Goblo

Controllo Log. Pc Un Pò Lento

33 messaggi in questa discussione

Salve, posto in allegato il log di HJT. Ho notato da qualche settimana un discreto rallentamento nelle prestazioni del pc.

Grazie mille in anticipo :)

hijackthis.log

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Ciao goblo

OTL

  • Scarica OTL By OldTimer: http://oldtimer.geekstogo.com/OTL.exe
  • Fare doppio clic sull'icona per eseguirlo
  • Quando appare la schermata di OTL, in alto nel box Output modificare in Minimal output.
  • Mettere un segno di spunta alle voci "LOP Check e Purity Check"
  • Nel box Custom scan fixes incolla le seguenti direttive:

      netsvcs
      drivers32
      %SYSTEMDRIVE%\*.*
      %systemroot%\Fonts\*.com
      %systemroot%\Fonts\*.dll
      %systemroot%\Fonts\*.ini
      %systemroot%\Fonts\*.ini2
      %systemroot%\Fonts\*.exe
      %systemroot%\system32\spool\prtprocs\w32x86\*.*
      %systemroot%\REPAIR\*.bak1
      %systemroot%\REPAIR\*.ini
      %systemroot%\system32\*.jpg
      %systemroot%\*.jpg
      %systemroot%\*.png
      %systemroot%\*.scr
      %systemroot%\*._sy
      %APPDATA%\Adobe\Update\*.*
      %ALLUSERSPROFILE%\Favorites\*.*
      %APPDATA%\Microsoft\*.*
      %PROGRAMFILES%\*.*
      %APPDATA%\Update\*.*
      %systemroot%\*. /mp /s
      CREATERESTOREPOINT
      %systemroot%\System32\config\*.sav
      %PROGRAMFILES%\bak. /s
      %systemroot%\system32\bak. /s
      %ALLUSERSPROFILE%\Start Menu\*.lnk /x
      %systemroot%\system32\config\systemprofile\*.dat /x
      %systemroot%\*.config
      %systemroot%\system32\*.db
      %PROGRAMFILES%\Internet Explorer\*.dat
      %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
      %USERPROFILE%\Desktop\*.exe
      %PROGRAMFILES%\Common Files\*.*
      %systemroot%\*.src
      %systemroot%\install\*.*
      %systemroot%\system32\DLL\*.*
      %systemroot%\system32\HelpFiles\*.*
      %systemroot%\system32\rundll\*.*
      %systemroot%\winn32\*.*
      %systemroot%\Java\*.*
      %systemroot%\system32\test\*.*
      %systemroot%\system32\Rundll32\*.*
      %systemroot%\AppPatch\Custom\*.*
      HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Fare clic sul pulsante Run Scan situato in alto a sinistra. Non modificare le impostazioni se non istruiti a farlo. La scansione durera' un bel po' , abbiate pazienza.
    • Quando la scansione è completata, si apriranno due finestre notepad. OTL.Txt e Extras.Txt.
    • Questi sono salvati nella stessa posizione dove si trova OTL.
    • Si prega di copiare (Edit-> Seleziona tutto, Modifica-> Copia) il contenuto di questi file, uno alla volta, e postarli nella successiva risposta.
    • Potrebbero essere necessari due post.

Scarica aswMBR.exe e salvalo sul tuo desktop.

  • Doppio click sua swMBR.exe per avviare il tool. (Vista/Windows 7 - click destro, Esegui come amministratore)
  • Click Scan
  • Al termine della scansione clicca su Save log salvalo sul tuo desktop, e postalo nella tua prossima risposta.
  • Attenzione: non eseguire nessun fix.
  • Noterete anche un altro file creato sul desktop denominatoMBR.dat. Tasto destro del mouse al file e selezionare Invia a> file compresso (zip) . Allega anche il file compresso nella tua prossima risposta .

Attenzione: Non allegare i log, ma fai copia incolla del contenuto di ognuno di esso. Potresti aver bisogno di piu' post

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

OTL Extras logfile created on: 27/02/2013 12.19.02 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Asus\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,08 Gb Available Physical Memory | 54,29% Memory free

4,23 Gb Paging File | 2,88 Gb Available in Paging File | 67,95% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 89,43 Gb Total Space | 39,72 Gb Free Space | 44,41% Space Free | Partition Type: NTFS

Drive D: | 59,62 Gb Total Space | 32,48 Gb Free Space | 54,48% Space Free | Partition Type: NTFS

Computer Name: PC-ASUS | User Name: Asus | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1417020736-3956469301-586048187-1000]

"EnableNotifications" = 0

"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{07751A0C-1AC2-4FB5-8DEB-66352D818477}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\netproj.exe |

"{11826264-0D79-4E57-B494-2DCED5794B02}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{177305AF-5B72-4695-902C-B8367D20B590}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{1E333525-28D6-41C6-B08D-2313A0BA8276}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{22BA1648-2C70-4CA2-87C1-AD53A951CDC7}" = lport=445 | protocol=6 | dir=in | app=system |

"{2544AEE6-5396-498F-8FE8-65448B402B49}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{28152570-E5B6-4BFF-89AA-0A8239F8E32A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{2B4E9D15-69F0-4520-BC7E-52337A3F6866}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{2E69D4EF-1829-45D3-BAD9-DBE8B3C2B65F}" = lport=2869 | protocol=6 | dir=in | app=system |

"{313E5154-9182-4456-8581-18544DF8BEBC}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\netproj.exe |

"{36BEAD16-F88C-4290-AA0C-C2EE8B5D6A66}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{37781552-5F17-4396-AE8C-0E99136989C8}" = rport=139 | protocol=6 | dir=out | app=system |

"{38770E90-EBDF-417A-B37F-408B6AC2647F}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{3E8A3772-6244-4D7E-9621-37380AAE0CFA}" = rport=138 | protocol=17 | dir=out | app=system |

"{3EC789BD-5357-4046-9219-1E60ABD2FACC}" = lport=5357 | protocol=6 | dir=in | app=system |

"{464C55B6-C2ED-4E08-9DC9-62AF0020CB4F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{474D5B85-5734-4F9B-9D20-5CFB7F4E0819}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{4B14BC08-087F-437C-A6F7-90858A89B719}" = lport=137 | protocol=17 | dir=in | app=system |

"{575983FA-BDF3-4515-A5F5-78AE35A1403F}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

"{5AEF06A6-7793-4775-AD8E-D6792B8E61AB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{5C760EE4-A89E-4539-91FE-25E8170606FE}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |

"{69D048F5-1D90-4930-B9E8-C752159F24A9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{6AB3E73A-C86C-4CF3-9A6A-59E1398F5E38}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{6BADF28B-2B9D-4270-9AFA-325A4278AEE5}" = rport=137 | protocol=17 | dir=out | app=system |

"{6D5132EE-2DE7-46E2-9A97-D552954C74DF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{710957BA-D7FD-42A8-9FA6-D963E693955B}" = rport=10243 | protocol=6 | dir=out | app=system |

"{7114D261-6D43-4945-B993-76164153C56E}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

"{7274C225-37A3-431A-8E5B-9012F33AFB45}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{7CD51EB7-4B5B-479F-810F-07B2D4DF4C76}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{7DAD81BB-DEE4-41AA-8445-DBCD9E080661}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{81492E25-FF75-4388-893C-0BC254CC4F49}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{88356EC9-EA7C-4871-A80A-81A04FA5767E}" = rport=2869 | protocol=6 | dir=out | app=system |

"{88D49DFF-C4B9-4B03-AB2D-B9BB8313524E}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

"{94E5CF65-9D22-443F-AD04-BFB9EF2394C9}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

"{98B37705-D9D4-4941-B399-DF9B4A341699}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{9B8E9507-9A80-47C3-81CC-CE2D6BB7CA41}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{9DC5CAC6-0D66-4B3D-95B0-F9C224A87292}" = lport=138 | protocol=17 | dir=in | app=system |

"{9DEBBA69-2728-49FF-BEC0-A2E992FBB54C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{9F9ADAE4-3F1E-44CF-B6D2-56DB189F8C82}" = lport=2869 | protocol=6 | dir=in | app=system |

"{A27D41F8-D56C-4FDC-A039-E073AFB7D2F3}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |

"{A6EE6C37-9491-44EF-ACB8-CBEDFA7E485F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{A8C0F1A9-0101-4184-8DC5-4387C0FAEB96}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{A99D8628-B335-4767-B3C3-5E3EEEC4FEDA}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |

"{AB980C80-EA85-4268-A620-0530DB15C114}" = lport=5358 | protocol=6 | dir=in | app=system |

"{B634F000-DD4A-4709-A5A3-88AB0F812A86}" = lport=10243 | protocol=6 | dir=in | app=system |

"{B9EEF673-06D3-4D3F-A853-F7C033F7564B}" = rport=5358 | protocol=6 | dir=out | app=system |

"{C4DEA729-94F9-4B4E-8E44-9B7615A8EA8A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{C55CFA1E-7D65-4CCA-8F4B-01A576B79C36}" = lport=2869 | protocol=6 | dir=in | app=system |

"{C7D932B5-2352-48BF-A206-C3DE8BA06CD6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{CF6C4DFF-1A2D-4F1D-9450-3C0489DB2B78}" = lport=139 | protocol=6 | dir=in | app=system |

"{E006A899-394E-4B50-8F24-B99824FAB512}" = lport=445 | protocol=6 | dir=in | app=system |

"{E4004501-3393-471F-9CF5-75500E9D9562}" = rport=5357 | protocol=6 | dir=out | app=system |

"{E86177A2-C18D-47BA-B621-2A62B507606F}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |

"{EAA0DA05-B578-4FC6-AF42-5518D4232150}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{F65825A8-95EB-47D7-8778-504B03027241}" = lport=2869 | protocol=6 | dir=in | app=system |

"{FC9E789C-433F-463F-A546-A28BF58C6ADF}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{00434A9F-C8B9-43F0-A69D-8BE250F9EB3E}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |

"{06E51CD7-B015-4C22-8280-067B0C93CBB8}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{07FE7426-811B-4B72-9DE0-77E542BE8A34}" = dir=in | app=c:\program files\skype 6\phone\skype.exe |

"{1A5DA750-3E84-4593-A629-29D710F45994}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{1A606131-72CE-4872-83BF-D15B3F4324F3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{1E56A1B0-6300-475D-A516-55A6CA40AE91}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{2BF9ECFF-60F5-49C7-B99A-E423FFCB9223}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |

"{3055203B-3A61-4191-89C9-0A50089B988D}" = protocol=17 | dir=in | app=c:\users\asus\appdata\roaming\dropbox\bin\dropbox.exe |

"{3180E91D-C2E8-46F4-BB63-37BCD9F0F6DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{319AF8E9-8498-49DA-B688-89F573DDD70A}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |

"{35739EE0-067E-4DCC-A483-CDFD67EE31D4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{366AD377-7900-43A2-BCA8-B4D4029FBAF2}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{3DED0F90-BDE1-48A7-9D3B-49288E0F8E7F}" = protocol=6 | dir=in | app=c:\windows\system32\netproj.exe |

"{42B86452-80E7-43C9-87B0-ECB457E05E05}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{4BB7E27D-E5CF-4F30-BA44-0D0BDB6D804A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{4C77283F-2793-4570-A273-21470F5EA22F}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{4FA519D5-5C4F-4A12-8176-433F5E30C0A8}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{5DD649AD-D056-4E7E-92A6-E49397AA96E6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{66C0791C-70DF-4688-A9D8-4EE745D06D59}" = protocol=6 | dir=out | app=c:\windows\system32\msra.exe |

"{7353E768-F957-411F-A61E-D2FAF19D86B5}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |

"{7982A89A-EB56-4B0F-9895-5F267D401FEE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{79AA39E2-A7A5-42DB-A2AF-2153590EB5F8}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |

"{7CF0A896-2665-49B1-AC07-DA044C4400D7}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |

"{809A777B-BF88-43D3-A34B-9F78F1FE45AF}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{9D75563C-6D74-45D3-B196-49E12C495304}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |

"{9EE43E04-E67E-483C-B7C3-FE37F530670A}" = protocol=6 | dir=out | app=c:\windows\system32\netproj.exe |

"{A0999FAB-747A-440E-9571-7AED52B0BA88}" = protocol=6 | dir=in | app=c:\windows\system32\plasrv.exe |

"{A5C6666B-18FB-4FFC-908C-9274FD71806F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{A87A2556-0117-466D-961A-4D2EB31FCE04}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{A88F42ED-2D28-4BF1-A8AE-429B8FA23FD3}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |

"{AC3A200F-B52A-4E2E-9B1E-298068678DD1}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |

"{AD346C62-9E35-452E-A28F-694F51765C84}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{B3A07C73-D7F5-444C-90AB-902D65611219}" = protocol=6 | dir=in | app=c:\users\asus\appdata\roaming\dropbox\bin\dropbox.exe |

"{B527754B-93E1-4EC2-B9B9-3C54A5A50227}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{BEC7E074-F05C-4E7E-8215-58F46C6E2E09}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |

"{C60785FD-D1A0-48C7-BB1A-86591FB9498B}" = protocol=6 | dir=out | app=system |

"{C8DEFB82-0701-48C0-8B50-09DBA89BFDB0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{CA6480D6-D9B2-4706-AF2B-1F58DCD02FBC}" = dir=in | app=c:\program files\itunes\itunes.exe |

"{CA7DDEC3-D893-4E53-96F0-B40E23B3A9F8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{D327910D-4336-4E1C-9F5F-5CB27B5DB2CE}" = protocol=6 | dir=out | app=system |

"{D5DC99FE-D844-4471-8191-3370806C6A73}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

"{DE32E302-61FA-406E-A6E8-672499050056}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |

"{E6650B18-4903-4ECA-9E78-1087583847F5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{EBAD7107-BB60-4218-8E0A-7DF5C31D3E33}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{EE6D1469-5326-4451-A320-3035C5AA6BCA}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |

"{F9AB4628-D480-4C3A-9EB6-B88807C246F7}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

"{FE0BBF45-EA10-476A-9E65-DF12E7358FE4}" = protocol=6 | dir=in | app=c:\windows\system32\msra.exe |

"TCP Query User{5BD5AC33-80B8-42FE-9AE7-D8F9DA1B4330}C:\program files\common files\texas instruments shared\cfv\camfrog video chat\camfrog video chat.exe" = protocol=6 | dir=in | app=c:\program files\common files\texas instruments shared\cfv\camfrog video chat\camfrog video chat.exe |

"UDP Query User{6C2EB711-65C9-45AD-8EF1-51CB390C24B8}C:\program files\common files\texas instruments shared\cfv\camfrog video chat\camfrog video chat.exe" = protocol=17 | dir=in | app=c:\program files\common files\texas instruments shared\cfv\camfrog video chat\camfrog video chat.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{064F2D10-83D0-4040-B5B7-BD22BFEB65A2}" = ASUS Direct Console

"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media

"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)

"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = LifeFrame2

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10

"{23C57C43-4982-49EC-8253-5146ECF097AD}" = BloomCalculator

"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10

"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes

"{26A24AE4-039D-4CA4-87B4-2F83217015FF}" = Java 7 Update 15

"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10

"{2C585265-527B-4D76-B9B4-2F037C33C40C}" = NI LabVIEW 7.0 Student Edition

"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack

"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)

"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)

"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey

"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer

"{3B3A53AC-E2E0-4516-B974-1F0DF20CD12E}" = NI LabVIEW Advanced Analysis 7.0

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack

"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Supporto applicazioni Apple

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4BEC2867-0BF7-4A87-B459-003E3F20AFB1}" = NI Uninstaller 1.1.1f1

"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1

"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)

"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)

"{55CA4086-0D2C-30E3-A7B5-C76BA737CECE}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ita

"{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun

"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01

"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2

"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI

"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)

"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)

"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10

"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger

"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{735AF21E-5436-4780-88F7-B5508F043A40}" = NI LVBrokerAux70

"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution

"{73D3BADE-EC2F-4A5C-8F80-CB68AB704FF3}" = NI LabVIEW Run-Time Engine 7.0

"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)

"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10

"{7ABE69F4-DC12-48E5-973E-02D4A2F36AA6}" = NI LabVIEW CIN Tools 7.0

"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8B2780B0-78C5-4B32-AD97-491DABA4FB54}" = TMRecorder

"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr

"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007

"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007

"{90120000-0016-0410-0000-0000000FF1CE}_STANDARD_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007

"{90120000-0018-0410-0000-0000000FF1CE}_STANDARD_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007

"{90120000-001A-0410-0000-0000000FF1CE}_STANDARD_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007

"{90120000-001B-0410-0000-0000000FF1CE}_STANDARD_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_STANDARD_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-001F-0410-0000-0000000FF1CE}_STANDARD_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007

"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007

"{90120000-006E-0410-0000-0000000FF1CE}_STANDARD_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{904CCF62-818D-4675-BC76-D37EB399F917}" = Centro gestione dispositivi Windows Mobile

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)

"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AE77B453-7253-47D6-AD21-9FC10DD44D67}" = NI LabVIEW Picture Control Toolkit 7.0

"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B440D659-FECA-4BDD-A12B-5C9F05790FF3}" = Snagit 9.1.2

"{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}" = Brother MFL-Pro Suite

"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)

"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)

"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{C6F38FDB-4BEB-4062-BE2F-2179F1A9B38F}" = NI LabVIEW Full 7.0

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D1301690-1CC0-4137-AC29-D46591716155}" = TMRecorder

"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005

"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack

"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)

"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E7BAFF4D-D4B0-4508-A370-743D49EFC28F}" = NI LVBroker

"{EC60B018-251A-47E7-A838-CECB70AE46EF}" = NI LabVIEW Service Locator 1.0

"{F03CB3EF-DC16-35CE-B3C1-C68EA09E5E97}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)

"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic

"{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}" = mCore

"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)

"{FD950A83-5FA5-47F2-B0B1-296023420CB1}" = NI Instrument IO Assistant for LabVIEW 7.0

"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Avira AntiVir Desktop" = Avira Internet Security

"BetClic Poker" = BetClic Poker

"CCleaner" = CCleaner

"Defraggler" = Defraggler

"HandBrake" = HandBrake 0.9.8

"HijackThis" = HijackThis 2.0.2

"InstallShield_{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack

"JDownloader" = JDownloader

"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.4.0

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.70.0.1100

"Messenger Plus!" = Messenger Plus! 5

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 Language Pack SP1 - ita" = Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)

"Mozilla Firefox 19.0 (x86 it)" = Mozilla Firefox 19.0 (x86 it)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"NI Uninstaller" = National Instruments Software

"NVIDIA Drivers" = NVIDIA Drivers

"pokersnai_real" = Poker Snai

"ProInst" = Software Intel® PROSet/Wireless

"SMSERIAL" = Motorola SM56 Speakerphone Modem

"SpeedFan" = SpeedFan (remove only)

"STANDARD" = Microsoft Office Standard 2007

"SumatraPDF" = SumatraPDF

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"TeamViewer 6" = TeamViewer 6

"USB2.0 UVC 1.3M WebCam" = USB2.0 UVC 1.3M WebCam

"uTorrent" = µTorrent

"VLC media player" = VLC media player 1.0.5

"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner

"WinLiveSuite" = Windows Live Essentials

"WinRAR archiver" = WinRAR archiver

"WMS" = Wild Media Server (UPnP, DLNA, HTTP)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 26/02/2013 5.34.14 | Computer Name = PC-Asus | Source = WinMgmt | ID = 10

Description =

Error - 26/02/2013 7.19.41 | Computer Name = PC-Asus | Source = Application Error | ID = 1000

Description = Applicazione che ha generato l'errore firefox.exe, versione 19.0.0.4794,

timestamp 0x511ed1c1, modulo che ha generato l'errore xul.dll, versione 19.0.0.4794,

timestamp 0x511ed0fe, codice eccezione 0xc0000005, offset errore 0x00155858, ID

processo 0x54c, data e ora di avvio dell'applicazione 0x01ce140dc7954892.

Error - 26/02/2013 7.34.01 | Computer Name = PC-Asus | Source = WinMgmt | ID = 10

Description =

Error - 26/02/2013 7.42.51 | Computer Name = PC-Asus | Source = WinMgmt | ID = 10

Description =

Error - 26/02/2013 7.58.57 | Computer Name = PC-Asus | Source = WinMgmt | ID = 10

Description =

Error - 26/02/2013 10.05.28 | Computer Name = PC-Asus | Source = WinMgmt | ID = 10

Description =

Error - 26/02/2013 12.52.28 | Computer Name = PC-Asus | Source = Application Error | ID = 1000

Description = Applicazione che ha generato l'errore plugin-container.exe, versione

19.0.0.4794, timestamp 0x511ed156, modulo che ha generato l'errore NPSWF32_11_6_602_168.dll,

versione 11.6.602.168, timestamp 0x511171f1, codice eccezione 0x80000003, offset

errore 0x0033896d, ID processo 0xf84, data e ora di avvio dell'applicazione 0x01ce1440e0639040.

Error - 26/02/2013 15.44.38 | Computer Name = PC-Asus | Source = WinMgmt | ID = 10

Description =

Error - 26/02/2013 19.45.27 | Computer Name = PC-Asus | Source = WinMgmt | ID = 10

Description =

Error - 27/02/2013 5.39.56 | Computer Name = PC-Asus | Source = WinMgmt | ID = 10

Description =

[ OSession Events ]

Error - 27/05/2010 14.42.52 | Computer Name = PC-Asus | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4

seconds with 0 seconds of active time. This session ended with a crash.

Error - 01/11/2010 7.10.25 | Computer Name = PC-Asus | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 232

seconds with 120 seconds of active time. This session ended with a crash.

Error - 11/11/2010 16.44.35 | Computer Name = PC-Asus | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5

seconds with 0 seconds of active time. This session ended with a crash.

Error - 09/12/2010 12.56.34 | Computer Name = PC-Asus | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5

seconds with 0 seconds of active time. This session ended with a crash.

Error - 09/12/2010 13.08.12 | Computer Name = PC-Asus | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3

seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/03/2011 8.10.03 | Computer Name = PC-Asus | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2

seconds with 0 seconds of active time. This session ended with a crash.

Error - 24/09/2011 12.57.11 | Computer Name = PC-Asus | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 304

seconds with 0 seconds of active time. This session ended with a crash.

Error - 11/01/2013 10.53.22 | Computer Name = PC-Asus | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 370

seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]

Error - 26/02/2013 19.45.26 | Computer Name = PC-Asus | Source = ipnathlp | ID = 34001

Description = ICS_IPV6: impossibile configurare lo stack IPv6.

Error - 26/02/2013 19.45.26 | Computer Name = PC-Asus | Source = ipnathlp | ID = 30013

Description = Allocatore DHCP: allocatore disabilitato sull'indirizzo IP 192.168.1.102

perché l'indirizzo IP non rientra nell'ambito 192.168.0.0/255.255.255.0 da cui

gli indirizzi vengono allocati ai client DHCP. Per abilitare l'allocatore DHCP su

questo indirizzo IP, modificare l'ambito per includere l'indirizzo IP oppure modificare

l'indirizzo IP in modo che rientri nell'ambito.

Error - 26/02/2013 19.45.27 | Computer Name = PC-Asus | Source = Service Control Manager | ID = 7000

Description =

Error - 26/02/2013 19.45.27 | Computer Name = PC-Asus | Source = Service Control Manager | ID = 7000

Description =

Error - 26/02/2013 19.45.48 | Computer Name = PC-Asus | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001

Description =

Error - 27/02/2013 5.38.56 | Computer Name = PC-Asus | Source = ipnathlp | ID = 34001

Description = ICS_IPV6: impossibile configurare lo stack IPv6.

Error - 27/02/2013 5.38.57 | Computer Name = PC-Asus | Source = ipnathlp | ID = 30013

Description = Allocatore DHCP: allocatore disabilitato sull'indirizzo IP 192.168.1.102

perché l'indirizzo IP non rientra nell'ambito 192.168.0.0/255.255.255.0 da cui

gli indirizzi vengono allocati ai client DHCP. Per abilitare l'allocatore DHCP su

questo indirizzo IP, modificare l'ambito per includere l'indirizzo IP oppure modificare

l'indirizzo IP in modo che rientri nell'ambito.

Error - 27/02/2013 5.39.57 | Computer Name = PC-Asus | Source = Service Control Manager | ID = 7000

Description =

Error - 27/02/2013 5.39.57 | Computer Name = PC-Asus | Source = Service Control Manager | ID = 7000

Description =

Error - 27/02/2013 5.41.06 | Computer Name = PC-Asus | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001

Description =

< End of report >

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

OTL logfile created on: 27/02/2013 12.19.02 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Asus\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,08 Gb Available Physical Memory | 54,29% Memory free

4,23 Gb Paging File | 2,88 Gb Available in Paging File | 67,95% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 89,43 Gb Total Space | 39,72 Gb Free Space | 44,41% Space Free | Partition Type: NTFS

Drive D: | 59,62 Gb Total Space | 32,48 Gb Free Space | 54,48% Space Free | Partition Type: NTFS

Computer Name: PC-ASUS | User Name: Asus | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Asus\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Skype 6\Phone\Skype.exe (Skype Technologies S.A.)

PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)

PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe ()

PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()

PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)

PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()

PRC - C:\Program Files\ATKOSD2\ATKOSD2.exe ()

PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()

PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()

PRC - C:\Windows\System32\niSvcLoc.exe (National Instruments)

========== Modules (No Company Name) ==========

MOD - C:\Users\Asus\AppData\Local\Temp\sfamcc00001.dll ()

MOD - C:\Users\Asus\AppData\Local\Temp\sfareca00001.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\ffmpegsumo.dll ()

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()

MOD - C:\Program Files\WinRAR\rarext.dll ()

========== Services (SafeList) ==========

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)

SRV - (AntiVirMailService) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirFirewallService) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG)

SRV - (SkypeUpdate) -- C:\Program Files\Skype 6\Updater\Updater.exe (Skype Technologies)

SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)

SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)

SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)

SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()

SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)

SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()

SRV - (niSvcLoc) -- C:\Windows\System32\niSvcLoc.exe (National Instruments)

SRV - (NILM License manager) -- C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe (Macrovision Corporation)

========== Driver Services (SafeList) ==========

DRV - (USBModem) -- system32\DRIVERS\lgusbmodem.sys File not found

DRV - (UsbDiag) -- system32\DRIVERS\lgusbdiag.sys File not found

DRV - (usbbus) -- system32\DRIVERS\lgusbbus.sys File not found

DRV - (upperdev) -- system32\DRIVERS\usbser_lowerflt.sys File not found

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found

DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found

DRV - (netr28u) -- system32\DRIVERS\netr28u.sys File not found

DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\RaInfo.sys File not found

DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found

DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found

DRV - (ASInsHelp) -- C:\Windows\system32\drivers\AsInsHelp32.sys File not found

DRV - (avfwot) -- C:\Windows\System32\drivers\avfwot.sys (Avira GmbH)

DRV - (avfwim) -- C:\Windows\System32\drivers\avfwim.sys (Avira GmbH)

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)

DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)

DRV - (LMIRfsClientNP) -- C:\Windows\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)

DRV - (LMIRfsDriver) -- C:\Windows\System32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)

DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)

DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )

DRV - (ivusb) -- C:\Windows\System32\drivers\ivusb.sys (Initio Corporation)

DRV - (Haspnt) -- C:\Windows\System32\drivers\Haspnt.sys (Aladdin Knowledge Systems)

DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)

DRV - (WmFilter) -- C:\Windows\System32\drivers\WmFilter.sys (Logitech Inc.)

DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows ® Codename Longhorn DDK provider)

DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)

DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)

DRV - (JRAID) -- C:\Windows\System32\drivers\jraid.sys (JMicron Technology Corp.)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)

DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()

DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)

DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()

DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )

DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)

DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)

DRV - (Hardlock) -- C:\Windows\System32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)

DRV - (speedfan) -- C:\Windows\System32\speedfan.sys (Windows ® 2000 DDK provider)

DRV - (JGOGO) -- C:\Windows\System32\drivers\JGOGO.sys (JMicron )

DRV - (DS1410D) -- C:\Windows\System32\drivers\DS1410d.SYS (Dallas Semiconductor MAXIM)

DRV - (TIEHDUSB) -- C:\Windows\System32\drivers\tiehdusb.sys (Texas Instruments Incorporated)

DRV - (cvintdrv) -- C:\Windows\System32\drivers\cvintdrv.sys ()

DRV - (giveio) -- C:\Windows\System32\giveio.sys ()

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.trophymanager.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=111304&babsrc=SP_ss&mntrId=a4d041b60000000000000013e811e2e1

IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://tbsearch.ask.com/redirect?client=ie&tb=PTV&o=&src=crm&q={searchTerms}&locale=

IE - HKCU\..\SearchScopes\{F7C67426-58DD-46BC-89CF-076312D1DF4C}: "URL" = http://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"

FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"

FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "www.libero.it"

FF - prefs.js..extensions.enabledAddons: forcetls%40sid.stamm:3.0.1

FF - prefs.js..extensions.enabledAddons: it-IT%40dictionaries.addons.mozilla.org:3.3.2

FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.6.2

FF - prefs.js..extensions.enabledAddons: shan.developer%40gmail.com:1.0.4

FF - prefs.js..extensions.enabledAddons: %7BD4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389%7D:0.9.10

FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0

FF - prefs.js..extensions.enabledAddons: %7B0545b830-f0aa-4d7e-8820-50a4629a56fe%7D:17.6

FF - prefs.js..extensions.enabledAddons: SQLiteManager%40mrinalkant.blogspot.com:0.7.7

FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.7.1

FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.6

FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.2

FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.5.8rc4

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0

FF - prefs.js..extensions.enabledItems: it-IT@dictionaries.addons.mozilla.org:3.3.1

FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8

FF - prefs.js..extensions.enabledItems: FasterFox_Lite@BigRedBrent:3.9.1Lite

FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2

FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76

FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.2

FF - prefs.js..extensions.enabledItems: shan.developer@gmail.com:1.0.4

FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5

FF - prefs.js..extensions.enabledItems: lcdclock_bloodeye@gmail.com:0.4.2

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: forcetls@sid.stamm:3.0.0

FF - prefs.js..extensions.enabledItems: firesheep@codebutler.com:0.1

FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76

FF - prefs.js..keyword.URL: "http://search.babylon.com/?affID=111304&babsrc=KW_ss&mntrId=a4d041b60000000000000013e811e2e1&q="

FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files\Battlelog Web Plugins\1.140.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)

FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Asus\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Asus\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/20 11.58.06 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/20 11.57.57 | 000,000,000 | ---D | M]

[2009/12/27 19.52.50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Extensions

[2009/12/27 19.52.50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

[2013/02/27 10.55.10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions

[2012/12/24 17.45.25 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}

[2013/02/14 17.26.35 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

[2012/09/26 09.44.14 | 000,000,000 | ---D | M] (Fasterfox Lite) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\FasterFox_Lite@BigRedBrent

[2012/03/13 12.10.51 | 000,000,000 | ---D | M] (Dizionario italiano) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\it-IT@dictionaries.addons.mozilla.org

[2011/10/12 18.46.16 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\LogMeInClient@logmein.com

[2011/03/20 00.30.25 | 000,000,000 | ---D | M] (Rights To Close) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\shan.developer@gmail.com

[2012/05/10 17.02.48 | 000,114,012 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\forcetls@sid.stamm.xpi

[2011/05/08 18.33.58 | 000,330,316 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\personas@christopher.beard.xpi

[2012/01/12 17.31.19 | 000,165,730 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\simpletimerClocks@grbradt.org.xpi

[2012/12/27 12.44.13 | 000,255,318 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\SQLiteManager@mrinalkant.blogspot.com.xpi

[2013/02/27 10.55.10 | 000,531,371 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

[2013/02/25 11.09.08 | 000,115,869 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi

[2013/02/14 12.00.25 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2011/10/30 21.34.13 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi

[2013/01/28 09.24.51 | 000,242,136 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

[2013/02/20 11.57.55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2009/09/26 09.52.14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

[2013/02/20 11.58.06 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012/12/07 13.29.11 | 000,001,606 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-it.xml

[2012/03/23 12.09.30 | 000,002,313 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

[2012/08/29 16.04.29 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012/12/07 13.29.11 | 000,000,957 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-it.xml

[2012/12/07 13.29.11 | 000,001,030 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\hoepli.xml

[2012/12/07 13.29.11 | 000,001,395 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-it.xml

[2012/12/07 13.29.11 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-it.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: http://www.google.com/

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Asus\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL

CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - plugin: Java Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll

CHR - plugin: SumatraPDF Browser Plugin (Enabled) = C:\Program Files\SumatraPDF\npPdfViewer.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Unity Player (Enabled) = C:\Users\Asus\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Asus\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: TM Auxiliary - Menu Hover Test = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgmjobecnlhmffchebancgllopccbgb\1.0.1_0\

CHR - Extension: TM Auxiliary - Player Page = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\agfpmcanjhhjojjgaifcfahjeklkkjkk\1.0.1_0\

CHR - Extension: Splendid = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfkbdkkfmmckaadapdipihjfaacnkgd\3_0\

CHR - Extension: YouTube = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\

CHR - Extension: Ricerca Google = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\

CHR - Extension: AdBlock = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\

CHR - Extension: TM Auxiliary - Player List = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\oianljogbaebheldjhiemnfkpmggkfee\1.0.0_0\

CHR - Extension: TM Auxiliary - Advanced Training Overview = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\omnolpjpemgjdjfpidfhjlipjmhkdabe\1.0.2_2\

CHR - Extension: Gmail = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/11/03 19.32.22 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - Startup: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found

O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7628A306-FEFA-47FB-9F4B-AA1241714552}: NameServer = 193.70.152.15,193.70.152.25

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (C:\Windows\System32\guard32.dll) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Asus\AppData\Roaming\Microsoft\Windows Photo Gallery\Sfondo della Raccolta foto Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\Asus\AppData\Roaming\Microsoft\Windows Photo Gallery\Sfondo della Raccolta foto Windows.jpg

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 22.43.36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()

Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)

Drivers32: wave1 - C:\Windows\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/02/27 12.17.25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe

[2013/02/26 12.29.54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2013/02/26 12.29.37 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2013/02/26 12.29.22 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2013/02/26 12.29.22 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe

[2013/02/26 12.29.22 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll

[2013/02/26 12.26.24 | 000,691,568 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2013/02/26 12.26.24 | 000,071,024 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2013/02/25 16.01.00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2013/02/25 16.00.02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2013/02/25 15.59.59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2013/02/25 15.59.59 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

[2013/02/20 11.57.54 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2013/02/19 11.05.35 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{3D494E1A-76DB-444F-BB7E-7F486B63ECD6}

[2013/02/14 11.32.14 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{6257247F-E48E-4159-B9BE-004BB8A2ADF0}

[2013/02/13 17.11.42 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2013/02/13 17.11.40 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2013/02/13 17.11.39 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2013/02/13 17.11.39 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2013/02/13 17.11.39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2013/02/13 17.11.38 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2013/02/13 17.11.38 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2013/02/13 17.11.37 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2013/02/13 12.01.11 | 002,048,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2013/02/13 12.01.11 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll

[2013/02/13 12.00.09 | 003,550,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2013/02/13 12.00.08 | 003,602,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2013/02/12 12.22.50 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{125987F4-B2FC-47AA-B926-8EC6701DB1F4}

[2013/02/11 12.35.24 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{B72AECCE-8784-4058-A0FC-BD2AFC8EBAE7}

[2013/02/09 20.18.20 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\Ing. Fucci

[2013/02/07 13.32.43 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{A8CAC80D-6928-4A6C-8E19-FB553A7DFFB5}

[2013/02/06 16.35.52 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{E0A705D3-FCBB-43B4-9CCC-F388E2109B26}

[2013/02/05 16.22.23 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{EA87C954-630C-4876-9874-A5867461394F}

[2013/02/04 19.40.28 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\Lavoro

[2013/02/04 11.40.09 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{D3281B20-9DFA-4F17-9383-5D3EEE7DBB5A}

[2013/02/01 17.57.24 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{886E0AF6-D10B-41E9-AB8E-B784F4BA2B4A}

[2013/01/31 21.23.55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2013/01/31 21.23.54 | 000,000,000 | R--D | C] -- C:\Program Files\Skype 6

[2013/01/31 21.23.54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype

[2013/01/31 17.29.16 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{C11D056E-5E20-4D67-A799-DC92FEAF6903}

========== Files - Modified Within 30 Days ==========

[2013/02/27 12.17.28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe

[2013/02/27 12.07.00 | 000,001,156 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1417020736-3956469301-586048187-1000UA.job

[2013/02/27 10.38.36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2013/02/27 10.38.36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2013/02/27 10.38.15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/02/27 02.21.45 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2013/02/27 01.07.00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1417020736-3956469301-586048187-1000Core.job

[2013/02/27 00.55.10 | 000,025,070 | ---- | M] () -- C:\Users\Asus\AppData\Roaming\nvModes.001

[2013/02/26 12.57.20 | 000,263,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013/02/26 12.29.09 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll

[2013/02/26 12.29.07 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll

[2013/02/26 12.29.07 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2013/02/26 12.29.07 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2013/02/26 12.29.07 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe

[2013/02/26 12.29.06 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll

[2013/02/26 12.26.24 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2013/02/26 12.26.24 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2013/02/25 16.01.00 | 000,001,671 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2013/02/20 18.29.45 | 000,192,512 | ---- | M] () -- C:\Users\Asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/02/19 20.27.46 | 000,001,709 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk

[2013/02/16 17.42.17 | 000,167,365 | ---- | M] () -- C:\Users\Asus\Desktop\CV[bisogno Paolo Luigi].pdf

[2013/02/16 17.29.08 | 000,715,966 | ---- | M] () -- C:\Windows\System32\perfh010.dat

[2013/02/16 17.29.08 | 000,634,650 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013/02/16 17.29.08 | 000,144,130 | ---- | M] () -- C:\Windows\System32\perfc010.dat

[2013/02/16 17.29.08 | 000,120,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013/02/13 11.39.43 | 000,113,024 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwot.sys

[2013/02/13 11.39.43 | 000,092,448 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwim.sys

[2013/02/02 14.57.05 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

========== Files Created - No Company Name ==========

[2013/02/25 16.01.00 | 000,001,671 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2013/02/16 18.24.51 | 000,167,365 | ---- | C] () -- C:\Users\Asus\Desktop\CV[bisogno Paolo Luigi].pdf

[2012/12/31 18.54.12 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat

[2011/09/04 15.10.10 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

[2011/08/22 00.11.39 | 000,086,056 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat

[2011/05/23 16.29.11 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/05/07 12.25.49 | 000,011,328 | ---- | C] () -- C:\Users\Asus\gsview32.ini

[2010/03/11 18.47.20 | 000,025,070 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\nvModes.001

[2010/03/11 13.16.42 | 000,025,070 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\nvModes.dat

[2010/02/02 17.13.26 | 000,000,377 | ---- | C] () -- C:\Users\Asus\Documenti - collegamento (2).lnk

[2010/01/14 12.31.32 | 000,000,092 | ---- | C] () -- C:\Users\Asus\AppData\Local\fusioncache.dat

[2010/01/08 00.36.13 | 000,000,377 | ---- | C] () -- C:\Users\Asus\Documenti - collegamento.lnk

[2009/11/16 21.52.54 | 000,000,032 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\msdreg.dat

[2009/10/29 20.48.41 | 000,000,600 | ---- | C] () -- C:\Users\Asus\PUTTY.RND

[2009/09/27 11.25.06 | 000,192,512 | ---- | C] () -- C:\Users\Asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/09/23 09.59.06 | 000,000,680 | ---- | C] () -- C:\Users\Asus\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006/11/02 13.54.22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18.47.00 | 011,586,048 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07.28.19 | 000,614,912 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07.28.25 | 000,347,648 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2012/03/23 12.09.20 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Babylon

[2013/02/07 17.57.16 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Camfrog

[2011/09/03 23.23.49 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\DAEMON Tools Lite

[2013/02/25 16.28.23 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Dropbox

[2011/12/08 22.36.44 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Electronic Arts

[2010/03/30 17.23.16 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Ethereal

[2012/02/16 16.36.17 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Feedreader

[2011/08/18 09.48.42 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\GameRanger

[2010/12/07 18.27.57 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\GlarySoft

[2012/10/28 11.14.21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\HandBrake

[2009/11/22 20.06.21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\InfraRecorder

[2011/09/04 13.49.03 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\IObit

[2010/10/03 18.05.01 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Leadertech

[2010/09/29 14.29.48 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Locktime

[2010/09/28 19.40.51 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\mkvtoolnix

[2009/11/16 21.52.53 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\MSDict

[2010/03/23 23.31.44 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Nokia

[2010/03/01 21.15.57 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\PC Suite

[2009/09/25 13.56.07 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\PCToolsFirewallPlus

[2012/03/23 12.09.24 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\pdfforge

[2011/09/26 11.36.46 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\redsn0w

[2009/12/03 16.32.05 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Softland

[2011/09/08 09.58.17 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\SumatraPDF

[2011/09/09 13.51.23 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TeamViewer

[2011/11/22 15.01.52 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TmRecorder

[2012/03/23 11.27.30 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\UDC Profiles

[2013/02/21 17.43.40 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2011/10/12 18.37.56 | 000,001,024 | ---- | M] () -- C:\.rnd

[2006/09/18 22.43.36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2009/04/11 07.36.36 | 000,333,257 | RHS- | M] () -- C:\bootmgr

[2008/04/16 12.27.17 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK

[2007/04/04 20.01.54 | 000,000,019 | ---- | M] () -- C:\CA21.txt

[2006/09/18 22.43.37 | 000,000,010 | ---- | M] () -- C:\config.sys

[2009/12/13 12.16.53 | 000,000,000 | ---- | M] () -- C:\ctapi_out_gr.txt

[2009/09/23 11.27.41 | 000,286,720 | ---- | M] () -- C:\Debug.txt

[2009/11/03 18.29.56 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010/08/01 12.04.16 | 000,000,122 | ---- | M] () -- C:\mbam-error.txt

[2009/11/03 18.29.56 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2013/02/27 10.38.08 | 2460,532,736 | -HS- | M] () -- C:\pagefile.sys

[2009/11/09 18.11.12 | 000,025,410 | ---- | M] () -- C:\TI_InstallLog.txt

[2012/03/23 12.10.00 | 000,000,237 | ---- | M] () -- C:\user.js

< %systemroot%\Fonts\*.com >

[2006/11/02 13.37.12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont

[2006/11/02 13.37.12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont

[2006/11/02 13.37.12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont

[2009/09/26 12.02.35 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >

[2006/09/18 22.37.34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

[2007/02/08 23.00.00 | 000,026,364 | ---- | M] (Brother Industries ,Ltd ) -- C:\Windows\system32\spool\prtprocs\w32x86\brmfpp1.dll

[2008/01/21 03.23.14 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\HPZPPLHN.DLL

[2006/11/02 13.35.48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll

[2011/12/21 13.35.38 | 000,052,096 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\system32\spool\prtprocs\w32x86\LMIproc.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

[2008/01/21 03.43.21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

[2008/01/21 04.14.18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2008/01/21 04.14.08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2008/01/21 04.14.18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006/11/02 11.34.08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006/11/02 11.34.08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >

[2012/11/21 11.51.25 | 000,000,344 | -HS- | M] () -- C:\Users\Asus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >

[2013/02/27 12.17.28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2013-02-13 16:17:33

< End of report >

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software

Run date: 2013-02-27 13:03:20

-----------------------------

13:03:20.016 OS Version: Windows 6.0.6002 Service Pack 2

13:03:20.016 Number of processors: 2 586 0xF0A

13:03:20.017 ComputerName: PC-ASUS UserName: Asus

13:03:21.866 Initialize success

13:03:42.340 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0

13:03:42.344 Disk 0 Vendor: Hitachi_ SB4O Size: 152627MB BusType: 3

13:03:42.360 Disk 0 MBR read successfully

13:03:42.365 Disk 0 MBR scan

13:03:42.368 Disk 0 Windows VISTA default MBR code

13:03:42.393 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 91576 MB offset 2048

13:03:42.397 Disk 0 Partition - 00 0F Extended LBA 61049 MB offset 187549696

13:03:42.423 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 61048 MB offset 187551744

13:03:42.429 Disk 0 scanning sectors +312578048

13:03:42.488 Disk 0 scanning C:\Windows\system32\drivers

13:03:49.893 Service scanning

13:04:09.787 Modules scanning

13:04:23.184 Disk 0 trace - called modules:

13:04:23.192 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys

13:04:23.194 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x864612d0]

13:04:23.194 3 CLASSPNP.SYS[88da58b3] -> nt!IofCallDriver -> [0x85a53688]

13:04:23.195 5 acpi.sys[806a46bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85a4c030]

13:04:23.195 Scan finished successfully

13:20:28.283 Disk 0 MBR has been saved successfully to "C:\Users\Asus\Desktop\MBR.dat"

13:20:28.290 The log file has been saved successfully to "C:\Users\Asus\Desktop\aswMBR.txt"

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Spero di aver eseguito tutte le operazioni nel modo corretto.

Grazie :)

MBR.zip

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Ciao goblo

Scarica AdwCleaner by Xplode sul tuo desktop

Chiudere tutti i programmi e le pagine internet aperte.

Fare doppio clic su AdwCleaner.exe per eseguire lo strumento.

Fare clic su Elimina.

Confermare ogni volta con Ok.

Il computer verrà riavviato automaticamente. Un file di testo si aprirà dopo il riavvio.

Si prega di inviare il contenuto di tale file di log nela risposta successiva.

È possibile trovare il file di log anche in C:\AdwCleaner [s1] txt ..

thisisujrt.gif Scarica Junkware Removal Tool sul desktop.

  • Arrestare il software di protezione ora per evitare potenziali conflitti
  • Eseguire lo strumento facendo doppio clic. Se si utilizza Windows Vista, 7, o 8, invece di doppio clic, destro del mouse su JRT.exe clic e selezionare "Esegui come amministratore".
  • Lo strumento si apre e avvia la scansione del sistema.
  • Si prega di essere pazienti in quanto ciò potrebbe richiedere del tempo per completare a seconda delle specifiche del sistema.
  • Al termine, un log (JRT.txt) viene salvato sul desktop, si apre automaticamente
  • Post i contenuti di JRT.txt nel messaggio successivo

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

# AdwCleaner v2.113 - Logfile creato il 01/03/2013 alle 12:26:00

# Aggiornamento 23/02/2013 by Xplode

# Sistema Operativo : Windows Vista Home Premium Service Pack 2 (32 bits)

# Utente : Asus - PC-ASUS

# Modalità Avvio : Modalità Normale

# Eseguito da : C:\Users\Asus\Desktop\AdwCleaner.exe

# Opzioni [Elimina]

***** [servizi] *****

***** [File / Cartelle] *****

Cartella Eliminato : C:\ProgramData\Babylon

Cartella Eliminato : C:\Users\Asus\AppData\Local\Babylon

Cartella Eliminato : C:\Users\Asus\AppData\Roaming\Babylon

Cartella Eliminato : C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\78ljeyi4.default\extensions\staged

Cartella Eliminato : C:\Users\Asus\AppData\Roaming\pdfforge

File Eliminato : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

File Eliminato : C:\user.js

***** [Registro] *****

Chiave Eliminata : HKCU\Software\APN PIP

Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Chiave Eliminata : HKLM\Software\Babylon

Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Chiave Eliminata : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Chiave Eliminata : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Chiave Eliminata : HKLM\SOFTWARE\Classes\Prod.cap

Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}

Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}

Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

Chiave Eliminata : HKLM\Software\PIP

***** [browser Internet] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registro Pulito.

-\\ Mozilla Firefox v19.0 (it)

File : C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\78ljeyi4.default\prefs.js

C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\78ljeyi4.default\user.js ... Eliminato !

Eliminata : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");

Eliminata : user_pref("browser.search.defaultengine", "Ask.com");

Eliminata : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");

Eliminata : user_pref("browser.search.order.1", "Search the web (Babylon)");

Eliminata : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");

Eliminata : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");

Eliminata : user_pref("extensions.BabylonToolbar_i.babExt", "");

Eliminata : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111304");

Eliminata : user_pref("extensions.BabylonToolbar_i.hardId", "a4d041b60000000000000013e811e2e1");

Eliminata : user_pref("extensions.BabylonToolbar_i.id", "a4d041b60000000000000013e811e2e1");

Eliminata : user_pref("extensions.BabylonToolbar_i.instlDay", "15422");

Eliminata : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

Eliminata : user_pref("extensions.BabylonToolbar_i.newTab", true);

Eliminata : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=111304&babsrc=N[...]

Eliminata : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");

Eliminata : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");

Eliminata : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

Eliminata : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

Eliminata : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");

Eliminata : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");

Eliminata : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1712:09:51");

Eliminata : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

Eliminata : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=111304&babsrc=KW_ss&mntrId=a4d041b6000000[...]

File : C:\Users\Generico\AppData\Roaming\Mozilla\Firefox\Profiles\t7dsitci.default\prefs.js

[OK] File Pulito.

-\\ Google Chrome v25.0.1364.97

File : C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File Pulito.

*************************

AdwCleaner[s1].txt - [4591 octets] - [01/03/2013 12:26:00]

########## EOF - C:\AdwCleaner[s1].txt - [4651 octets] ##########

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.6.6 (02.27.2013:1)

OS: Windows Vista Home Premium x86

Ran by Asus on 01/03/2013 at 12.36.26,10

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\bho.dll

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted: [Folder] C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\LogMeInClient@logmein.com

Emptied folder: C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\minidumps [203 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 01/03/2013 at 12.39.30,65

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Grazie davvero Mr 4011, sei gentilissimo per il supporto che mi stai offrendo :)

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Ciao goblo :)

Stai facendo un buon lavoro

Scarica Combofix da uno di questi due link:

Link 1

Link 2

 

* IMPORTANTE- Salva ComboFix.exe sul tuo Desktop

====================================================

 

Disattiva AntiVirus e AntiSpyware, di solito tramite un click destro del mouse sull'icona di notifica situata sulla system tray. Essi possono interferire con questi tools. Nota: Se si ha difficolta' a disabilitare correttamente i programmi di protezione, o non si e' sicuri su quali programmi devono essere disabilitati, fare riferimento alle informazioni (in Inglese) disponibili a questo link : Come disabilitare i programmi di sicurezza

====================================================

 

Doppio click su combofix.exe & seguire le istruzioni

Quando finito, il programma produrra' un log. Includi C:\ComboFix.txt nella tua prossima risposta, per ulteriori revisioni

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Ecco il log di Combofix :)

ComboFix 13-03-01.01 - Asus 02/03/2013 18.42.40.7.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.39.1040.18.2047.1264 [GMT 1:00]

Eseguito da: c:\users\Asus\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Asus\AppData\Local\Temp\sfamcc00001.dll

c:\users\Asus\AppData\Local\temp\sfareca00001.dll

c:\windows\system32\drivers\etc\hosts.ics

.

.

((((((((((((((((((((((((( Files Creati Da 2013-02-02 al 2013-03-02 )))))))))))))))))))))))))))))))))))

.

.

2013-03-02 17:59 . 2013-03-02 18:03 -------- d-----w- c:\users\Asus\AppData\Local\temp

2013-03-02 17:59 . 2013-03-02 17:59 -------- d-----w- c:\users\Public\AppData\Local\temp

2013-03-02 17:59 . 2013-03-02 17:59 -------- d-----w- c:\users\Generico\AppData\Local\temp

2013-03-02 17:59 . 2013-03-02 17:59 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-03-01 11:36 . 2013-03-01 11:36 -------- d-----w- c:\windows\ERUNT

2013-03-01 11:36 . 2013-03-01 11:36 -------- d-----w- C:\JRT

2013-02-26 11:29 . 2013-02-26 11:29 -------- d-----w- c:\program files\Common Files\Java

2013-02-26 11:29 . 2013-02-26 11:29 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-02-26 11:26 . 2013-02-26 11:26 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-02-26 11:26 . 2013-02-26 11:26 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-02-25 15:00 . 2013-02-25 15:00 -------- d-----w- c:\program files\iPod

2013-02-25 14:59 . 2013-02-25 15:00 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-02-25 14:59 . 2013-02-25 15:00 -------- d-----w- c:\program files\iTunes

2013-02-13 11:01 . 2013-01-04 11:28 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-02-13 11:01 . 2013-01-04 01:38 2048512 ----a-w- c:\windows\system32\win32k.sys

2013-02-13 11:01 . 2012-11-08 03:48 1314816 ----a-w- c:\windows\system32\quartz.dll

2013-02-13 11:00 . 2013-01-05 05:26 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-02-13 11:00 . 2013-01-05 05:26 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-01-31 20:23 . 2013-01-31 20:23 -------- d-----r- c:\program files\Skype 6

2013-01-31 20:23 . 2013-01-31 20:23 -------- d-----w- c:\program files\Common Files\Skype

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-02-26 11:29 . 2012-07-23 13:42 861088 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-02-26 11:29 . 2010-04-28 14:57 782240 ----a-w- c:\windows\system32\deployJava1.dll

2013-02-13 10:39 . 2012-11-21 10:54 92448 ----a-w- c:\windows\system32\drivers\avfwim.sys

2013-02-13 10:39 . 2012-11-21 10:54 113024 ----a-w- c:\windows\system32\drivers\avfwot.sys

2012-12-17 14:15 . 2012-11-21 10:54 83944 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2012-12-17 14:15 . 2012-11-21 10:54 134336 ----a-w- c:\windows\system32\drivers\avipbb.sys

2012-12-16 13:12 . 2012-12-21 09:13 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-16 10:50 . 2012-12-21 09:13 293376 ----a-w- c:\windows\system32\atmfd.dll

2012-12-14 15:49 . 2010-04-20 09:07 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-13 12:50 . 2012-12-13 12:50 6112864 ----a-w- c:\windows\system32\usbaaplrc.dll

2012-12-13 12:50 . 2012-12-13 12:50 45056 ----a-w- c:\windows\system32\drivers\usbaapl.sys

2003-05-01 08:36 . 2003-05-01 08:36 114688 ----a-w- c:\program files\internet explorer\plugins\LV7ActiveXControl.dll

2013-02-20 10:58 . 2013-02-20 10:57 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* i valori vuoti & legittimi/default non sono visualizzati.

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-11-13 23:32 129272 ----a-w- c:\users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-02-13 385248]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

SpeedFan.lnk - c:\program files\SpeedFan\speedfan.exe [2009-11-25 4009592]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"= c:\windows\System32\guard32.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SpeedFan.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk

backup=c:\windows\pss\SpeedFan.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2013-01-28 12:08 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]

2007-02-15 13:29 622592 ------w- c:\program files\Brother\Brmfcmon\BrMfcWnd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]

2006-07-19 13:51 65536 ------w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2012-08-02 16:44 116648 ----atw- c:\users\Asus\AppData\Local\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2013-02-20 11:35 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]

2007-03-20 06:36 36864 ------r- c:\windows\RaidTool\xInsIDE.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]

2012-12-14 15:49 824232 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService]

2012-02-27 12:43 801792 ----a-w- c:\program files\Yuna Software\Messenger Plus!\PlusService.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2011-10-24 13:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]

2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2013-01-08 11:59 18705664 ----a-r- c:\program files\Skype 6\Phone\Skype.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

2007-03-01 13:24 857648 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1417020736-3956469301-586048187-1000]

"EnableNotificationsRef"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

.

Contenuto della cartella 'Scheduled Tasks'

.

2013-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1417020736-3956469301-586048187-1000Core.job

- c:\users\Asus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-02 16:44]

.

2013-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1417020736-3956469301-586048187-1000UA.job

- c:\users\Asus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-02 16:44]

.

.

------- Scansione supplementare -------

.

uStart Page = hxxp://www.trophymanager.com/

uInternet Settings,ProxyOverride = local;*.local

IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll

TCP: Interfaces\{7628A306-FEFA-47FB-9F4B-AA1241714552}: NameServer = 193.70.152.15,193.70.152.25

FF - ProfilePath - c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\78ljeyi4.default\

FF - prefs.js: browser.startup.homepage - www.libero.it

FF - prefs.js: network.proxy.type - 0

.

- - - - CHIAVI ORFANE RIMOSSE - - - -

.

SafeBoot-WudfPf

SafeBoot-WudfRd

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-03-02 19:02

Windows 6.0.6002 Service Pack 2 NTFS

.

scansione processi nascosti ...

.

scansione entrate autostart nascoste ...

.

Scansione files nascosti ...

.

Scansione completata con successo

Files nascosti: 0

.

**************************************************************************

.

--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}"=hex:51,66,7a,6c,4c,1d,38,12,ed,e2,e6,

8b,ec,e5,85,03,cf,88,91,ea,bc,02,ef,f7

"{00C6482D-C502-44C8-8409-FCE54AD9C208}"=hex:51,66,7a,6c,4c,1d,38,12,43,4b,d5,

04,30,8b,a6,01,fb,1f,bf,a5,4f,87,86,1c

"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,

72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,

fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17

"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,

b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:64,ba,61,2a,d6,c7,cd,01

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1d,39,fa,7f,43,95,9b,41,86,7e,4e,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1d,39,fa,7f,43,95,9b,41,86,7e,4e,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

--------------------- Dlls caricate dai processi in esecuzione ---------------------

.

- - - - - - - > 'Explorer.exe'(3856)

c:\users\Asus\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

.

------------------------ Altri processi in esecuzione ------------------------

.

c:\program files\Avira\AntiVir Desktop\avguard.exe

c:\program files\Avira\AntiVir Desktop\avshadow.exe

c:\program files\ATK Hotkey\ASLDRSrv.exe

c:\program files\ATKGFNEX\GFNEXSrv.exe

c:\windows\system32\WLANExt.exe

c:\windows\system32\brsvc01a.exe

c:\windows\system32\brss01a.exe

c:\program files\Avira\AntiVir Desktop\sched.exe

c:\program files\Avira\AntiVir Desktop\avfwsvc.exe

c:\program files\Avira\AntiVir Desktop\avmailc.exe

c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Intel\Wireless\Bin\EvtEng.exe

c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

c:\windows\system32\niSvcLoc.exe

c:\program files\Intel\Wireless\Bin\RegSrvc.exe

c:\program files\TeamViewer\Version6\TeamViewer_Service.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\program files\ATK Hotkey\Hcontrol.exe

c:\program files\ATKOSD2\ATKOSD2.exe

c:\program files\Wireless Console 2\wcourier.exe

c:\program files\ATK Hotkey\ATKOSD.exe

c:\windows\system32\conime.exe

c:\program files\ATK Hotkey\KBFiltr.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\TechSmith\Snagit 9\Snagit32.exe

c:\program files\TechSmith\Snagit 9\SnagPriv.exe

.

**************************************************************************

.

Ora fine scansione: 2013-03-02 19:13:32 - Il pc è stato riavviato

ComboFix-quarantined-files.txt 2013-03-02 18:13

.

Pre-Run: 38.829.592.576 byte disponibili

Post-Run: 38.697.103.360 byte disponibili

.

- - End Of File - - DD9B3A34402C93D0F3F2B68E1C6093D1

Dopo il riavvio, durante la scansione mi è apparso l'avviso che ho inserito in allegato.

Buon fine settimana ;)

post-14079-0-86303300-1362248307_thumb.jpg

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Ciao goblo :)

Dopo il riavvio, durante la scansione mi è apparso l'avviso che ho inserito in allegato

Basta riavviare che il problema scomparira'

---------------------

Malwarebytes 'Anti-Malware

  • Avvia Malwarebytes ' Anti - Malware [/b]
  • Se un viene trovato un aggiornamento , verrà scaricato e installato .
  • Una volta che il programma e' stato caricato , selezionare Eseguire scansione rapida , poi cliccare Scan .
  • Quando la scansione è completa , cliccare OK , poi Mostra Risultati per visualizzare i risultati .
  • Siate sicuri che tutto sia selezionato , quindi cliccare Remove Selected .
  • Quando completato il tutto , si aprirà un log in blocco note .
  • I log possono essere trovati qui :
    C : \ Documents e Settings \ nome utente \ Dati Applicazioni \ Malwarebytes \ Malwarebytes 'Anti-Malware \ Logs \ log [data] txt .
    O in
    C: \ Programmi \ Malwarebytes ' Anti - Malware \ Logs \ log - data . txt
  • Posta il log nella tua prossima risposta

Dopo

ESET on-line scan

Eseguire una scansione con ESET Online Scanner

Nota: Sarà necessario utilizzare Internet Explorer per questa scansione .

  • Selezionare la casella accanto a Yes, I accept the Terms of Use.
  • Cliccare su Start
  • Quando richiesto consentire il controllo ActiveX per installare
  • Cliccare su Start
  • Assicurarsi che le opzioni Rimuovi minacce trovate e Scansione delle applicazioni indesiderate siano selezionate
  • Cliccare su Scan
    Attendere il termine della scansione
  • Usa Notepad per aprire il file di log situato in C:\Program Files\EsetOnlineScanner\log.txt
  • Copia/Incolla il log nella tua risposta successiva

Fammi sapere come va il pc e se ci sono altri problemi da risolvere

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti
Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Versione database: v2013.03.03.03

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Asus :: PC-ASUS [amministratore]

03/03/2013 11.27.34

mbam-log-2013-03-03 (11-27-34).txt

Tipo di scansione: Scansione veloce

Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM

Opzioni di scansione disattivate: P2P

Elementi esaminati: 228112

Tempo impiegato: 7 minuti, 32 secondi

Processi rilevati in memoria: 0

(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0

(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0

(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0

(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0

(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0

(non sono stati rilevati elementi nocivi)

File rilevati: 0

(non sono stati rilevati elementi nocivi)

(fine)

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Log di ESET pulito :)

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Perfetto :)

Ri esegui OTL

  • Avvia nuovamente OTL e clicca su Quick scan (senza spuntare LOP e PURITY)
  • Posta il log che verra' prodotto

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Senza nessuna direttiva come in precedenza, giusto?

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

OTL logfile created on: 04/03/2013 11.56.22 - Run 2

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Asus\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,75% Memory free

4,23 Gb Paging File | 2,95 Gb Available in Paging File | 69,64% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 89,43 Gb Total Space | 35,51 Gb Free Space | 39,70% Space Free | Partition Type: NTFS

Drive D: | 59,62 Gb Total Space | 32,48 Gb Free Space | 54,48% Space Free | Partition Type: NTFS

Computer Name: PC-ASUS | User Name: Asus | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Asus\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Users\Asus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)

PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe ()

PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()

PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)

PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()

PRC - C:\Program Files\ATKOSD2\ATKOSD2.exe ()

PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()

PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()

PRC - C:\Windows\System32\niSvcLoc.exe (National Instruments)

========== Modules (No Company Name) ==========

MOD - C:\Users\Asus\AppData\Local\Temp\sfamcc00001.dll ()

MOD - C:\Users\Asus\AppData\Local\Temp\sfareca00001.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\ffmpegsumo.dll ()

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()

MOD - C:\Program Files\WinRAR\rarext.dll ()

========== Services (SafeList) ==========

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)

SRV - (AntiVirMailService) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirFirewallService) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG)

SRV - (SkypeUpdate) -- C:\Program Files\Skype 6\Updater\Updater.exe (Skype Technologies)

SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)

SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)

SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)

SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()

SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)

SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()

SRV - (niSvcLoc) -- C:\Windows\System32\niSvcLoc.exe (National Instruments)

SRV - (NILM License manager) -- C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe (Macrovision Corporation)

========== Driver Services (SafeList) ==========

DRV - (USBModem) -- system32\DRIVERS\lgusbmodem.sys File not found

DRV - (UsbDiag) -- system32\DRIVERS\lgusbdiag.sys File not found

DRV - (usbbus) -- system32\DRIVERS\lgusbbus.sys File not found

DRV - (upperdev) -- system32\DRIVERS\usbser_lowerflt.sys File not found

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found

DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found

DRV - (netr28u) -- system32\DRIVERS\netr28u.sys File not found

DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\RaInfo.sys File not found

DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found

DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found

DRV - (catchme) -- C:\ComboFix\catchme.sys File not found

DRV - (ASInsHelp) -- C:\Windows\system32\drivers\AsInsHelp32.sys File not found

DRV - (avfwot) -- C:\Windows\System32\drivers\avfwot.sys (Avira GmbH)

DRV - (avfwim) -- C:\Windows\System32\drivers\avfwim.sys (Avira GmbH)

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)

DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)

DRV - (LMIRfsClientNP) -- C:\Windows\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)

DRV - (LMIRfsDriver) -- C:\Windows\System32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)

DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)

DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )

DRV - (ivusb) -- C:\Windows\System32\drivers\ivusb.sys (Initio Corporation)

DRV - (Haspnt) -- C:\Windows\System32\drivers\Haspnt.sys (Aladdin Knowledge Systems)

DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)

DRV - (WmFilter) -- C:\Windows\System32\drivers\WmFilter.sys (Logitech Inc.)

DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows ® Codename Longhorn DDK provider)

DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)

DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)

DRV - (JRAID) -- C:\Windows\System32\drivers\jraid.sys (JMicron Technology Corp.)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)

DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()

DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)

DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()

DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )

DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)

DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)

DRV - (Hardlock) -- C:\Windows\System32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)

DRV - (speedfan) -- C:\Windows\System32\speedfan.sys (Windows ® 2000 DDK provider)

DRV - (JGOGO) -- C:\Windows\System32\drivers\JGOGO.sys (JMicron )

DRV - (DS1410D) -- C:\Windows\System32\drivers\DS1410d.SYS (Dallas Semiconductor MAXIM)

DRV - (TIEHDUSB) -- C:\Windows\System32\drivers\tiehdusb.sys (Texas Instruments Incorporated)

DRV - (cvintdrv) -- C:\Windows\System32\drivers\cvintdrv.sys ()

DRV - (giveio) -- C:\Windows\System32\giveio.sys ()

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.trophymanager.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{F7C67426-58DD-46BC-89CF-076312D1DF4C}: "URL" = http://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "www.libero.it"

FF - prefs.js..extensions.enabledAddons: forcetls%40sid.stamm:3.0.1

FF - prefs.js..extensions.enabledAddons: it-IT%40dictionaries.addons.mozilla.org:3.3.2

FF - prefs.js..extensions.enabledAddons: shan.developer%40gmail.com:1.0.4

FF - prefs.js..extensions.enabledAddons: %7BD4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389%7D:0.9.10

FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0

FF - prefs.js..extensions.enabledAddons: %7B0545b830-f0aa-4d7e-8820-50a4629a56fe%7D:17.6

FF - prefs.js..extensions.enabledAddons: SQLiteManager%40mrinalkant.blogspot.com:0.7.7

FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.6

FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.2

FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8

FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.6.3

FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.5.9rc1

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0

FF - prefs.js..extensions.enabledItems: it-IT@dictionaries.addons.mozilla.org:3.3.1

FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8

FF - prefs.js..extensions.enabledItems: FasterFox_Lite@BigRedBrent:3.9.1Lite

FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2

FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76

FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.2

FF - prefs.js..extensions.enabledItems: shan.developer@gmail.com:1.0.4

FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5

FF - prefs.js..extensions.enabledItems: lcdclock_bloodeye@gmail.com:0.4.2

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: forcetls@sid.stamm:3.0.0

FF - prefs.js..extensions.enabledItems: firesheep@codebutler.com:0.1

FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76

FF - prefs.js..network.proxy.type: 0

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files\Battlelog Web Plugins\1.140.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)

FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Asus\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Asus\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Asus\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/20 11.58.06 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/20 11.57.57 | 000,000,000 | ---D | M]

[2009/12/27 19.52.50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Extensions

[2009/12/27 19.52.50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

[2013/03/02 19.36.12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions

[2012/12/24 17.45.25 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}

[2013/02/14 17.26.35 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

[2012/09/26 09.44.14 | 000,000,000 | ---D | M] (Fasterfox Lite) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\FasterFox_Lite@BigRedBrent

[2012/03/13 12.10.51 | 000,000,000 | ---D | M] (Dizionario italiano) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\it-IT@dictionaries.addons.mozilla.org

[2011/03/20 00.30.25 | 000,000,000 | ---D | M] (Rights To Close) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\shan.developer@gmail.com

[2012/05/10 17.02.48 | 000,114,012 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\forcetls@sid.stamm.xpi

[2013/03/02 19.36.12 | 000,343,105 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\personas@christopher.beard.xpi

[2012/01/12 17.31.19 | 000,165,730 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\simpletimerClocks@grbradt.org.xpi

[2012/12/27 12.44.13 | 000,255,318 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\SQLiteManager@mrinalkant.blogspot.com.xpi

[2013/03/02 19.36.11 | 000,532,389 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

[2013/02/25 11.09.08 | 000,115,869 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi

[2013/02/14 12.00.25 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2011/10/30 21.34.13 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi

[2013/02/28 11.40.04 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

[2013/02/20 11.57.55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2009/09/26 09.52.14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

[2013/02/20 11.58.06 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012/12/07 13.29.11 | 000,001,606 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-it.xml

[2012/08/29 16.04.29 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012/12/07 13.29.11 | 000,000,957 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-it.xml

[2012/12/07 13.29.11 | 000,001,030 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\hoepli.xml

[2012/12/07 13.29.11 | 000,001,395 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-it.xml

[2012/12/07 13.29.11 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-it.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: http://www.google.com/

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Asus\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL

CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - plugin: Java Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll

CHR - plugin: SumatraPDF Browser Plugin (Enabled) = C:\Program Files\SumatraPDF\npPdfViewer.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Unity Player (Enabled) = C:\Users\Asus\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Asus\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: TM Auxiliary - Menu Hover Test = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgmjobecnlhmffchebancgllopccbgb\1.0.1_0\

CHR - Extension: TM Auxiliary - Player Page = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\agfpmcanjhhjojjgaifcfahjeklkkjkk\1.0.1_0\

CHR - Extension: Splendid = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfkbdkkfmmckaadapdipihjfaacnkgd\3_0\

CHR - Extension: YouTube = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\

CHR - Extension: Ricerca Google = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\

CHR - Extension: AdBlock = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\

CHR - Extension: TM Auxiliary - Player List = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\oianljogbaebheldjhiemnfkpmggkfee\1.0.0_0\

CHR - Extension: TM Auxiliary - Advanced Training Overview = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\omnolpjpemgjdjfpidfhjlipjmhkdabe\1.0.2_2\

CHR - Extension: Gmail = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/03/02 18.59.39 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - Startup: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found

O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7628A306-FEFA-47FB-9F4B-AA1241714552}: NameServer = 193.70.152.15,193.70.152.25

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (C:\Windows\System32\guard32.dll) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Asus\AppData\Roaming\Microsoft\Windows Photo Gallery\Sfondo della Raccolta foto Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\Asus\AppData\Roaming\Microsoft\Windows Photo Gallery\Sfondo della Raccolta foto Windows.jpg

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 22.43.36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/04 11.58.46 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\Pulizia Pc

[2013/03/02 19.02.16 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN

[2013/03/02 18.59.36 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\temp

[2013/03/02 18.35.28 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2013/03/02 18.35.27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2013/03/02 18.35.27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2013/03/02 18.35.21 | 000,000,000 | ---D | C] -- C:\ComboFix

[2013/03/01 12.36.18 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT

[2013/03/01 12.36.05 | 000,000,000 | ---D | C] -- C:\JRT

[2013/02/26 12.29.54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2013/02/25 16.01.00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2013/02/25 16.00.02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2013/02/25 15.59.59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2013/02/25 15.59.59 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

[2013/02/20 11.57.54 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2013/02/19 11.05.35 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{3D494E1A-76DB-444F-BB7E-7F486B63ECD6}

[2013/02/14 11.32.14 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{6257247F-E48E-4159-B9BE-004BB8A2ADF0}

[2013/02/12 12.22.50 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{125987F4-B2FC-47AA-B926-8EC6701DB1F4}

[2013/02/11 12.35.24 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{B72AECCE-8784-4058-A0FC-BD2AFC8EBAE7}

[2013/02/09 20.18.20 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\Ing. Fucci

[2013/02/07 13.32.43 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{A8CAC80D-6928-4A6C-8E19-FB553A7DFFB5}

[2013/02/06 16.35.52 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{E0A705D3-FCBB-43B4-9CCC-F388E2109B26}

[2013/02/05 16.22.23 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{EA87C954-630C-4876-9874-A5867461394F}

[2013/02/04 19.40.28 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\Lavoro

[2013/02/04 11.40.09 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{D3281B20-9DFA-4F17-9383-5D3EEE7DBB5A}

========== Files - Modified Within 30 Days ==========

[2013/03/04 11.58.44 | 000,025,070 | ---- | M] () -- C:\Users\Asus\AppData\Roaming\nvModes.001

[2013/03/04 11.07.01 | 000,001,156 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1417020736-3956469301-586048187-1000UA.job

[2013/03/04 10.21.49 | 000,000,433 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics

[2013/03/04 10.21.30 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2013/03/04 10.21.30 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2013/03/04 10.21.08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/03/04 01.37.19 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2013/03/04 01.07.00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1417020736-3956469301-586048187-1000Core.job

[2013/03/02 18.59.39 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2013/03/02 17.37.02 | 000,715,966 | ---- | M] () -- C:\Windows\System32\perfh010.dat

[2013/03/02 17.37.02 | 000,634,650 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013/03/02 17.37.02 | 000,144,130 | ---- | M] () -- C:\Windows\System32\perfc010.dat

[2013/03/02 17.37.02 | 000,120,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013/02/27 16.56.46 | 000,192,512 | ---- | M] () -- C:\Users\Asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/02/26 12.57.20 | 000,263,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013/02/25 16.01.00 | 000,001,671 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2013/02/19 20.27.46 | 000,001,709 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk

[2013/02/16 17.42.17 | 000,167,365 | ---- | M] () -- C:\Users\Asus\Desktop\CV[bisogno Paolo Luigi].pdf

[2013/02/13 11.39.43 | 000,113,024 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwot.sys

[2013/02/13 11.39.43 | 000,092,448 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwim.sys

[2013/02/02 14.57.05 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

========== Files Created - No Company Name ==========

[2013/03/02 18.35.28 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2013/03/02 18.35.28 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2013/03/02 18.35.27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2013/03/02 18.35.27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2013/03/02 18.35.27 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2013/02/25 16.01.00 | 000,001,671 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2013/02/16 18.24.51 | 000,167,365 | ---- | C] () -- C:\Users\Asus\Desktop\CV[bisogno Paolo Luigi].pdf

[2012/12/31 18.54.12 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat

[2011/09/04 15.10.10 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

[2011/08/22 00.11.39 | 000,086,056 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat

[2011/05/23 16.29.11 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/05/07 12.25.49 | 000,011,328 | ---- | C] () -- C:\Users\Asus\gsview32.ini

[2010/03/11 18.47.20 | 000,025,070 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\nvModes.001

[2010/03/11 13.16.42 | 000,025,070 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\nvModes.dat

[2010/02/02 17.13.26 | 000,000,377 | ---- | C] () -- C:\Users\Asus\Documenti - collegamento (2).lnk

[2010/01/14 12.31.32 | 000,000,092 | ---- | C] () -- C:\Users\Asus\AppData\Local\fusioncache.dat

[2010/01/08 00.36.13 | 000,000,377 | ---- | C] () -- C:\Users\Asus\Documenti - collegamento.lnk

[2009/11/16 21.52.54 | 000,000,032 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\msdreg.dat

[2009/10/29 20.48.41 | 000,000,600 | ---- | C] () -- C:\Users\Asus\PUTTY.RND

[2009/09/27 11.25.06 | 000,192,512 | ---- | C] () -- C:\Users\Asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/09/23 09.59.06 | 000,000,680 | ---- | C] () -- C:\Users\Asus\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006/11/02 13.54.22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18.47.00 | 011,586,048 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07.28.19 | 000,614,912 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07.28.25 | 000,347,648 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2013/02/07 17.57.16 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Camfrog

[2011/09/03 23.23.49 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\DAEMON Tools Lite

[2013/03/04 11.35.44 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Dropbox

[2011/12/08 22.36.44 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Electronic Arts

[2010/03/30 17.23.16 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Ethereal

[2012/02/16 16.36.17 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Feedreader

[2011/08/18 09.48.42 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\GameRanger

[2010/12/07 18.27.57 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\GlarySoft

[2012/10/28 11.14.21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\HandBrake

[2009/11/22 20.06.21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\InfraRecorder

[2011/09/04 13.49.03 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\IObit

[2010/10/03 18.05.01 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Leadertech

[2010/09/29 14.29.48 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Locktime

[2010/09/28 19.40.51 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\mkvtoolnix

[2009/11/16 21.52.53 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\MSDict

[2010/03/23 23.31.44 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Nokia

[2010/03/01 21.15.57 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\PC Suite

[2009/09/25 13.56.07 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\PCToolsFirewallPlus

[2011/09/26 11.36.46 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\redsn0w

[2009/12/03 16.32.05 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Softland

[2011/09/08 09.58.17 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\SumatraPDF

[2011/09/09 13.51.23 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TeamViewer

[2011/11/22 15.01.52 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TmRecorder

[2012/03/23 11.27.30 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\UDC Profiles

[2013/02/21 17.43.40 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\uTorrent

========== Purity Check ==========

< End of report >

:):):)

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Ciao goblo

Avviare OTL.exe .

  • Copia e incolla il testo scritto all'interno del box quote in analisi personalizzate/correzioni .

:OTL
MOD - C:\Users\Asus\AppData\Local\Temp\sfamcc00001.dll ()
MOD - C:\Users\Asus\AppData\Local\Temp\sfareca00001.dll ()
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.trophymanager.com/
[2013/03/04 10.21.49 | 000,000,433 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics

:Files
ipconfig /flushdns /c

:Commands
[EMPTYFLASH]
[RESETHOST]
[CREATERESTOREPOINT]
[REBOOT]

    [*] Quindi fare clic su Fix Run situato nella parte superiore.

    [*] Lasciare che il programma esegua senza ostacoli il suo lavoro, quando avra' terminato, si riavviera' in automatico. In caso contrario, si prega di riavviare il sistema manualmente.

    Postare il log che viene rilasciato [/List]

    Fammi sapere come va ora il tuo pc

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Ciao Mr 4011,

ho eseguito OLT, ma quest'ultima volta è capitata una cosa abbastanza strana. Sul desktop son saltati fuori 6 file nascosti di cui due file "desktop.ini" ed altri 4 file .docx che non ho aperto per sicurezza.

Inoltre non mi è stato rilasciato alcun log.

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti
ho eseguito OLT, ma quest'ultima volta è capitata una cosa abbastanza strana. Sul desktop son saltati fuori 6 file nascosti di cui due file "desktop.ini" ed altri 4 file .docx che non ho aperto per sicurezza.
Oh mio Dio, abbiamo violato la sicurezza nazionale, l'italia subira' un grave attacco bellico :rotfl:

  • Clicca su Start > Pannello di controllo
  • In Opzioni Cartella portati in tab Visualizzazione
  • In Cartelle e file nascosti spunta la voce Non visualizzare cartelle file e unita' nascoste
  • Clicca Applica quindi Ok

Per quanto riguarda OTL rieseguilo normalmente in questo modo:

Doppio click su OTL e togli la spunta a Purity e Lop

Clicca su Quick scan

Posta il log che viene rilasciato

Vorrei sapere come va ora il tuo pc

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Mr 4011 :lol1::2:

Il pc ora va decisamente meglio, i tempi di risposta per effettuare qualsiasi operazione si sono abbassati di tanto, e questo grazie a te :)

OTL logfile created on: 06/03/2013 12.16.39 - Run 4

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Asus\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 0,49 Gb Available Physical Memory | 24,74% Memory free

4,23 Gb Paging File | 2,20 Gb Available in Paging File | 52,07% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 89,43 Gb Total Space | 34,55 Gb Free Space | 38,64% Space Free | Partition Type: NTFS

Drive D: | 59,62 Gb Total Space | 32,48 Gb Free Space | 54,48% Space Free | Partition Type: NTFS

Computer Name: PC-ASUS | User Name: Asus | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Asus\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_6_602_168.exe (Adobe Systems, Inc.)

PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Skype 6\Phone\Skype.exe (Skype Technologies S.A.)

PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))

PRC - C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe (TechSmith Corporation)

PRC - C:\Program Files\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)

PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe ()

PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()

PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)

PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()

PRC - C:\Program Files\ATKOSD2\ATKOSD2.exe ()

PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()

PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()

PRC - C:\Windows\System32\niSvcLoc.exe (National Instruments)

========== Modules (No Company Name) ==========

MOD - C:\Users\Asus\AppData\Local\Temp\sfamcc00001.dll ()

MOD - C:\Users\Asus\AppData\Local\Temp\sfareca00001.dll ()

MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_6_602_168.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\libglesv2.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\libegl.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\ffmpegsumo.dll ()

MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()

MOD - C:\Program Files\WinRAR\rarext.dll ()

MOD - C:\Program Files\TechSmith\Snagit 9\PDFNetC.dll ()

========== Services (SafeList) ==========

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)

SRV - (AntiVirMailService) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirFirewallService) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG)

SRV - (SkypeUpdate) -- C:\Program Files\Skype 6\Updater\Updater.exe (Skype Technologies)

SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)

SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)

SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)

SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()

SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)

SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()

SRV - (niSvcLoc) -- C:\Windows\System32\niSvcLoc.exe (National Instruments)

SRV - (NILM License manager) -- C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe (Macrovision Corporation)

========== Driver Services (SafeList) ==========

DRV - (USBModem) -- system32\DRIVERS\lgusbmodem.sys File not found

DRV - (UsbDiag) -- system32\DRIVERS\lgusbdiag.sys File not found

DRV - (usbbus) -- system32\DRIVERS\lgusbbus.sys File not found

DRV - (upperdev) -- system32\DRIVERS\usbser_lowerflt.sys File not found

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found

DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found

DRV - (netr28u) -- system32\DRIVERS\netr28u.sys File not found

DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\RaInfo.sys File not found

DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found

DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found

DRV - (catchme) -- C:\ComboFix\catchme.sys File not found

DRV - (ASInsHelp) -- C:\Windows\system32\drivers\AsInsHelp32.sys File not found

DRV - (avfwot) -- C:\Windows\System32\drivers\avfwot.sys (Avira GmbH)

DRV - (avfwim) -- C:\Windows\System32\drivers\avfwim.sys (Avira GmbH)

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)

DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)

DRV - (LMIRfsClientNP) -- C:\Windows\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)

DRV - (LMIRfsDriver) -- C:\Windows\System32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)

DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)

DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )

DRV - (ivusb) -- C:\Windows\System32\drivers\ivusb.sys (Initio Corporation)

DRV - (Haspnt) -- C:\Windows\System32\drivers\Haspnt.sys (Aladdin Knowledge Systems)

DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)

DRV - (WmFilter) -- C:\Windows\System32\drivers\WmFilter.sys (Logitech Inc.)

DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows ® Codename Longhorn DDK provider)

DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)

DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)

DRV - (JRAID) -- C:\Windows\System32\drivers\jraid.sys (JMicron Technology Corp.)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)

DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()

DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)

DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()

DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )

DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)

DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)

DRV - (Hardlock) -- C:\Windows\System32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)

DRV - (speedfan) -- C:\Windows\System32\speedfan.sys (Windows ® 2000 DDK provider)

DRV - (JGOGO) -- C:\Windows\System32\drivers\JGOGO.sys (JMicron )

DRV - (DS1410D) -- C:\Windows\System32\drivers\DS1410d.SYS (Dallas Semiconductor MAXIM)

DRV - (TIEHDUSB) -- C:\Windows\System32\drivers\tiehdusb.sys (Texas Instruments Incorporated)

DRV - (cvintdrv) -- C:\Windows\System32\drivers\cvintdrv.sys ()

DRV - (giveio) -- C:\Windows\System32\giveio.sys ()

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{F7C67426-58DD-46BC-89CF-076312D1DF4C}: "URL" = http://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "www.libero.it"

FF - prefs.js..extensions.enabledAddons: forcetls%40sid.stamm:3.0.1

FF - prefs.js..extensions.enabledAddons: it-IT%40dictionaries.addons.mozilla.org:3.3.2

FF - prefs.js..extensions.enabledAddons: shan.developer%40gmail.com:1.0.4

FF - prefs.js..extensions.enabledAddons: %7BD4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389%7D:0.9.10

FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0

FF - prefs.js..extensions.enabledAddons: %7B0545b830-f0aa-4d7e-8820-50a4629a56fe%7D:17.6

FF - prefs.js..extensions.enabledAddons: SQLiteManager%40mrinalkant.blogspot.com:0.7.7

FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.6

FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.2

FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8

FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.6.3

FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.5.9rc1

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0

FF - prefs.js..extensions.enabledItems: it-IT@dictionaries.addons.mozilla.org:3.3.1

FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8

FF - prefs.js..extensions.enabledItems: FasterFox_Lite@BigRedBrent:3.9.1Lite

FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2

FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76

FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.2

FF - prefs.js..extensions.enabledItems: shan.developer@gmail.com:1.0.4

FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5

FF - prefs.js..extensions.enabledItems: lcdclock_bloodeye@gmail.com:0.4.2

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: forcetls@sid.stamm:3.0.0

FF - prefs.js..extensions.enabledItems: firesheep@codebutler.com:0.1

FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76

FF - prefs.js..network.proxy.type: 0

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files\Battlelog Web Plugins\1.140.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)

FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Asus\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Asus\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Asus\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/20 11.58.06 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/20 11.57.57 | 000,000,000 | ---D | M]

[2009/12/27 19.52.50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Extensions

[2009/12/27 19.52.50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

[2013/03/06 11.07.13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions

[2012/12/24 17.45.25 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}

[2013/02/14 17.26.35 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

[2012/09/26 09.44.14 | 000,000,000 | ---D | M] (Fasterfox Lite) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\FasterFox_Lite@BigRedBrent

[2012/03/13 12.10.51 | 000,000,000 | ---D | M] (Dizionario italiano) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\it-IT@dictionaries.addons.mozilla.org

[2011/03/20 00.30.25 | 000,000,000 | ---D | M] (Rights To Close) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\shan.developer@gmail.com

[2013/03/06 11.07.13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\staged

[2012/05/10 17.02.48 | 000,114,012 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\forcetls@sid.stamm.xpi

[2013/03/02 19.36.12 | 000,343,105 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\personas@christopher.beard.xpi

[2012/01/12 17.31.19 | 000,165,730 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\simpletimerClocks@grbradt.org.xpi

[2012/12/27 12.44.13 | 000,255,318 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\SQLiteManager@mrinalkant.blogspot.com.xpi

[2013/03/02 19.36.11 | 000,532,389 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

[2013/02/25 11.09.08 | 000,115,869 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi

[2013/02/14 12.00.25 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2011/10/30 21.34.13 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi

[2013/02/28 11.40.04 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

[2013/03/06 11.07.13 | 000,386,363 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\staged\personas@christopher.beard.xpi

[2013/02/20 11.57.55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2009/09/26 09.52.14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

[2013/02/20 11.58.06 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012/12/07 13.29.11 | 000,001,606 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-it.xml

[2012/08/29 16.04.29 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012/12/07 13.29.11 | 000,000,957 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-it.xml

[2012/12/07 13.29.11 | 000,001,030 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\hoepli.xml

[2012/12/07 13.29.11 | 000,001,395 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-it.xml

[2012/12/07 13.29.11 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-it.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: http://www.google.com/

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Asus\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL

CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - plugin: Java Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll

CHR - plugin: SumatraPDF Browser Plugin (Enabled) = C:\Program Files\SumatraPDF\npPdfViewer.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Unity Player (Enabled) = C:\Users\Asus\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Asus\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: TM Auxiliary - Menu Hover Test = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgmjobecnlhmffchebancgllopccbgb\1.0.1_0\

CHR - Extension: TM Auxiliary - Player Page = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\agfpmcanjhhjojjgaifcfahjeklkkjkk\1.0.1_0\

CHR - Extension: Splendid = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfkbdkkfmmckaadapdipihjfaacnkgd\3_0\

CHR - Extension: YouTube = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\

CHR - Extension: Ricerca Google = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\

CHR - Extension: AdBlock = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\

CHR - Extension: TM Auxiliary - Player List = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\oianljogbaebheldjhiemnfkpmggkfee\1.0.0_0\

CHR - Extension: TM Auxiliary - Advanced Training Overview = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\omnolpjpemgjdjfpidfhjlipjmhkdabe\1.0.2_2\

CHR - Extension: Gmail = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/03/02 18.59.39 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - Startup: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found

O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7628A306-FEFA-47FB-9F4B-AA1241714552}: NameServer = 193.70.152.15,193.70.152.25

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (C:\Windows\System32\guard32.dll) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Asus\AppData\Roaming\Microsoft\Windows Photo Gallery\Sfondo della Raccolta foto Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\Asus\AppData\Roaming\Microsoft\Windows Photo Gallery\Sfondo della Raccolta foto Windows.jpg

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 22.43.36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/06 11.59.06 | 000,000,000 | ---D | C] -- C:\file sul desktop

[2013/03/05 00.15.08 | 000,000,000 | ---D | C] -- C:\_OTL

[2013/03/04 11.58.46 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\Pulizia Pc

[2013/03/02 19.02.16 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN

[2013/03/02 18.59.36 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\temp

[2013/03/02 18.35.28 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2013/03/02 18.35.27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2013/03/02 18.35.27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2013/03/02 18.35.21 | 000,000,000 | ---D | C] -- C:\ComboFix

[2013/03/01 12.36.18 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT

[2013/03/01 12.36.05 | 000,000,000 | ---D | C] -- C:\JRT

[2013/02/27 12.17.25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe

[2013/02/26 12.29.54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2013/02/25 16.01.00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2013/02/25 16.00.02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2013/02/25 15.59.59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2013/02/25 15.59.59 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

[2013/02/20 11.57.54 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2013/02/19 11.05.35 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{3D494E1A-76DB-444F-BB7E-7F486B63ECD6}

[2013/02/14 11.32.14 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{6257247F-E48E-4159-B9BE-004BB8A2ADF0}

[2013/02/12 12.22.50 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{125987F4-B2FC-47AA-B926-8EC6701DB1F4}

[2013/02/11 12.35.24 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{B72AECCE-8784-4058-A0FC-BD2AFC8EBAE7}

[2013/02/09 20.18.20 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\Ing. Fucci

[2013/02/07 13.32.43 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{A8CAC80D-6928-4A6C-8E19-FB553A7DFFB5}

[2013/02/06 16.35.52 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{E0A705D3-FCBB-43B4-9CCC-F388E2109B26}

[2013/02/05 16.22.23 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{EA87C954-630C-4876-9874-A5867461394F}

[2013/02/04 19.40.28 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\Lavoro

========== Files - Modified Within 30 Days ==========

[2013/03/06 12.16.01 | 000,025,070 | ---- | M] () -- C:\Users\Asus\AppData\Roaming\nvModes.001

[2013/03/06 12.07.08 | 000,001,156 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1417020736-3956469301-586048187-1000UA.job

[2013/03/06 10.57.58 | 000,000,433 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics

[2013/03/06 10.57.38 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2013/03/06 10.57.38 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2013/03/06 10.57.15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/03/06 01.34.27 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2013/03/06 01.07.00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1417020736-3956469301-586048187-1000Core.job

[2013/03/05 18.47.29 | 000,234,220 | ---- | M] () -- C:\Users\Asus\Desktop\SNAG-0001.jpg

[2013/03/05 18.45.58 | 000,290,355 | ---- | M] () -- C:\Users\Asus\Desktop\SNAG-0000.jpg

[2013/03/04 23.55.48 | 000,144,040 | ---- | M] () -- C:\Users\Asus\Desktop\Gnokk_a_zps8e8f183d.png

[2013/03/04 20.24.29 | 000,296,399 | ---- | M] () -- C:\Users\Asus\Desktop\CameraTarget rev_1.pdf

[2013/03/02 18.59.39 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2013/03/02 17.37.02 | 000,715,966 | ---- | M] () -- C:\Windows\System32\perfh010.dat

[2013/03/02 17.37.02 | 000,634,650 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013/03/02 17.37.02 | 000,144,130 | ---- | M] () -- C:\Windows\System32\perfc010.dat

[2013/03/02 17.37.02 | 000,120,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013/02/27 16.56.46 | 000,192,512 | ---- | M] () -- C:\Users\Asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/02/27 12.17.28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe

[2013/02/26 12.57.20 | 000,263,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013/02/25 16.01.00 | 000,001,671 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2013/02/19 20.27.46 | 000,001,709 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk

[2013/02/16 17.42.17 | 000,167,365 | ---- | M] () -- C:\Users\Asus\Desktop\CV[bis].pdf

[2013/02/13 11.39.43 | 000,113,024 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwot.sys

[2013/02/13 11.39.43 | 000,092,448 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwim.sys

========== Files Created - No Company Name ==========

[2013/03/05 18.47.29 | 000,234,220 | ---- | C] () -- C:\Users\Asus\Desktop\SNAG-0001.jpg

[2013/03/05 18.45.58 | 000,290,355 | ---- | C] () -- C:\Users\Asus\Desktop\SNAG-0000.jpg

[2013/03/04 23.55.48 | 000,144,040 | ---- | C] () -- C:\Users\Asus\Desktop\Gnokk_a_ps8e8f183d.png

[2013/03/04 20.24.29 | 000,296,399 | ---- | C] () -- C:\Users\Asus\Desktop\CameraTarget rev_1.pdf

[2013/03/02 18.35.28 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2013/03/02 18.35.28 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2013/03/02 18.35.27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2013/03/02 18.35.27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2013/03/02 18.35.27 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2013/02/25 16.01.00 | 000,001,671 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2013/02/16 18.24.51 | 000,167,365 | ---- | C] () -- C:\Users\Asus\Desktop\CV[bis].pdf

[2012/12/31 18.54.12 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat

[2011/09/04 15.10.10 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

[2011/08/22 00.11.39 | 000,086,056 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat

[2011/05/23 16.29.11 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/05/07 12.25.49 | 000,011,328 | ---- | C] () -- C:\Users\Asus\gsview32.ini

[2010/03/11 18.47.20 | 000,025,070 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\nvModes.001

[2010/03/11 13.16.42 | 000,025,070 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\nvModes.dat

[2010/02/02 17.13.26 | 000,000,377 | ---- | C] () -- C:\Users\Asus\Documenti - collegamento (2).lnk

[2010/01/14 12.31.32 | 000,000,092 | ---- | C] () -- C:\Users\Asus\AppData\Local\fusioncache.dat

[2010/01/08 00.36.13 | 000,000,377 | ---- | C] () -- C:\Users\Asus\Documenti - collegamento.lnk

[2009/11/16 21.52.54 | 000,000,032 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\msdreg.dat

[2009/10/29 20.48.41 | 000,000,600 | ---- | C] () -- C:\Users\Asus\PUTTY.RND

[2009/09/27 11.25.06 | 000,192,512 | ---- | C] () -- C:\Users\Asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/09/23 09.59.06 | 000,000,680 | ---- | C] () -- C:\Users\Asus\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006/11/02 13.54.22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18.47.00 | 011,586,048 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07.28.19 | 000,614,912 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07.28.25 | 000,347,648 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2013/02/07 17.57.16 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Camfrog

[2011/09/03 23.23.49 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\DAEMON Tools Lite

[2013/03/04 11.35.44 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Dropbox

[2011/12/08 22.36.44 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Electronic Arts

[2010/03/30 17.23.16 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Ethereal

[2012/02/16 16.36.17 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Feedreader

[2011/08/18 09.48.42 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\GameRanger

[2010/12/07 18.27.57 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\GlarySoft

[2012/10/28 11.14.21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\HandBrake

[2009/11/22 20.06.21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\InfraRecorder

[2011/09/04 13.49.03 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\IObit

[2010/10/03 18.05.01 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Leadertech

[2010/09/29 14.29.48 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Locktime

[2010/09/28 19.40.51 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\mkvtoolnix

[2009/11/16 21.52.53 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\MSDict

[2010/03/23 23.31.44 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Nokia

[2010/03/01 21.15.57 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\PC Suite

[2009/09/25 13.56.07 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\PCToolsFirewallPlus

[2011/09/26 11.36.46 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\redsn0w

[2009/12/03 16.32.05 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Softland

[2011/09/08 09.58.17 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\SumatraPDF

[2011/09/09 13.51.23 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TeamViewer

[2011/11/22 15.01.52 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TmRecorder

[2012/03/23 11.27.30 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\UDC Profiles

[2013/02/21 17.43.40 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\uTorrent

========== Purity Check ==========

< End of report >

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Ciao goblo

Ripeti questo

Avviare OTL.exe .

  • Copia e incolla il testo scritto all'interno del box quote in analisi personalizzate/correzioni .

:OTL
MOD - C:\Users\Asus\AppData\Local\Temp\sfamcc00001.dll 
MOD - C:\Users\Asus\AppData\Local\Temp\sfareca00001.dll 

:Files
ipconfig /flushdns /c

:Commands
[EMPTYFLASH]
[RESETHOST]
[CREATERESTOREPOINT]
[REBOOT]

    [*] Quindi fare clic su Fix Run situato nella parte superiore.

    [*] Lasciare che il programma esegua senza ostacoli il suo lavoro, quando avra' terminato, si riavviera' in automatico. In caso contrario, si prega di riavviare il sistema manualmente.

    Postare il log che viene rilasciato [/List]

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Ho eseguito quanto detto ma, anche dopo il riavvio, non mi è stato rilasciato alcun log.

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Ri esegui OTL

  • Avvia nuovamente OTL e clicca su Quick scan (senza spuntare LOP e PURITY)
  • Posta il log che verra' prodotto

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti
OTL logfile created on: 10/03/2013 11.55.51 - Run 6

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Asus\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,61% Memory free

4,23 Gb Paging File | 3,02 Gb Available in Paging File | 71,35% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 89,43 Gb Total Space | 30,22 Gb Free Space | 33,79% Space Free | Partition Type: NTFS

Drive D: | 59,62 Gb Total Space | 32,46 Gb Free Space | 54,45% Space Free | Partition Type: NTFS

Computer Name: PC-ASUS | User Name: Asus | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Asus\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)

PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe ()

PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()

PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)

PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()

PRC - C:\Program Files\ATKOSD2\ATKOSD2.exe ()

PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()

PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()

PRC - C:\Windows\System32\niSvcLoc.exe (National Instruments)

========== Modules (No Company Name) ==========

MOD - C:\Users\Asus\AppData\Local\Temp\sfamcc00001.dll ()

MOD - C:\Users\Asus\AppData\Local\Temp\sfareca00001.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.152\PepperFlash\pepflashplayer.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.152\pdf.dll ()

MOD - C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.152\ffmpegsumo.dll ()

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()

MOD - C:\Program Files\WinRAR\rarext.dll ()

========== Services (SafeList) ==========

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)

SRV - (AntiVirMailService) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirFirewallService) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG)

SRV - (SkypeUpdate) -- C:\Program Files\Skype 6\Updater\Updater.exe (Skype Technologies)

SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)

SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)

SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)

SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()

SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)

SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()

SRV - (niSvcLoc) -- C:\Windows\System32\niSvcLoc.exe (National Instruments)

SRV - (NILM License manager) -- C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe (Macrovision Corporation)

========== Driver Services (SafeList) ==========

DRV - (USBModem) -- system32\DRIVERS\lgusbmodem.sys File not found

DRV - (UsbDiag) -- system32\DRIVERS\lgusbdiag.sys File not found

DRV - (usbbus) -- system32\DRIVERS\lgusbbus.sys File not found

DRV - (upperdev) -- system32\DRIVERS\usbser_lowerflt.sys File not found

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found

DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found

DRV - (netr28u) -- system32\DRIVERS\netr28u.sys File not found

DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\RaInfo.sys File not found

DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found

DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found

DRV - (catchme) -- C:\ComboFix\catchme.sys File not found

DRV - (ASInsHelp) -- C:\Windows\system32\drivers\AsInsHelp32.sys File not found

DRV - (avfwot) -- C:\Windows\System32\drivers\avfwot.sys (Avira GmbH)

DRV - (avfwim) -- C:\Windows\System32\drivers\avfwim.sys (Avira GmbH)

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)

DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)

DRV - (LMIRfsClientNP) -- C:\Windows\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)

DRV - (LMIRfsDriver) -- C:\Windows\System32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)

DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)

DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )

DRV - (ivusb) -- C:\Windows\System32\drivers\ivusb.sys (Initio Corporation)

DRV - (Haspnt) -- C:\Windows\System32\drivers\Haspnt.sys (Aladdin Knowledge Systems)

DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)

DRV - (WmFilter) -- C:\Windows\System32\drivers\WmFilter.sys (Logitech Inc.)

DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows ® Codename Longhorn DDK provider)

DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)

DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)

DRV - (JRAID) -- C:\Windows\System32\drivers\jraid.sys (JMicron Technology Corp.)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)

DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()

DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)

DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()

DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )

DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)

DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)

DRV - (Hardlock) -- C:\Windows\System32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)

DRV - (speedfan) -- C:\Windows\System32\speedfan.sys (Windows ® 2000 DDK provider)

DRV - (JGOGO) -- C:\Windows\System32\drivers\JGOGO.sys (JMicron )

DRV - (DS1410D) -- C:\Windows\System32\drivers\DS1410d.SYS (Dallas Semiconductor MAXIM)

DRV - (TIEHDUSB) -- C:\Windows\System32\drivers\tiehdusb.sys (Texas Instruments Incorporated)

DRV - (cvintdrv) -- C:\Windows\System32\drivers\cvintdrv.sys ()

DRV - (giveio) -- C:\Windows\System32\giveio.sys ()

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{F7C67426-58DD-46BC-89CF-076312D1DF4C}: "URL" = http://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "www.libero.it"

FF - prefs.js..extensions.enabledAddons: forcetls%40sid.stamm:3.0.1

FF - prefs.js..extensions.enabledAddons: it-IT%40dictionaries.addons.mozilla.org:3.3.2

FF - prefs.js..extensions.enabledAddons: shan.developer%40gmail.com:1.0.4

FF - prefs.js..extensions.enabledAddons: %7BD4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389%7D:0.9.10

FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0

FF - prefs.js..extensions.enabledAddons: %7B0545b830-f0aa-4d7e-8820-50a4629a56fe%7D:17.6

FF - prefs.js..extensions.enabledAddons: SQLiteManager%40mrinalkant.blogspot.com:0.7.7

FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.6

FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.2

FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8

FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.5.9rc1

FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.6.5

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2

FF - prefs.js..extensions.enabledItems: it-IT@dictionaries.addons.mozilla.org:3.3.1

FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8

FF - prefs.js..extensions.enabledItems: FasterFox_Lite@BigRedBrent:3.9.1Lite

FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2

FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76

FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.2

FF - prefs.js..extensions.enabledItems: shan.developer@gmail.com:1.0.4

FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5

FF - prefs.js..extensions.enabledItems: lcdclock_bloodeye@gmail.com:0.4.2

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: forcetls@sid.stamm:3.0.0

FF - prefs.js..extensions.enabledItems: firesheep@codebutler.com:0.1

FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76

FF - prefs.js..network.proxy.type: 0

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files\Battlelog Web Plugins\1.140.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)

FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Asus\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Asus\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Asus\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/08 11.42.53 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/08 11.42.21 | 000,000,000 | ---D | M]

[2009/12/27 19.52.50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Extensions

[2009/12/27 19.52.50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

[2013/03/06 13.37.14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions

[2012/12/24 17.45.25 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}

[2013/02/14 17.26.35 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

[2012/09/26 09.44.14 | 000,000,000 | ---D | M] (Fasterfox Lite) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\FasterFox_Lite@BigRedBrent

[2012/03/13 12.10.51 | 000,000,000 | ---D | M] (Dizionario italiano) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\it-IT@dictionaries.addons.mozilla.org

[2011/03/20 00.30.25 | 000,000,000 | ---D | M] (Rights To Close) -- C:\Users\Asus\AppData\Roaming\mozilla\Firefox\Profiles\78ljeyi4.default\extensions\shan.developer@gmail.com

[2012/05/10 17.02.48 | 000,114,012 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\forcetls@sid.stamm.xpi

[2013/03/06 13.37.14 | 000,386,363 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\personas@christopher.beard.xpi

[2012/01/12 17.31.19 | 000,165,730 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\simpletimerClocks@grbradt.org.xpi

[2012/12/27 12.44.13 | 000,255,318 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\SQLiteManager@mrinalkant.blogspot.com.xpi

[2013/03/02 19.36.11 | 000,532,389 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

[2013/02/25 11.09.08 | 000,115,869 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi

[2013/02/14 12.00.25 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2011/10/30 21.34.13 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi

[2013/02/28 11.40.04 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\78ljeyi4.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

[2013/03/08 11.42.20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2009/09/26 09.52.14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

[2013/03/08 11.42.53 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012/12/07 13.29.11 | 000,001,606 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-it.xml

[2012/08/29 16.04.29 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012/12/07 13.29.11 | 000,000,957 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-it.xml

[2012/12/07 13.29.11 | 000,001,030 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\hoepli.xml

[2012/12/07 13.29.11 | 000,001,395 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-it.xml

[2012/12/07 13.29.11 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-it.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: http://www.google.com/

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Asus\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.152\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Asus\AppData\Local\Google\Chrome\Application\25.0.1364.152\pdf.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL

CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - plugin: Java Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll

CHR - plugin: SumatraPDF Browser Plugin (Enabled) = C:\Program Files\SumatraPDF\npPdfViewer.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Unity Player (Enabled) = C:\Users\Asus\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Asus\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: TM Auxiliary - Menu Hover Test = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgmjobecnlhmffchebancgllopccbgb\1.0.1_0\

CHR - Extension: TM Auxiliary - Player Page = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\agfpmcanjhhjojjgaifcfahjeklkkjkk\1.0.1_0\

CHR - Extension: Splendid = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfkbdkkfmmckaadapdipihjfaacnkgd\3_0\

CHR - Extension: YouTube = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\

CHR - Extension: Ricerca Google = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\

CHR - Extension: AdBlock = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\

CHR - Extension: TM Auxiliary - Player List = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\oianljogbaebheldjhiemnfkpmggkfee\1.0.0_0\

CHR - Extension: TM Auxiliary - Advanced Training Overview = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\omnolpjpemgjdjfpidfhjlipjmhkdabe\1.0.2_2\

CHR - Extension: Gmail = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/03/02 18.59.39 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - Startup: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found

O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7628A306-FEFA-47FB-9F4B-AA1241714552}: NameServer = 193.70.152.15,193.70.152.25

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (C:\Windows\System32\guard32.dll) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Asus\AppData\Roaming\Microsoft\Windows Photo Gallery\Sfondo della Raccolta foto Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\Asus\AppData\Roaming\Microsoft\Windows Photo Gallery\Sfondo della Raccolta foto Windows.jpg

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 22.43.36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/08 11.42.19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2013/03/07 23.53.43 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{BDD2A772-D3FC-4FEC-B31E-914CD9F1B416}

[2013/03/06 11.59.06 | 000,000,000 | ---D | C] -- C:\file sul desktop

[2013/03/05 00.15.08 | 000,000,000 | ---D | C] -- C:\_OTL

[2013/03/04 11.58.46 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\Pulizia Pc

[2013/03/02 19.02.16 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN

[2013/03/02 18.59.36 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\temp

[2013/03/02 18.35.28 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2013/03/02 18.35.27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2013/03/02 18.35.27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2013/03/02 18.35.21 | 000,000,000 | ---D | C] -- C:\ComboFix

[2013/03/01 12.36.18 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT

[2013/03/01 12.36.05 | 000,000,000 | ---D | C] -- C:\JRT

[2013/02/27 12.17.25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe

[2013/02/26 12.29.54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2013/02/25 16.01.00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2013/02/25 16.00.02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2013/02/25 15.59.59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2013/02/25 15.59.59 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

[2013/02/19 11.05.35 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{3D494E1A-76DB-444F-BB7E-7F486B63ECD6}

[2013/02/14 11.32.14 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{6257247F-E48E-4159-B9BE-004BB8A2ADF0}

[2013/02/12 12.22.50 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{125987F4-B2FC-47AA-B926-8EC6701DB1F4}

[2013/02/11 12.35.24 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\{B72AECCE-8784-4058-A0FC-BD2AFC8EBAE7}

[2013/02/09 20.18.20 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\Ing. Fucci

========== Files - Modified Within 30 Days ==========

[2013/03/10 11.07.01 | 000,001,156 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1417020736-3956469301-586048187-1000UA.job

[2013/03/10 10.37.21 | 000,000,432 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics

[2013/03/10 10.36.58 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2013/03/10 10.36.58 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2013/03/10 10.36.29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/03/10 01.19.48 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2013/03/10 01.13.50 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1417020736-3956469301-586048187-1000Core.job

[2013/03/08 19.31.23 | 000,193,024 | ---- | M] () -- C:\Users\Asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/03/08 11.22.03 | 000,025,070 | ---- | M] () -- C:\Users\Asus\AppData\Roaming\nvModes.001

[2013/03/07 11.28.29 | 000,153,334 | ---- | M] () -- C:\Users\Asus\Documents\ip powerline.jpg

[2013/03/06 16.19.32 | 000,001,699 | ---- | M] () -- C:\Users\Asus\Desktop\Notepad.lnk

[2013/03/02 18.59.39 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2013/03/02 17.37.02 | 000,715,966 | ---- | M] () -- C:\Windows\System32\perfh010.dat

[2013/03/02 17.37.02 | 000,634,650 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013/03/02 17.37.02 | 000,144,130 | ---- | M] () -- C:\Windows\System32\perfc010.dat

[2013/03/02 17.37.02 | 000,120,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013/02/27 12.17.28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe

[2013/02/26 12.57.20 | 000,263,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013/02/25 16.01.00 | 000,001,671 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2013/02/19 20.27.46 | 000,001,709 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk

[2013/02/16 17.42.17 | 000,167,365 | ---- | M] () -- C:\Users\Asus\Desktop\CV[bPL].pdf

[2013/02/13 11.39.43 | 000,113,024 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwot.sys

[2013/02/13 11.39.43 | 000,092,448 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwim.sys

========== Files Created - No Company Name ==========

[2013/03/07 11.28.29 | 000,153,334 | ---- | C] () -- C:\Users\Asus\Documents\ip powerline.jpg

[2013/03/06 16.19.32 | 000,001,699 | ---- | C] () -- C:\Users\Asus\Desktop\Notepad.lnk

[2013/03/02 18.35.28 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2013/03/02 18.35.28 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2013/03/02 18.35.27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2013/03/02 18.35.27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2013/03/02 18.35.27 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2013/02/25 16.01.00 | 000,001,671 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2013/02/16 18.24.51 | 000,167,365 | ---- | C] () -- C:\Users\Asus\Desktop\CV[bPL].pdf

[2012/12/31 18.54.12 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat

[2011/09/04 15.10.10 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

[2011/08/22 00.11.39 | 000,086,056 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat

[2011/05/23 16.29.11 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/05/07 12.25.49 | 000,011,328 | ---- | C] () -- C:\Users\Asus\gsview32.ini

[2010/03/11 18.47.20 | 000,025,070 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\nvModes.001

[2010/03/11 13.16.42 | 000,025,070 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\nvModes.dat

[2010/02/02 17.13.26 | 000,000,377 | ---- | C] () -- C:\Users\Asus\Documenti - collegamento (2).lnk

[2010/01/14 12.31.32 | 000,000,092 | ---- | C] () -- C:\Users\Asus\AppData\Local\fusioncache.dat

[2010/01/08 00.36.13 | 000,000,377 | ---- | C] () -- C:\Users\Asus\Documenti - collegamento.lnk

[2009/11/16 21.52.54 | 000,000,032 | ---- | C] () -- C:\Users\Asus\AppData\Roaming\msdreg.dat

[2009/10/29 20.48.41 | 000,000,600 | ---- | C] () -- C:\Users\Asus\PUTTY.RND

[2009/09/27 11.25.06 | 000,193,024 | ---- | C] () -- C:\Users\Asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/09/23 09.59.06 | 000,000,680 | ---- | C] () -- C:\Users\Asus\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006/11/02 13.54.22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18.47.00 | 011,586,048 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07.28.19 | 000,614,912 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07.28.25 | 000,347,648 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2013/02/07 17.57.16 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Camfrog

[2011/09/03 23.23.49 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\DAEMON Tools Lite

[2013/03/09 20.00.07 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Dropbox

[2011/12/08 22.36.44 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Electronic Arts

[2010/03/30 17.23.16 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Ethereal

[2012/02/16 16.36.17 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Feedreader

[2011/08/18 09.48.42 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\GameRanger

[2010/12/07 18.27.57 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\GlarySoft

[2012/10/28 11.14.21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\HandBrake

[2009/11/22 20.06.21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\InfraRecorder

[2011/09/04 13.49.03 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\IObit

[2010/10/03 18.05.01 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Leadertech

[2010/09/29 14.29.48 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Locktime

[2010/09/28 19.40.51 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\mkvtoolnix

[2009/11/16 21.52.53 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\MSDict

[2010/03/23 23.31.44 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Nokia

[2010/03/01 21.15.57 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\PC Suite

[2009/09/25 13.56.07 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\PCToolsFirewallPlus

[2011/09/26 11.36.46 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\redsn0w

[2009/12/03 16.32.05 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Softland

[2011/09/08 09.58.17 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\SumatraPDF

[2011/09/09 13.51.23 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TeamViewer

[2011/11/22 15.01.52 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TmRecorder

[2012/03/23 11.27.30 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\UDC Profiles

[2013/02/21 17.43.40 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\uTorrent

========== Purity Check ==========

< End of report >

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Crea un account o accedi per lasciare un commento

Devi essere un utente registrato per partecipare

Crea un account

Iscriviti per un nuovo account nella nostra community. È facile!


Registra un nuovo account

Accedi

Sei già registrato? Accedi qui.


Accedi Ora