Divina

Controllo Log Hijackthis

11 messaggi in questa discussione

Buonasera, ho problemi con internet Explorer , è molto lento e non apre alcuni siti ne video si blocca e aggiorna la pagina molto spesso, problemi che con firefox non ho, allego log hijackthis.Grazie

hijackthis.log

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

ho aggiornato Explorer alla versione 10 , ma il problema l avevo anche con 8 flash player è aggiornato e anche java all' ultima versione

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Ciao Divina :)

Perché non proviamo ad andare con ordine?

Segui i miei passi:

OTL

  • Scarica OTL By OldTimer: http://oldtimer.geekstogo.com/OTL.exe
  • Fare doppio clic sull'icona per eseguirlo
  • Quando appare la schermata di OTL, in alto nel box Output modificare in Minimal output.
  • Mettere un segno di spunta alle voci "LOP Check e Purity Check"
  • Nel box Custom scan fixes incolla le seguenti direttive:

      netsvcs
      drivers32
      %SYSTEMDRIVE%\*.*
      %systemroot%\Fonts\*.com
      %systemroot%\Fonts\*.dll
      %systemroot%\Fonts\*.ini
      %systemroot%\Fonts\*.ini2
      %systemroot%\Fonts\*.exe
      %systemroot%\system32\spool\prtprocs\w32x86\*.*
      %systemroot%\REPAIR\*.bak1
      %systemroot%\REPAIR\*.ini
      %systemroot%\system32\*.jpg
      %systemroot%\*.jpg
      %systemroot%\*.png
      %systemroot%\*.scr
      %systemroot%\*._sy
      %APPDATA%\Adobe\Update\*.*
      %ALLUSERSPROFILE%\Favorites\*.*
      %APPDATA%\Microsoft\*.*
      %PROGRAMFILES%\*.*
      %APPDATA%\Update\*.*
      %systemroot%\*. /mp /s
      CREATERESTOREPOINT
      %systemroot%\System32\config\*.sav
      %PROGRAMFILES%\bak. /s
      %systemroot%\system32\bak. /s
      %ALLUSERSPROFILE%\Start Menu\*.lnk /x
      %systemroot%\system32\config\systemprofile\*.dat /x
      %systemroot%\*.config
      %systemroot%\system32\*.db
      %PROGRAMFILES%\Internet Explorer\*.dat
      %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
      %USERPROFILE%\Desktop\*.exe
      %PROGRAMFILES%\Common Files\*.*
      %systemroot%\*.src
      %systemroot%\install\*.*
      %systemroot%\system32\DLL\*.*
      %systemroot%\system32\HelpFiles\*.*
      %systemroot%\system32\rundll\*.*
      %systemroot%\winn32\*.*
      %systemroot%\Java\*.*
      %systemroot%\system32\test\*.*
      %systemroot%\system32\Rundll32\*.*
      %systemroot%\AppPatch\Custom\*.*
      HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Fare clic sul pulsante Run Scan situato in alto a sinistra. Non modificare le impostazioni se non istruiti a farlo. La scansione durera' un bel po' , abbiate pazienza.
    • Quando la scansione è completata, si apriranno due finestre notepad. OTL.Txt e Extras.Txt.
    • Questi sono salvati nella stessa posizione dove si trova OTL.
    • Si prega di copiare (Edit-> Seleziona tutto, Modifica-> Copia) il contenuto di questi file, uno alla volta, e postarli nella successiva risposta.
    • Potrebbero essere necessari due post.

Scarica aswMBR.exe e salvalo sul tuo desktop.

  • Doppio click sua swMBR.exe per avviare il tool. (Vista/Windows 7 - click destro, Esegui come amministratore)
  • Click Scan
  • Al termine della scansione clicca su Save log salvalo sul tuo desktop, e postalo nella tua prossima risposta.
  • Attenzione: non eseguire nessun fix.
  • Noterete anche un altro file creato sul desktop denominatoMBR.dat. Tasto destro del mouse al file e selezionare Invia a> file compresso (zip) . Allega anche il file compresso nella tua prossima risposta .

Attenzione: Non allegare i log, ma fai copia incolla del contenuto di ognuno di esso. Potresti aver bisogno di piu' post

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

OTL logfile created on: 10/04/2013 23:43:16 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Franca\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16540)

Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3,93 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 50,41% Memory free

7,86 Gb Paging File | 5,20 Gb Available in Paging File | 66,21% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 448,85 Gb Total Space | 352,66 Gb Free Space | 78,57% Space Free | Partition Type: NTFS

Drive D: | 16,61 Gb Total Space | 2,71 Gb Free Space | 16,30% Space Free | Partition Type: NTFS

Drive E: | 99,02 Mb Total Space | 95,10 Mb Free Space | 96,04% Space Free | Partition Type: FAT32

Computer Name: FRABA-PC | User Name: Franca | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/10 23:40:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Franca\Desktop\OTL.exe

PRC - [2013/03/15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

PRC - [2013/01/29 15:28:32 | 000,188,760 | ---- | M] () -- C:\Programmi\Web Assistant\ExtensionUpdaterService.exe

PRC - [2013/01/26 08:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Franca\AppData\Local\Akamai\netsession_win.exe

PRC - [2012/12/18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2012/08/13 21:05:23 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2012/08/13 21:05:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2012/08/13 21:05:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2011/12/16 18:44:50 | 000,762,368 | ---- | M] (PService) -- C:\Users\Public\Documents\AppData\PoApp\PService.exe

PRC - [2011/11/03 20:25:08 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

PRC - [2010/09/08 16:44:16 | 000,008,704 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

PRC - [2010/08/25 12:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

PRC - [2010/05/21 13:27:04 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe

PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

PRC - [2009/10/06 23:56:44 | 000,415,016 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe

PRC - [2009/10/06 00:08:42 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

PRC - [2008/04/14 15:35:46 | 001,519,616 | ---- | M] () -- C:\Program Files (x86)\DIKOM Multimedia\HyperMediaCenter\DTVR\Scheduled.exe

PRC - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

========== Modules (No Company Name) ==========

MOD - [2013/01/29 15:28:32 | 000,170,840 | ---- | M] () -- C:\Programmi\Web Assistant\Extension32.dll

MOD - [2012/12/12 07:32:26 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

MOD - [2012/10/05 12:53:24 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

MOD - [2012/10/05 12:53:24 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

MOD - [2012/08/31 12:59:19 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

MOD - [2010/11/13 01:50:53 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll

MOD - [2010/11/05 03:58:14 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll

MOD - [2010/11/05 03:58:10 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

MOD - [2010/11/05 03:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

MOD - [2010/11/05 03:58:04 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll

MOD - [2010/11/05 03:57:46 | 000,610,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

MOD - [2009/10/06 23:57:02 | 000,279,976 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll

MOD - [2009/10/06 23:57:02 | 000,120,232 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll

MOD - [2009/10/06 23:57:00 | 000,464,168 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll

MOD - [2009/10/06 00:08:38 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll

MOD - [2009/06/10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

MOD - [2008/04/14 15:35:46 | 001,519,616 | ---- | M] () -- C:\Program Files (x86)\DIKOM Multimedia\HyperMediaCenter\DTVR\Scheduled.exe

MOD - [2003/09/10 04:42:28 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\DIKOM Multimedia\HyperMediaCenter\DTVR\kwspnd.dll

========== Services (SafeList) ==========

SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)

SRV:64bit: - [2010/03/23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe -- (STacSV)

SRV:64bit: - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)

SRV - [2013/04/06 00:28:51 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/03/25 16:23:44 | 004,561,152 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll -- (Akamai)

SRV - [2013/03/15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2013/03/09 19:37:46 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013/03/01 12:11:32 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013/01/29 15:28:32 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Programmi\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)

SRV - [2012/12/18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012/08/13 21:05:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2012/08/13 21:05:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2012/07/11 20:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programmi\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)

SRV - [2012/04/23 15:43:10 | 000,161,280 | ---- | M] (SoftwareUpdService) [Auto | Stopped] -- C:\Users\Franca\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe -- (SoftwareUpd)

SRV - [2012/04/03 19:59:46 | 000,169,472 | ---- | M] (PowerOfferService) [Auto | Stopped] -- C:\Users\Franca\AppData\Local\PosService\Pos.exe -- (PowerOffer Service)

SRV - [2011/12/16 18:44:48 | 000,156,160 | ---- | M] (ServiceUpd) [Auto | Stopped] -- C:\Users\Franca\AppData\Local\ServUpdater\ServiceUpd.exe -- (ServUpdater)

SRV - [2011/11/03 20:25:08 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)

SRV - [2011/03/28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programmi\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV - [2010/09/08 16:44:16 | 000,008,704 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)

SRV - [2010/05/21 13:27:04 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)

SRV - [2010/03/23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe -- (STacSV)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/06/06 02:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)

SRV - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)

SRV - [2009/02/22 13:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)

SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/12/19 07:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/08/23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2012/08/13 21:05:23 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2012/08/13 21:05:23 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2012/05/02 15:24:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)

DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/10/14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2011/08/08 20:13:12 | 000,198,480 | ---- | M] (SysProgs.org) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BazisVirtualCDBus.sys -- (BazisVirtualCDBus)

DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)

DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)

DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)

DRV:64bit: - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010/09/01 14:33:12 | 000,088,064 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cdc_ecm.sys -- (vodafone_K3805-z_cdc_ecm)

DRV:64bit: - [2010/09/01 14:33:12 | 000,078,336 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cdc_acm.sys -- (vodafone_K3805-z_cdc_acm)

DRV:64bit: - [2010/09/01 14:33:12 | 000,075,776 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)

DRV:64bit: - [2010/09/01 14:33:12 | 000,013,824 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cpo.sys -- (vodafone_K3805-z_cpo)

DRV:64bit: - [2010/03/23 14:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)

DRV:64bit: - [2010/01/05 02:29:01 | 002,838,008 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2009/10/03 05:58:12 | 000,258,560 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2009/08/08 06:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009/07/21 05:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)

DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/29 20:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)

DRV:64bit: - [2009/06/10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)

DRV:64bit: - [2009/06/10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)

DRV:64bit: - [2009/06/10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)

DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009/06/10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)

DRV:64bit: - [2009/06/10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)

DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/04/29 09:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)

DRV - [2011/07/22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programmi\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)

DRV - [2011/07/12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programmi\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)

DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {A38A93E6-3884-4CEA-8070-78B0654536AE}

IE:64bit: - HKLM\..\SearchScopes\{A38A93E6-3884-4CEA-8070-78B0654536AE}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKLM\..\URLSearchHook: - No CLSID value found

IE - HKLM\..\URLSearchHook: {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTo0.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found

IE - HKLM\..\SearchScopes,DefaultScope = {A38A93E6-3884-4CEA-8070-78B0654536AE}

IE - HKLM\..\SearchScopes\{A38A93E6-3884-4CEA-8070-78B0654536AE}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.igoogle.it/

IE - HKCU\..\SearchScopes,DefaultScope = {9E78F5CC-9671-4F76-9E03-863D0EC2C0B1}

IE - HKCU\..\SearchScopes\{9E78F5CC-9671-4F76-9E03-863D0EC2C0B1}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}

IE - HKCU\..\SearchScopes\{A2BE91B7-047F-49E9-AC3F-77311F907DE4}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=it_IT&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^IT&apn_uid=7E3DBA4C-FB6D-4856-8B09-3CC096E92B8F&apn_sauid=CDACA0AF-0A8D-4FC1-8FE8-EFB932C8173C

IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716

IE - HKCU\..\SearchScopes\{CC89926C-B516-4F89-A64F-847B3C15FC99}: "URL" = http://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "Ask.com"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=198484"

FF - prefs.js..browser.search.selectedEngine: "Ask.com"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "www.igoogle.it"

FF - prefs.js..extensions.enabledAddons: ffxtlbr%40incredibar.com:1.5.0

FF - prefs.js..extensions.enabledAddons: %7BFE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052%7D:2.0.0.573

FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.3

FF - prefs.js..extensions.enabledAddons: %7B3e0c7f3a-3f50-4730-beb5-4a9a10e2831c%7D:8.0

FF - prefs.js..extensions.enabledAddons: bbrs_002%40blabbers.com:1.0.5

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2013/03/01 17:48:08 | 000,000,000 | ---D | M]

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2013/03/01 17:48:08 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2013/03/01 17:48:08 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\Web Assistant\Firefox [2013/03/01 17:48:08 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/09 19:37:46 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/09 19:37:46 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/04/01 22:45:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\Extensions

[2013/04/08 22:27:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions

[2013/03/30 00:48:22 | 000,000,000 | ---D | M] (Browser Backgrounds) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\{3e0c7f3a-3f50-4730-beb5-4a9a10e2831c}

[2012/09/25 12:01:01 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

[2012/06/18 21:00:33 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}

[2012/11/24 20:20:13 | 000,000,000 | ---D | M] (Ginyas Browser Companion) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com

[2012/06/12 00:15:30 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\ffxtlbr@incredibar.com

[2013/04/08 22:27:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\Firefox\Profiles\b88nvzvs.default\extensions\staged

[2012/06/01 13:58:48 | 000,002,933 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\clocktab@vik.josh.xpi

[2013/02/17 19:42:23 | 000,015,751 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\restartless.restart@erikvold.com.xpi

[2013/03/30 00:48:19 | 000,117,153 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi

[2013/01/11 22:31:21 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\00fa8af3e1afacabf63912c667597b88_expire

[2013/04/04 19:24:43 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire

[2013/02/02 21:53:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0bb66476c57d47d5a6fb7e7674377c0d_expire

[2013/04/06 00:06:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\1048fa0383ec8c1a4365d4bd4fed1de5_expire

[2013/03/30 13:56:42 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\13d5beed7af8587c97041140898f20fb_expire

[2013/03/09 19:18:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\1d8715bd00dbafbff504a0b9666c85e1_expire

[2013/02/02 22:58:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\21fdaa9a4d00888fb89ab4150c475afe_expire

[2013/03/30 00:38:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2328e1768b820b18ab2f301c9ff88e2c_expire

[2013/03/30 00:37:59 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658_expire

[2012/09/25 11:55:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\29707677b08fb26b2f65143134a1da51_expire

[2012/09/25 11:55:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\35c5ead7c694459d2b46d88482247348_expire

[2013/04/08 22:23:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4bb79f13c77b1255dc49f0d657dfac7d_expire

[2013/02/02 22:58:18 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4be754d05a1a132121d9fdfa869a2fe3_expire

[2013/04/08 22:23:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26be41f_expire

[2013/04/08 22:23:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4f58276013e8b7af7d3fbf813163d5c3_expire

[2013/04/08 22:23:27 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\530e52021dc20843b1aa62957edeb9f8_expire

[2013/01/11 22:52:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\57946d7296214a969f57f809acbbb2c9_expire

[2013/03/30 00:38:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5c07ce6ac7fa7b9ff2f3fd7a4d77eef8_expire

[2013/02/02 21:53:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5ccbc7d24e3f98d4fb183f06f125b58b_expire

[2013/04/08 22:23:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5cdf8a7ef2ec84abac286c67587b78d9_expire

[2013/03/30 00:38:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\6fdfbada841d5c35ed7e4cc440ebc0f7_expire

[2013/01/07 13:03:16 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\719f6985083c6f0c2a8fef7aa1f75d63_expire

[2013/03/30 13:56:43 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\72891ec935a3d247f2da6562ef29a005_expire

[2013/03/30 00:38:00 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\79fb7d8c9c120c501ff74f2666f1ed76_expire

[2013/01/11 22:31:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9238b45def093d2a9a5c06fb11a3c4e3_expire

[2012/09/25 11:55:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9927ebf7c3c498c96c52b76f3a964e84_expire

[2013/01/11 22:31:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\99a397b5eee6f1b4c020f519b74db96d_expire

[2013/02/17 19:40:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9ef5e4c08312c8e6d81dfd42b7176e39_expire

[2012/09/25 11:55:01 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a3305b130a0ed11cd68c58b262aa95b3_expire

[2013/03/30 13:56:42 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0_expire

[2013/01/11 22:31:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\adf275b6644b3fcac86a14ffe551dede_expire

[2012/09/25 11:55:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\be618ea2f4f463a305fc75d122f2d990_expire

[2013/02/17 19:40:23 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\c5538e5049ca9b04ad62d9a930947369_expire

[2013/02/02 21:53:23 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ca7645042096dd3cfadc42109c394f16_expire

[2013/03/09 19:18:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ceec6e4f46abde15a7f2536a318f4cfd_expire

[2013/04/08 22:23:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e440d29f88739418e905adc0a155a174_expire

[2013/04/08 22:23:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e5261abf2e11d65922ee31bdca03dca7_expire

[2013/04/06 00:06:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e7d8325da90d91d3c4e7720f0e629e17_expire

[2013/04/08 22:23:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e4264271_expire

[2012/09/25 11:55:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ece71b71690fad200cbed95871ef4bb2_expire

[2013/03/30 00:38:00 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ee1ab4cb8e86769e288abaa46407a623_expire

[2013/04/06 00:06:17 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f03527c67e08602d2e4c18ae7867300d_expire

[2013/04/08 22:23:25 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f2bead22a65ec461e339f02da757d445_expire

[2013/04/08 22:23:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire

[2013/04/08 22:23:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire

[2013/04/05 20:15:11 | 000,002,308 | ---- | M] () -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\searchplugins\askcom.xml

[2013/03/30 00:41:51 | 000,000,950 | ---- | M] () -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\searchplugins\icqplugin.xml

[2012/06/12 00:15:17 | 000,002,203 | ---- | M] () -- C:\Users\Franca\AppData\Roaming\mozilla\firefox\profiles\b88nvzvs.default\searchplugins\MyStart Search.xml

[2013/03/09 19:37:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2013/03/09 19:37:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

[2013/03/09 19:37:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

[2013/03/09 19:37:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

[2013/03/01 17:48:08 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX

[2013/03/09 19:37:46 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2013/03/02 14:06:40 | 000,001,606 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-it.xml

[2013/03/02 14:06:40 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2013/03/02 14:06:40 | 000,000,957 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-it.xml

[2013/03/02 14:06:40 | 000,001,030 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\hoepli.xml

[2013/03/02 14:06:40 | 000,001,395 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-it.xml

[2013/03/02 14:06:40 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-it.xml

O1 HOSTS File: ([2013/04/07 19:00:20 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programmi\Web Assistant\Extension32.dll ()

O2 - BHO: (uTorrentBar_IT Toolbar) - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTo0.dll (Conduit Ltd.)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (no name) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - No CLSID value found.

O3 - HKLM\..\Toolbar: (uTorrentBar_IT Toolbar) - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTo0.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar_IT Toolbar) - {4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1} - C:\Program Files (x86)\uTorrentBar_IT\prxtbuTo0.dll (Conduit Ltd.)

O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Programmi\IDT\WDM\sttray64.exe (IDT, Inc.)

O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)

O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe (PLauncher)

O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Franca\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)

O4 - HKCU..\Run: [Center Agent] C:\Program Files (x86)\DIKOM Multimedia\HyperMediaCenter\DTVR\Scheduled.exe ()

O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Programmi\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0

O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found

O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found

O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O15 - HKCU\..Trusted Domains: aeriagames.com ([]http in Siti attendibili)

O15 - HKCU\..Trusted Domains: aeriagames.com ([]https in Siti attendibili)

O15 - HKCU\..Trusted Domains: youtube.com ([www] http in Siti attendibili)

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/it/uno1/GAME_UNO1.cab (UnoCtrl Class)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{461EB543-71D3-4E92-BEDB-06A665E5432B}: NameServer = 8.8.8.8,8.8.4.4

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73F93469-9074-41D9-AE3B-1154ECED3CF7}: NameServer = 8.8.8.8,8.8.4.4

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A2D148E-8E75-4A62-AD35-1F274715FA59}: NameServer = 8.8.8.8,8.8.4.4

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C0FA287-443A-4137-AB42-A57F6C71F1B8}: NameServer = 8.8.8.8,8.8.4.4

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7C42932-7359-4F77-BF61-BB04DE227884}: NameServer = 8.8.8.8,8.8.4.4

O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\livecall - No CLSID value found

O18 - Protocol\Handler\msnim - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18:64bit: - Protocol\Filter ext/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.dvacm - C:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm (Corel TW Corp.)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.MPEGacm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)

Drivers32: msacm.ulmp3acm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/04/10 23:40:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Franca\Desktop\OTL.exe

[2013/04/10 20:08:13 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2013/04/10 20:08:12 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2013/04/10 20:08:12 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2013/04/10 20:08:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2013/04/10 20:08:10 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2013/04/10 20:08:10 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2013/04/10 20:08:10 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2013/04/10 20:08:10 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2013/04/10 20:08:10 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2013/04/10 20:08:10 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2013/04/10 20:08:10 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2013/04/10 20:08:09 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2013/04/10 20:08:07 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2013/04/10 20:08:07 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2013/04/10 20:08:05 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2013/04/10 12:06:46 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2013/04/10 12:06:44 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2013/04/10 12:06:43 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2013/04/10 12:06:42 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe

[2013/04/10 12:06:42 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll

[2013/04/10 12:06:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll

[2013/04/07 19:13:33 | 000,000,000 | ---D | C] -- C:\Users\Franca\AppData\Roaming\SUPERAntiSpyware.com

[2013/04/07 19:13:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

[2013/04/07 19:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com

[2013/04/07 19:13:24 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[2013/04/07 19:01:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2013/04/07 19:00:19 | 000,000,000 | ---D | C] -- C:\Windows emp

[2013/04/07 18:41:36 | 000,000,000 | ---D | C] -- C:\Users\Franca\Desktop\cugintour 6 aprile 2013

[2013/04/06 00:28:51 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2013/04/06 00:28:51 | 000,073,432 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2013/04/05 17:26:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2013/04/05 17:26:14 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2013/04/05 17:26:06 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2013/04/05 17:26:06 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2013/04/05 17:26:06 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2013/04/05 16:36:15 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe

[2013/04/05 16:36:15 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll

[2013/04/05 16:36:15 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll

[2013/04/05 16:36:15 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll

[2013/04/05 16:36:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2013/04/05 16:36:15 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2013/04/05 16:36:15 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2013/04/05 16:36:15 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2013/04/05 16:36:15 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2013/04/05 16:36:15 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2013/04/05 16:36:15 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2013/04/05 16:36:15 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2013/04/05 16:36:14 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2013/04/05 16:36:14 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2013/04/05 16:36:14 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2013/04/05 16:36:14 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2013/04/05 16:36:14 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2013/04/05 16:36:14 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2013/04/05 16:36:14 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2013/04/05 16:36:14 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2013/04/05 16:36:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2013/04/05 16:36:14 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2013/04/05 16:36:14 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2013/04/05 16:36:14 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2013/04/05 16:36:14 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2013/04/05 16:36:14 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64 dc.ocx

[2013/04/05 16:36:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2013/04/05 16:36:14 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2013/04/05 16:36:14 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2013/04/05 16:36:13 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2013/04/05 16:36:13 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2013/04/05 16:36:13 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll

[2013/04/05 16:36:13 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2013/04/05 16:36:13 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2013/04/05 16:36:13 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2013/04/05 16:36:13 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2013/04/05 16:36:13 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2013/04/05 16:36:13 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2013/04/05 16:36:13 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2013/04/05 16:36:13 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2013/04/05 16:36:13 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2013/04/05 16:36:13 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2013/04/05 16:36:13 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2013/04/05 16:36:13 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2013/04/05 16:36:13 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2013/04/05 16:36:13 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2013/04/05 16:36:13 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative dc.ocx

[2013/04/05 16:36:13 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2013/04/05 16:36:13 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2013/04/05 16:36:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2013/04/05 16:36:13 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2013/04/05 16:36:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2013/04/05 16:36:13 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2013/04/05 15:57:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

[2013/03/28 12:04:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies

[2013/03/28 12:01:22 | 000,194,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys

[2013/03/28 12:01:22 | 000,031,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll

[2013/03/28 12:01:21 | 026,956,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2013/03/28 12:01:21 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2013/03/28 12:01:21 | 020,542,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2013/03/28 12:01:21 | 017,990,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2013/03/28 12:01:21 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2013/03/28 12:01:21 | 013,088,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll

[2013/03/28 12:01:21 | 009,414,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2013/03/28 12:01:21 | 007,959,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2013/03/28 12:01:21 | 007,573,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll

[2013/03/28 12:01:21 | 006,271,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll

[2013/03/28 12:01:21 | 002,913,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2013/03/28 12:01:21 | 002,728,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2013/03/28 12:01:21 | 002,539,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll

[2013/03/28 12:01:21 | 002,355,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2013/03/28 12:01:21 | 001,995,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2013/03/28 12:01:21 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6431422.dll

[2013/03/28 12:01:21 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6431422.dll

[2013/03/26 01:20:12 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys

[2013/03/18 09:43:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecurityXploded

[2013/03/14 15:44:08 | 000,000,000 | ---D | C] -- C:\Users\Franca\AppData\Roaming\Apple Computer

[2012/12/31 15:34:06 | 008,358,176 | ---- | C] (Burnaware Technologies ) -- C:\Users\Franca\burnaware_free.exe

[2011/03/21 23:08:51 | 000,399,736 | ---- | C] (BitTorrent, Inc.) -- C:\Users\Franca\utorrent.exe

[2010/10/29 15:46:50 | 001,162,064 | ---- | C] (Microsoft Corporation) -- C:\Users\Franca\wlsetup-web-14.0.8091.0730.exe

[2 C:\*.tmp files -> C:\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/04/10 23:40:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Franca\Desktop\OTL.exe

[2013/04/10 22:54:00 | 000,000,978 | ---- | M] () -- C:\Windows asks\Adobe Flash Player Updater.job

[2013/04/10 22:10:00 | 000,000,928 | ---- | M] () -- C:\Windows asks\GinyasBrowserCompanion Update Checker.job

[2013/04/10 21:50:00 | 000,000,996 | ---- | M] () -- C:\Windows asks\GinyasBrowserCompanion Stats Report.job

[2013/04/10 20:29:36 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013/04/10 20:29:36 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013/04/10 20:22:49 | 000,000,996 | ---- | M] () -- C:\Windows asks\GinyasBrowserCompanion Chrome Watcher.job

[2013/04/10 20:22:47 | 000,000,996 | ---- | M] () -- C:\Windows asks\GinyasBrowserCompanion FireFox Watcher.job

[2013/04/10 20:22:02 | 000,456,224 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2013/04/10 20:21:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/04/10 20:20:56 | 3163,709,440 | -HS- | M] () -- C:\hiberfil.sys

[2013/04/10 19:13:00 | 000,000,512 | ---- | M] () -- C:\Windows asks\SUPERAntiSpyware Scheduled Task 8c2cf487-9f52-4f81-be88-7c623dac5100.job

[2013/04/09 02:21:01 | 000,082,592 | ---- | M] () -- C:\Users\Franca\Desktop\123_big.gif

[2013/04/09 02:00:00 | 000,000,512 | ---- | M] () -- C:\Windows asks\SUPERAntiSpyware Scheduled Task d6033922-2f0e-451b-b48c-56b66d2572ff.job

[2013/04/08 17:47:10 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn

[2013/04/08 17:46:51 | 000,000,848 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys

[2013/04/08 16:39:47 | 007,067,641 | ---- | M] () -- C:\Users\Franca\Desktop\Audio 2 Zucchero Amaro.mp3

[2013/04/08 16:34:31 | 005,814,391 | ---- | M] () -- C:\Users\Franca\Desktop\SPECCHI RIFLESSI ~ Audio2.mp3

[2013/04/07 19:13:29 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2013/04/07 19:00:20 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2013/04/07 18:39:32 | 001,541,618 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013/04/07 18:39:32 | 000,698,804 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat

[2013/04/07 18:39:32 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013/04/07 18:39:32 | 000,127,998 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat

[2013/04/07 18:39:32 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013/04/06 00:33:38 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2013/04/06 00:33:38 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2013/04/05 17:26:01 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

[2013/04/05 17:26:00 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll

[2013/04/05 17:26:00 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll

[2013/04/05 17:26:00 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe

[2013/04/05 17:26:00 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe

[2013/04/05 17:26:00 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

[2013/04/05 16:36:15 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe

[2013/04/05 16:36:15 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll

[2013/04/05 16:36:15 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll

[2013/04/05 16:36:15 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll

[2013/04/05 16:36:15 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2013/04/05 16:36:15 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2013/04/05 16:36:15 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2013/04/05 16:36:15 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2013/04/05 16:36:15 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2013/04/05 16:36:15 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2013/04/05 16:36:15 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2013/04/05 16:36:15 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2013/04/05 16:36:14 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2013/04/05 16:36:14 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2013/04/05 16:36:14 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2013/04/05 16:36:14 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2013/04/05 16:36:14 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2013/04/05 16:36:14 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2013/04/05 16:36:14 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2013/04/05 16:36:14 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2013/04/05 16:36:14 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2013/04/05 16:36:14 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2013/04/05 16:36:14 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2013/04/05 16:36:14 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2013/04/05 16:36:14 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2013/04/05 16:36:14 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64 dc.ocx

[2013/04/05 16:36:14 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2013/04/05 16:36:14 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf

[2013/04/05 16:36:14 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2013/04/05 16:36:14 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2013/04/05 16:36:13 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2013/04/05 16:36:13 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2013/04/05 16:36:13 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll

[2013/04/05 16:36:13 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2013/04/05 16:36:13 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2013/04/05 16:36:13 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2013/04/05 16:36:13 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2013/04/05 16:36:13 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2013/04/05 16:36:13 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2013/04/05 16:36:13 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2013/04/05 16:36:13 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2013/04/05 16:36:13 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2013/04/05 16:36:13 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2013/04/05 16:36:13 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2013/04/05 16:36:13 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2013/04/05 16:36:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2013/04/05 16:36:13 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2013/04/05 16:36:13 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative dc.ocx

[2013/04/05 16:36:13 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2013/04/05 16:36:13 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2013/04/05 16:36:13 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2013/04/05 16:36:13 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2013/04/05 16:36:13 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf

[2013/04/05 16:36:13 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2013/04/05 16:36:13 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2013/04/04 00:00:07 | 000,000,336 | ---- | M] () -- C:\Windows asks\HPCeeScheduleForFranca.job

[2013/04/02 00:52:13 | 000,060,778 | ---- | M] () -- C:\Users\Franca\306158_1481375530068_6843674_n.jpg

[2013/03/19 08:04:06 | 005,550,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2013/03/19 07:46:56 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll

[2013/03/19 07:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2013/03/19 07:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2013/03/19 06:47:50 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll

[2013/03/19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe

[2013/03/15 07:53:06 | 026,956,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2013/03/15 07:53:06 | 025,256,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2013/03/15 07:53:06 | 020,542,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2013/03/15 07:53:06 | 017,990,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2013/03/15 07:53:06 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2013/03/15 07:53:06 | 015,508,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll

[2013/03/15 07:53:06 | 015,042,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll

[2013/03/15 07:53:06 | 013,088,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll

[2013/03/15 07:53:06 | 009,414,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2013/03/15 07:53:06 | 007,959,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2013/03/15 07:53:06 | 007,573,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll

[2013/03/15 07:53:06 | 006,271,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll

[2013/03/15 07:53:06 | 002,913,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2013/03/15 07:53:06 | 002,864,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll

[2013/03/15 07:53:06 | 002,728,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2013/03/15 07:53:06 | 002,539,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll

[2013/03/15 07:53:06 | 002,355,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2013/03/15 07:53:06 | 001,995,552 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2013/03/15 07:53:06 | 001,807,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6431422.dll

[2013/03/15 07:53:06 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6431422.dll

[2013/03/15 07:53:06 | 000,017,738 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb

[2013/03/15 06:16:18 | 003,477,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll

[2013/03/15 06:16:17 | 006,398,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll

[2013/03/15 06:16:10 | 002,555,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll

[2013/03/15 06:16:10 | 000,237,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll

[2013/03/15 06:16:10 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll

[2 C:\*.tmp files -> C:\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/04/09 02:21:07 | 000,082,592 | ---- | C] () -- C:\Users\Franca\Desktop\123_big.gif

[2013/04/08 16:39:32 | 007,067,641 | ---- | C] () -- C:\Users\Franca\Desktop\Audio 2 Zucchero Amaro.mp3

[2013/04/08 16:34:22 | 005,814,391 | ---- | C] () -- C:\Users\Franca\Desktop\SPECCHI RIFLESSI ~ Audio2.mp3

[2013/04/07 19:13:41 | 000,000,512 | ---- | C] () -- C:\Windows asks\SUPERAntiSpyware Scheduled Task 8c2cf487-9f52-4f81-be88-7c623dac5100.job

[2013/04/07 19:13:40 | 000,000,512 | ---- | C] () -- C:\Windows asks\SUPERAntiSpyware Scheduled Task d6033922-2f0e-451b-b48c-56b66d2572ff.job

[2013/04/07 19:13:29 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2013/04/06 00:28:53 | 000,000,978 | ---- | C] () -- C:\Windows asks\Adobe Flash Player Updater.job

[2013/04/05 16:36:14 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf

[2013/04/05 16:36:13 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf

[2013/04/02 00:52:21 | 000,060,778 | ---- | C] () -- C:\Users\Franca\306158_1481375530068_6843674_n.jpg

[2012/12/31 15:35:57 | 000,000,503 | ---- | C] () -- C:\Users\Franca\AppData\Roaming\burnaware.ini

[2012/12/30 20:14:24 | 000,843,506 | ---- | C] () -- C:\Users\Franca\cartamodellopigotta.png

[2012/11/24 20:33:58 | 000,000,035 | ---- | C] () -- C:\Users\Franca\AppData\Roaming\mbam.context.scan

[2012/11/01 14:56:42 | 000,221,299 | ---- | C] () -- C:\Users\Franca\halloween 2012.jpg

[2012/09/10 21:11:49 | 1101,908,374 | ---- | C] () -- C:\Users\Franca\Ultima Online Mondain's Legacy.rar

[2012/06/29 13:00:48 | 000,217,487 | ---- | C] () -- C:\Users\Franca\Risposta2363044_1_VER2.pdf

[2012/06/27 18:13:55 | 000,010,777 | ---- | C] () -- C:\Users\Franca\Registrazione Tiscali Internet senza canone.htm

[2012/06/27 11:45:29 | 000,029,511 | ---- | C] () -- C:\Users\Franca\ravvedimentoIMU.pdf

[2012/06/12 01:10:31 | 000,007,544 | ---- | C] () -- C:\Users\Franca\AppData\Local\unins000.dat

[2012/06/07 22:42:33 | 000,055,136 | ---- | C] () -- C:\Users\Franca\Metin2_it_20111216.exe.torrent

[2012/05/10 11:51:46 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2012/05/10 11:51:46 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2012/05/10 11:51:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2012/05/10 11:51:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2012/05/10 11:51:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2012/01/21 21:24:52 | 001,073,004 | ---- | C] () -- C:\Users\Franca\io e leo.jpg

[2011/04/14 12:46:50 | 000,000,011 | ---- | C] () -- C:\Windows\3DShadow.INI

[2011/04/08 20:25:52 | 000,025,048 | -HS- | C] () -- C:\Users\Franca\Folder.jpg

[2011/04/08 20:25:52 | 000,007,293 | -HS- | C] () -- C:\Users\Franca\AlbumArtSmall.jpg

[2011/03/21 23:12:36 | 000,017,159 | ---- | C] () -- C:\Users\Franca\FW_Installer_OB.rar.torrent

[2011/02/28 12:30:28 | 000,001,178 | ---- | C] () -- C:\Users\Franca\AppData\Roaming\wklnhst.dat

[2011/02/05 18:25:50 | 000,001,854 | ---- | C] () -- C:\Users\Franca\AppData\Roaming\GhostObjGAFix.xml

[2010/11/19 18:27:38 | 166,297,938 | ---- | C] () -- C:\Users\Franca\Microsoft Front Page 2003 + seriale - ITA.rar

[2010/10/29 15:42:47 | 007,362,048 | ---- | C] () -- C:\Users\Franca\MM26_IT.msi

[2010/09/16 17:20:52 | 000,126,116 | ---- | C] () -- C:\Users\Franca\LD-champagne2.zip

[2010/09/08 11:07:40 | 000,159,464 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4

[2010/06/01 14:37:46 | 000,001,235 | ---- | C] () -- C:\Users\Franca\HyperMediaCenter.lnk

[2010/05/21 12:57:48 | 000,020,480 | ---- | C] () -- C:\Users\Franca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/05/21 12:49:52 | 001,933,603 | ---- | C] () -- C:\Users\Franca\AppData\Local mpDSCN0057.2

[2010/05/21 12:49:49 | 001,934,341 | ---- | C] () -- C:\Users\Franca\AppData\Local mpDSCN0057.1

[2010/05/21 12:49:47 | 005,416,154 | ---- | C] () -- C:\Users\Franca\AppData\Local mpDSCN0057.0

[2010/05/21 12:49:47 | 001,943,949 | ---- | C] () -- C:\Users\Franca\AppData\Local mpDSCN0057.JPG

[2010/05/19 11:54:48 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Commands

[2010/05/19 11:54:48 | 000,000,268 | RH-- | C] () -- C:\Users\Franca\AppData\Roaming\ColorTable

[2010/05/19 11:54:48 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT

[2010/05/19 11:50:11 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Comedy Noises

[2010/05/19 11:50:11 | 000,000,268 | RH-- | C] () -- C:\Users\Franca\AppData\Roaming\Cocoa

[2010/05/19 11:50:11 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT

[2010/05/04 13:50:03 | 000,013,509 | ---- | C] () -- C:\Users\Franca\AppData\Local mpALESSIA 10.2

[2010/05/04 13:49:57 | 000,013,501 | ---- | C] () -- C:\Users\Franca\AppData\Local mpALESSIA 10.1

[2010/05/04 13:49:55 | 000,021,642 | ---- | C] () -- C:\Users\Franca\AppData\Local mpALESSIA 10.0

[2010/05/04 13:49:55 | 000,013,512 | ---- | C] () -- C:\Users\Franca\AppData\Local mpALESSIA 10.JPG

[2010/04/17 23:11:00 | 000,000,017 | ---- | C] () -- C:\Users\Franca\AppData\Local\resmon.resmoncfg

[2010/03/24 14:24:20 | 000,000,848 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/01/11 23:43:26 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Aeria Games & Entertainment

[2012/08/11 17:30:10 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Alien Skin

[2012/11/24 20:13:27 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\BrowserCompanion

[2012/12/15 01:42:05 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\EmoticoonsToolbar

[2012/08/04 23:10:37 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\FreeVideoConverter

[2013/04/10 16:31:26 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\ICQ

[2013/03/13 13:55:55 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\IObit

[2010/05/04 16:31:28 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Jasc

[2010/06/01 14:37:47 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\KWorld Multimedia

[2010/05/19 12:03:43 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Nikon

[2012/08/05 16:55:35 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\OpenCandy

[2012/08/09 00:12:12 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\PhotoScape

[2011/07/10 22:38:30 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Razor

[2011/11/28 15:51:40 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\TeamViewer

[2011/02/28 12:30:39 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Template

[2010/04/28 19:25:05 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Ulead Systems

[2010/05/23 19:16:29 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Uniblue

[2013/04/06 00:02:49 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\uTorrent

[2011/07/20 16:45:32 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Vodafone

[2010/12/18 17:56:07 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\WildTangent

[2011/03/03 16:37:11 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\Windows Live Writer

[2010/03/24 09:03:04 | 000,000,000 | ---D | M] -- C:\Users\Franca\AppData\Roaming\_MDLogs

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2013/02/26 13:46:58 | 000,000,000 | ---- | M] () -- C:\asc_rdflag

[2009/07/14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr

[2012/07/27 17:37:53 | 000,000,196 | ---- | M] () -- C:\ChromeHPLog.txt

[2013/04/07 19:07:43 | 000,029,460 | ---- | M] () -- C:\ComboFix.txt

[2012/11/24 20:20:14 | 000,000,043 | ---- | M] () -- C:\END

[2013/04/10 20:20:56 | 3163,709,440 | -HS- | M] () -- C:\hiberfil.sys

[2010/05/21 13:19:53 | 000,000,186 | ---- | M] () -- C:\hpqlb.log

[2013/04/10 20:21:01 | 4218,281,984 | -HS- | M] () -- C:\pagefile.sys

[2012/06/12 00:15:31 | 000,000,447 | ---- | M] () -- C:\user.js

[2 C:\*.tmp files -> C:\*.tmp -> ]

< %systemroot%\Fonts\*.com >

[2009/07/14 07:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont

[2009/07/14 07:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont

[2009/07/14 07:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont

[2009/07/14 07:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >

[2009/06/10 22:49:50 | 000,000,065 | -H-- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

[2012/03/08 18:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

[2012/04/27 16:52:35 | 000,001,734 | -HS- | M] () -- C:\Users\Franca\AppData\Roaming\Microsoft\LastFlashConfig.wfc

< %PROGRAMFILES%\*.* >

[2009/07/14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >

[2011/04/28 22:59:35 | 000,000,221 | -HS- | M] () -- C:\Users\Franca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >

[2012/11/11 01:59:34 | 001,109,504 | ---- | M] () -- C:\Users\Franca\Desktop\EUOX217.exe

[2013/04/10 23:40:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Franca\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32 est\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

OTL Extras logfile created on: 10/04/2013 23:43:16 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Franca\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16540)

Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3,93 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 50,41% Memory free

7,86 Gb Paging File | 5,20 Gb Available in Paging File | 66,21% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 448,85 Gb Total Space | 352,66 Gb Free Space | 78,57% Space Free | Partition Type: NTFS

Drive D: | 16,61 Gb Total Space | 2,71 Gb Free Space | 16,30% Space Free | Partition Type: NTFS

Drive E: | 99,02 Mb Total Space | 95,10 Mb Free Space | 96,04% Space Free | Partition Type: FAT32

Computer Name: FRABA-PC | User Name: Franca | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0692267A-F246-4B5F-8395-6931034C5CD1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{0C273546-88B8-4529-A15B-8365EC69FA3D}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |

"{0E1384D9-C932-401C-88E2-C9B023AF3834}" = lport=139 | protocol=6 | dir=in | app=system |

"{0F69C157-4078-44A4-9E25-8E603384139B}" = lport=445 | protocol=6 | dir=in | app=system |

"{199E6948-F205-45A7-B9CB-11C09A9D5285}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{37336A5B-FC83-4999-BA23-114F27369D23}" = rport=137 | protocol=17 | dir=out | app=system |

"{375E808F-70A3-45B5-958A-CFB541CA903F}" = rport=138 | protocol=17 | dir=out | app=system |

"{38FF5F99-EB90-415E-8597-8F9AF6726075}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

"{575A002D-9D1E-45D5-B827-B594C358BC9C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{5B9888AE-2F37-4678-B14A-317A9F92438E}" = lport=137 | protocol=17 | dir=in | app=system |

"{613CF8AB-9E99-4A42-8AEE-166E4AC0632D}" = lport=49279 | protocol=6 | dir=in | name=akamai netsession interface |

"{88678C8C-4D34-4168-A60A-789AECB0E08C}" = rport=139 | protocol=6 | dir=out | app=system |

"{9A5C5436-0879-4CC1-9251-EE7B2EE6CED0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{A465DEC8-47E0-4AD9-8CB8-FC77D2AF7BC4}" = lport=138 | protocol=17 | dir=in | app=system |

"{B389F7A5-616C-4A56-9D65-C89A7A9311DF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{C3E6A372-C75F-4A4D-A881-2B1A85D09F45}" = lport=2869 | protocol=6 | dir=in | app=system |

"{C4836E19-7F17-46F5-B5E8-ED03CB7B4385}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{CD683381-F278-4EDD-AB6F-F5C0FB6D5A99}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{CFFB2297-7AD7-43F2-8BA4-523D5B707B2B}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{04465AEE-FD54-45D2-8567-24C1F1ACD5E2}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |

"{092E4DBD-C7ED-4DF7-ACD4-3193C8048983}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{0B998B5A-0F84-41BD-BA36-42BE7D897896}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |

"{142FBEF9-8562-426A-BBD7-95F1566A69BA}" = protocol=6 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe |

"{1603F81F-3535-4C2E-83B0-BDC0729375F6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |

"{2097940C-DEC4-4F74-8824-F32EC11B8E01}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{23EB6552-4009-42FB-9065-FAA08993BDED}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{3137D671-67FD-48FF-A5EA-4D0C46A8ADE3}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartphoto.exe |

"{32DFD361-CE48-480E-980B-BDAEE4D6A159}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |

"{355488C6-7078-458F-9A48-83236D10C07D}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |

"{3806C9CC-B91A-40A8-844B-7ED9907FD8B0}" = protocol=17 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe |

"{3C70DDDB-E35B-408E-9529-B30FBB40CBC2}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |

"{3F07BD61-501B-4E73-A5DE-BD46D96050F4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |

"{43019AAE-1888-4737-8767-445E5D5EBC6E}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version5 eamviewer.exe |

"{43AC8B4F-F125-46E5-B6B7-4039660833CE}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |

"{46C61275-F31D-4CF8-8E1A-DD401043FAEB}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |

"{4B600AA2-D3C3-4426-8B01-1A7D682FDBD5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{4D6BA36D-554F-4172-81A9-3DE8D1B5B33C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{5B4A2EE9-5E23-4482-8CB6-C21972B4A594}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{5C8F6643-911E-45F8-80AD-5683439F7709}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |

"{63A28933-BF80-4E31-9A24-4EE976F1FDB5}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |

"{786024B3-67C9-49F5-8A7C-82B858990718}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{7E7BC48C-4ECB-4622-A73E-351869BAEE90}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |

"{82E58F3C-AAAC-4CF6-8DBA-63B6A4F3B14E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |

"{85C6E4DC-3DD7-4860-9A81-72D22443D3E9}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |

"{88C61555-F7ED-4444-A09E-547F68916E0E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{8982ACA3-6D28-4856-ACA1-D934BD3AB357}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |

"{8B7A72C4-B3B4-44ED-B22D-B68E0CEBB7B7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{8E312EB8-1BA2-45A2-ABEC-ACEF7FC7B66E}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

"{90D9A99F-947F-4F83-B707-2BC01847C0FD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{93307741-EDDA-46CC-A121-EE638E9B1A29}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version5 eamviewer.exe |

"{A24FEC84-3AAF-4BFE-8868-86A73769D4D5}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |

"{A47A24B6-7AC8-4F7D-9631-B25E53AC3642}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{A8D44F34-FF04-417B-8E22-45CA6BD5E246}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartmusic.exe |

"{AADEEEC2-6A2F-4408-A480-684FD869E00B}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |

"{B10690A8-B574-4E02-AB01-EC7ADEFBB644}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |

"{B569D587-2D90-4C43-AB6F-1D37CB530D13}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media smagent.exe |

"{BB32D6F8-F38D-4752-8099-38CB6CE910AE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{BDC1C8DA-E2B6-4BD1-8A25-8C558CFB39CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{C600BCFB-4EB2-4BF8-8499-4A62A719222B}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |

"{C97F9A23-93DC-4496-B5B6-356BB5635BB3}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartvideo.exe |

"{C9A03DA9-AE8B-40BC-9368-58F6A2952E3A}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

"{CEDAC8AA-0E14-4A9B-896C-683FAF09E35D}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer_service.exe |

"{D19F2EA5-1F2A-4729-983F-300A82347B42}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |

"{DF8782C6-67F3-4084-A62B-FFFF1B43C458}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |

"{E0AF229C-C041-4B6B-AFDC-E8672660F24B}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\kernel\clml\clmlsvc.exe |

"{E506CD03-B9CA-4E0D-B27A-F32473AE6C0B}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |

"{E628A6D0-F07B-4D39-9537-476C835893E6}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer.exe |

"{E976DCF6-AE30-4DEC-9775-06905094656D}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer_service.exe |

"{EF81C018-DE06-4DB3-BD91-3F8CB6333DD8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{F422C145-67FF-420E-B9D6-963A1514FF61}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |

"{F8D71038-31C5-470C-B5B6-C962820B7F20}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer.exe |

"TCP Query User{7441EEC2-6EDD-48C5-92E1-A1E05E9EDA67}C:\program files (x86)\ea games\ultima online mondain's legacy\client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\ultima online mondain's legacy\client.exe |

"TCP Query User{D6F385E4-8788-473B-811A-BE5A63270609}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin |

"TCP Query User{E8D18DD5-06D6-4397-A17B-405D3540D476}C:\users\franca\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe |

"TCP Query User{F9E34D85-6133-4DD6-A271-EF3D0778834B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

"UDP Query User{419AC317-9323-4273-948C-B04157D5E7EC}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin |

"UDP Query User{C5145141-E235-4F57-B5C1-0D328AEEAEF8}C:\users\franca\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe |

"UDP Query User{E9ED0506-E373-435A-AC1F-8575E4DD73BC}C:\program files (x86)\ea games\ultima online mondain's legacy\client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\ultima online mondain's legacy\client.exe |

"UDP Query User{F383AC72-139A-4072-95F2-FAB8F9CCC87C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01651F94-6956-4F93-8AFE-0A30DB230BDB}" = HP 3D DriveGuard

"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector

"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)

"{25B473DB-CC8D-384A-ACE7-7CFB119B7E03}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack

"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java 6 Update 22 (64-bit)

"{27B3E5AA-5B75-414A-AC37-F5ADDFA68BDB}" = Windows Live Family Safety

"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.573

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources

"{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java SE Development Kit 6 Update 15 (64-bit)

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu

"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2007

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Pannello di controllo NVIDIA 314.22

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver grafico 314.22

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aggiornamenti NVIDIA 1.12.12

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Driver audio HD 1.3.23.1

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter

"CCleaner" = CCleaner

"FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"WNLT" = IB Updater Service

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam

"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0B500125-92A7-40BF-ACF0-45A9221ADE21}_is1" = PowerOffer 2.0

"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader

"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver

"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34A08914-7A33-4040-A959-1577BF5AFF8A}" = Microsoft Works

"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons

"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack

"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor

"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4DAF72C7-78D4-4823-BA66-FE8FE3D5BD0A}" = Installazione Guidata Alice ADSL

"{4E432692-A736-4F77-AF77-F9078CF88D31}" = HP Wireless Assistant

"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3

"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2

"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV

"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite

"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger

"{70C24EB5-5C57-4E24-B29D-AB425CE1866F}" = Aeria Ignite

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7

"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update

"{7C4196CA-CA41-4F34-9C08-7724E7705D52}" = Jasc Animation Shop 3

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later

"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007

"{90120000-0015-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007

"{90120000-0016-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007

"{90120000-0018-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007

"{90120000-0019-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007

"{90120000-001A-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007

"{90120000-001B-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0410-1000-0000000FF1CE}_ENTERPRISE_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2007

"{90120000-0044-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007

"{90120000-006E-0410-0000-0000000FF1CE}_ENTERPRISE_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007

"{90120000-00A1-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2007

"{90120000-00BA-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Italiano

"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video

"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6

"{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"{C89F2092-B9E4-46FD-83BB-C6F2D7838CED}" = Windows Live Sync

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player

"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD

"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials

"{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}" = Ultima Online: Mondain's Legacy

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series

"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio

"{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer

"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live

"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX

"{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = VideoStudio

"{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5

"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL

"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video

"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner

"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Aeria Ignite" = Aeria Ignite

"Aeria Ignite 1.11.2111" = Aeria Ignite

"Akamai" = Akamai NetSession Interface Service

"aTube Catcher" = aTube Catcher

"Avira AntiVir Desktop" = Avira Free Antivirus

"Cheat Engine 6.2_is1" = Cheat Engine 6.2

"EasyBits Magic Desktop" = Magic Desktop

"ENTERPRISE" = Microsoft Office Enterprise 2007

"GinyasBrowserCompanion" = GinyasBrowserCompanion

"HyperMediaCenter 3.5_is1" = HyperMediaCenter 3.5

"HyperMediaCenter_is1" = HyperMediaCenter Software

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam

"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite

"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV

"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD

"InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV

"InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = Corel VideoStudio 12

"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.70.0.1100

"Mozilla Firefox 19.0.2 (x86 it)" = Mozilla Firefox 19.0.2 (x86 it)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"PhotoScape" = PhotoScape

"Revo Uninstaller" = Revo Uninstaller 1.94

"Shaiya-IT" = Shaiya-IT

"Sqirlz Water Reflections" = Sqirlz Water Reflections

"TeamViewer 5" = TeamViewer 5

"TeamViewer 6" = TeamViewer 6

"uTorrent" = µTorrent

"uTorrentBar_IT Toolbar" = uTorrentBar_IT Toolbar

"WildTangent hp Master Uninstall" = HP Games

"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner

"Windows Media Encoder 9" = Windows Media Encoder 9 Series

"WinLiveSuite" = Windows Live Essentials

"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Akamai" = Akamai NetSession Interface

"NGM Phonesuite" = NGM Phonesuite

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 08/04/2013 05:07:22 | Computer Name = Fraba-PC | Source = VmbService | ID = 0

Description = conflictManagerTypeValue

Error - 09/04/2013 04:31:02 | Computer Name = Fraba-PC | Source = VmbService | ID = 0

Description = conflictManagerTypeValue

Error - 09/04/2013 04:31:08 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0

Description = Impossibile avviare il servizio. Handle non valido

Error - 09/04/2013 05:20:10 | Computer Name = Fraba-PC | Source = SideBySide | ID = 16842815

Description = Generazione del contesto di attivazione non riuscita per "c:\Program

Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Errore nel file

manifesto o dei criteri "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

AIR.dll", riga 3. Il valore "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

dell'attributo "version" nell'elemento "assemblyIdentity" non è valido.

Error - 09/04/2013 15:50:03 | Computer Name = Fraba-PC | Source = Application Error | ID = 1000

Description = Nome dell'applicazione che ha generato l'errore: tbhcn.exe, versione:

1.0.0.5, timestamp: 0x50f25761 Nome del modulo che ha generato l'errore: tbhcn.exe,

versione: 1.0.0.5, timestamp: 0x50f25761 Codice eccezione: 0x40000015 Offset errore

0x0007a2fd ID processo che ha generato l'errore: 0x1e64 Ora di avvio dell'applicazione

che ha generato l'errore: 0x01ce355b6bafcae7 Percorso dell'applicazione che ha generato

l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe Percorso del modulo che

ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe ID segnalazione:

aafcae09-a14e-11e2-9a6e-8ab075bf2cba

Error - 10/04/2013 05:58:13 | Computer Name = Fraba-PC | Source = VmbService | ID = 0

Description = conflictManagerTypeValue

Error - 10/04/2013 05:58:16 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0

Description = Impossibile avviare il servizio. Handle non valido

Error - 10/04/2013 05:58:17 | Computer Name = Fraba-PC | Source = Application Error | ID = 1000

Description = Nome dell'applicazione che ha generato l'errore: tbhcn.exe, versione:

1.0.0.5, timestamp: 0x50f25761 Nome del modulo che ha generato l'errore: tbhcn.exe,

versione: 1.0.0.5, timestamp: 0x50f25761 Codice eccezione: 0x40000015 Offset errore

0x0007a2fd ID processo che ha generato l'errore: 0x7d8 Ora di avvio dell'applicazione

che ha generato l'errore: 0x01ce35d1e31b0b03 Percorso dell'applicazione che ha generato

l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe Percorso del modulo che

ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe ID segnalazione:

2a0f3334-a1c5-11e2-aa62-d0ef4098ecb1

Error - 10/04/2013 14:22:19 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0

Description = Impossibile avviare il servizio. Handle non valido

Error - 10/04/2013 14:22:24 | Computer Name = Fraba-PC | Source = VmbService | ID = 0

Description = conflictManagerTypeValue

[ Hewlett-Packard Events ]

Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean)

Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean)

Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean)

Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean)

Error - 31/12/2012 07:33:12 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261 in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean)

Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean)

Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean)

Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean)

Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean)

Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean)

[ Media Center Events ]

Error - 20/12/2010 05:31:36 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 10:31:36 - Errore di connessione a Internet. 10:31:36 - Impossibile

contattare il server..

Error - 20/12/2010 05:32:14 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 10:32:05 - Errore di connessione a Internet. 10:32:05 - Impossibile

contattare il server..

Error - 20/12/2010 06:32:45 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 11:32:45 - Errore di connessione a Internet. 11:32:45 - Impossibile

contattare il server..

Error - 20/12/2010 06:33:15 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 11:33:14 - Errore di connessione a Internet. 11:33:14 - Impossibile

contattare il server..

Error - 20/12/2010 07:33:47 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 12:33:47 - Errore di connessione a Internet. 12:33:47 - Impossibile

contattare il server..

Error - 20/12/2010 07:34:16 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 12:34:16 - Errore di connessione a Internet. 12:34:16 - Impossibile

contattare il server..

Error - 22/12/2010 15:07:38 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 20:07:38 - Errore di connessione a Internet. 20:07:38 - Impossibile

contattare il server..

Error - 22/12/2010 15:08:11 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 20:08:07 - Errore di connessione a Internet. 20:08:07 - Impossibile

contattare il server..

Error - 05/01/2011 08:41:35 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 13:41:31 - Errore di connessione a Internet. 13:41:31 - Impossibile

contattare il server..

Error - 10/01/2011 02:58:41 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 07:58:38 - Errore di connessione a Internet. 07:58:38 - Impossibile

contattare il server..

[ System Events ]

Error - 01/04/2013 01:42:50 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022

Description = Servizio Pos Service bloccato in partenza.

Error - 01/04/2013 01:42:50 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022

Description = Servizio Serv Updater bloccato in partenza.

Error - 05/04/2013 14:14:42 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022

Description = Servizio Pos Service bloccato in partenza.

Error - 05/04/2013 18:23:11 | Computer Name = Fraba-PC | Source = DCOM | ID = 10010

Description =

Error - 07/04/2013 12:48:29 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7031

Description = Il servizio Akamai NetSession Interface è stato arrestato in modo

imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione

saranno eseguite tra 1000 millisecondi: Riavvia il servizio.

Error - 07/04/2013 12:48:29 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7034

Description = Arresto imprevista del servizio Easybits Shared Services for Windows.

Questo evento si è già verificato 1 volta(e).

Error - 07/04/2013 12:56:45 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7030

Description = Il servizio PEVSystemStart è contrassegnato come interattivo. Il sistema

non è configurato per consentire servizi interattivi. Questo servizio potrà non

funzionare correttamente.

Error - 07/04/2013 12:59:42 | Computer Name = Fraba-PC | Source = Application Popup | ID = 1060

Description = Caricamento del driver \??\C:\ComboFix\catchme.sys bloccato a causa

di incompatibilità con il sistema in uso. Rivolgersi al fornitore del software

per richiedere una versione compatibile del driver.

Error - 07/04/2013 12:59:43 | Computer Name = Fraba-PC | Source = Application Popup | ID = 1060

Description = Caricamento del driver \??\C:\ComboFix\catchme.sys bloccato a causa

di incompatibilità con il sistema in uso. Rivolgersi al fornitore del software

per richiedere una versione compatibile del driver.

Error - 07/04/2013 13:00:23 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7030

Description = Il servizio PEVSystemStart è contrassegnato come interattivo. Il sistema

non è configurato per consentire servizi interattivi. Questo servizio potrà non

funzionare correttamente.

< End of report >OTL Extras logfile created on: 10/04/2013 23:43:16 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Franca\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16540)

Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3,93 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 50,41% Memory free

7,86 Gb Paging File | 5,20 Gb Available in Paging File | 66,21% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 448,85 Gb Total Space | 352,66 Gb Free Space | 78,57% Space Free | Partition Type: NTFS

Drive D: | 16,61 Gb Total Space | 2,71 Gb Free Space | 16,30% Space Free | Partition Type: NTFS

Drive E: | 99,02 Mb Total Space | 95,10 Mb Free Space | 96,04% Space Free | Partition Type: FAT32

Computer Name: FRABA-PC | User Name: Franca | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0692267A-F246-4B5F-8395-6931034C5CD1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{0C273546-88B8-4529-A15B-8365EC69FA3D}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |

"{0E1384D9-C932-401C-88E2-C9B023AF3834}" = lport=139 | protocol=6 | dir=in | app=system |

"{0F69C157-4078-44A4-9E25-8E603384139B}" = lport=445 | protocol=6 | dir=in | app=system |

"{199E6948-F205-45A7-B9CB-11C09A9D5285}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{37336A5B-FC83-4999-BA23-114F27369D23}" = rport=137 | protocol=17 | dir=out | app=system |

"{375E808F-70A3-45B5-958A-CFB541CA903F}" = rport=138 | protocol=17 | dir=out | app=system |

"{38FF5F99-EB90-415E-8597-8F9AF6726075}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

"{575A002D-9D1E-45D5-B827-B594C358BC9C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{5B9888AE-2F37-4678-B14A-317A9F92438E}" = lport=137 | protocol=17 | dir=in | app=system |

"{613CF8AB-9E99-4A42-8AEE-166E4AC0632D}" = lport=49279 | protocol=6 | dir=in | name=akamai netsession interface |

"{88678C8C-4D34-4168-A60A-789AECB0E08C}" = rport=139 | protocol=6 | dir=out | app=system |

"{9A5C5436-0879-4CC1-9251-EE7B2EE6CED0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{A465DEC8-47E0-4AD9-8CB8-FC77D2AF7BC4}" = lport=138 | protocol=17 | dir=in | app=system |

"{B389F7A5-616C-4A56-9D65-C89A7A9311DF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{C3E6A372-C75F-4A4D-A881-2B1A85D09F45}" = lport=2869 | protocol=6 | dir=in | app=system |

"{C4836E19-7F17-46F5-B5E8-ED03CB7B4385}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{CD683381-F278-4EDD-AB6F-F5C0FB6D5A99}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{CFFB2297-7AD7-43F2-8BA4-523D5B707B2B}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{04465AEE-FD54-45D2-8567-24C1F1ACD5E2}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |

"{092E4DBD-C7ED-4DF7-ACD4-3193C8048983}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{0B998B5A-0F84-41BD-BA36-42BE7D897896}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |

"{142FBEF9-8562-426A-BBD7-95F1566A69BA}" = protocol=6 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe |

"{1603F81F-3535-4C2E-83B0-BDC0729375F6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |

"{2097940C-DEC4-4F74-8824-F32EC11B8E01}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{23EB6552-4009-42FB-9065-FAA08993BDED}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{3137D671-67FD-48FF-A5EA-4D0C46A8ADE3}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartphoto.exe |

"{32DFD361-CE48-480E-980B-BDAEE4D6A159}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |

"{355488C6-7078-458F-9A48-83236D10C07D}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |

"{3806C9CC-B91A-40A8-844B-7ED9907FD8B0}" = protocol=17 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe |

"{3C70DDDB-E35B-408E-9529-B30FBB40CBC2}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |

"{3F07BD61-501B-4E73-A5DE-BD46D96050F4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |

"{43019AAE-1888-4737-8767-445E5D5EBC6E}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version5 eamviewer.exe |

"{43AC8B4F-F125-46E5-B6B7-4039660833CE}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |

"{46C61275-F31D-4CF8-8E1A-DD401043FAEB}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |

"{4B600AA2-D3C3-4426-8B01-1A7D682FDBD5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{4D6BA36D-554F-4172-81A9-3DE8D1B5B33C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{5B4A2EE9-5E23-4482-8CB6-C21972B4A594}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{5C8F6643-911E-45F8-80AD-5683439F7709}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |

"{63A28933-BF80-4E31-9A24-4EE976F1FDB5}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |

"{786024B3-67C9-49F5-8A7C-82B858990718}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{7E7BC48C-4ECB-4622-A73E-351869BAEE90}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |

"{82E58F3C-AAAC-4CF6-8DBA-63B6A4F3B14E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |

"{85C6E4DC-3DD7-4860-9A81-72D22443D3E9}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |

"{88C61555-F7ED-4444-A09E-547F68916E0E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{8982ACA3-6D28-4856-ACA1-D934BD3AB357}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |

"{8B7A72C4-B3B4-44ED-B22D-B68E0CEBB7B7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{8E312EB8-1BA2-45A2-ABEC-ACEF7FC7B66E}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

"{90D9A99F-947F-4F83-B707-2BC01847C0FD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{93307741-EDDA-46CC-A121-EE638E9B1A29}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version5 eamviewer.exe |

"{A24FEC84-3AAF-4BFE-8868-86A73769D4D5}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |

"{A47A24B6-7AC8-4F7D-9631-B25E53AC3642}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{A8D44F34-FF04-417B-8E22-45CA6BD5E246}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartmusic.exe |

"{AADEEEC2-6A2F-4408-A480-684FD869E00B}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |

"{B10690A8-B574-4E02-AB01-EC7ADEFBB644}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |

"{B569D587-2D90-4C43-AB6F-1D37CB530D13}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media smagent.exe |

"{BB32D6F8-F38D-4752-8099-38CB6CE910AE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{BDC1C8DA-E2B6-4BD1-8A25-8C558CFB39CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{C600BCFB-4EB2-4BF8-8499-4A62A719222B}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |

"{C97F9A23-93DC-4496-B5B6-356BB5635BB3}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\hptouchsmartvideo.exe |

"{C9A03DA9-AE8B-40BC-9368-58F6A2952E3A}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

"{CEDAC8AA-0E14-4A9B-896C-683FAF09E35D}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer_service.exe |

"{D19F2EA5-1F2A-4729-983F-300A82347B42}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |

"{DF8782C6-67F3-4084-A62B-FFFF1B43C458}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |

"{E0AF229C-C041-4B6B-AFDC-E8672660F24B}" = dir=in | app=c:\program files (x86)\hewlett-packard ouchsmart\media\kernel\clml\clmlsvc.exe |

"{E506CD03-B9CA-4E0D-B27A-F32473AE6C0B}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |

"{E628A6D0-F07B-4D39-9537-476C835893E6}" = protocol=17 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer.exe |

"{E976DCF6-AE30-4DEC-9775-06905094656D}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer_service.exe |

"{EF81C018-DE06-4DB3-BD91-3F8CB6333DD8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{F422C145-67FF-420E-B9D6-963A1514FF61}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |

"{F8D71038-31C5-470C-B5B6-C962820B7F20}" = protocol=6 | dir=in | app=c:\program files (x86) eamviewer\version6 eamviewer.exe |

"TCP Query User{7441EEC2-6EDD-48C5-92E1-A1E05E9EDA67}C:\program files (x86)\ea games\ultima online mondain's legacy\client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\ultima online mondain's legacy\client.exe |

"TCP Query User{D6F385E4-8788-473B-811A-BE5A63270609}C:\program files (x86)\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin |

"TCP Query User{E8D18DD5-06D6-4397-A17B-405D3540D476}C:\users\franca\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe |

"TCP Query User{F9E34D85-6133-4DD6-A271-EF3D0778834B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

"UDP Query User{419AC317-9323-4273-948C-B04157D5E7EC}C:\program files (x86)\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files (x86)\metin2\metin2client.bin |

"UDP Query User{C5145141-E235-4F57-B5C1-0D328AEEAEF8}C:\users\franca\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\franca\appdata\local\akamai\netsession_win.exe |

"UDP Query User{E9ED0506-E373-435A-AC1F-8575E4DD73BC}C:\program files (x86)\ea games\ultima online mondain's legacy\client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\ultima online mondain's legacy\client.exe |

"UDP Query User{F383AC72-139A-4072-95F2-FAB8F9CCC87C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01651F94-6956-4F93-8AFE-0A30DB230BDB}" = HP 3D DriveGuard

"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector

"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)

"{25B473DB-CC8D-384A-ACE7-7CFB119B7E03}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack

"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java 6 Update 22 (64-bit)

"{27B3E5AA-5B75-414A-AC37-F5ADDFA68BDB}" = Windows Live Family Safety

"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.573

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources

"{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java SE Development Kit 6 Update 15 (64-bit)

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu

"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2007

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Pannello di controllo NVIDIA 314.22

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver grafico 314.22

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aggiornamenti NVIDIA 1.12.12

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Driver audio HD 1.3.23.1

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter

"CCleaner" = CCleaner

"FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"WNLT" = IB Updater Service

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam

"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0B500125-92A7-40BF-ACF0-45A9221ADE21}_is1" = PowerOffer 2.0

"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader

"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver

"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34A08914-7A33-4040-A959-1577BF5AFF8A}" = Microsoft Works

"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons

"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack

"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor

"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4DAF72C7-78D4-4823-BA66-FE8FE3D5BD0A}" = Installazione Guidata Alice ADSL

"{4E432692-A736-4F77-AF77-F9078CF88D31}" = HP Wireless Assistant

"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3

"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2

"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV

"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite

"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger

"{70C24EB5-5C57-4E24-B29D-AB425CE1866F}" = Aeria Ignite

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7

"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update

"{7C4196CA-CA41-4F34-9C08-7724E7705D52}" = Jasc Animation Shop 3

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later

"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007

"{90120000-0015-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007

"{90120000-0016-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007

"{90120000-0018-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007

"{90120000-0019-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007

"{90120000-001A-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007

"{90120000-001B-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0410-1000-0000000FF1CE}_ENTERPRISE_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2007

"{90120000-0044-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007

"{90120000-006E-0410-0000-0000000FF1CE}_ENTERPRISE_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007

"{90120000-00A1-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2007

"{90120000-00BA-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Italiano

"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video

"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6

"{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"{C89F2092-B9E4-46FD-83BB-C6F2D7838CED}" = Windows Live Sync

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player

"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD

"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials

"{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}" = Ultima Online: Mondain's Legacy

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series

"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio

"{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer

"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live

"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX

"{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}" = QuickTime

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = VideoStudio

"{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5

"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL

"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video

"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner

"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Aeria Ignite" = Aeria Ignite

"Aeria Ignite 1.11.2111" = Aeria Ignite

"Akamai" = Akamai NetSession Interface Service

"aTube Catcher" = aTube Catcher

"Avira AntiVir Desktop" = Avira Free Antivirus

"Cheat Engine 6.2_is1" = Cheat Engine 6.2

"EasyBits Magic Desktop" = Magic Desktop

"ENTERPRISE" = Microsoft Office Enterprise 2007

"GinyasBrowserCompanion" = GinyasBrowserCompanion

"HyperMediaCenter 3.5_is1" = HyperMediaCenter 3.5

"HyperMediaCenter_is1" = HyperMediaCenter Software

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam

"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite

"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV

"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD

"InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV

"InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = Corel VideoStudio 12

"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.70.0.1100

"Mozilla Firefox 19.0.2 (x86 it)" = Mozilla Firefox 19.0.2 (x86 it)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"PhotoScape" = PhotoScape

"Revo Uninstaller" = Revo Uninstaller 1.94

"Shaiya-IT" = Shaiya-IT

"Sqirlz Water Reflections" = Sqirlz Water Reflections

"TeamViewer 5" = TeamViewer 5

"TeamViewer 6" = TeamViewer 6

"uTorrent" = µTorrent

"uTorrentBar_IT Toolbar" = uTorrentBar_IT Toolbar

"WildTangent hp Master Uninstall" = HP Games

"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner

"Windows Media Encoder 9" = Windows Media Encoder 9 Series

"WinLiveSuite" = Windows Live Essentials

"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Akamai" = Akamai NetSession Interface

"NGM Phonesuite" = NGM Phonesuite

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 08/04/2013 05:07:22 | Computer Name = Fraba-PC | Source = VmbService | ID = 0

Description = conflictManagerTypeValue

Error - 09/04/2013 04:31:02 | Computer Name = Fraba-PC | Source = VmbService | ID = 0

Description = conflictManagerTypeValue

Error - 09/04/2013 04:31:08 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0

Description = Impossibile avviare il servizio. Handle non valido

Error - 09/04/2013 05:20:10 | Computer Name = Fraba-PC | Source = SideBySide | ID = 16842815

Description = Generazione del contesto di attivazione non riuscita per "c:\Program

Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Errore nel file

manifesto o dei criteri "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe

AIR.dll", riga 3. Il valore "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

dell'attributo "version" nell'elemento "assemblyIdentity" non è valido.

Error - 09/04/2013 15:50:03 | Computer Name = Fraba-PC | Source = Application Error | ID = 1000

Description = Nome dell'applicazione che ha generato l'errore: tbhcn.exe, versione:

1.0.0.5, timestamp: 0x50f25761 Nome del modulo che ha generato l'errore: tbhcn.exe,

versione: 1.0.0.5, timestamp: 0x50f25761 Codice eccezione: 0x40000015 Offset errore

0x0007a2fd ID processo che ha generato l'errore: 0x1e64 Ora di avvio dell'applicazione

che ha generato l'errore: 0x01ce355b6bafcae7 Percorso dell'applicazione che ha generato

l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe Percorso del modulo che

ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe ID segnalazione:

aafcae09-a14e-11e2-9a6e-8ab075bf2cba

Error - 10/04/2013 05:58:13 | Computer Name = Fraba-PC | Source = VmbService | ID = 0

Description = conflictManagerTypeValue

Error - 10/04/2013 05:58:16 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0

Description = Impossibile avviare il servizio. Handle non valido

Error - 10/04/2013 05:58:17 | Computer Name = Fraba-PC | Source = Application Error | ID = 1000

Description = Nome dell'applicazione che ha generato l'errore: tbhcn.exe, versione:

1.0.0.5, timestamp: 0x50f25761 Nome del modulo che ha generato l'errore: tbhcn.exe,

versione: 1.0.0.5, timestamp: 0x50f25761 Codice eccezione: 0x40000015 Offset errore

0x0007a2fd ID processo che ha generato l'errore: 0x7d8 Ora di avvio dell'applicazione

che ha generato l'errore: 0x01ce35d1e31b0b03 Percorso dell'applicazione che ha generato

l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe Percorso del modulo che

ha generato l'errore: C:\ProgramData\GinyasBrowserCompanion bhcn.exe ID segnalazione:

2a0f3334-a1c5-11e2-aa62-d0ef4098ecb1

Error - 10/04/2013 14:22:19 | Computer Name = Fraba-PC | Source = PowerOffer Upd Service | ID = 0

Description = Impossibile avviare il servizio. Handle non valido

Error - 10/04/2013 14:22:24 | Computer Name = Fraba-PC | Source = VmbService | ID = 0

Description = conflictManagerTypeValue

[ Hewlett-Packard Events ]

Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean)

Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean)

Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean)

Error - 30/12/2012 12:34:34 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean)

Error - 31/12/2012 07:33:12 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261 in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean)

Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean)

Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean)

Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean)

Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean)

Error - 31/12/2012 07:33:13 | Computer Name = Fraba-PC | Source = HPSF.exe | ID = 2000

Description = HP Error ID: -2147467261HPSF.exe in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Message: Riferimento a un oggetto non impostato su un'istanza di

oggetto. StackTrace: in HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean

includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01

Path:

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: it-IT

RAM:

4022 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean)

[ Media Center Events ]

Error - 20/12/2010 05:31:36 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 10:31:36 - Errore di connessione a Internet. 10:31:36 - Impossibile

contattare il server..

Error - 20/12/2010 05:32:14 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 10:32:05 - Errore di connessione a Internet. 10:32:05 - Impossibile

contattare il server..

Error - 20/12/2010 06:32:45 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 11:32:45 - Errore di connessione a Internet. 11:32:45 - Impossibile

contattare il server..

Error - 20/12/2010 06:33:15 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 11:33:14 - Errore di connessione a Internet. 11:33:14 - Impossibile

contattare il server..

Error - 20/12/2010 07:33:47 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 12:33:47 - Errore di connessione a Internet. 12:33:47 - Impossibile

contattare il server..

Error - 20/12/2010 07:34:16 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 12:34:16 - Errore di connessione a Internet. 12:34:16 - Impossibile

contattare il server..

Error - 22/12/2010 15:07:38 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 20:07:38 - Errore di connessione a Internet. 20:07:38 - Impossibile

contattare il server..

Error - 22/12/2010 15:08:11 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 20:08:07 - Errore di connessione a Internet. 20:08:07 - Impossibile

contattare il server..

Error - 05/01/2011 08:41:35 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 13:41:31 - Errore di connessione a Internet. 13:41:31 - Impossibile

contattare il server..

Error - 10/01/2011 02:58:41 | Computer Name = Fraba-PC | Source = MCUpdate | ID = 0

Description = 07:58:38 - Errore di connessione a Internet. 07:58:38 - Impossibile

contattare il server..

[ System Events ]

Error - 01/04/2013 01:42:50 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022

Description = Servizio Pos Service bloccato in partenza.

Error - 01/04/2013 01:42:50 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022

Description = Servizio Serv Updater bloccato in partenza.

Error - 05/04/2013 14:14:42 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7022

Description = Servizio Pos Service bloccato in partenza.

Error - 05/04/2013 18:23:11 | Computer Name = Fraba-PC | Source = DCOM | ID = 10010

Description =

Error - 07/04/2013 12:48:29 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7031

Description = Il servizio Akamai NetSession Interface è stato arrestato in modo

imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione

saranno eseguite tra 1000 millisecondi: Riavvia il servizio.

Error - 07/04/2013 12:48:29 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7034

Description = Arresto imprevista del servizio Easybits Shared Services for Windows.

Questo evento si è già verificato 1 volta(e).

Error - 07/04/2013 12:56:45 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7030

Description = Il servizio PEVSystemStart è contrassegnato come interattivo. Il sistema

non è configurato per consentire servizi interattivi. Questo servizio potrà non

funzionare correttamente.

Error - 07/04/2013 12:59:42 | Computer Name = Fraba-PC | Source = Application Popup | ID = 1060

Description = Caricamento del driver \??\C:\ComboFix\catchme.sys bloccato a causa

di incompatibilità con il sistema in uso. Rivolgersi al fornitore del software

per richiedere una versione compatibile del driver.

Error - 07/04/2013 12:59:43 | Computer Name = Fraba-PC | Source = Application Popup | ID = 1060

Description = Caricamento del driver \??\C:\ComboFix\catchme.sys bloccato a causa

di incompatibilità con il sistema in uso. Rivolgersi al fornitore del software

per richiedere una versione compatibile del driver.

Error - 07/04/2013 13:00:23 | Computer Name = Fraba-PC | Source = Service Control Manager | ID = 7030

Description = Il servizio PEVSystemStart è contrassegnato come interattivo. Il sistema

non è configurato per consentire servizi interattivi. Questo servizio potrà non

funzionare correttamente.

< End of report >

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software

Run date: 2013-04-11 00:27:51

-----------------------------

00:27:51.739 OS Version: Windows x64 6.1.7601 Service Pack 1

00:27:51.739 Number of processors: 4 586 0x2502

00:27:51.739 ComputerName: FRABA-PC UserName: Franca

00:27:53.596 Initialize success

00:28:25.288 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

00:28:25.288 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3

00:28:25.382 Disk 0 MBR read successfully

00:28:25.397 Disk 0 MBR scan

00:28:25.397 Disk 0 unknown MBR code

00:28:25.413 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048

00:28:25.413 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459624 MB offset 409600

00:28:25.444 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17012 MB offset 941719552

00:28:25.460 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128

00:28:25.507 Disk 0 scanning C:\Windows\system32\drivers

00:28:34.477 Service scanning

00:28:50.545 Modules scanning

00:28:50.560 Disk 0 trace - called modules:

00:28:50.576 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys

00:28:50.592 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800586d060]

00:28:50.592 3 CLASSPNP.SYS[fffff880010bb43f] -> nt!IofCallDriver -> [0xfffffa8005704b10]

00:28:50.607 5 hpdskflt.sys[fffff88001dea189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a37050]

00:28:50.623 Scan finished successfully

00:29:00.232 Disk 0 MBR has been saved successfully to "C:\Users\Franca\Desktop\MBR.dat"

00:29:00.232 The log file has been saved successfully to "C:\Users\Franca\Desktop\aswMBR.txt"

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software

Run date: 2013-04-11 00:27:51

-----------------------------

00:27:51.739 OS Version: Windows x64 6.1.7601 Service Pack 1

00:27:51.739 Number of processors: 4 586 0x2502

00:27:51.739 ComputerName: FRABA-PC UserName: Franca

00:27:53.596 Initialize success

00:28:25.288 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

00:28:25.288 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3

00:28:25.382 Disk 0 MBR read successfully

00:28:25.397 Disk 0 MBR scan

00:28:25.397 Disk 0 unknown MBR code

00:28:25.413 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048

00:28:25.413 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459624 MB offset 409600

00:28:25.444 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17012 MB offset 941719552

00:28:25.460 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128

00:28:25.507 Disk 0 scanning C:\Windows\system32\drivers

00:28:34.477 Service scanning

00:28:50.545 Modules scanning

00:28:50.560 Disk 0 trace - called modules:

00:28:50.576 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys

00:28:50.592 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800586d060]

00:28:50.592 3 CLASSPNP.SYS[fffff880010bb43f] -> nt!IofCallDriver -> [0xfffffa8005704b10]

00:28:50.607 5 hpdskflt.sys[fffff88001dea189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a37050]

00:28:50.623 Scan finished successfully

00:29:00.232 Disk 0 MBR has been saved successfully to "C:\Users\Franca\Desktop\MBR.dat"

00:29:00.232 The log file has been saved successfully to "C:\Users\Franca\Desktop\aswMBR.txt"

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software

Run date: 2013-04-11 00:27:51

-----------------------------

00:27:51.739 OS Version: Windows x64 6.1.7601 Service Pack 1

00:27:51.739 Number of processors: 4 586 0x2502

00:27:51.739 ComputerName: FRABA-PC UserName: Franca

00:27:53.596 Initialize success

00:28:25.288 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

00:28:25.288 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3

00:28:25.382 Disk 0 MBR read successfully

00:28:25.397 Disk 0 MBR scan

00:28:25.397 Disk 0 unknown MBR code

00:28:25.413 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048

00:28:25.413 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459624 MB offset 409600

00:28:25.444 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17012 MB offset 941719552

00:28:25.460 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128

00:28:25.507 Disk 0 scanning C:\Windows\system32\drivers

00:28:34.477 Service scanning

00:28:50.545 Modules scanning

00:28:50.560 Disk 0 trace - called modules:

00:28:50.576 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys

00:28:50.592 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800586d060]

00:28:50.592 3 CLASSPNP.SYS[fffff880010bb43f] -> nt!IofCallDriver -> [0xfffffa8005704b10]

00:28:50.607 5 hpdskflt.sys[fffff88001dea189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a37050]

00:28:50.623 Scan finished successfully

00:29:00.232 Disk 0 MBR has been saved successfully to "C:\Users\Franca\Desktop\MBR.dat"

00:29:00.232 The log file has been saved successfully to "C:\Users\Franca\Desktop\aswMBR.txt"

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software

Run date: 2013-04-11 00:27:51

-----------------------------

00:27:51.739 OS Version: Windows x64 6.1.7601 Service Pack 1

00:27:51.739 Number of processors: 4 586 0x2502

00:27:51.739 ComputerName: FRABA-PC UserName: Franca

00:27:53.596 Initialize success

00:28:25.288 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

00:28:25.288 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3

00:28:25.382 Disk 0 MBR read successfully

00:28:25.397 Disk 0 MBR scan

00:28:25.397 Disk 0 unknown MBR code

00:28:25.413 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048

00:28:25.413 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459624 MB offset 409600

00:28:25.444 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17012 MB offset 941719552

00:28:25.460 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128

00:28:25.507 Disk 0 scanning C:\Windows\system32\drivers

00:28:34.477 Service scanning

00:28:50.545 Modules scanning

00:28:50.560 Disk 0 trace - called modules:

00:28:50.576 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys

00:28:50.592 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800586d060]

00:28:50.592 3 CLASSPNP.SYS[fffff880010bb43f] -> nt!IofCallDriver -> [0xfffffa8005704b10]

00:28:50.607 5 hpdskflt.sys[fffff88001dea189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a37050]

00:28:50.623 Scan finished successfully

00:29:00.232 Disk 0 MBR has been saved successfully to "C:\Users\Franca\Desktop\MBR.dat"

00:29:00.232 The log file has been saved successfully to "C:\Users\Franca\Desktop\aswMBR.txt"

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

ok con quest' ultimo file allegato credo di aver fatto tutto quello che mi hai chiesto, aspetto notizie grazie mille.

MBR.rar

Condividi questo messaggio


Link di questo messaggio
Condividi su altri siti

Crea un account o accedi per lasciare un commento

Devi essere un utente registrato per partecipare

Crea un account

Iscriviti per un nuovo account nella nostra community. È facile!


Registra un nuovo account

Accedi

Sei già registrato? Accedi qui.


Accedi Ora