Buongiorno
ho fatto una scansione con Otl per cercare di eliminare un falso positivo di Java (aggiornamento) e allego i due file.
Se qualche anima pia gli da un occhiata sarei molto riconoscente.
Grazie
OTL logfile created on: 30/12/2013 1.29.32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\User\Documenti\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
2,99 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 72,58% Memory free
4,84 Gb Paging File | 4,11 Gb Available in Paging File | 84,99% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 288,32 Gb Total Space | 239,86 Gb Free Space | 83,19% Space Free | Partition Type: NTFS
Computer Name: 96F48F9281DE45B | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\User\Documenti\Download\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\User\Impostazioni locali\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Programmi\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programmi\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programmi\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programmi\Google\Update\1.3.22.3\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programmi\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
PRC - C:\Programmi\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
PRC - C:\Programmi\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
PRC - C:\Programmi\File comuni\Java\Java Update\jusched.exe (Oracle Corporation)
PRC - C:\WINDOWS\system32\C2MP\UpdateChecker.exe ()
PRC - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
========== Modules (No Company Name) ========== MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
MOD - C:\Programmi\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\system32\C2MP\UpdateChecker.exe ()
MOD - C:\Programmi\Panda Security\Panda Cloud Antivirus\sqlite3.dll ()
========== Services (SafeList) ========== SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (JavaQuickStarterService) -- C:\Programmi\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programmi\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (MozillaMaintenance) -- C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (PSUAService) -- C:\Programmi\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
SRV - (NanoServiceMain) -- C:\Programmi\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
SRV - (SkypeUpdate) -- C:\Programmi\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MBAMService) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Skype C2C Service) -- C:\Documents and Settings\All Users\Dati applicazioni\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (NMIndexingService) -- C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
SRV - (ose) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MDM) -- C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (Network WanMiniport First Position) -- C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe ()
========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found
DRV - (sbapifs) -- system32\drivers\sbapifs.sys File not found
DRV - (sbaphd) -- system32\drivers\sbaphd.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (gfiark) -- system32\drivers\gfiark.sys File not found
DRV - (FreshIO) -- C:\Programmi\FreshDevices\FreshDiagnose\FreshIO.sys File not found
DRV - (Changer) -- File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (PSINAflt) -- C:\WINDOWS\system32\drivers\PSINAflt.sys (Panda Security, S.L.)
DRV - (PSINReg) -- C:\WINDOWS\system32\drivers\PSINReg.sys (Panda Security, S.L.)
DRV - (PSINProt) -- C:\WINDOWS\system32\drivers\PSINProt.sys (Panda Security, S.L.)
DRV - (PSINProc) -- C:\WINDOWS\system32\drivers\PSINProc.sys (Panda Security, S.L.)
DRV - (PSINKNC) -- C:\WINDOWS\system32\drivers\PSINKNC.sys (Panda Security, S.L.)
DRV - (PSINFile) -- C:\WINDOWS\system32\drivers\PSINFile.sys (Panda Security, S.L.)
DRV - (NNSSTRM) -- C:\WINDOWS\system32\drivers\NNSStrm.sys (Panda Security, S.L.)
DRV - (NNSSMTP) -- C:\WINDOWS\system32\drivers\NNSSmtp.sys (Panda Security, S.L.)
DRV - (NNSTLSC) -- C:\WINDOWS\system32\drivers\NNStlsc.sys (Panda Security, S.L.)
DRV - (NNSPROT) -- C:\WINDOWS\system32\drivers\NNSProt.sys (Panda Security, S.L.)
DRV - (NNSPRV) -- C:\WINDOWS\system32\drivers\NNSPrv.sys (Panda Security, S.L.)
DRV - (NNSPOP3) -- C:\WINDOWS\system32\drivers\NNSPop3.sys (Panda Security, S.L.)
DRV - (NNSIDS) -- C:\WINDOWS\system32\drivers\NNSIds.sys (Panda Security, S.L.)
DRV - (NNSPICC) -- C:\WINDOWS\system32\drivers\NNSpicc.sys (Panda Security, S.L.)
DRV - (NNSPIHS) -- C:\WINDOWS\system32\drivers\NNSpihs.sys (Panda Security, S.L.)
DRV - (NNSHTTP) -- C:\WINDOWS\system32\drivers\NNSHttp.sys (Panda Security, S.L.)
DRV - (NNSHTTPS) -- C:\WINDOWS\system32\drivers\NNSHttps.sys (Panda Security, S.L.)
DRV - (NNSALPC) -- C:\WINDOWS\system32\drivers\NNSAlpc.sys (Panda Security, S.L.)
DRV - (PSKMAD) -- C:\WINDOWS\system32\drivers\PSKMAD.sys (Panda Security, S.L.)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Programmi\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (NETw5x32) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)
DRV - (k57w2k) -- C:\WINDOWS\system32\drivers\k57xp32.sys (Broadcom Corporation)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (ManyCam) -- C:\WINDOWS\system32\drivers\ManyCam.sys (ManyCam LLC.)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (MRENDIS5) -- C:\Programmi\Common Files\Motive\MRENDIS5.sys (Motive, Inc.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.corriere.itIE - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNC_itIT355
IE - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.corriere.it/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Programmi\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Programmi\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programmi\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Programmi\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Programmi\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Programmi\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Programmi\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Programmi\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Dati applicazioni\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\User\Dati applicazioni\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Documents and Settings\User\Dati applicazioni\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\User\Dati applicazioni\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/23 13.02.09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2013/12/12 05.09.30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2013/12/12 11.28.40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/23 13.02.09 | 000,000,000 | ---D | M]
[2013/02/25 09.37.09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dati applicazioni\Mozilla\Extensions
[2013/01/25 14.50.15 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Documents and Settings\User\Dati applicazioni\Mozilla\Extensions\statuswinks@StatusWinks
[2013/12/11 12.59.50 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2013/12/12 11.28.40 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programmi\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/12/11 12.59.50 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\browser\extensions
[2013/12/12 11.28.40 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programmi\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/12/11 13.00.06 | 000,000,000 | ---D | M] (Default) -- C:\Programmi\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/10/23 15.01.34 | 000,102,400 | ---- | M] (Zylom) -- C:\Programmi\mozilla firefox\plugins\npzylomgamesplayer.dll
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
http://www.corriere.it/CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = c:\programmi\google\chrome\application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = c:\programmi\google\chrome\application\31.0.1650.63\pdf.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\User\Dati applicazioni\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\User\Dati applicazioni\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Documents and Settings\User\Dati applicazioni\Mozilla\plugins\npo1d.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programmi\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programmi\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Zylom Plugin (Enabled) = C:\Programmi\Mozilla Firefox\plugins\npzylomgamesplayer.dll
CHR - plugin: Microsoft\u00C3\u201A\u00C2\u00AE DRM (Enabled) = C:\Programmi\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programmi\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00C3\u201A\u00C2\u00AE DRM (Enabled) = C:\Programmi\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U13 (Enabled) = C:\Programmi\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Programmi\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Programmi\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00C3\u201A\u00C2\u00AE Photo Gallery (Enabled) = C:\Programmi\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - plugin: Java Deployment Toolkit 7.0.130.20 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Programmi\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Documenti Google = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Ricerca Google = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.12.0.13601_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Documenti Google = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Ricerca Google = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.12.0.13601_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013/12/29 22.19.05 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Guida per l'accesso a Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AzMixerSel] C:\Programmi\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PSUAMain] C:\Programmi\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programmi\File comuni\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f File not found
O4 - HKU\.DEFAULT..\RunOnce: [panda2_0dn_XP] reg.exe delete "HKCU\Software\panda2_0dn" /f File not found
O4 - HKU\.DEFAULT..\RunOnce: [panda4_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda4_0dn" /f File not found
O4 - HKU\.DEFAULT..\RunOnce: [panda4_0dn_XP] reg.exe delete "HKCU\Software\panda4_0dn" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [panda2_0dn_XP] reg.exe delete "HKCU\Software\panda2_0dn" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [panda4_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda4_0dn" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [panda4_0dn_XP] reg.exe delete "HKCU\Software\panda4_0dn" /f File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\CodecPackUpdateChecker.lnk = C:\WINDOWS\system32\C2MP\UpdateChecker.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1343304945109 (MUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5AF00FB4-1416-440D-8F1E-04B0E0CF3B91}: NameServer = 193.70.152.15 212.52.97.15
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA6042B4-DAF4-45F2-8BF0-F48F49433E91}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA6042B4-DAF4-45F2-8BF0-F48F49433E91}: NameServer = 193.70.152.15,193.70.152.25
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\File comuni\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmi\File comuni\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programmi\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\Programmi\MarkAny\ContentSafer\MACSMANAGER.dll (MarkAny Cooperation.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/14 09.42.28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 60 Days ========== [2013/12/30 00.52.47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dati applicazioni\Nico Mak Computing
[2013/12/29 23.12.35 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/12/29 22.11.33 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/12/29 22.08.39 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/12/29 21.36.30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Max Secure
[2013/12/29 21.28.55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dati applicazioni\GetRightToGo
[2013/12/29 11.44.23 | 000,047,632 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\PSKMAD.sys
[2013/12/27 23.58.34 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\Java
[2013/12/27 23.58.27 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/12/27 23.58.27 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/12/27 23.58.18 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/12/27 23.58.18 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/12/27 23.58.18 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/12/27 23.58.18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Java
[2013/12/27 21.59.42 | 000,000,000 | ---D | C] -- C:\Programmi\Hosts_Anti_Adwares_PUPs
[2013/12/27 21.51.35 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/12/27 21.21.17 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/12/25 12.14.07 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013/12/24 11.24.14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Media Player - Codec Pack
[2013/12/24 11.23.00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\C2MP
[2013/12/14 14.08.20 | 000,030,008 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2013/12/13 11.36.51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\PDFCreator
[2013/12/13 11.36.45 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2013/12/13 11.36.45 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX
[2013/12/13 11.36.45 | 000,054,784 | ---- | C] (pdfforge GbR) -- C:\WINDOWS\System32\pdfcmon.dll
[2013/12/13 11.36.43 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCIT.DLL
[2013/12/13 11.36.43 | 000,122,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6IT.DLL
[2013/12/13 11.36.43 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCC2IT.DLL
[2013/12/13 11.36.43 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMPIDE.DLL
[2013/12/13 11.36.42 | 000,000,000 | ---D | C] -- C:\Programmi\PDFCreator
[2013/12/12 12.13.13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dati applicazioni\uTorrent
[2013/12/12 11.39.08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\QuickTime
[2013/12/12 11.38.23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer
[2013/12/12 11.36.10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Google Earth
[2013/12/12 07.38.50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Documenti\File ricevuti
[2013/12/12 05.08.58 | 000,000,000 | ---D | C] -- C:\Programmi\QuickTime
[2013/12/11 12.59.49 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Firefox
[2013/12/10 10.22.49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Doctor Web
[2013/11/28 15.40.29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013/11/28 14.27.58 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidparse.sys
[2013/11/28 14.22.42 | 000,123,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbvideo.sys
[2013/11/28 14.22.42 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2013/11/28 14.22.42 | 000,046,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irbus.sys
[2013/11/28 14.19.45 | 000,032,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2013/11/28 14.19.45 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbd.sys
[2013/11/27 21.47.44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\cache
[2013/11/25 11.41.12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Malwarebytes' Anti-Malware
[2013/11/25 11.40.58 | 000,000,000 | ---D | C] -- C:\Programmi\Malwarebytes' Anti-Malware
[2013/11/25 00.00.40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dati applicazioni\MarineAquarium3Free_57
[2013/11/23 14.32.43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Iminent(2)
[2013/11/05 21.16.37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Panda Cloud Antivirus
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 60 Days ========== [2013/12/30 01.07.09 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013/12/30 01.02.00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/12/30 00.40.30 | 000,236,466 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2013/12/30 00.40.27 | 000,001,122 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/30 00.40.20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/12/30 00.40.16 | 000,275,760 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/12/30 00.35.00 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/30 00.17.05 | 000,268,945 | ---- | M] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\census.cache
[2013/12/30 00.17.04 | 000,228,922 | ---- | M] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\ars.cache
[2013/12/29 23.40.00 | 000,001,238 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-879983540-1417001333-1003UA.job
[2013/12/29 23.32.05 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/12/29 22.19.05 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/12/29 22.11.42 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013/12/27 23.58.07 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/12/27 23.58.03 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/12/27 23.58.03 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/12/27 23.58.03 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/12/27 23.58.03 | 000,145,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/12/27 09.33.58 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/12/26 18.40.00 | 000,001,186 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-879983540-1417001333-1003Core.job
[2013/12/26 17.47.27 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/12/25 15.08.42 | 000,638,441 | ---- | M] () -- C:\Documents and Settings\User\Documenti\DSC_0631.jpg
[2013/12/24 12.14.34 | 000,001,606 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\CodecPackUpdateChecker.lnk
[2013/12/24 11.39.51 | 000,000,192 | ---- | M] () -- C:\Documents and Settings\User\default.pls
[2013/12/20 15.31.29 | 000,146,146 | ---- | M] () -- C:\Documents and Settings\User\Documenti\1483956_422312534564392_917526880_n.jpg
[2013/12/20 15.31.24 | 000,108,091 | ---- | M] () -- C:\Documents and Settings\User\Documenti\1477843_422312601231052_812081273_n.jpg
[2013/12/20 15.31.17 | 000,129,474 | ---- | M] () -- C:\Documents and Settings\User\Documenti\1470841_422312557897723_919493017_n.jpg
[2013/12/20 15.30.58 | 001,250,150 | ---- | M] () -- C:\Documents and Settings\User\Documenti\DSC_0553.jpg
[2013/12/18 11.03.14 | 000,002,531 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Microsoft Office Word 2003.lnk
[2013/12/17 11.43.50 | 000,000,007 | ---- | M] () -- C:\Documents and Settings\User\ComX
[2013/12/17 09.20.28 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\housecall.guid.cache
[2013/12/16 18.41.20 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/12/16 18.41.20 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/12/13 19.37.19 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/12/13 14.12.04 | 000,002,008 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013/12/13 11.36.51 | 000,000,829 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PDFArchitect.lnk
[2013/12/13 11.36.51 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PDFCreator.lnk
[2013/12/12 12.14.45 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\User\Desktop\µTorrent.lnk
[2013/12/12 05.09.17 | 000,001,588 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2013/12/11 17.01.18 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2013/12/11 17.00.00 | 000,032,568 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2013/12/11 16.59.54 | 000,030,008 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2013/12/10 21.39.55 | 000,001,891 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/12/10 10.45.35 | 000,000,771 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Collegamento a drweb-cureit.lnk
[2013/12/06 06.39.38 | 000,001,779 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/11/28 16.15.58 | 000,548,642 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2013/11/28 16.15.58 | 000,477,748 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/28 16.15.58 | 000,100,216 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2013/11/28 16.15.58 | 000,078,206 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/11/28 03.58.21 | 000,000,658 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/11/27 21.46.10 | 000,001,441 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/11/08 09.49.53 | 000,056,312 | ---- | M] () -- C:\Documents and Settings\User\Documenti\IMG-20131107-WA0003.jpg
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/12/29 22.11.42 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013/12/29 22.11.39 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2013/12/25 14.23.34 | 000,638,441 | ---- | C] () -- C:\Documents and Settings\User\Documenti\DSC_0631.jpg
[2013/12/24 11.24.41 | 000,001,606 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\CodecPackUpdateChecker.lnk
[2013/12/17 11.42.01 | 000,000,007 | ---- | C] () -- C:\Documents and Settings\User\ComX
[2013/12/17 09.41.35 | 000,268,945 | ---- | C] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\census.cache
[2013/12/17 09.41.30 | 000,228,922 | ---- | C] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\ars.cache
[2013/12/17 09.20.28 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\housecall.guid.cache
[2013/12/13 11.36.51 | 000,000,829 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PDFArchitect.lnk
[2013/12/13 11.36.51 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PDFCreator.lnk
[2013/12/12 12.14.45 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\User\Desktop\µTorrent.lnk
[2013/12/12 05.09.17 | 000,001,588 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2013/12/10 21.39.55 | 000,001,891 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/12/10 10.45.35 | 000,000,771 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Collegamento a drweb-cureit.lnk
[2013/12/03 11.03.01 | 000,108,091 | ---- | C] () -- C:\Documents and Settings\User\Documenti\1477843_422312601231052_812081273_n.jpg
[2013/12/03 11.02.41 | 000,146,146 | ---- | C] () -- C:\Documents and Settings\User\Documenti\1483956_422312534564392_917526880_n.jpg
[2013/12/03 11.02.30 | 000,129,474 | ---- | C] () -- C:\Documents and Settings\User\Documenti\1470841_422312557897723_919493017_n.jpg
[2013/11/23 13.00.16 | 000,001,441 | ---- | C] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/11/09 14.07.54 | 001,250,150 | ---- | C] () -- C:\Documents and Settings\User\Documenti\DSC_0553.jpg
[2013/11/08 09.49.04 | 000,056,312 | ---- | C] () -- C:\Documents and Settings\User\Documenti\IMG-20131107-WA0003.jpg
[2013/08/30 04.54.26 | 003,915,776 | ---- | C] () -- C:\WINDOWS\System32\ffmpeg.dll
[2013/08/30 04.53.34 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2013/08/30 04.51.58 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2013/08/30 04.51.54 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2013/08/30 04.51.50 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2013/08/30 04.51.48 | 001,525,760 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2013/08/30 04.51.48 | 000,211,968 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2013/08/30 04.51.48 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2013/08/30 04.51.40 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2013/08/30 04.51.40 | 000,136,704 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2013/07/26 14.24.22 | 006,275,760 | ---- | C] () -- C:\WINDOWS\System32\avcodec-lav-55.dll
[2013/07/26 14.24.22 | 001,239,216 | ---- | C] () -- C:\WINDOWS\System32\avformat-lav-55.dll
[2013/07/26 14.24.22 | 000,394,416 | ---- | C] () -- C:\WINDOWS\System32\swscale-lav-2.dll
[2013/07/26 14.24.22 | 000,288,944 | ---- | C] () -- C:\WINDOWS\System32\avutil-lav-52.dll
[2013/07/26 14.24.22 | 000,235,184 | ---- | C] () -- C:\WINDOWS\System32\avfilter-lav-3.dll
[2013/07/26 14.24.22 | 000,190,640 | ---- | C] () -- C:\WINDOWS\System32\libbluray.dll
[2013/07/26 14.24.22 | 000,150,192 | ---- | C] () -- C:\WINDOWS\System32\avresample-lav-1.dll
[2013/06/03 23.45.52 | 000,002,008 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013/04/14 11.00.06 | 000,150,016 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2013/04/14 11.00.02 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2013/04/14 10.59.54 | 000,143,872 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2013/04/14 10.59.48 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2013/04/14 10.59.36 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\dsmux.exe
[2013/04/14 10.59.32 | 000,154,624 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2013/04/14 10.59.28 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2013/04/14 10.59.12 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2013/04/14 10.59.10 | 000,137,728 | ---- | C] () -- C:\WINDOWS\System32\mkv2vfr.exe
[2013/04/14 10.59.06 | 000,357,376 | ---- | C] () -- C:\WINDOWS\System32\gdsmux.exe
[2013/04/14 10.59.06 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2013/04/14 10.58.12 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2013/04/14 10.58.12 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2013/04/05 21.27.16 | 000,203,264 | ---- | C] () -- C:\WINDOWS\System32\spdif_test.exe
[2013/04/05 21.27.12 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\ac3config.exe
[2013/04/05 21.27.10 | 001,021,440 | ---- | C] () -- C:\WINDOWS\System32\ac3filter_intl.dll
[2013/01/27 11.41.01 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/09/29 23.47.28 | 000,000,178 | ---- | C] () -- C:\WINDOWS\System32\Formats.ini
[2012/08/25 17.14.19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\0x0304A000.sfl
[2012/03/27 12.02.12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2009/11/04 20.25.47 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/15 20.23.56 | 000,000,192 | ---- | C] () -- C:\Documents and Settings\User\default.pls
========== ZeroAccess Check ========== [2012/08/27 15.15.27 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 13.00.00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 11.51.43 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 13.00.00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2013/09/19 03.53.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\pandasecuritytb
[2010/12/24 18.56.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AQ
[2011/05/18 12.30.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVG Security Toolbar(2)
[2011/05/19 21.52.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVG10
[2011/02/17 23.32.10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Common Files
[2012/06/02 14.06.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Easybits GO
[2013/11/25 11.41.29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Iminent(2)
[2013/12/29 21.39.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Max Secure
[2011/05/19 22.12.40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MFAData
[2013/09/19 11.40.40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Panda Security
[2013/07/15 22.30.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\SpinTop Games
[2012/08/23 19.28.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TuneUp Software
[2010/01/02 16.45.03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Zylom
[2012/08/23 19.27.15 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/07/28 14.21.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dati applicazioni\pandasecuritytb
[2012/08/26 19.29.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dati applicazioni\TuneUp Software
[2013/07/10 09.14.03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dati applicazioni\pandasecuritytb
[2011/02/17 23.32.40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\AVG10
[2009/10/15 21.11.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\DataCast
[2012/06/14 14.08.11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\FreshDiagnose
[2013/12/29 21.30.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\GetRightToGo
[2012/06/02 14.06.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\go
[2012/12/25 16.21.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\ManyCam
[2013/11/25 00.00.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\MarineAquarium3Free_57
[2013/12/30 01.04.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Nico Mak Computing
[2011/05/19 22.21.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Panda Security
[2010/08/28 11.16.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\PhotoScape
[2012/08/26 15.51.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\TuneUp Software
[2013/12/29 01.51.35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\uTorrent
[2012/08/27 15.18.21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Windows Desktop Search
[2012/09/03 19.22.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Windows Search
========== Purity Check ========== < End of report >
OTL Extras logfile created on: 30/12/2013 1.29.32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\User\Documenti\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
2,99 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 72,58% Memory free
4,84 Gb Paging File | 4,11 Gb Available in Paging File | 84,99% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 288,32 Gb Total Space | 239,86 Gb Free Space | 83,19% Space Free | Partition Type: NTFS
Computer Name: 96F48F9281DE45B | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Programmi\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-2000478354-879983540-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Programmi\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Gestione remota Windows
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programmi\HP\Digital Imaging\bin\hpqste08.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hposid01.exe" = C:\Programmi\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Programmi\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Programmi\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programmi\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programmi\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\HP Software Update\HPWUCli.exe" = C:\Programmi\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Programmi\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Programmi\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Programmi\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home -- (Nero AG)
"C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Server di Microsoft DirectPlay8 -- (Microsoft Corporation)
"C:\WINDOWS\system32\dxdiag.exe" = C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programmi\Mozilla Firefox\firefox.exe" = C:\Programmi\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programmi\HP\Digital Imaging\bin\hpqste08.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hposid01.exe" = C:\Programmi\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Programmi\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Programmi\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programmi\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programmi\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\HP Software Update\HPWUCli.exe" = C:\Programmi\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Programmi\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Programmi\Alice ti aiuta\bin\mad.exe" = C:\Programmi\Alice ti aiuta\bin\mad.exe:*:Disabled:Motive Chorus Daemon -- (Motive Communications, Inc.)
"C:\AQ\supdate.exe" = C:\AQ\supdate.exe:*:Enabled:Programma aggiornamento automatico -- (Autosoft Multimedia srl)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Programmi\Panda Security\Panda Security Toolbar\dtuser.exe" = C:\Programmi\Panda Security\Panda Security Toolbar\dtuser.exe:*:Enabled:Panda Security Toolbar DTX Broker -- (Visicom Media Inc.)
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Documents and Settings\User\Documenti\Download\utorrent.exe" = C:\Documents and Settings\User\Documenti\Download\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
"C:\Programmi\Skype\Phone\Skype.exe" = C:\Programmi\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Programmi\Messenger\msmsgs.exe" = C:\Programmi\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Documents and Settings\User\Dati applicazioni\uTorrent\uTorrent.exe" = C:\Documents and Settings\User\Dati applicazioni\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Strumento di caricamento di Windows Live
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{2A83AD05-56E6-3FBD-8752-B4143162EF59}" = Google Talk Plugin
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{373CDA0D-A5B1-4BCB-8E74-C6337DC4A259}" = Microsoft .NET Framework 2.0 Language Pack - ITA
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{43FFE159-3199-4188-A1CD-629166AD1040}" = Nero 7 Premium
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Supporto applicazioni Apple
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{69833D2A-A3A1-449B-ADF7-5FEBFE48FC55}" = Panda Cloud Antivirus
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D7BDA00-A4DA-49F9-BAE4-7FB71FAA4737}" = Windows Live Essentials
"{6F695BCF-9BDC-48AB-8D46-D57CFAD7A248}" = Assistente per l'accesso a Windows Live
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90110410-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0410-0000-0000000FF1CE}" = Pacchetto di compatibilità per Office System 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B802669-7722-4F83-8054-930832188033}" = Raccolta foto di Windows Live
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9D65D46-3708-4F5B-9117-0199C7098D11}" = WanMiniport1st
"{AC76BA86-7AD7-1040-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Italiano
"{AE141553-8A8C-467D-B2E9-A352F1141508}" = Installazione Guidata Alice
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7DD783E-EE11-4B68-AF39-71AE2C457015}" = Windows Live Sync
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = Samsung Media Studio
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2D2B58B-B2FD-46D1-8319-DCE564079934}" = Microsoft .NET Framework 1.1 Italian Language Pack
"{F905718C-60B8-4714-B8AA-3DB88695C747}" = TuneUp Utilities Language Pack (it-IT)
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"2DA959FE3D6F0F5BC313481E72071D510DD786FB" = Windows Driver Package - Intel (w29n51) net (12/19/2007 9.0.4.39)
"6F2C02404E1D60DD35CBAFA786E3791A8680B96C" = Windows Driver Package - Intel (NETw5x32) net (09/25/2008 12.1.2.1)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AliceRE.MCCInstall" = Alice ti aiuta
"CCleaner" = CCleaner
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"ie8" = Windows Internet Explorer 8
"Lame MP3 Codec (for the ACM)" = Lame ACM MP3 Codec
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.75.0.1300
"Media Player - Codec Pack" = Media Player Codec Pack 4.2.9
"Microsoft .NET Framework 2.0 Language Pack - ITA" = Microsoft .NET Framework 2.0 - Language Pack (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Mozilla Firefox 19.0 (x86 it)" = Mozilla Firefox 19.0 (x86 it)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"Panda Universal Agent Endpoint" = Panda Cloud Antivirus
"SidaByAutosoft" = Sida Millennium 2003 1.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"VLC media player" = VLC media player 2.1.2
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR gestione archivi
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD_is1" = XviD MPEG-4 Video Codec
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2000478354-879983540-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 26/12/2013 12.52.58 | Computer Name = 96F48F9281DE45B | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore wlxphotogallery.exe, versione
14.0.8081.709, modulo che ha provocato l'errore unknown, versione 0.0.0.0, indirizzo
errore 0x62613cf0.
Error - 26/12/2013 12.53.30 | Computer Name = 96F48F9281DE45B | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore wlxphotogallery.exe, versione
14.0.8081.709, modulo che ha provocato l'errore unknown, versione 0.0.0.0, indirizzo
errore 0x62613cf0.
Error - 29/12/2013 18.32.09 | Computer Name = 96F48F9281DE45B | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore explorer.exe, versione 6.0.2900.5512,
modulo che ha provocato l'errore nemp4splitter.ax, versione 4.9.4.1, indirizzo
errore 0x0002a65b.
Error - 29/12/2013 18.32.14 | Computer Name = 96F48F9281DE45B | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore drwtsn32.exe, versione 5.1.2600.0,
modulo che ha provocato l'errore dbghelp.dll, versione 5.1.2600.5512, indirizzo
errore 0x0001295d.
Error - 29/12/2013 18.33.26 | Computer Name = 96F48F9281DE45B | Source = Application Hang | ID = 1002
Description = Applicazione in stallo explorer.exe, versione 6.0.2900.5512, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.
Error - 29/12/2013 18.34.05 | Computer Name = 96F48F9281DE45B | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore explorer.exe, versione 6.0.2900.5512,
modulo che ha provocato l'errore nemp4splitter.ax, versione 4.9.4.1, indirizzo
errore 0x0002a65b.
Error - 29/12/2013 18.35.20 | Computer Name = 96F48F9281DE45B | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore explorer.exe, versione 6.0.2900.5512,
modulo che ha provocato l'errore nemp4splitter.ax, versione 4.9.4.1, indirizzo
errore 0x0002a65b.
Error - 29/12/2013 18.44.04 | Computer Name = 96F48F9281DE45B | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore explorer.exe, versione 6.0.2900.5512,
modulo che ha provocato l'errore nemp4splitter.ax, versione 4.9.4.1, indirizzo
errore 0x0002a65b.
Error - 29/12/2013 19.35.39 | Computer Name = 96F48F9281DE45B | Source = Application Hang | ID = 1002
Description = Applicazione in stallo AcroRd32.exe, versione 11.0.4.63, modulo in
stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.
Error - 29/12/2013 19.35.44 | Computer Name = 96F48F9281DE45B | Source = Application Hang | ID = 1001
Description = Bucket -473805052 errato.
[ System Events ]
Error - 29/12/2013 18.48.01 | Computer Name = 96F48F9281DE45B | Source = Service Control Manager | ID = 7026
Description = All'avvio non è stato possibile caricare i seguenti driver: sbaphd
Error - 29/12/2013 18.55.06 | Computer Name = 96F48F9281DE45B | Source = Service Control Manager | ID = 7000
Description = Il servizio sbapifs non è stato avviato per il seguente errore: %%2
Error - 29/12/2013 18.55.10 | Computer Name = 96F48F9281DE45B | Source = Service Control Manager | ID = 7026
Description = All'avvio non è stato possibile caricare i seguenti driver: sbaphd
Error - 29/12/2013 19.02.41 | Computer Name = 96F48F9281DE45B | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio MDM con gli argomenti "" per eseguire il server {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 29/12/2013 19.30.38 | Computer Name = 96F48F9281DE45B | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio MDM con gli argomenti "" per eseguire il server {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 29/12/2013 19.40.51 | Computer Name = 96F48F9281DE45B | Source = Service Control Manager | ID = 7000
Description = Il servizio sbapifs non è stato avviato per il seguente errore: %%2
Error - 29/12/2013 19.40.55 | Computer Name = 96F48F9281DE45B | Source = Service Control Manager | ID = 7026
Description = All'avvio non è stato possibile caricare i seguenti driver: sbaphd
Error - 29/12/2013 19.41.27 | Computer Name = 96F48F9281DE45B | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio MDM con gli argomenti "" per eseguire il server {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 29/12/2013 19.52.25 | Computer Name = 96F48F9281DE45B | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio MDM con gli argomenti "" per eseguire il server {0C0A3666-30C9-11D0-8F20-00805F2CD064}
Error - 29/12/2013 19.53.03 | Computer Name = 96F48F9281DE45B | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio MDM con gli argomenti "" per eseguire il server {0C0A3666-30C9-11D0-8F20-00805F2CD064}
< End of report >