1-4143EF5D4DAA}D: mnationsforever mforever.exe" = protocol=17 | dir=in | app=d: mnationsforever mforever.exe |

"UDP Query User{A0E02C3F-DEE0-4F79-8DA1-A13E31AF602E}C:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe |

"UDP Query User{A1224D47-03B2-4C32-9A96-255C95E26591}D:\ea sport\fifa 12\game\fifa.exe" = protocol=17 | dir=in | app=d:\ea sport\fifa 12\game\fifa.exe |

"UDP Query User{FDD2AD1B-CE74-4400-9A9B-D4DA2A7E2A41}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{46DA7FD9-8BC1-7BA8-98D1-27F46647871B}" = AMD Catalyst Install Manager

"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime

"{57580625-C673-7FEA-8791-E84B7AAF5069}" = ccc-utility64

"{5F92DAD2-FD95-DD12-50DF-A6F66C7E67C8}" = AMD Drag and Drop Transcoding

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010

"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010

"{90140000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2010

"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"Creative VF0420" = Creative Live! Cam Vista IM (VF0420) Driver (1.01.01.00)

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0B500125-92A7-40BF-ACF0-45A9221ADE21}_is1" = PowerOffer 2.0

"{0F7A6FD0-87F5-FB5D-973C-CF604DE1BC6B}" = CCC Help Polish

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{1A9BE3D6-4D53-2C9D-B77D-562D85936B91}" = CCC Help Norwegian

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{210DFA65-F805-1A2B-4F83-8E27279AE385}" = Catalyst Control Center Graphics Previews Common

"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{29822CAD-C76A-0BEE-55F5-AAA524DA814F}" = CCC Help Greek

"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{3A1293DF-7D09-BB0F-9576-EC47EE4A9362}" = CCC Help Italian

"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack

"{47416F0B-6589-591E-C6F8-4235D2230B14}" = Catalyst Control Center InstallProxy

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{570C2A84-A145-4DF0-AE9D-012584DF09DC}" = SPCA1528 PC Driver

"{625FC7D1-656D-1BEC-F86F-3EACAFDAA8FE}" = CCC Help English

"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Supporto applicazioni Apple

"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = Parser MSXML 4.0 SP2 e SDK

"{7351EEF8-9D6C-5F46-5A19-F2C7456CE132}" = CCC Help German

"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{7F172E34-4107-8964-6AEA-5051FFD265FF}" = CCC Help Portuguese

"{7F92FF5F-C7EA-40BA-9481-02B6B4479C93}" = calibre

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{86095E92-1959-8364-920E-82E81F64F8FB}" = Catalyst Control Center

"{89D05F35-933A-89C0-B935-C92BEE4229BD}" = CCC Help French

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010

"{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2010

"{90140000-0015-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010

"{90140000-0016-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2010

"{90140000-0016-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0017-0410-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Italian) 2010

"{90140000-0017-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{71D73EA6-F837-4368-B9D2-10D0D112ED74}" = Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)

"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010

"{90140000-0018-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2010

"{90140000-0018-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010

"{90140000-0019-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2010

"{90140000-0019-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010

"{90140000-001A-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2010

"{90140000-001A-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010

"{90140000-001B-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2010

"{90140000-001B-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010

"{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.it-it_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.OMUI.it-it_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARD_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.OMUI.it-it_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.STANDARD_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010

"{90140000-001F-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.STANDARD_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARD_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0409-1000-0000000FF1CE}_Office14.STANDARD_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0410-1000-0000000FF1CE}_Office14.OMUI.it-it_{6664EABC-4985-4C45-925C-6E23AB142266}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010

"{90140000-002C-0409-0000-0000000FF1CE}_Office14.STANDARD_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2010

"{90140000-002C-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{711BC808-AC64-48E2-82B2-6B53BB802142}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2010

"{90140000-0044-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010

"{90140000-006E-0409-0000-0000000FF1CE}_Office14.STANDARD_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2010

"{90140000-006E-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{C9172EE7-BDCA-4E57-9217-4C589947298B}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010

"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2010

"{90140000-00A1-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2010

"{90140000-00BA-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0100-0410-0000-0000000FF1CE}" = Microsoft Office O MUI (Italian) 2010

"{90140000-0100-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{2C8C6BB6-81E2-407E-9780-FD04147198ED}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)

"{90140000-0101-0410-0000-0000000FF1CE}" = Microsoft Office X MUI (Italian) 2010

"{90140000-0101-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{645C632B-EE9F-43B0-87E1-2546E9232C7F}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)

"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010

"{90140000-0115-0409-0000-0000000FF1CE}_Office14.STANDARD_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0116-0409-1000-0000000FF1CE}_Office14.STANDARD_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources

"{959E4378-CCA1-E4E4-2425-793DA92E8D95}" = CCC Help Czech

"{96BB3C67-4EB4-9757-E0C2-C0D2FE9053B1}" = CCC Help Turkish

"{974F4B73-2017-E174-9070-3F58F01B341F}" = CCC Help Danish

"{98E20A18-3C29-86FA-50B4-918C2B34A082}" = CCC Help Hungarian

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9E2E5EB3-DC6E-9277-E9DB-13175E7DDA39}" = CCC Help Dutch

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAACC0A5-4382-04D0-C75E-0669C7B949B6}" = CCC Help Japanese

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Italiano

"{ACEF4078-9B86-2455-E18D-34D52D37D9D5}" = CCC Help Chinese Standard

"{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}" = Mobipocket Creator 4.2

"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6

"{B55FB422-B803-11F5-5582-B3666EA1B9AC}" = Catalyst Control Center Localization All

"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB

"{B8010864-15F8-613B-20EF-AC35B14B3E0D}" = CCC Help Russian

"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287

"{C1342411-5A98-DE8A-5629-D0C518E1C280}" = CCC Help Finnish

"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D08B4177-5160-6B66-8934-2F9012134D61}" = CCC Help Thai

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D34A6029-FB1A-9EA8-A938-5393F82A3A00}" = CCC Help Korean

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode versione 3.1.1.8

"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding

"{E3A09D13-4D40-3CF8-7D32-8BD55F8D1533}" = CCC Help Spanish

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable

"{F2C35491-9323-3AE7-6023-6B4128045153}" = CCC Help Swedish

"{FC66A32F-1A57-AC5C-4F12-DAC2F4CB77A0}" = CCC Help Chinese Traditional

"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker

"1ClickDownload" = 1ClickDownloader

"7-Zip" = 7-Zip 9.20

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Avira AntiVir Desktop" = Avira Free Antivirus

"BFGC" = Big Fish Games: Game Manager

"BFG-Grim Tales - La sposa" = Grim Tales: La sposa

"BFG-Grim Tales - Maledizione di famiglia" = Grim Tales: Maledizione di famiglia

"Freemake Video Converter_is1" = Freemake Video Converter versione 3.1.2

"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5

"Mozilla Firefox 17.0.1 (x86 it)" = Mozilla Firefox 17.0.1 (x86 it)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"Office14.OMUI.it-it" = Microsoft Office Language Pack 2010 - Italian/Italiano

"Office14.STANDARD" = Microsoft Office Standard 2010

"PowerISO" = PowerISO

"RealPlayer 15.0" = RealPlayer

"Steam App 207890" = Football Manager 2013

"Steam App 220600" = Football Manager 2013 Editor

"Steam App 220620" = Football Manager 2013 Resource Archiver

"uTorrent" = µTorrent

"uTorrentBar_IT Toolbar" = uTorrentBar_IT Toolbar

"VirtualCloneDrive" = VirtualCloneDrive

"WinLiveSuite" = Windows Live Essentials

"WinRAR archiver" = WinRAR 4.10 (32-bit)

"XP Codec Pack" = XP Codec Pack

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

"Octoshape Streaming Services" = Octoshape Streaming Services

"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 19/07/2012 04:51:15 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 19/07/2012 07:19:05 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 19/07/2012 07:58:56 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 19/07/2012 11:57:28 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 20/07/2012 02:42:05 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 20/07/2012 04:31:08 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 20/07/2012 05:14:45 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 20/07/2012 07:54:14 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 20/07/2012 10:12:14 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 20/07/2012 11:16:58 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

[ Media Center Events ]

Error - 10/06/2012 01:42:21 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0

Description = 07:42:21 - Errore di connessione a Internet. 07:42:21 - Impossibile

contattare il server..

Error - 10/06/2012 01:42:30 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0

Description = 07:42:26 - Errore di connessione a Internet. 07:42:26 - Impossibile

contattare il server..

Error - 04/07/2012 02:29:21 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0

Description = 08:29:21 - Errore di connessione a Internet. 08:29:21 - Impossibile

contattare il server..

Error - 04/07/2012 02:29:31 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0

Description = 08:29:26 - Errore di connessione a Internet. 08:29:26 - Impossibile

contattare il server..

Error - 19/07/2012 03:05:22 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0

Description = 09:05:22 - Errore di connessione a Internet. 09:05:22 - Impossibile

contattare il server..

[ System Events ]

Error - 18/12/2012 11:29:59 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7026

Description = All'avvio non è stato possibile caricare i seguenti driver: ArcSec

Error - 18/12/2012 14:38:41 | Computer Name = Gianni-PC | Source = Microsoft-Windows-Diagnostics-Networking | ID = 5300

Description = Framework di diagnostica di rete: impossibile completare la fase di

ripristino dell'operazione. Errore. È stata generata una segnalazione errore di

Windows. [2147942487]

Error - 19/12/2012 00:01:39 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7000

Description = Il servizio SPCA1528 Video Camera Service non è stato avviato per

il seguente errore: %%2

Error - 19/12/2012 00:03:15 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7022

Description = Servizio Pos Service bloccato in partenza.

Error - 19/12/2012 00:03:15 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7022

Description = Servizio Serv Updater bloccato in partenza.

Error - 19/12/2012 00:03:15 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7026

Description = All'avvio non è stato possibile caricare i seguenti driver: ArcSec

Error - 19/12/2012 03:05:01 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7000

Description = Il servizio SPCA1528 Video Camera Service non è stato avviato per

il seguente errore: %%2

Error - 19/12/2012 03:06:36 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7022

Description = Servizio Pos Service bloccato in partenza.

Error - 19/12/2012 03:06:36 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7022

Description = Servizio Serv Updater bloccato in partenza.

Error - 19/12/2012 03:06:36 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7026

Description = All'avvio non è stato possibile caricare i seguenti driver: ArcSec

< End of report >

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Manca Extras.txt

Il tool va scaricato sul desktop.

Sotto file Age devi spuntare 60 days

Devi mette anche la spunta su SCAN ALL USERS

riesegui la scansione come descritto qui

http://forum.wininizio.it/index.php/topic/132077-computer-lentissimo-svchost-al-100-di-cpu-allavvio-del-pc/page__view__findpost__p__616425

carica i file su www.freefilehosting.net e posta i link per scaricarli.

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

OTL logfile created on: 19/12/2012 13:40:48 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gianni\Downloads

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 0,84 Gb Available Physical Memory | 20,96% Memory free

8,00 Gb Paging File | 2,37 Gb Available in Paging File | 29,61% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 195,31 Gb Total Space | 95,80 Gb Free Space | 49,05% Space Free | Partition Type: NTFS

Drive D: | 736,20 Gb Total Space | 425,08 Gb Free Space | 57,74% Space Free | Partition Type: NTFS

Computer Name: GIANNI-PC | User Name: Gianni | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Gianni\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

PRC - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)

PRC - C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2013\fm.exe (Sports Interactive)

PRC - C:\Program Files (x86)\Steam\GameOverlayUI.exe (Valve Corporation)

PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)

PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Users\Public\Documents\AppData\PoApp\PService.exe (PService)

PRC - C:\Users\Gianni\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)

PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)

PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)

PRC - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)

PRC - C:\Windows\V0420Mon.exe (Creative Technology Ltd.)

========== Modules (No Company Name) ==========

MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll ()

MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll ()

MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll ()

MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\libglesv2.dll ()

MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\libegl.dll ()

MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\avutil-51.dll ()

MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\avformat-54.dll ()

MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\4a29fb5e489e57ccc97b19ca70db94a8\Microsoft.VisualBasic.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\70705382a499703e7a595fada80b04e6\Accessibility.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll ()

MOD - C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\npFreemake.dll ()

MOD - C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2013\IntelLaptopGamingVista.dll ()

MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()

MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()

MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL ()

MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()

MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()

MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll ()

========== Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (SoftwareUpd) -- C:\Users\Gianni\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe (SoftwareUpdService)

SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (PowerOffer Service) -- C:\Users\Gianni\AppData\Local\PosService\Pos.exe (PowerOfferService)

SRV - (ServUpdater) -- C:\Users\Gianni\AppData\Local\ServUpdater\ServiceUpd.exe (ServiceUpd)

SRV - (wlidsvc) -- C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)

SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (osppsvc) -- C:\Programmi\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\..\URLSearchHook: {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll (Conduit Ltd.)

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm

IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com

IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it

IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 06 33 EB E6 30 DC CC 01 [binary data]

IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\..\URLSearchHook: {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&r=

IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=117223&tt=4612_5&babsrc=SP_ss&mntrId=009438de000000000000001e8c6f16a6

IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={3FB49B8C-2FCC-44F5-AA97-A17D3A8AF311}&mid=2a05b754417347d19945d157ca8bff55-5a4473c1cc9e44870379b5564e7119bd1325dc1d〈=en&ds=ir011&pr=sa&d=2012-02-04 21:44:17&v=10.0.0.7&sap=dsp&q={searchTerms}

IE - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"

FF - prefs.js..browser.startup.homepage: "http://www.google.it/"

FF - prefs.js..extensions.enabledAddons: %7B0153E448-190B-4987-BDE1-F256CADA672F%7D:15.0.6

FF - prefs.js..extensions.enabledAddons: fmconverter%40gmail.com:1.0.0

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Gianni\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)

FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Gianni\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Gianni\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Gianni\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Gianni\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/08/15 15:42:42 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012/11/28 08:43:37 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/09 14:57:00 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/09 14:56:57 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/09 14:57:00 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/09 14:56:57 | 000,000,000 | ---D | M]

[2012/01/26 15:28:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gianni\AppData\Roaming\mozilla\Extensions

[2012/07/26 17:40:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gianni\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions

[2012/10/23 16:18:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gianni\AppData\Roaming\mozilla\Firefox\Profiles\cfl6pfir.default-1343600262549\extensions

[2012/10/07 08:13:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gianni\AppData\Roaming\mozilla\Firefox\Profiles\x06m84j9.default\extensions

[2012/07/17 15:53:03 | 000,000,000 | ---D | M] (uTorrentBar_IT Community Toolbar) -- C:\Users\Gianni\AppData\Roaming\mozilla\Firefox\Profiles\x06m84j9.default\extensions\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}

[2012/07/26 17:40:47 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Gianni\AppData\Roaming\mozilla\Firefox\Profiles\x06m84j9.default\extensions\OneClickDownload@OneClickDownload.com

[2012/10/07 08:13:32 | 000,002,547 | ---- | M] () -- C:\Users\Gianni\AppData\Roaming\mozilla\firefox\profiles\cfl6pfir.default-1343600262549\searchplugins\browsemngr.xml

[2012/12/09 14:56:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2012/12/09 14:57:00 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2012/12/09 14:56:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\ffxtlbr@babylon.com

[2012/11/28 08:43:37 | 000,000,000 | ---D | M] (Freemake Video Converter Plugin) -- C:\PROGRAM FILES (X86)\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX

[2012/08/15 15:42:42 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT

[2012/12/09 14:57:00 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2007/04/10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll

[2012/07/27 21:51:30 | 000,184,248 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll

[2012/08/15 15:42:38 | 000,150,736 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll

[2012/08/15 15:42:54 | 000,011,776 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll

[2012/08/15 15:42:31 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll

[2012/12/09 14:56:59 | 000,001,606 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-it.xml

[2012/02/04 21:44:13 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml

[2012/11/12 18:12:04 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml

[2012/08/30 18:41:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012/12/09 14:56:59 | 000,000,957 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-it.xml

[2012/08/30 18:41:12 | 000,003,581 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml

[2012/12/09 14:56:59 | 000,001,030 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\hoepli.xml

[2012/12/09 14:56:59 | 000,001,395 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-it.xml

[2012/12/09 14:56:59 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-it.xml

========== Chrome ==========

CHR - homepage: https://www.google.it/webhp?hl=it&tab=ww

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}

CHR - homepage: https://www.google.it/webhp?hl=it&tab=ww

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Gianni\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Unity Player (Enabled) = C:\Users\Gianni\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Gianni\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - Extension: YouTube = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\

CHR - Extension: Ricerca Google = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\

CHR - Extension: Freemake Video Converter = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\

CHR - Extension: Gmail = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

CHR - Extension: OneClickDownload = C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco\1.2_0\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (uTorrentBar_IT Toolbar) - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll (Conduit Ltd.)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Guida per l'accesso a Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (uTorrentBar_IT Toolbar) - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTor.dll (Conduit Ltd.)

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)

O4 - HKLM..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe (PLauncher)

O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)

O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [V0420Mon.exe] C:\Windows\V0420Mon.exe (Creative Technology Ltd.)

O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000..\Run: [ErrorRepairPro] C:\Program Files (x86)\Error Repair Professional\autostart.exe File not found

O4 - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000..\Run: [Facebook Update] C:\Users\Gianni\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

O4 - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000..\Run: [Google Update] C:\Users\Gianni\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)

O4 - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000..\Run: [Octoshape Streaming Services] C:\Users\Gianni\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)

O4 - HKU\S-1-5-21-1539135573-1650222560-1094068503-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found

O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found

O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found

O9 - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found

O9 - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41C21FC2-A23E-4D26-A6DE-FB5139732F86}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41C21FC2-A23E-4D26-A6DE-FB5139732F86}: NameServer = 176.31.229.24,176.31.229.25

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 176.31.229.24,176.31.229.25

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler v {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter ext/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64 spkg.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 60 Days ==========

[2012/12/19 06:58:08 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{89177569-C3B4-46CA-BF5D-490D2E5297AE}

[2012/12/18 18:57:41 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{2E70FD3D-D3DA-4703-BF41-07286621B60B}

[2012/12/18 06:18:16 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{BC5B1F3C-B055-43A6-9844-BBCB70E6562A}

[2012/12/17 18:17:50 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{DBED45C9-645A-45C1-9813-E4C0853EF0E7}

[2012/12/17 06:16:05 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{22DAE3C0-273A-45F0-9DD1-BA68AD679E59}

[2012/12/16 11:04:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2012/12/16 11:04:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2012/12/16 11:04:35 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll

[2012/12/16 11:04:34 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll

[2012/12/16 11:04:34 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2012/12/16 11:04:22 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2012/12/16 11:04:22 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2012/12/16 11:04:22 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2012/12/16 11:04:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java

[2012/12/16 08:13:38 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{2992A1C1-0C36-42E1-8F8F-91C25150C1AA}

[2012/12/15 13:46:58 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\Programs

[2012/12/15 13:46:46 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\ArcSoft

[2012/12/15 13:45:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft

[2012/12/15 13:45:24 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\PCDLIB32.DLL

[2012/12/15 13:39:55 | 040,384,592 | ---- | C] (ArcSoft ) -- C:\Users\Gianni\Desktop\photostudio6_retail_tbyb_all-6.0.0.157.exe

[2012/12/15 13:27:23 | 000,000,000 | ---D | C] -- C:\Users\Gianni\Documents\ArcSoft

[2012/12/15 13:27:17 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\ArcSoft

[2012/12/15 13:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft

[2012/12/15 09:23:10 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{CA502B37-CBEF-46B2-A309-BACF71E7C691}

[2012/12/14 10:15:06 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{6EA8E82D-1E14-4D2F-B73C-C28969C5D91A}

[2012/12/13 09:55:25 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{1614D51D-C122-4881-A540-38D8C843D6E9}

[2012/12/12 10:22:19 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2012/12/12 10:22:18 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2012/12/12 10:22:18 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2012/12/12 10:22:18 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2012/12/12 10:22:18 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2012/12/12 10:22:16 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012/12/12 09:00:26 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{C67B3B50-2165-40F3-BD64-E493F655FF64}

[2012/12/12 06:13:04 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll

[2012/12/12 06:13:04 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll

[2012/12/12 06:12:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe

[2012/12/12 06:12:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll

[2012/12/12 06:12:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe

[2012/12/12 06:12:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

[2012/12/12 06:12:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll

[2012/12/12 06:12:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

[2012/12/12 06:12:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

[2012/12/12 06:12:57 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

[2012/12/12 06:12:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

[2012/12/12 06:12:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

[2012/12/12 06:12:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

[2012/12/12 06:12:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

[2012/12/12 06:12:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll

[2012/12/12 06:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll

[2012/12/12 06:12:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe

[2012/12/12 06:12:17 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll

[2012/12/11 21:00:00 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{9343CD7B-4831-4C37-8B1B-D44CF175A6E3}

[2012/12/11 12:11:26 | 000,000,000 | ---D | C] -- C:\Users\Gianni\Documents\Glenn Cooper - 06 - Il Tempo Della Verita

[2012/12/11 08:59:34 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{5CABCFD2-52A6-4F87-932F-BA54C781EEC0}

[2012/12/10 20:59:09 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{978B2FAA-A974-4C1C-BB4C-17C2F57F441A}

[2012/12/10 06:28:01 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{D8FA9B7F-03FD-4D79-9F4A-ECD79FE85DAE}

[2012/12/09 14:56:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2012/12/09 09:01:19 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{56B23AC3-9F0B-41FC-A9D9-FE02E551E61B}

[2012/12/08 10:43:50 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{D1D6B951-5E7A-424C-809D-E14A9BB047EB}

[2012/12/08 10:21:23 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{EAF54CC2-781B-410F-B38B-6D849AF25DAD}

[2012/12/07 09:50:34 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{39A1F395-A145-4460-931A-D50DA8C3D2DC}

[2012/12/07 09:15:59 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{6CF0F7A9-2D78-46A5-821B-CFDEA2189037}

[2012/12/07 09:12:36 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{DA639BFA-A3B2-4C79-A7FF-E39CC7B178AD}

[2012/12/06 08:16:16 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{E13AB49C-BBF1-4A3B-BBC0-33F4985E139F}

[2012/12/05 06:13:50 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{0065A979-1F36-4329-9F71-14848AD9934F}

[2012/12/04 10:54:08 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{BE99D386-F7B1-4FF0-BC0B-43B873527144}

[2012/12/03 22:25:21 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{B614235A-AB74-4F7C-A565-E882C38F6A62}

[2012/12/03 08:33:27 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{A28D7D81-FF1B-4785-B1C0-6D1C38C29C49}

[2012/12/02 09:59:27 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{FE819DD6-9B81-41A6-B7AC-E95D13E38364}

[2012/12/01 08:10:16 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{EC780C51-F3A5-44CE-8C60-30E6AE575427}

[2012/11/30 08:06:02 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{AA46CE54-1463-41E4-B100-B259BEE36F75}

[2012/11/29 08:32:45 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{2FEA18B9-F579-452C-9EB3-09CB4CA51BC6}

[2012/11/28 18:07:21 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{4834BF15-6407-48B4-A71A-6E60BC526285}

[2012/11/28 10:40:44 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\ServUpdater

[2012/11/28 10:40:44 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\PowerOffer

[2012/11/28 10:40:44 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\PosService

[2012/11/28 10:40:44 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AppData

[2012/11/28 08:43:59 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634896890393452430

[2012/11/28 08:43:51 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\SoftwareUpdater

[2012/11/28 08:43:29 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\OpenCandy

[2012/11/28 06:06:56 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{E5AB336A-8C6C-4987-A21F-8EC3F7B57377}

[2012/11/27 18:06:30 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{3E998279-6FDB-4B4C-8135-DF10230ED7AD}

[2012/11/27 05:54:26 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{2486DC21-467D-45BA-8657-0238203CC7F6}

[2012/11/26 17:54:01 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{C5B331C6-75FF-48F9-A8E1-7A19F773EBB0}

[2012/11/26 05:53:31 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{D05C9F4A-9EB5-4279-8C26-89AFC3A67050}

[2012/11/25 08:10:14 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{112EBB04-DD78-4EFD-97AE-2D003A25F8FB}

[2012/11/24 11:29:38 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{503AB96C-4A59-4055-94B0-B5C964C96A94}

[2012/11/23 09:31:13 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{E476C886-EE94-4FCB-9FA7-318C52B144E2}

[2012/11/22 10:06:54 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{53BEF999-5D58-4ED5-9C2C-2C1A1B9AE8F3}

[2012/11/21 06:24:37 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{B34689F5-B901-44D6-A104-FCF4FAF08183}

[2012/11/20 18:24:12 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{B1C68386-1B41-409E-BDDE-12014CC2E805}

[2012/11/20 05:09:42 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{0054C625-47C5-41AC-BF21-42C73FC346D2}

[2012/11/19 17:36:06 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634889433667273825

[2012/11/19 16:42:26 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{8DA09B06-99DB-4769-A736-326BF3F77336}

[2012/11/19 04:45:44 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634888971440370213

[2012/11/19 04:41:47 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{CF5E7291-5EFF-4B74-A83B-048FBC1FED23}

[2012/11/18 10:24:58 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634888310988533612

[2012/11/18 09:58:29 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634888295090664306

[2012/11/18 09:55:57 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634888293571977442

[2012/11/18 09:50:48 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634888290483310780

[2012/11/18 09:37:45 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{CD415BCC-C441-4EF3-841F-E941927831D5}

[2012/11/18 09:20:27 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{684BFD35-78A9-42FC-93CF-A3526D40E8B6}

[2012/11/17 09:49:37 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{2CAB7F56-0292-4649-BC57-2F677184338C}

[2012/11/16 09:13:19 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll

[2012/11/16 09:13:15 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll

[2012/11/16 09:13:15 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll

[2012/11/16 09:13:15 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll

[2012/11/16 09:03:00 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll

[2012/11/16 07:51:27 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{5828666D-0DDB-4681-8FFC-4EB212BE66BC}

[2012/11/15 09:24:19 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{E1822C00-B0CA-40A2-91EA-340C7B8BBBD8}

[2012/11/14 06:40:39 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{3DFBF59D-723E-491F-BB9D-7CFC9ACF6DFB}

[2012/11/13 17:07:04 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{742BF4CB-29F3-4DEE-87FB-78FD11C7E6A1}

[2012/11/13 05:06:39 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{335E16F1-172C-4580-948C-3E8805EAB2B7}

[2012/11/12 20:59:57 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder634883507978981835

[2012/11/12 20:40:29 | 000,000,000 | -H-D | C] -- C:\Users\Gianni\Documents\Freemake_do_not_remove_this_folder

[2012/11/12 20:28:23 | 000,000,000 | ---D | C] -- C:\Users\Gianni\Documents\Freemake

[2012/11/12 20:28:22 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake

[2012/11/12 20:28:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake

[2012/11/12 20:28:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake

[2012/11/12 20:28:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake

[2012/11/12 18:11:33 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\Babylon

[2012/11/12 09:15:15 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{98D865DE-7079-4DD5-BC96-A97DB215CA1B}

[2012/11/11 21:14:49 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{E035BE31-F071-4E7B-AC8B-4A654CFC4E7F}

[2012/11/11 10:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI

[2012/11/11 10:22:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP

[2012/11/11 10:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center

[2012/11/11 09:14:20 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{428C8EAD-7AA5-4F7A-8D7D-7668673B1052}

[2012/11/10 20:05:45 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{A6DE7F0B-3618-407B-965E-A9C72A0FEB62}

[2012/11/10 15:44:09 | 000,811,008 | ---- | C] (Pizzolato Davide - www.xdp.it) -- C:\Windows\SysWow64\cximage.dll

[2012/11/10 15:44:09 | 000,282,624 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\V0420Cvw.crl

[2012/11/10 15:44:09 | 000,278,528 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\V0420Cvw.dll

[2012/11/10 15:44:09 | 000,108,032 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\CtDrvIns.exe

[2012/11/10 15:44:09 | 000,098,304 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\V0420Ext.ax

[2012/11/10 15:44:09 | 000,061,440 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\V0420Ext.crl

[2012/11/10 15:44:09 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\CtCamMgr.dll

[2012/11/10 15:44:09 | 000,000,000 | ---D | C] -- C:\Live! Cam

[2012/11/10 15:31:29 | 000,000,000 | ---D | C] -- C:\Users\Gianni\Documents\File ricevuti

[2012/11/10 14:54:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode

[2012/11/10 14:54:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XMedia Recode

[2012/11/10 14:38:41 | 000,000,000 | ---D | C] -- C:\Users\Gianni\Documents\FIFA 13

[2012/11/10 08:05:18 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{A1AB5F5F-2E7F-4FA6-B23F-99718B150561}

[2012/11/09 20:04:51 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{36397C6D-56FA-456A-A61C-089D08C029D9}

[2012/11/09 08:04:25 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{F96B9D06-4AF8-4114-BBAB-EF7F9095EFE9}

[2012/11/08 20:04:00 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{C4B5296A-3364-4341-B510-E31EBBD84FDA}

[2012/11/08 09:47:11 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\FMRTE13

[2012/11/08 09:45:24 | 000,000,000 | ---D | C] -- C:\BraCa Soft

[2012/11/08 07:36:08 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{B2D2D1BC-F79B-46B3-A9F8-7F8B2DC803BE}

[2012/11/07 07:53:31 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{42A4ABAA-15C2-4188-A034-27DD0D3152E9}

[2012/11/06 20:38:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

[2012/11/06 20:38:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip

[2012/11/06 07:52:48 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{6D6082AA-07A9-49F8-B54A-7AB7A4121C00}

[2012/11/05 19:28:01 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{35782295-0A4F-47DE-945A-24BCCBCCF92C}

[2012/11/05 11:29:53 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

[2012/11/05 11:18:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

[2012/11/05 11:18:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam

[2012/11/05 07:41:30 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive

[2012/11/05 07:41:30 | 000,000,000 | ---D | C] -- C:\Users\Gianni\Documents\Sports Interactive

[2012/11/05 07:27:36 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{37C494F9-4DF4-4652-9202-AE8502FC9C58}

[2012/11/04 07:28:12 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{618A3D34-4207-42E1-BB21-A36D5C092869}

[2012/11/03 10:37:04 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{D314CF97-FC79-416D-A45B-41CA8D9CF729}

[2012/11/02 11:28:22 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{2F7C09ED-A468-488C-BAD6-95154E616A50}

[2012/11/02 08:46:57 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{39E84469-E556-4090-8083-C75D1AB82E68}

[2012/11/01 11:04:44 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{BB14918D-F547-4DE8-A46A-0A7EC9C498D3}

[2012/11/01 10:47:50 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{4EE6B47E-1DFC-4296-8652-BF2130CAD51F}

[2012/10/31 08:57:34 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{6D841192-2E47-4886-8BFB-18D915E0769A}

[2012/10/30 17:25:07 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\Chromium

[2012/10/30 17:18:46 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\Sports Interactive

[2012/10/30 17:18:46 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\Sports Interactive

[2012/10/30 12:09:33 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{17CE8207-D9A2-4DB2-AF3E-ACF9EFD3D3B6}

[2012/10/29 22:54:47 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{B3717CED-D065-46CD-94AA-CC30F0692974}

[2012/10/29 17:30:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam

[2012/10/29 09:48:49 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{68D3B81C-2E85-4379-9FC6-2125863F464E}

[2012/10/29 09:04:42 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{9DAC89B7-A152-4FAF-ABAC-E6768BFB6829}

[2012/10/28 18:52:51 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grim Tales - La sposa

[2012/10/28 18:52:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grim Tales - La sposa

[2012/10/28 18:52:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Grim Tales - La sposa

[2012/10/28 13:13:06 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{0F1A0CC1-B2DE-4BCA-AB6D-0CE1F0E18CEF}

[2012/10/27 10:21:47 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{0B8DC3E9-64E0-4530-84DC-8C173A628669}

[2012/10/26 07:54:03 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{C29F0E1F-6DB0-478E-AAAE-8F4C6ABC06F9}

[2012/10/25 19:18:21 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\Elephant Games

[2012/10/25 19:18:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Elephant Games

[2012/10/25 19:16:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2012/10/25 19:14:51 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grim Tales - Maledizione di famiglia

[2012/10/25 19:14:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grim Tales - Maledizione di famiglia

[2012/10/25 19:14:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Grim Tales - Maledizione di famiglia

[2012/10/25 18:04:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\{3002E08A-4925-4821-8D06-D5FC4EBFF034}

[2012/10/25 18:03:59 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\PackageAware

[2012/10/25 17:01:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Big Fish Games

[2012/10/25 17:01:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bfgclient

[2012/10/25 16:55:11 | 000,000,000 | ---D | C] -- C:\BigFishGamesCache

[2012/10/25 08:57:34 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{0262E2EE-C5A5-47E4-A447-9297CC0C8E59}

[2012/10/25 07:18:44 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{568F2C69-5B8B-428E-8E07-460CF7514AB4}

[2012/10/24 10:03:32 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{7025B88C-39B8-42EF-B862-2D21CF9FFC52}

[2012/10/23 22:03:07 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{B1AF26E8-AB89-45DD-B448-D95705A91FA7}

[2012/10/23 10:02:43 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{CA9EB897-7C8C-4ECA-AD7F-44C0D647D916}

[2012/10/22 21:58:37 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{8FDE902E-4AC8-4F07-8E9E-F3780D5C4D12}

[2012/10/22 08:15:28 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{39841513-171E-4802-86D5-1FC8D918104D}

[2012/10/22 07:23:32 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\Diagnostics

[2012/10/22 07:19:33 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{7858542C-84B7-4BD7-A089-E6899E446F05}

[2012/10/21 12:03:47 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{7EA223EC-FEFD-4E8A-B6D4-B36B7CD3BEE5}

[2012/10/21 09:30:36 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{F18EA4A7-4C8D-4F87-957D-28A714EBABF2}

[2012/10/21 09:14:07 | 000,000,000 | ---D | C] -- C:\Users\Gianni\AppData\Local\{09098D13-FDD3-407B-B14E-6C1691001C7E}

========== Files - Modified Within 60 Days ==========

[2012/12/19 13:41:00 | 000,001,164 | ---- | M] () -- C:\Windows asks\GoogleUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1000UA.job

[2012/12/19 13:36:02 | 000,000,978 | ---- | M] () -- C:\Windows asks\Adobe Flash Player Updater.job

[2012/12/19 13:27:02 | 000,001,182 | ---- | M] () -- C:\Windows asks\FacebookUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1000UA.job

[2012/12/19 11:56:00 | 000,000,266 | ---- | M] () -- C:\Windows asks\AutoKMS.job

[2012/12/19 09:47:39 | 000,102,892 | ---- | M] () -- C:\Users\Gianni\Desktop\facebook nascita.JPG

[2012/12/19 08:04:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/12/19 08:04:45 | 3220,664,320 | -HS- | M] () -- C:\hiberfil.sys

[2012/12/18 22:41:00 | 000,001,112 | ---- | M] () -- C:\Windows asks\GoogleUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1000Core.job

[2012/12/18 19:27:01 | 000,001,160 | ---- | M] () -- C:\Windows asks\FacebookUpdateTaskUserS-1-5-21-1539135573-1650222560-1094068503-1000Core.job

[2012/12/16 11:04:16 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2012/12/16 11:04:14 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll

[2012/12/16 11:04:14 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll

[2012/12/16 11:04:14 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2012/12/16 11:04:14 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2012/12/16 11:04:14 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2012/12/15 13:44:45 | 040,384,592 | ---- | M] (ArcSoft ) -- C:\Users\Gianni\Desktop\photostudio6_retail_tbyb_all-6.0.0.157.exe

[2012/12/14 10:43:33 | 000,002,493 | ---- | M] () -- C:\Users\Gianni\Desktop\Google Chrome.lnk

[2012/12/12 11:39:36 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2012/12/12 11:39:36 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2012/11/28 10:40:45 | 000,004,082 | ---- | M] () -- C:\Users\Gianni\AppData\Local\unins000.dat

[2012/11/28 10:40:43 | 000,715,038 | ---- | M] () -- C:\Users\Gianni\AppData\Local\unins000.exe

[2012/11/28 08:43:38 | 000,001,324 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk

[2012/11/22 11:47:28 | 000,007,605 | ---- | M] () -- C:\Users\Gianni\AppData\Local\resmon.resmoncfg

[2012/11/14 02:58:15 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2012/11/14 02:55:46 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2012/11/14 02:49:25 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2012/11/14 02:49:19 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012/11/14 02:45:01 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2012/11/14 02:41:30 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2012/11/12 21:06:54 | 000,010,240 | ---- | M] () -- C:\Users\Gianni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/11/10 14:54:22 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\XMedia Recode.lnk

[2012/11/10 14:38:13 | 000,001,053 | ---- | M] () -- C:\Users\Gianni\Desktop\fifa13 - collegamento.lnk

[2012/11/10 05:14:50 | 000,000,635 | ---- | M] () -- C:\Users\Gianni\Desktop\FM13 - collegamento.lnk

[2012/11/05 21:32:16 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll

[2012/11/05 21:32:09 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll

[2012/11/05 11:29:53 | 000,000,222 | ---- | M] () -- C:\Users\Gianni\Desktop\Football Manager 2013.url

[2012/11/05 11:18:51 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk

[2012/11/02 06:11:31 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll

========== Files Created - No Company Name ==========

[2012/12/19 09:47:39 | 000,102,892 | ---- | C] () -- C:\Users\Gianni\Desktop\facebook nascita.JPG

[2012/11/28 10:40:44 | 000,715,038 | ---- | C] () -- C:\Users\Gianni\AppData\Local\unins000.exe

[2012/11/28 10:40:44 | 000,004,082 | ---- | C] () -- C:\Users\Gianni\AppData\Local\unins000.dat

[2012/11/12 20:28:22 | 000,001,324 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk

[2012/11/10 15:44:09 | 000,195,215 | ---- | C] () -- C:\Windows\SysWow64\V0420Cvw.bff

[2012/11/10 15:44:09 | 000,005,022 | ---- | C] () -- C:\Windows\VF0420.uns

[2012/11/10 14:54:22 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\XMedia Recode.lnk

[2012/11/10 14:38:13 | 000,001,053 | ---- | C] () -- C:\Users\Gianni\Desktop\fifa13 - collegamento.lnk

[2012/11/10 05:14:50 | 000,000,635 | ---- | C] () -- C:\Users\Gianni\Desktop\FM13 - collegamento.lnk

[2012/11/05 11:29:53 | 000,000,222 | ---- | C] () -- C:\Users\Gianni\Desktop\Football Manager 2013.url

[2012/11/05 11:18:51 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk

[2012/10/25 17:01:50 | 000,001,931 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk

[2012/10/25 17:01:50 | 000,001,250 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Altri giochi super.lnk

[2012/07/16 10:58:33 | 000,007,605 | ---- | C] () -- C:\Users\Gianni\AppData\Local\resmon.resmoncfg

[2012/05/30 18:07:00 | 000,014,115 | ---- | C] () -- C:\Windows wspmm.ini

[2012/03/09 05:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat

[2012/03/09 05:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

[2012/02/04 21:44:52 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini

[2012/01/28 10:42:30 | 000,010,240 | ---- | C] () -- C:\Users\Gianni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/01/26 15:03:24 | 001,630,920 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2012/01/26 14:38:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2011/09/13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/11/12 18:11:33 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\Babylon

[2012/02/01 14:36:43 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\calibre

[2012/03/19 17:20:15 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\Canneverbe Limited

[2012/11/01 16:51:06 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\Elephant Games

[2012/11/08 09:47:11 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\FMRTE13

[2012/08/29 20:20:32 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\Octoshape

[2012/11/28 08:43:29 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\OpenCandy

[2012/04/20 17:33:51 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\SanDisk SecureAccess

[2012/11/06 08:54:15 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\Sports Interactive

[2012/10/07 08:14:49 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\SumatraPDF

[2012/02/14 11:51:06 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\Unity

[2012/12/19 13:44:07 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\uTorrent

[2012/01/26 20:41:45 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\Windows Live Writer

[2012/01/28 10:41:26 | 000,000,000 | ---D | M] -- C:\Users\Gianni\AppData\Roaming\XMedia Recode

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 235 bytes -> C:\ProgramData\TEMP:5E73E1C2

@Alternate Data Stream - 231 bytes -> C:\ProgramData\TEMP:363E775E

< End of report >

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

OTL Extras logfile created on: 19/12/2012 13:40:48 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gianni\Downloads

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 0,84 Gb Available Physical Memory | 20,96% Memory free

8,00 Gb Paging File | 2,37 Gb Available in Paging File | 29,61% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 195,31 Gb Total Space | 95,80 Gb Free Space | 49,05% Space Free | Partition Type: NTFS

Drive D: | 736,20 Gb Total Space | 425,08 Gb Free Space | 57,74% Space Free | Partition Type: NTFS

Computer Name: GIANNI-PC | User Name: Gianni | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0803AE82-1903-4953-93F0-88EE466CF7CF}" = rport=139 | protocol=6 | dir=out | app=system |

"{187326E0-9CCE-4490-A626-B5943E907322}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{1936D248-76E6-4509-A10B-9C4C221EB8CD}" = lport=138 | protocol=17 | dir=in | app=system |

"{1F0AF96C-EAC2-435A-8A1D-4C68716D2901}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |

"{28998700-32D9-4C5E-B8C6-1C3C1BDB2F7D}" = lport=2869 | protocol=6 | dir=in | app=system |

"{2F0A8AC2-0570-4A36-9450-1E60259F9631}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{2F58ECC2-DD95-48F7-99B8-B7E1A38B5421}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{39748C2F-D4D5-4252-B639-FDADF9FFA9A8}" = lport=139 | protocol=6 | dir=in | app=system |

"{3A6F9CB6-DC80-4463-8727-7DAE07485520}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{45B8842F-5D3C-4400-87D9-A4286A4FFC75}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{4A459D3E-97AE-41D4-B3A6-A7372FE63F41}" = rport=138 | protocol=17 | dir=out | app=system |

"{5ED6A917-52BD-4FE4-B276-1D48B4513B7D}" = rport=10243 | protocol=6 | dir=out | app=system |

"{652CF442-A9BE-4C71-A72B-F66E18BB19AE}" = rport=445 | protocol=6 | dir=out | app=system |

"{656C6209-609A-47E0-8F7E-A94C290CBCA3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{802EBE90-CD51-4147-B2CF-890109024209}" = lport=10243 | protocol=6 | dir=in | app=system |

"{80D2480B-F15E-4C09-B4A5-077A9629A7E2}" = lport=137 | protocol=17 | dir=in | app=system |

"{907EB076-FF44-4089-B958-2E1F4F3CDF3C}" = lport=445 | protocol=6 | dir=in | app=system |

"{95C79019-8F13-44E5-82C8-C01B0B4220EC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{A4F40691-1679-470D-8923-9C545F7EA7EF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{B19CA567-BE0A-469E-BD17-BD1D197C38BE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |

"{CED48894-C05D-4170-9DDD-4565E902534A}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |

"{D316B413-EDC9-4AAE-A5B7-4D4DF82796C5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{EAE2BE10-432F-4A66-B548-CAC4100F4770}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{ED7F9B8C-21DD-4331-BA9A-36E917050364}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{F2E3826D-B444-48A5-8D53-BCAEF1ED4B98}" = rport=137 | protocol=17 | dir=out | app=system |

"{FB900B20-573D-44DF-8291-5D64478969F1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0142AF90-C16A-4BD1-9D2A-C0153B723A6C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{05AD542F-F65F-4051-958B-D5C3825D313F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{08228FA9-F960-496E-89D4-B405F72D7FBE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |

"{12D51294-26E1-4FAF-A44D-7E76F14050D0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{1B9D90C2-1729-46E4-89EF-B04435609E95}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"{1FC2EAAE-731A-4E6F-ABF0-056981B4A0AC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{23CDD1A9-B6F6-45E9-9B34-9A8FAE5472D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013\fm.exe |

"{263DC768-9906-4751-BC49-9B46AA9839F7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{26729BF7-DA8B-42D7-99A6-5ABA2AACEE00}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 resource archiver\resource archiver.exe |

"{2A7EE6D8-7ACD-4D56-8C19-0E13F78FE793}" = protocol=6 | dir=out | app=system |

"{2B5626AA-09BD-4592-8EF4-7C084706158F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{2BB117DF-665D-4D3F-9088-F15548BE0107}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{3106D60D-D135-42E8-8624-1173FA553526}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |

"{382E8C93-221D-4C64-A11B-086E5793B745}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{3E52E13F-D4E9-4344-A5AC-999AA833C52B}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |

"{3F578A10-2D4C-4951-9147-B7FB7C24C846}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 demo\fm.exe |

"{3FAD5162-273E-428E-8B7B-0699413E3B46}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 resource archiver\resource archiver.exe |

"{4906EA1C-C62C-46CA-B53D-1CEDBE6B6554}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{555FB3AC-F6E1-48FD-A1D6-104454B796EE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{592BFE74-229B-47DF-A175-D84CD978865B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{5B01FBBE-66B6-44AF-AF97-7CB00F15E644}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{651EFC58-36D5-488B-91BF-7B5ACDF9DD20}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |

"{66C35BA0-3624-44F0-9228-D0436F76101C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 editor\editor.exe |

"{700ED68A-3A58-4224-8E0C-0CC061796486}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{7EF9918D-C6B9-4BBE-A75A-FFD20EA800F0}" = dir=in | app=c:\users\gianni\appdata\local\facebook\video\skype\facebookvideocalling.exe |

"{7FF7713C-E346-43FB-AEF2-1BA030D35AEA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{84EEF122-6915-4C5B-B4A8-0D552A612A4A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{8EC7146C-EBD6-4F89-88CE-38D8D7B5EC3E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |

"{AD92F434-0D9D-4EA1-B55C-CE376B5307E7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{C12224E6-6932-4C03-91F4-0345ED426B99}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{C48BCC3D-BD19-4499-A16B-B5BFA8314B29}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 editor\editor.exe |

"{CF081CA9-D75B-4D9E-8AEF-305FDD463548}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013\fm.exe |

"{D2B84192-83E4-40DE-9E86-531034E7D123}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\football manager 2013 demo\fm.exe |

"{F8FD076A-2038-46F6-B337-DC63F0DAF5EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{FA764038-B1E0-455A-9FC7-80A975B82B30}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"TCP Query User{13D99FDD-E507-4227-B8D9-2D949FD17389}C:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe |

"TCP Query User{21285A39-92F4-463F-A513-DE623C2A01D6}D:\fifa 12\game\fifa.exe" = protocol=6 | dir=in | app=d:\fifa 12\game\fifa.exe |

"TCP Query User{272AC4C2-8868-4770-8EAF-AC00AFB8FC66}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |

"TCP Query User{276DF23F-7014-4A27-9A52-894207646B7E}D: mnationsforever mforever.exe" = protocol=6 | dir=in | app=d: mnationsforever mforever.exe |

"TCP Query User{2E1AE588-CEDD-414A-A6C6-C2E7194BC017}D:\fifa13\game\game\fifa13.exe" = protocol=6 | dir=in | app=d:\fifa13\game\game\fifa13.exe |

"TCP Query User{3CF66FF0-2BCA-4688-9F70-51B2FBA1BE4D}D:\ea sport\fifa 12\game\fifa.exe" = protocol=6 | dir=in | app=d:\ea sport\fifa 12\game\fifa.exe |

"TCP Query User{4FE4F985-0657-49FD-B21A-77F3E9CEF101}D: mnationsforever mforever.exe" = protocol=6 | dir=in | app=d: mnationsforever mforever.exe |

"TCP Query User{A978FB32-A665-4441-9704-8A5CF0BBE1D1}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |

"TCP Query User{CA8DC527-B577-4DE7-B9FF-21357B35D93C}C:\users\gianni\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\gianni\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |

"TCP Query User{E0260065-7735-45A2-926C-5D772FAD4DE9}C:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe |

"UDP Query User{05620D2E-FEF5-4909-AF57-A84AF80B6DA3}D:\fifa13\game\game\fifa13.exe" = protocol=17 | dir=in | app=d:\fifa13\game\game\fifa13.exe |

"UDP Query User{374E5F1F-6E50-4C16-ACE2-D239D367DF42}C:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe |

"UDP Query User{3CE44F98-EB83-4516-B41D-24239F9D0D66}D: mnationsforever mforever.exe" = protocol=17 | dir=in | app=d: mnationsforever mforever.exe |

"UDP Query User{49E1CE12-F2BB-493A-BCDF-42AAAC543074}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |

"UDP Query User{5AE796F9-E889-46C2-A9A8-A90627EB92F6}C:\users\gianni\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\gianni\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |

"UDP Query User{687D5421-9790-4923-8114-A99B93BFF414}D:\fifa 12\game\fifa.exe" = protocol=17 | dir=in | app=d:\fifa 12\game\fifa.exe |

"UDP Query User{869817CD-687A-4736-9AA1-4143EF5D4DAA}D: mnationsforever mforever.exe" = protocol=17 | dir=in | app=d: mnationsforever mforever.exe |

"UDP Query User{A0E02C3F-DEE0-4F79-8DA1-A13E31AF602E}C:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft otalmedia theatre 5 otalmedia server m server.exe |

"UDP Query User{A1224D47-03B2-4C32-9A96-255C95E26591}D:\ea sport\fifa 12\game\fifa.exe" = protocol=17 | dir=in | app=d:\ea sport\fifa 12\game\fifa.exe |

"UDP Query User{FDD2AD1B-CE74-4400-9A9B-D4DA2A7E2A41}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0B500125-92A7-40BF-ACF0-45A9221ADE21}_is1" = PowerOffer 2.0

"{0F7A6FD0-87F5-FB5D-973C-CF604DE1BC6B}" = CCC Help Polish

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{1A9BE3D6-4D53-2C9D-B77D-562D85936B91}" = CCC Help Norwegian

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{210DFA65-F805-1A2B-4F83-8E27279AE385}" = Catalyst Control Center Graphics Previews Common

"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{29822CAD-C76A-0BEE-55F5-AAA524DA814F}" = CCC Help Greek

"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{3A1293DF-7D09-BB0F-9576-EC47EE4A9362}" = CCC Help Italian

"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack

"{47416F0B-6589-591E-C6F8-4235D2230B14}" = Catalyst Control Center InstallProxy

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{570C2A84-A145-4DF0-AE9D-012584DF09DC}" = SPCA1528 PC Driver

"{625FC7D1-656D-1BEC-F86F-3EACAFDAA8FE}" = CCC Help English

"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Supporto applicazioni Apple

"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = Parser MSXML 4.0 SP2 e SDK

"{7351EEF8-9D6C-5F46-5A19-F2C7456CE132}" = CCC Help German

"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{7F172E34-4107-8964-6AEA-5051FFD265FF}" = CCC Help Portuguese

"{7F92FF5F-C7EA-40BA-9481-02B6B4479C93}" = calibre

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{86095E92-1959-8364-920E-82E81F64F8FB}" = Catalyst Control Center

"{89D05F35-933A-89C0-B935-C92BEE4229BD}" = CCC Help French

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010

"{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2010

"{90140000-0015-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010

"{90140000-0016-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2010

"{90140000-0016-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0017-0410-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Italian) 2010

"{90140000-0017-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{71D73EA6-F837-4368-B9D2-10D0D112ED74}" = Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)

"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010

"{90140000-0018-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2010

"{90140000-0018-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010

"{90140000-0019-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2010

"{90140000-0019-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010

"{90140000-001A-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2010

"{90140000-001A-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010

"{90140000-001B-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2010

"{90140000-001B-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010

"{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.it-it_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.OMUI.it-it_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARD_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.OMUI.it-it_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.STANDARD_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010

"{90140000-001F-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.STANDARD_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARD_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0409-1000-0000000FF1CE}_Office14.STANDARD_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0410-1000-0000000FF1CE}_Office14.OMUI.it-it_{6664EABC-4985-4C45-925C-6E23AB142266}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010

"{90140000-002C-0409-0000-0000000FF1CE}_Office14.STANDARD_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2010

"{90140000-002C-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{711BC808-AC64-48E2-82B2-6B53BB802142}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2010

"{90140000-0044-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010

"{90140000-006E-0409-0000-0000000FF1CE}_Office14.STANDARD_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2010

"{90140000-006E-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{C9172EE7-BDCA-4E57-9217-4C589947298B}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010

"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.STANDARD_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2010

"{90140000-00A1-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2010

"{90140000-00BA-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0100-0410-0000-0000000FF1CE}" = Microsoft Office O MUI (Italian) 2010

"{90140000-0100-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{2C8C6BB6-81E2-407E-9780-FD04147198ED}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)

"{90140000-0101-0410-0000-0000000FF1CE}" = Microsoft Office X MUI (Italian) 2010

"{90140000-0101-0410-0000-0000000FF1CE}_Office14.OMUI.it-it_{645C632B-EE9F-43B0-87E1-2546E9232C7F}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)

"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010

"{90140000-0115-0409-0000-0000000FF1CE}_Office14.STANDARD_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0116-0409-1000-0000000FF1CE}_Office14.STANDARD_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources

"{959E4378-CCA1-E4E4-2425-793DA92E8D95}" = CCC Help Czech

"{96BB3C67-4EB4-9757-E0C2-C0D2FE9053B1}" = CCC Help Turkish

"{974F4B73-2017-E174-9070-3F58F01B341F}" = CCC Help Danish

"{98E20A18-3C29-86FA-50B4-918C2B34A082}" = CCC Help Hungarian

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9E2E5EB3-DC6E-9277-E9DB-13175E7DDA39}" = CCC Help Dutch

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAACC0A5-4382-04D0-C75E-0669C7B949B6}" = CCC Help Japanese

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Italiano

"{ACEF4078-9B86-2455-E18D-34D52D37D9D5}" = CCC Help Chinese Standard

"{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}" = Mobipocket Creator 4.2

"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6

"{B55FB422-B803-11F5-5582-B3666EA1B9AC}" = Catalyst Control Center Localization All

"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB

"{B8010864-15F8-613B-20EF-AC35B14B3E0D}" = CCC Help Russian

"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287

"{C1342411-5A98-DE8A-5629-D0C518E1C280}" = CCC Help Finnish

"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D08B4177-5160-6B66-8934-2F9012134D61}" = CCC Help Thai

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D34A6029-FB1A-9EA8-A938-5393F82A3A00}" = CCC Help Korean

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode versione 3.1.1.8

"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding

"{E3A09D13-4D40-3CF8-7D32-8BD55F8D1533}" = CCC Help Spanish

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable

"{F2C35491-9323-3AE7-6023-6B4128045153}" = CCC Help Swedish

"{FC66A32F-1A57-AC5C-4F12-DAC2F4CB77A0}" = CCC Help Chinese Traditional

"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker

"1ClickDownload" = 1ClickDownloader

"7-Zip" = 7-Zip 9.20

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Avira AntiVir Desktop" = Avira Free Antivirus

"BFGC" = Big Fish Games: Game Manager

"BFG-Grim Tales - La sposa" = Grim Tales: La sposa

"BFG-Grim Tales - Maledizione di famiglia" = Grim Tales: Maledizione di famiglia

"Freemake Video Converter_is1" = Freemake Video Converter versione 3.1.2

"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5

"Mozilla Firefox 17.0.1 (x86 it)" = Mozilla Firefox 17.0.1 (x86 it)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"Office14.OMUI.it-it" = Microsoft Office Language Pack 2010 - Italian/Italiano

"Office14.STANDARD" = Microsoft Office Standard 2010

"PowerISO" = PowerISO

"RealPlayer 15.0" = RealPlayer

"Steam App 207890" = Football Manager 2013

"Steam App 220600" = Football Manager 2013 Editor

"Steam App 220620" = Football Manager 2013 Resource Archiver

"uTorrent" = µTorrent

"uTorrentBar_IT Toolbar" = uTorrentBar_IT Toolbar

"VirtualCloneDrive" = VirtualCloneDrive

"WinLiveSuite" = Windows Live Essentials

"WinRAR archiver" = WinRAR 4.10 (32-bit)

"XP Codec Pack" = XP Codec Pack

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1539135573-1650222560-1094068503-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

"Octoshape Streaming Services" = Octoshape Streaming Services

"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 19/07/2012 04:51:15 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 19/07/2012 07:19:05 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 19/07/2012 07:58:56 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 19/07/2012 11:57:28 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 20/07/2012 02:42:05 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 20/07/2012 04:31:08 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 20/07/2012 05:14:45 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 20/07/2012 07:54:14 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 20/07/2012 10:12:14 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

Error - 20/07/2012 11:16:58 | Computer Name = Gianni-PC | Source = WinMgmt | ID = 10

Description =

[ Media Center Events ]

Error - 10/06/2012 01:42:21 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0

Description = 07:42:21 - Errore di connessione a Internet. 07:42:21 - Impossibile

contattare il server..

Error - 10/06/2012 01:42:30 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0

Description = 07:42:26 - Errore di connessione a Internet. 07:42:26 - Impossibile

contattare il server..

Error - 04/07/2012 02:29:21 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0

Description = 08:29:21 - Errore di connessione a Internet. 08:29:21 - Impossibile

contattare il server..

Error - 04/07/2012 02:29:31 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0

Description = 08:29:26 - Errore di connessione a Internet. 08:29:26 - Impossibile

contattare il server..

Error - 19/07/2012 03:05:22 | Computer Name = Gianni-PC | Source = MCUpdate | ID = 0

Description = 09:05:22 - Errore di connessione a Internet. 09:05:22 - Impossibile

contattare il server..

[ System Events ]

Error - 18/12/2012 11:29:59 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7026

Description = All'avvio non è stato possibile caricare i seguenti driver: ArcSec

Error - 18/12/2012 14:38:41 | Computer Name = Gianni-PC | Source = Microsoft-Windows-Diagnostics-Networking | ID = 5300

Description = Framework di diagnostica di rete: impossibile completare la fase di

ripristino dell'operazione. Errore. È stata generata una segnalazione errore di

Windows. [2147942487]

Error - 19/12/2012 00:01:39 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7000

Description = Il servizio SPCA1528 Video Camera Service non è stato avviato per

il seguente errore: %%2

Error - 19/12/2012 00:03:15 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7022

Description = Servizio Pos Service bloccato in partenza.

Error - 19/12/2012 00:03:15 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7022

Description = Servizio Serv Updater bloccato in partenza.

Error - 19/12/2012 00:03:15 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7026

Description = All'avvio non è stato possibile caricare i seguenti driver: ArcSec

Error - 19/12/2012 03:05:01 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7000

Description = Il servizio SPCA1528 Video Camera Service non è stato avviato per

il seguente errore: %%2

Error - 19/12/2012 03:06:36 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7022

Description = Servizio Pos Service bloccato in partenza.

Error - 19/12/2012 03:06:36 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7022

Description = Servizio Serv Updater bloccato in partenza.

Error - 19/12/2012 03:06:36 | Computer Name = Gianni-PC | Source = Service Control Manager | ID = 7026

Description = All'avvio non è stato possibile caricare i seguenti driver: ArcSec

< End of report >

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Adesso disattiva momentaneamente l'antivirus e il firewall.

Apri fix.txt che ti ho allegato qui in basso

Apri OTL

copia tutto il contenuto del file fix.txt sotto il box custom scans / fixes di OTL

clicca RUN FIX in alto

aspetta le operazioni e posta il report che ti appare.

POI

scarica AdwCleaner

http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner

(clicca sulla freccia verde per far partire il download)

clicca direttamente su Elimina , il pc si riavvierà , posta anche il suo report che ti uscirà.

fix.txt

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

All processes killed

========== OTL ==========

No active process named PService.exe was found!

Service SoftwareUpd stopped successfully!

Service SoftwareUpd deleted successfully!

C:\Users\Gianni\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe moved successfully.

Service PowerOffer Service stopped successfully!

Service PowerOffer Service deleted successfully!

C:\Users\Gianni\AppData\Local\PosService\Pos.exe moved successfully.

Service ServUpdater stopped successfully!

Service ServUpdater deleted successfully!

C:\Users\Gianni\AppData\Local\ServUpdater\ServiceUpd.exe moved successfully.

Prefs.js: "Search the web (Babylon)" removed from browser.search.selectedEngine

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{41C21FC2-A23E-4D26-A6DE-FB5139732F86}\\NameServer| /E : value set successfully!

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}\\NameServer| /E : value set successfully!

ADS C:\ProgramData\TEMP:5E73E1C2 deleted successfully.

ADS C:\ProgramData\TEMP:363E775E deleted successfully.

========== FILES ==========

C:\Users\Gianni\AppData\Local\PosService\settings folder moved successfully.

C:\Users\Gianni\AppData\Local\PosService folder moved successfully.

C:\Users\Gianni\AppData\Local\PowerOffer folder moved successfully.

C:\Users\Gianni\AppData\Local\ServUpdater\settings folder moved successfully.

C:\Users\Gianni\AppData\Local\ServUpdater folder moved successfully.

C:\Users\Gianni\AppData\Local\SoftwareUpdater\settings folder moved successfully.

C:\Users\Gianni\AppData\Local\SoftwareUpdater folder moved successfully.

C:\Users\Gianni\AppData\Local\unins000.exe moved successfully.

C:\Users\Gianni\AppData\Local\unins000.dat moved successfully.

< ipconfig /flushdns /c >

Configurazione IP di Windows

Cache del resolver DNS svuotata.

C:\Users\Gianni\Downloads\cmd.bat deleted successfully.

C:\Users\Gianni\Downloads\cmd.txt deleted successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Gianni

->Temp folder emptied: 2108364378 bytes

->Temporary Internet Files folder emptied: 184794202 bytes

->Java cache emptied: 2232146 bytes

->FireFox cache emptied: 141718029 bytes

->Google Chrome cache emptied: 184533758 bytes

->Flash cache emptied: 550 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 259344486 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67740 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 2.748,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 12192012_150011

Files\Folders moved on Reboot...

C:\Users\Gianni\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

File\Folder C:\Users\Gianni\AppData\Local\Temp\~DF629A8C8969F70140.TMP not found!

File\Folder C:\Users\Gianni\AppData\Local\Temp\~DFD67D22B67C1A885F.TMP not found!

File\Folder C:\Users\Gianni\AppData\Local\Temp\~PIE7C7.tmp not found!

File\Folder C:\Users\Gianni\AppData\Local\Temp\~PIE7C8.tmp not found!

File\Folder C:\Users\Gianni\AppData\Local\Temp\~PIE8A5.tmp not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

# AdwCleaner v2.101 - Logfile creato il 19/12/2012 alle 15:10:46

# Aggiornamento 16/12/2012 by Xplode

# Sistema Operativo : Windows 7 Ultimate Service Pack 1 (64 bits)

# Utente : Gianni - GIANNI-PC

# Modalità Avvio : Modalità Normale

# Eseguito da : C:\Users\Gianni\Downloads\adwcleaner.exe

# Opzioni [Elimina]

***** [servizi] *****

***** [File / Cartelle] *****

Cartella Eliminato : C:\Program Files (x86)\Conduit

Cartella Eliminato : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com

Cartella Eliminato : C:\Program Files (x86)\uTorrentBar_IT

Cartella Eliminato : C:\ProgramData\Babylon

Cartella Eliminato : C:\Users\Gianni\AppData\Local\Conduit

Cartella Eliminato : C:\Users\Gianni\AppData\LocalLow\Conduit

Cartella Eliminato : C:\Users\Gianni\AppData\LocalLow\uTorrentBar_IT

Cartella Eliminato : C:\Users\Gianni\AppData\Roaming\Babylon

Cartella Eliminato : C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\x06m84j9.default\ConduitCommon

Cartella Eliminato : C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\x06m84j9.default\CT2851640

Cartella Eliminato : C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\x06m84j9.default\extensions\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}

Cartella Eliminato : C:\Users\Gianni\AppData\Roaming\OpenCandy

File Eliminato : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

File Eliminato : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

File Eliminato : C:\user.js

File Eliminato : C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\cfl6pfir.default-1343600262549\searchplugins\browsemngr.xml

***** [Registro] *****

Chiave Eliminata : HKCU\Software\AppDataLow\Software\Conduit

Chiave Eliminata : HKCU\Software\AppDataLow\Software\Crossrider

Chiave Eliminata : HKCU\Software\AppDataLow\Software\SmartBar

Chiave Eliminata : HKCU\Software\AppDataLow\Software\uTorrentBar_IT

Chiave Eliminata : HKCU\Software\AppDataLow\Toolbar

Chiave Eliminata : HKCU\Software\Conduit

Chiave Eliminata : HKCU\Software\Cr_Installer

Chiave Eliminata : HKCU\Software\DataMngr

Chiave Eliminata : HKCU\Software\DataMngr_Toolbar

Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}

Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}

Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}

Chiave Eliminata : HKCU\Software\Softonic

Chiave Eliminata : HKCU\Software\SweetIM

Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Chiave Eliminata : HKLM\Software\Babylon

Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}

Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Chiave Eliminata : HKLM\SOFTWARE\Classes\Prod.cap

Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar.CT2851640

Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Chiave Eliminata : HKLM\Software\Conduit

Chiave Eliminata : HKLM\Software\DataMngr

Chiave Eliminata : HKLM\Software\Iminent

Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}

Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{854145C6-B95A-408D-BE86-367DC393A219}

Chiave Eliminata : HKLM\Software\SweetIM

Chiave Eliminata : HKLM\Software\uTorrentBar_IT

Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}

Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{854145C6-B95A-408D-BE86-367DC393A219}

Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph

Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}

Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3EDC4984-32D3-4FE1-B0B9-9261CBEB111F}

Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E3B1241-7F57-46F7-9D95-0AF0676BC349}

Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}

Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Chiave Eliminata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_IT Toolbar

Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar

Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}]

Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}]

Valore Eliminata : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1}]

***** [browser Internet] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registro Pulito.

-\\ Mozilla Firefox v17.0.1 (it)

Nome Profilo : default

File : C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\x06m84j9.default\prefs.js

C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\x06m84j9.default\user.js ... Eliminato !

Eliminata : user_pref("CT2851640..clientLogIsEnabled", false);

Eliminata : user_pref("CT2851640..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]

Eliminata : user_pref("CT2851640..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]

Eliminata : user_pref("CT2851640.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);

Eliminata : user_pref("CT2851640.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");

Eliminata : user_pref("CT2851640.AppTrackingLastCheckTime", "Wed May 23 2012 08:14:38 GMT+0200 (ora legale Europ[...]

Eliminata : user_pref("CT2851640.CTID", "CT2851640");

Eliminata : user_pref("CT2851640.CurrentServerDate", "29-7-2012");

Eliminata : user_pref("CT2851640.DSInstall", false);

Eliminata : user_pref("CT2851640.DialogsAlignMode", "LTR");

Eliminata : user_pref("CT2851640.DialogsGetterLastCheckTime", "Fri Jul 27 2012 14:23:22 GMT+0200 (ora legale Eur[...]

Eliminata : user_pref("CT2851640.DownloadReferralCookieData", "");

Eliminata : user_pref("CT2851640.EMailNotifierPollDate", "Fri Jul 27 2012 14:28:21 GMT+0200 (ora legale Europa o[...]

Eliminata : user_pref("CT2851640.FeedLastCount6743962842994482530", 501);

Eliminata : user_pref("CT2851640.FeedPollDate2429156812186649977", "Mon May 28 2012 11:50:42 GMT+0200 (ora legal[...]

Eliminata : user_pref("CT2851640.FeedPollDate2429156813040823546", "Mon May 28 2012 11:50:41 GMT+0200 (ora legal[...]

Eliminata : user_pref("CT2851640.FeedPollDate2429156813130095866", "Mon May 28 2012 11:50:41 GMT+0200 (ora legal[...]

Eliminata : user_pref("CT2851640.FeedPollDate2429156813224203613", "Mon May 28 2012 11:50:41 GMT+0200 (ora legal[...]

Eliminata : user_pref("CT2851640.FeedPollDate2429156813230837251", "Mon May 28 2012 11:50:41 GMT+0200 (ora legal[...]

Eliminata : user_pref("CT2851640.FeedPollDate2429156813454291735", "Mon May 28 2012 11:50:41 GMT+0200 (ora legal[...]

Eliminata : user_pref("CT2851640.FeedPollDate2429156813729834876", "Mon May 28 2012 11:50:41 GMT+0200 (ora legal[...]

Eliminata : user_pref("CT2851640.FeedPollDate2429156813860870021", "Mon May 28 2012 11:50:42 GMT+0200 (ora legal[...]

Eliminata : user_pref("CT2851640.FeedPollDate2429156814264681793", "Mon May 28 2012 11:50:42 GMT+0200 (ora legal[...]

Eliminata : user_pref("CT2851640.FeedPollDate2429156814863075366", "Mon May 28 2012 11:50:41 GMT+0200 (ora legal[...]

Eliminata : user_pref("CT2851640.FeedPollDate2429156815257761081", "Mon May 28 2012 11:50:41 GMT+0200 (ora legal[...]

Eliminata : user_pref("CT2851640.FeedTTL2429156813040823546", 15);

Eliminata : user_pref("CT2851640.FeedTTL2429156813130095866", 10);

Eliminata : user_pref("CT2851640.FeedTTL2429156813454291735", 5);

Eliminata : user_pref("CT2851640.FeedTTL2429156814264681793", 5);

Eliminata : user_pref("CT2851640.FirstServerDate", "26-1-2012");

Eliminata : user_pref("CT2851640.FirstTime", false);

Eliminata : user_pref("CT2851640.FirstTimeFF3", false);

Eliminata : user_pref("CT2851640.FixPageNotFoundErrors", false);

Eliminata : user_pref("CT2851640.GroupingServerCheckInterval", 1440);

Eliminata : user_pref("CT2851640.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");

Eliminata : user_pref("CT2851640.HPInstall", false);

Eliminata : user_pref("CT2851640.HasUserGlobalKeys", false);

Eliminata : user_pref("CT2851640.HomePageProtectorEnabled", false);

Eliminata : user_pref("CT2851640.HomepageBeforeUnload", "www.google.it");

Eliminata : user_pref("CT2851640.Initialize", false);

Eliminata : user_pref("CT2851640.InitializeCommonPrefs", false);

Eliminata : user_pref("CT2851640.InstallationAndCookieDataSentCount", 3);

Eliminata : user_pref("CT2851640.InstallationId", "ConduitXPEIntegration");

Eliminata : user_pref("CT2851640.InstallationType", "ConduitXPEIntegration");

Eliminata : user_pref("CT2851640.InstalledDate", "Thu Jan 26 2012 17:39:17 GMT+0100 (ora solare Europa occidenta[...]

Eliminata : user_pref("CT2851640.IsAlertDBUpdated", false);

Eliminata : user_pref("CT2851640.IsGrouping", false);

Eliminata : user_pref("CT2851640.IsInitSetupIni", false);

Eliminata : user_pref("CT2851640.IsMulticommunity", false);

Eliminata : user_pref("CT2851640.IsOpenThankYouPage", false);

Eliminata : user_pref("CT2851640.IsOpenUninstallPage", false);

Eliminata : user_pref("CT2851640.LanguagePackLastCheckTime", "Sun Jul 29 2012 11:06:44 GMT+0200 (ora legale Euro[...]

Eliminata : user_pref("CT2851640.LanguagePackReloadIntervalMM", 1440);

Eliminata : user_pref("CT2851640.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]

Eliminata : user_pref("CT2851640.LastLogin_3.10.0.1", "Wed Apr 18 2012 12:48:39 GMT+0200 (ora legale Europa occi[...]

Eliminata : user_pref("CT2851640.LastLogin_3.12.0.7", "Fri Apr 27 2012 17:14:18 GMT+0200 (ora legale Europa occi[...]

Eliminata : user_pref("CT2851640.LastLogin_3.12.2.3", "Wed May 30 2012 08:07:37 GMT+0200 (ora legale Europa occi[...]

Eliminata : user_pref("CT2851640.LastLogin_3.13.0.6", "Tue Jul 17 2012 13:57:42 GMT+0200 (ora legale Europa occi[...]

Eliminata : user_pref("CT2851640.LastLogin_3.14.1.0", "Sun Jul 29 2012 22:13:30 GMT+0200 (ora legale Europa occi[...]

Eliminata : user_pref("CT2851640.LastLogin_3.9.0.3", "Thu Mar 08 2012 14:05:22 GMT+0100 (ora solare Europa occid[...]

Eliminata : user_pref("CT2851640.LatestVersion", "3.14.1.0");

Eliminata : user_pref("CT2851640.Locale", "it");

Eliminata : user_pref("CT2851640.MCDetectTooltipHeight", "83");

Eliminata : user_pref("CT2851640.MCDetectTooltipShow", false);

Eliminata : user_pref("CT2851640.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

Eliminata : user_pref("CT2851640.MCDetectTooltipWidth", "295");

Eliminata : user_pref("CT2851640.MyStuffEnabledAtInstallation", false);

Eliminata : user_pref("CT2851640.OriginalFirstVersion", "3.9.0.3");

Eliminata : user_pref("CT2851640.SHRINK_TOOLBAR", 1);

Eliminata : user_pref("CT2851640.SearchCaption", "uTorrentBar_IT Customized Web Search");

Eliminata : user_pref("CT2851640.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");

Eliminata : user_pref("CT2851640.SearchFromAddressBarIsInit", false);

Eliminata : user_pref("CT2851640.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]

Eliminata : user_pref("CT2851640.SearchInNewTabEnabled", false);

Eliminata : user_pref("CT2851640.SearchInNewTabIntervalMM", 1440);

Eliminata : user_pref("CT2851640.SearchInNewTabLastCheckTime", "Sun Jul 29 2012 11:06:52 GMT+0200 (ora legale Eu[...]

Eliminata : user_pref("CT2851640.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]

Eliminata : user_pref("CT2851640.SearchProtectorEnabled", false);

Eliminata : user_pref("CT2851640.SearchProtectorToolbarDisabled", false);

Eliminata : user_pref("CT2851640.SendProtectorDataViaLogin", false);

Eliminata : user_pref("CT2851640.ServiceMapLastCheckTime", "Sun Jul 29 2012 11:06:52 GMT+0200 (ora legale Europa[...]

Eliminata : user_pref("CT2851640.SettingsLastCheckTime", "Sun Jul 29 2012 22:04:42 GMT+0200 (ora legale Europa o[...]

Eliminata : user_pref("CT2851640.SettingsLastUpdate", "1342353865");

Eliminata : user_pref("CT2851640.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2851640&SearchSource=13");

Eliminata : user_pref("CT2851640.ThirdPartyComponentsInterval", 504);

Eliminata : user_pref("CT2851640.ThirdPartyComponentsLastCheck", "Sun Jul 15 2012 11:24:54 GMT+0200 (ora legale [...]

Eliminata : user_pref("CT2851640.ThirdPartyComponentsLastUpdate", "1331806005");

Eliminata : user_pref("CT2851640.ToolbarDisabled", false);

Eliminata : user_pref("CT2851640.ToolbarShrinkedFromSetup", false);

Eliminata : user_pref("CT2851640.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2851640");

Eliminata : user_pref("CT2851640.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]

Eliminata : user_pref("CT2851640.UserID", "UN56960296296813533");

Eliminata : user_pref("CT2851640.ValidationData_Search", 2);

Eliminata : user_pref("CT2851640.ValidationData_Toolbar", 2);

Eliminata : user_pref("CT2851640.WeatherNetwork", "");

Eliminata : user_pref("CT2851640.WeatherPollDate", "Sun Jul 29 2012 22:43:52 GMT+0200 (ora legale Europa occiden[...]

Eliminata : user_pref("CT2851640.WeatherUnit", "C");

Eliminata : user_pref("CT2851640.alertChannelId", "1243675");

Eliminata : user_pref("CT2851640.approveUntrustedApps", false);

Eliminata : user_pref("CT2851640.autoDisableScopes", -1);

Eliminata : user_pref("CT2851640.backendstorage.cb_experience_000", "3935");

Eliminata : user_pref("CT2851640.backendstorage.cb_firstuse0100", "31");

Eliminata : user_pref("CT2851640.backendstorage.cb_user_id_000", "43423233313131303938393730335F46697265666F78")[...]

Eliminata : user_pref("CT2851640.backendstorage.cbcountry_000", "5553");

Eliminata : user_pref("CT2851640.backendstorage.cbcountry_001", "4954");

Eliminata : user_pref("CT2851640.backendstorage.cbfirsttime", "546875204A616E20323620323031322031373A33393A35342[...]

Eliminata : user_pref("CT2851640.backendstorage.facebook_mode", "32");

Eliminata : user_pref("CT2851640.backendstorage.facebook_user_locale", "6974");

Eliminata : user_pref("CT2851640.backendstorage.pairingkey", "36324533344442303832373037434639374442454333423743[...]

Eliminata : user_pref("CT2851640.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]

Eliminata : user_pref("CT2851640.backendstorage.url_history0001", "687474703A2F2F7777772E676F6F676C652E69742F757[...]

Eliminata : user_pref("CT2851640.backendstorage.uttorrents", "7B226275696C64223A32373232302C226C6162656C223A5B5D[...]

Eliminata : user_pref("CT2851640.components.1000034", false);

Eliminata : user_pref("CT2851640.components.1000234", false);

Eliminata : user_pref("CT2851640.components.129351530189806964", false);

Eliminata : user_pref("CT2851640.components.129351530189806965", false);

Eliminata : user_pref("CT2851640.components.129422838925300967", false);

Eliminata : user_pref("CT2851640.components.6743962842994482530", false);

Eliminata : user_pref("CT2851640.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]

Eliminata : user_pref("CT2851640.globalFirstTimeInfoLastCheckTime", "Fri Jul 27 2012 17:08:18 GMT+0200 (ora lega[...]

Eliminata : user_pref("CT2851640.homepageProtectorEnableByLogin", false);

Eliminata : user_pref("CT2851640.initDone", false);

Eliminata : user_pref("CT2851640.isAppTrackingManagerOn", false);

Eliminata : user_pref("CT2851640.myStuffEnabled", false);

Eliminata : user_pref("CT2851640.myStuffPublihserMinWidth", 400);

Eliminata : user_pref("CT2851640.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]

Eliminata : user_pref("CT2851640.myStuffServiceIntervalMM", 1440);

Eliminata : user_pref("CT2851640.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]

Eliminata : user_pref("CT2851640.oldAppsList", "129351530187150545,129351530187463046,1000234,129791410467997787[...]

Eliminata : user_pref("CT2851640.revertSettingsEnabled", false);

Eliminata : user_pref("CT2851640.searchProtectorDialogDelayInSec", 10);

Eliminata : user_pref("CT2851640.searchProtectorEnableByLogin", false);

Eliminata : user_pref("CT2851640.testingCtid", "");

Eliminata : user_pref("CT2851640.toolbarAppMetaDataLastCheckTime", "Sun Jul 29 2012 11:06:52 GMT+0200 (ora legal[...]

Eliminata : user_pref("CT2851640.toolbarContextMenuLastCheckTime", "Sun Jul 29 2012 13:53:19 GMT+0200 (ora legal[...]

Eliminata : user_pref("CT2851640.usagesFlag", 2);

Eliminata : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2851640/CT2851640[...]

Eliminata : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1243675/1239348/IT", "\"0\"[...]

Eliminata : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851640", [...]

Eliminata : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]

Eliminata : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]

Eliminata : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]

Eliminata : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]

Eliminata : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]

Eliminata : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]

Eliminata : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]

Eliminata : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]

Eliminata : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]

Eliminata : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]

Eliminata : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]

Eliminata : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851640",[...]

Eliminata : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=it", "\"b6a[...]

Eliminata : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Gianni\\AppData\\Roaming\\Mozilla\\[...]

Eliminata : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");

Eliminata : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://facebook.conduitapps.com/v3.13/gadget.html", [...]

Eliminata : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://youtube.conduitapps.com/v115/gadget.php?appMo[...]

Eliminata : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");

Eliminata : user_pref("CommunityToolbar.ToolbarsList", "CT2851640");

Eliminata : user_pref("CommunityToolbar.ToolbarsList2", "CT2851640");

Eliminata : user_pref("CommunityToolbar.ToolbarsList4", "CT2851640");

Eliminata : user_pref("CommunityToolbar.facebook.sessionKey", "2.AQDv2aR_zM1knlt6.86400.1328533200.0-10000296617[...]

Eliminata : user_pref("CommunityToolbar.facebook.sessionSecret", "GaqZBb0td5UXiC8lMJtXaw__");

Eliminata : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Apr 18 2012 12:48:35 GMT+0200 (ora[...]

Eliminata : user_pref("CommunityToolbar.facebook.userId", "100002966177461");

Eliminata : user_pref("CommunityToolbar.globalUserId", "1f4e4c81-e32e-4249-a6d6-65f303a53fcc");

Eliminata : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", false);

Eliminata : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", false);

Eliminata : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2851640");

Eliminata : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Jul 29 2012 18:02:4[...]

Eliminata : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);

Eliminata : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Jul 29 2012 11:07:01 GMT+020[...]

Eliminata : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");

Eliminata : user_pref("CommunityToolbar.notifications.locale", "en");

Eliminata : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);

Eliminata : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Jul 29 2012 11:06:52 GMT+0200 (o[...]

Eliminata : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");

Eliminata : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);

Eliminata : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");

Eliminata : user_pref("CommunityToolbar.notifications.showTrayIcon", false);

Eliminata : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);

Eliminata : user_pref("CommunityToolbar.notifications.userId", "a87f378d-aa3c-4af4-a03c-bc0302227cfd");

Eliminata : user_pref("CommunityToolbar.originalHomepage", "www.google.it");

Eliminata : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]

Eliminata : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");

Eliminata : user_pref("extensions.BabylonToolbar.admin", false);

Eliminata : user_pref("extensions.BabylonToolbar.aflt", "babsst");

Eliminata : user_pref("extensions.BabylonToolbar.dfltLng", "en");

Eliminata : user_pref("extensions.BabylonToolbar.excTlbr", false);

Eliminata : user_pref("extensions.BabylonToolbar.id", "009438de000000000000001e8c6f16a6");

Eliminata : user_pref("extensions.BabylonToolbar.instlDay", "15547");

Eliminata : user_pref("extensions.BabylonToolbar.instlRef", "sst");

Eliminata : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

Eliminata : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

Eliminata : user_pref("extensions.BabylonToolbar.tlbrId", "base");

Eliminata : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q=");

Eliminata : user_pref("extensions.BabylonToolbar.vrsn", "1.5.29.1");

Eliminata : user_pref("extensions.BabylonToolbar.vrsni", "1.5.29.1");

Eliminata : user_pref("extensions.BabylonToolbar_i.babExt", "");

Eliminata : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109217&tt=3012_2");

Eliminata : user_pref("extensions.BabylonToolbar_i.newTab", false);

Eliminata : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=109217&tt=3012_[...]

Eliminata : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

Eliminata : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

Eliminata : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.29.118:41:18");

Nome Profilo : default-1343600262549 [Profil par défaut]

File : C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\cfl6pfir.default-1343600262549\prefs.js

C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\cfl6pfir.default-1343600262549\user.js ... Eliminato !

Eliminata : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");

Eliminata : user_pref("extensions.BabylonToolbar.admin", false);

Eliminata : user_pref("extensions.BabylonToolbar.aflt", "babsst");

Eliminata : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");

Eliminata : user_pref("extensions.BabylonToolbar.dfltLng", "en");

Eliminata : user_pref("extensions.BabylonToolbar.excTlbr", false);

Eliminata : user_pref("extensions.BabylonToolbar.id", "009438de000000000000001e8c6f16a6");

Eliminata : user_pref("extensions.BabylonToolbar.instlDay", "15656");

Eliminata : user_pref("extensions.BabylonToolbar.instlRef", "sst");

Eliminata : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

Eliminata : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

Eliminata : user_pref("extensions.BabylonToolbar.tlbrId", "base");

Eliminata : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]

Eliminata : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");

Eliminata : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");

Eliminata : user_pref("extensions.BabylonToolbar_i.newTab", true);

Eliminata : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=117223&tt=4612_[...]

Eliminata : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

Eliminata : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.818:12:25");

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Gianni\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File Pulito.

*************************

AdwCleaner[s1].txt - [27149 octets] - [19/12/2012 15:10:46]

########## EOF - C:\AdwCleaner[s1].txt - [27210 octets] ##########

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Procedi con queste operazioni finali:

Start

nella casella di ricerca scrivi msconfig

aprilo

Portati in Servizi

metti la spunta su Nascondi Servizi Microsoft

clicca su Disabilita tutto

Applica

OK.

Fixa queste con Hijackthis

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\Gianni\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [ErrorRepairPro] C:\Program Files (x86)\Error Repair Professional\autostart.exe

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Gianni\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

Scarica Ccleaner

http://www.piriform....leaner/download

● Sezione Registro , analizza e rimuovi le chiavi obsolete effettuando il backup quando te lo richiede.

Riavvia il pc e dimmi se riscontri problemi.

Modificato da tecnico24

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Figurati , segui le istruzioni alla lettera per Hijackthis

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Per ora tutto bene, rinnovo ringraziamenti calorosi, resta in zona :11:

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Il problema è che mi si blocca quando faccio trasferimento su grossi file verso un HD esterno o anche in fase di masterizzazione. Si blocca sempre lo devo riavviare

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Proviamo la strada del problema hardware, in particolare l'alimentazione.

L'hd esterno è alimentato a parte?

Riesci a postare le tensioni e le temperature rilevate durante il trasferimento?

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Crea un account o accedi per lasciare un commento

Devi essere un utente registrato per partecipare

Crea un account

Iscriviti per un nuovo account nella nostra community. È facile!


Registra un nuovo account

Accedi

Sei già registrato? Accedi qui.


Accedi Ora
Accedi per seguire   
Seguaci 0