salve shapiro ti mando il log di adwcleaner.
grazie a presto.
# AdwCleaner v2.011 - Logfile creato il 09/12/2012 alle 17:03:36
# Aggiornamento 02/12/2012 by Xplode
# Sistema Operativo : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Utente : maury - PC-MAURY
# Modalità Avvio : Modalità Normale
# Eseguito da : C:\Users\maury\Desktop\adwcleaner.exe
# Opzioni [Elimina]


***** [Servizi] *****


***** [File / Cartelle] *****

Cartella Eliminato : C:\Program Files\Ask.com
Cartella Eliminato : C:\Program Files\BabylonToolbar
Cartella Eliminato : C:\Program Files\Conduit
Cartella Eliminato : C:\Program Files\Fast Browser Search
Cartella Eliminato : C:\Program Files\Iminent
Cartella Eliminato : C:\Program Files\MAX_IT_Atube
Cartella Eliminato : C:\Program Files\NCH
Cartella Eliminato : C:\Program Files\PHPNukeIT
Cartella Eliminato : C:\Program Files\Search_USA
Cartella Eliminato : C:\Program Files\SGPSA
Cartella Eliminato : C:\Program Files\Softonic-IT
Cartella Eliminato : C:\Program Files\Widestream6
Cartella Eliminato : C:\ProgramData\Ask
Cartella Eliminato : C:\ProgramData\Babylon
Cartella Eliminato : C:\ProgramData\Iminent
Cartella Eliminato : C:\ProgramData\Tarma Installer
Cartella Eliminato : C:\ProgramData\Trymedia
Cartella Eliminato : C:\Users\maury\AppData\Local\APN
Cartella Eliminato : C:\Users\maury\AppData\Local\AskToolbar
Cartella Eliminato : C:\Users\maury\AppData\Local\Babylon
Cartella Eliminato : C:\Users\maury\AppData\Local\Conduit
Cartella Eliminato : C:\Users\maury\AppData\Local\Softonic-IT
Cartella Eliminato : C:\Users\maury\AppData\Local\widestream6 Air
Cartella Eliminato : C:\Users\maury\AppData\LocalLow\AskToolbar
Cartella Eliminato : C:\Users\maury\AppData\LocalLow\BabylonToolbar
Cartella Eliminato : C:\Users\maury\AppData\LocalLow\Conduit
Cartella Eliminato : C:\Users\maury\AppData\LocalLow\MAX_IT_Atube
Cartella Eliminato : C:\Users\maury\AppData\LocalLow\NCH
Cartella Eliminato : C:\Users\maury\AppData\LocalLow\PHPNukeIT
Cartella Eliminato : C:\Users\maury\AppData\LocalLow\Search_USA
Cartella Eliminato : C:\Users\maury\AppData\LocalLow\Softonic-IT
Cartella Eliminato : C:\Users\maury\AppData\Roaming\Babylon
Cartella Eliminato : C:\Users\maury\AppData\Roaming\FissaSearch
Cartella Eliminato : C:\Users\maury\AppData\Roaming\iWin
Cartella Eliminato : C:\Users\maury\AppData\Roaming\Mozilla\Firefox\Profiles\a3phgt45.default\extensions\@FissaPlugin
Cartella Eliminato : C:\Users\maury\AppData\Roaming\Mozilla\Firefox\Profiles\a3phgt45.default\extensions\ffxtlbr@babylon.com
Cartella Eliminato : C:\Users\maury\AppData\Roaming\Mozilla\Firefox\Profiles\a3phgt45.default\extensions\toolbar@ask.com
Cartella Eliminato : C:\Users\maury\AppData\Roaming\widestream
Cartella Eliminato : C:\Windows\Installer\{835525BE-63BD-4EC4-9425-00CEAD4849C2}
Cartella Eliminato : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
File Eliminato : C:\Users\maury\AppData\Local\hcvprlga.bat
File Eliminato : C:\Users\maury\AppData\Local\hcvprlga.dat
File Eliminato : C:\Users\maury\AppData\Local\hcvprlga_nav.dat
File Eliminato : C:\Users\maury\AppData\Local\hcvprlga_navps.dat
File Eliminato : C:\Users\maury\AppData\Local\ykwyc.dat
File Eliminato : C:\Users\maury\AppData\Local\ykwyc_nav.dat
File Eliminato : C:\Users\maury\AppData\Local\ykwyc_navps.dat
File Eliminato : C:\Users\maury\AppData\Roaming\Mozilla\Firefox\Profiles\a3phgt45.default\searchplugins\Askcom.xml

***** [Registro] *****

Chiave Eliminata : HKCU\Software\APN
Chiave Eliminata : HKCU\Software\AppDataLow\AskToolbarInfo
Chiave Eliminata : HKCU\Software\AppDataLow\Software\AskToolbar
Chiave Eliminata : HKCU\Software\AppDataLow\Software\Conduit
Chiave Eliminata : HKCU\Software\AppDataLow\Software\MAX_IT_Atube
Chiave Eliminata : HKCU\Software\AppDataLow\Software\NCH
Chiave Eliminata : HKCU\Software\AppDataLow\Software\PHPNukeIT
Chiave Eliminata : HKCU\Software\AppDataLow\Software\Search_USA
Chiave Eliminata : HKCU\Software\AppDataLow\Software\Softonic-IT
Chiave Eliminata : HKCU\Software\AppDataLow\Toolbar
Chiave Eliminata : HKCU\Software\Ask.com
Chiave Eliminata : HKCU\Software\AskToolbar
Chiave Eliminata : HKCU\Software\BabylonToolbar
Chiave Eliminata : HKCU\Software\Conduit
Chiave Eliminata : HKCU\Software\FissaSearch
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B41306C6-96D0-442A-BCC4-B0F621E82CE9}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F48DA960-0FD9-4BB5-9826-C0C271C6C74D}
Chiave Eliminata : HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\7EE743314C844C7F445B8B1D7617612DF1FDD50F
Chiave Eliminata : HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\E6A6A4A475FCE37F8B5AC2F1244DEB2BFCA5615A
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MAX_IT_Atube Toolbar
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\NCH Toolbar
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PHPNukeIT Toolbar
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search Guard Plus
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search Guard Plus Updater
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search_USA Toolbar
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchTheWebARP
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Softonic-IT Toolbar
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E9C9453-038B-4C2D-999D-21E0D2AA7CE5}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C965F3F-8EFD-4BFC-A2C5-1672845FDBBF}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48405D3D-2674-4CD8-B1EF-9A719443BD3F}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E3393495-8103-46A0-8181-270273EDDD60}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0626A63-410B-45E2-99A1-3F2475B2D695}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E9C9453-038B-4C2D-999D-21E0D2AA7CE5}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C965F3F-8EFD-4BFC-A2C5-1672845FDBBF}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48405D3D-2674-4CD8-B1EF-9A719443BD3F}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E3393495-8103-46A0-8181-270273EDDD60}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0626A63-410B-45E2-99A1-3F2475B2D695}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Chiave Eliminata : HKCU\Software\Softonic
Chiave Eliminata : HKCU\Software\Softonic-IT
Chiave Eliminata : HKCU\Software\Spointer
Chiave Eliminata : HKCU\Software\WideStream
Chiave Eliminata : HKCU\Toolbar
Chiave Eliminata : HKLM\Software\APN
Chiave Eliminata : HKLM\Software\AskToolbar
Chiave Eliminata : HKLM\Software\Babylon
Chiave Eliminata : HKLM\Software\BabylonToolbar
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{055069F3-F78B-4BD1-A277-FE66648D3300}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\b
Chiave Eliminata : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Chiave Eliminata : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Chiave Eliminata : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\BHO.PSHelper
Chiave Eliminata : HKLM\SOFTWARE\Classes\BHO.PSHelper.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{0E9C9453-038B-4C2D-999D-21E0D2AA7CE5}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{0F61678D-579B-48E3-A29A-E1AC9A5B5D6C}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{2C965F3F-8EFD-4BFC-A2C5-1672845FDBBF}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{48405D3D-2674-4CD8-B1EF-9A719443BD3F}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{89FB596D-B819-4234-9171-FEBE10831DDD}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{BAD5390A-65C8-4662-9DB3-FA7F679711CF}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{CFD18783-ABF5-4FB3-944D-15CBEE79181A}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{E3393495-8103-46A0-8181-270273EDDD60}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Chiave Eliminata : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chiave Eliminata : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Chiave Eliminata : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Chiave Eliminata : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Chiave Eliminata : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Chiave Eliminata : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Prod.cap
Chiave Eliminata : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Chiave Eliminata : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\TBSB07183.IEToolbar
Chiave Eliminata : HKLM\SOFTWARE\Classes\TBSB07183.IEToolbar.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\TBSB07183.TBSB07183
Chiave Eliminata : HKLM\SOFTWARE\Classes\TBSB07183.TBSB07183.3
Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar.CT2102507
Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar.CT2117678
Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar.CT2137658
Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar.CT2530241
Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar3.XBTBPos00
Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar3.XBTBPos00.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chiave Eliminata : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Chiave Eliminata : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Chiave Eliminata : HKLM\Software\Conduit
Chiave Eliminata : HKLM\Software\FissaSearch
Chiave Eliminata : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Chiave Eliminata : HKLM\Software\Iminent
Chiave Eliminata : HKLM\Software\MAX_IT_Atube
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E9C9453-038B-4C2D-999D-21E0D2AA7CE5}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C965F3F-8EFD-4BFC-A2C5-1672845FDBBF}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48405D3D-2674-4CD8-B1EF-9A719443BD3F}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3393495-8103-46A0-8181-270273EDDD60}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0F61678D-579B-48E3-A29A-E1AC9A5B5D6C}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89FB596D-B819-4234-9171-FEBE10831DDD}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BAD5390A-65C8-4662-9DB3-FA7F679711CF}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CFD18783-ABF5-4FB3-944D-15CBEE79181A}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MAX_IT_Atube Toolbar
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NCH Toolbar
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PHPNukeIT Toolbar
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search_USA Toolbar
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic-IT Toolbar
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TBSB07183.TBSB07183Toolbar
Chiave Eliminata : HKLM\Software\NCH
Chiave Eliminata : HKLM\Software\PHPNukeIT
Chiave Eliminata : HKLM\Software\Search_USA
Chiave Eliminata : HKLM\Software\Softonic-IT
Chiave Eliminata : HKLM\Software\Tarma Installer
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0E9C9453-038B-4C2D-999D-21E0D2AA7CE5}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1BB22D38-A411-4B13-A746-C2A4F4EC7344}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2C965F3F-8EFD-4BFC-A2C5-1672845FDBBF}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{48405D3D-2674-4CD8-B1EF-9A719443BD3F}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E3393495-8103-46A0-8181-270273EDDD60}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0E9C9453-038B-4C2D-999D-21E0D2AA7CE5}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{2C965F3F-8EFD-4BFC-A2C5-1672845FDBBF}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{48405D3D-2674-4CD8-B1EF-9A719443BD3F}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E3393495-8103-46A0-8181-270273EDDD60}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0E9C9453-038B-4C2D-999D-21E0D2AA7CE5}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1BB22D38-A411-4B13-A746-C2A4F4EC7344}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2C965F3F-8EFD-4BFC-A2C5-1672845FDBBF}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{48405D3D-2674-4CD8-B1EF-9A719443BD3F}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{E3393495-8103-46A0-8181-270273EDDD60}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0E9C9453-038B-4C2D-999D-21E0D2AA7CE5}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{2C965F3F-8EFD-4BFC-A2C5-1672845FDBBF}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{48405D3D-2674-4CD8-B1EF-9A719443BD3F}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{E3393495-8103-46A0-8181-270273EDDD60}]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Browser Internet] *****

-\\ Internet Explorer v8.0.6001.19328

Sostituito : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.fissa.com/it/?s=h&c=1101054697&suid=EmRvU03qr&d=6&pid=28 --> hxxp://www.google.com
Sostituito : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?babsrc=NT_ss&affID=107763&mntrId=2446dbda00000000000000238b127a7a --> hxxp://www.google.com

-\\ Mozilla Firefox v2.0 (en-US)

Nome Profilo : default
File : C:\Users\maury\AppData\Roaming\Mozilla\Firefox\Profiles\a3phgt45.default\prefs.js

Eliminata : user_pref("browser.search.defaultenginename", "Ask.com");
Eliminata : user_pref("browser.search.selectedEngine", "Ask.com");
Eliminata : user_pref("browser.startup.homepage", "hxxp://www.qword.com/?s=3");
Eliminata : user_pref("browser.search.order.1", "Ask.com");
Eliminata : user_pref("browser.search.defaultengine", "Ask.com");
Eliminata : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=16050&locale=i[...]
Eliminata : user_pref("extensions.asktb.ff-original-keyword-url", "");

-\\ Google Chrome v23.0.1271.95

File : C:\Users\maury\AppData\Local\Google\Chrome\User Data\Default\Preferences

Eliminata [l.58] : icon_url = "hxxp://www.ask.com/favicon.ico",
Eliminata [l.61] : keyword = "ask.com",
Eliminata [l.64] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=16050&locale=it_IT&[...]
Eliminata [l.65] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]

-\\ Chromium vnstall: 18772

File : C:\Users\maury\AppData\Local\Chromium\User Data\Default\Preferences

[OK] File Pulito.

*************************

AdwCleaner[S1].txt - [29792 octets] - [09/12/2012 17:03:36]

########## EOF - C:\AdwCleaner[S1].txt - [29853 octets] ##########

shapiro ti ho spedito tutti e due i log di "otl", speriamo che vada bene cosi.
grazie.



OTL logfile created on: 09/12/2012 17.14.26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\maury\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19328)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,99 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 41,79% Memory free
6,19 Gb Paging File | 4,23 Gb Available in Paging File | 68,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 21,05 Gb Free Space | 14,61% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 25,14 Gb Free Space | 17,89% Space Free | Partition Type: NTFS

Computer Name: PC-MAURY | User Name: maury | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Users\maury\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
PRC - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (IObit)
PRC - C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Users\maury\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
PRC - C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe ()
PRC - C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
PRC - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Common Files\SPBA\upeksvr.exe (UPEK Inc.)
PRC - C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Program Files\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\ACER\Mobility Center\MobilityService.exe ()
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Program Files\Acer\Acer VCM\acp2HID.exe (Acer Inc.)


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\d08cb6b1c4052e6f5a4e2452870d67d7\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ee724aeea5f1b9d8a01fa6047fd2ef99\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3009.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll ()
MOD - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll ()
MOD - C:\Windows\System32\SysHook.dll ()
MOD - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll ()
MOD - C:\Windows\PLFSetI.exe ()
MOD - C:\Program Files\Acer\Acer VCM\AcerControl.dll ()


========== Services (SafeList) ==========

SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe File not found
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdvancedSystemCareService5) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (IObit)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (IGBASVC) -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe ()
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (CLHNService) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (RS_Service) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (MobilityService) -- C:\ACER\Mobility Center\MobilityService.exe ()


========== Driver Services (SafeList) ==========

DRV - (ONDAusbvoice) -- system32\DRIVERS\ONDAusbvoice.sys File not found
DRV - (ONDAusbser6k) -- system32\DRIVERS\ONDAusbser6k.sys File not found
DRV - (ONDAusbnmea) -- system32\DRIVERS\ONDAusbnmea.sys File not found
DRV - (ONDAusbnet) -- system32\DRIVERS\ONDAusbnet.sys File not found
DRV - (ONDAusbmdm6k) -- system32\DRIVERS\ONDAusbmdm6k.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found
DRV - (auzeantt) -- File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswNdis2) -- C:\Windows\System32\drivers\aswNdis2.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFW) -- C:\Windows\System32\drivers\aswFW.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
DRV - (aswNdis) -- C:\Windows\System32\drivers\aswNdis.sys (ALWIL Software)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (npf) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (L1E) -- C:\Windows\System32\drivers\L1E60x86.sys (Atheros Communications, Inc.)
DRV - (NETw5v32) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (AlfaFF) -- C:\Windows\System32\drivers\AlfaFF.sys (Alfa Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (WSVD) -- C:\Windows\System32\drivers\WSVD.sys (CyberLink)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (NTIPPKernel) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (winbondcir) -- C:\Windows\System32\drivers\winbondcir.sys (Winbond Electronics Corporation)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C8 E8 2C 80 2D 24 CB 01 [binary data]
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\..\SearchScopes\{0F36E18A-6296-4333-9D99-269AAFE3D111}_Trova Rapido: "URL" = http://www.trovarapido.com/?t=Q090825882&s=b&keywords={searchTerms}
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\..\SearchScopes\{55AE5E02-9EAC-4137-9559-B5408187DEE5}: "URL" = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_itIT304
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\..\SearchScopes\{74F13B24-ADB7-4422-9719-44C37E913792}: "URL" = http://www.fastbrowsersearch.com/results/results.aspx?q={searchTerms}&c=web&s=DSP&v=18&tid={F1EC9B96-34E3-4c9d-B5D2-3C6AD2B41281}
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\..\SearchScopes\Yahoo!: "URL" = http://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms}
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mytalkpal.com/ffplugin: C:\Program Files\Talkpal\Speech Plugin For EF\npTalkpalPlugin.dll (Shanghai Qitai Tech. Co., Ltd.)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\maury\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/07 22.43.39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/07 22.43.39 | 000,000,000 | ---D | M]

[2011/08/18 15.07.03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maury\AppData\Roaming\mozilla\Extensions
[2011/08/18 15.07.03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maury\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2010/07/05 14.24.27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maury\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012/12/09 17.04.06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maury\AppData\Roaming\mozilla\Firefox\Profiles\a3phgt45.default\extensions
[2010/07/05 14.16.49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maury\AppData\Roaming\mozilla\Firefox\Profiles\a3phgt45.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2009/01/13 22.10.17 | 000,000,000 | ---D | M] (Microsoft Choice Guard) -- C:\Users\maury\AppData\Roaming\mozilla\Firefox\Profiles\a3phgt45.default\extensions\ChoiceGuard@Microsoft
[2009/08/25 14.23.50 | 000,002,370 | ---- | M] () -- C:\Users\maury\AppData\Roaming\mozilla\firefox\profiles\a3phgt45.default\searchplugins\Trova Rapido.xml
[2008/12/12 18.56.19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008/12/12 17.57.04 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
File not found (No name found) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\REAL-NETWORKS@PARTNERS.MOZILLA.COM
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\TALKBACK@MOZILLA.ORG

========== Chrome ==========

CHR - default_search_provider: Ask (Enabled)
CHR - default_search_provider: search_url = http://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=16050&locale=it_IT&apn_uid=218D4AC6-EC41-4A50-B102-0D59DBB064E2&apn_ptnrs=OF&apn_sauid=13074C63-738D-47CB-B42E-76A9CBFAE86F&apn_dtid=VIN005YYIT&q={searchTerms}
CHR - default_search_provider: suggest_url = http://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Talkpal Scriptable Plugin for Mozilla (Enabled) = C:\Program Files\Talkpal\Speech Plugin For EF\npTalkpalPlugin.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\maury\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: avast! WebRep = C:\Users\maury\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\

O1 HOSTS File: ([2006/09/18 22.41.30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000..\Run: [Facebook Update] C:\Users\maury\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx File not found
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.101.93.101 83.103.25.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{198710FC-58B1-4C0E-AC09-E1E572A1AEC2}: DhcpNameServer = 62.101.93.101 83.103.25.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF4A143B-D579-4A71-999D-963E701D5E04}: DhcpNameServer = 62.13.173.92 62.13.173.93
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll) - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O20 - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Users\maury\AppData\Roaming\Microsoft\Windows Photo Gallery\Sfondo della Raccolta foto Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\maury\AppData\Roaming\Microsoft\Windows Photo Gallery\Sfondo della Raccolta foto Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/11 17.01.03 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0c0dbb1f-e973-11dd-991c-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{0c0dbb1f-e973-11dd-991c-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{0c0dbbc5-e973-11dd-991c-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{0c0dbbc5-e973-11dd-991c-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{1fdb24fa-4beb-11e0-bceb-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{1fdb24fa-4beb-11e0-bceb-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{33c3eb79-0fd2-11de-9664-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{33c3eb79-0fd2-11de-9664-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{525fb8aa-d2b1-11dd-a764-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{525fb8aa-d2b1-11dd-a764-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{525fb8dc-d2b1-11dd-a764-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{525fb8dc-d2b1-11dd-a764-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{73653560-e8b5-11dd-af8b-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{73653560-e8b5-11dd-af8b-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{dd96165c-5b8b-11de-b882-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{dd96165c-5b8b-11de-b882-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e006c2e0-0f3b-11de-9557-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{e006c2e0-0f3b-11de-9557-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e006c319-0f3b-11de-9557-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{e006c319-0f3b-11de-9557-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 60 Days ==========

[2012/12/09 17.02.19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\maury\Desktop\OTL.exe
[2012/12/06 12.37.19 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/12/06 12.37.19 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/12/06 12.37.19 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012/11/27 16.55.24 | 000,106,560 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2012/11/27 16.50.49 | 000,199,320 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2012/11/27 16.50.48 | 000,020,624 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2012/11/27 16.50.36 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2012/11/27 16.44.51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2012/11/15 19.17.37 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012/11/15 19.14.42 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/10/17 12.13.19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/10/17 12.11.02 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/10/17 12.11.00 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2012/12/09 17.13.52 | 000,662,846 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2012/12/09 17.13.51 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/12/09 17.13.51 | 000,120,326 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2012/12/09 17.13.51 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/12/09 17.09.14 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/09 17.08.55 | 000,002,299 | ---- | M] () -- C:\Users\maury\AppData\Roaming\acervcmtmp.ini
[2012/12/09 17.08.35 | 000,118,283 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/12/09 17.07.25 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2012/12/09 17.07.03 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/09 17.07.02 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012/12/09 17.06.34 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/09 17.06.34 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/09 17.06.15 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2012/12/09 17.06.09 | 3215,839,232 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/09 17.04.50 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/12/09 17.02.34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\maury\Desktop\OTL.exe
[2012/12/09 17.02.19 | 000,540,743 | ---- | M] () -- C:\Users\maury\Desktop\adwcleaner.exe
[2012/12/09 17.00.59 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1966CEFA-5143-4222-93F2-B4BB796179CD}.job
[2012/12/09 13.39.00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012/12/09 12.03.02 | 000,001,178 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4123135755-2403480350-4181657236-1000UA.job
[2012/12/08 21.03.01 | 000,001,156 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4123135755-2403480350-4181657236-1000Core.job
[2012/11/27 16.50.48 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/11/19 19.00.16 | 000,374,304 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/11/15 21.13.01 | 000,002,337 | ---- | M] () -- C:\Users\maury\Desktop\Skype.lnk
[2012/11/15 19.17.37 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012/11/15 19.14.42 | 002,047,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/11/10 18.58.35 | 000,118,283 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/11/10 18.30.01 | 000,123,904 | ---- | M] () -- C:\Users\maury\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/30 23.51.58 | 000,738,504 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/10/30 23.51.58 | 000,361,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/10/30 23.51.58 | 000,199,320 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2012/10/30 23.51.58 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/10/30 23.51.58 | 000,035,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012/10/30 23.51.57 | 000,058,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/10/30 23.51.56 | 000,106,560 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2012/10/30 23.51.56 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/10/30 23.51.56 | 000,020,624 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2012/10/30 23.51.07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/10/30 23.50.59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/09 17.01.54 | 000,540,743 | ---- | C] () -- C:\Users\maury\Desktop\adwcleaner.exe
[2012/07/04 21.31.08 | 000,000,000 | ---- | C] () -- C:\Users\maury\AppData\Roaming\wklnhst.dat
[2011/05/12 18.04.22 | 000,124,556 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011/05/02 23.30.50 | 001,144,147 | ---- | C] () -- C:\Windows\System32\ffmpegmt.dll
[2011/05/02 23.27.54 | 003,935,545 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll
[2011/05/02 21.23.46 | 000,324,096 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2011/05/02 21.19.34 | 000,100,352 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2011/05/02 21.19.20 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/03/18 22.32.44 | 000,163,840 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2011/03/18 22.29.56 | 000,181,248 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2011/03/18 22.28.30 | 001,557,504 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2011/03/18 22.27.08 | 000,178,688 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2011/03/18 22.26.44 | 000,484,864 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2011/03/18 22.25.38 | 000,257,024 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2011/03/18 22.25.24 | 000,141,312 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2011/03/03 12.40.08 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2011/03/03 12.39.56 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll
[2011/03/03 12.39.46 | 000,141,824 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2011/03/03 12.39.34 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2011/03/03 12.39.02 | 000,113,152 | ---- | C] () -- C:\Windows\System32\dsmux.exe
[2011/03/03 12.38.54 | 000,154,112 | ---- | C] () -- C:\Windows\System32\ts.dll
[2011/03/03 12.38.40 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2011/03/03 12.38.10 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll
[2011/03/03 12.38.04 | 000,137,728 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe
[2011/03/03 12.37.50 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll
[2011/03/03 12.37.40 | 000,358,400 | ---- | C] () -- C:\Windows\System32\gdsmux.exe
[2011/03/03 12.35.32 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2011/03/03 12.35.26 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2011/02/22 20.39.04 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/02/22 20.37.30 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/11/18 15.11.14 | 000,025,705 | ---- | C] () -- C:\Users\maury\AppData\Roaming\UserTile.png
[2008/12/13 21.35.40 | 000,000,088 | ---- | C] () -- C:\Users\maury\AppData\Local\tbfedi.bat
[2008/12/13 15.43.41 | 000,002,299 | ---- | C] () -- C:\Users\maury\AppData\Roaming\acervcmtmp.ini
[2008/12/02 15.43.03 | 000,001,356 | ---- | C] () -- C:\Users\maury\AppData\Local\d3d9caps.dat
[2008/12/02 15.39.20 | 000,118,283 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/12/02 15.39.07 | 000,118,283 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/12/01 20.11.32 | 000,123,904 | ---- | C] () -- C:\Users\maury\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 13.54.22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18.47.00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07.28.19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07.28.25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008/07/31 17.52.22 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2008/07/31 17.52.22 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2009/08/20 16.37.36 | 000,000,000 | -HSD | M] -- C:\Users\maury\AppData\Roaming\.#
[2008/12/04 15.11.08 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Acer
[2008/07/31 17.52.22 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Acer GameZone Console
[2011/10/16 15.37.33 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Ashampoo
[2012/04/20 18.50.45 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Autodesk
[2011/08/16 15.48.14 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\AVG10
[2010/11/18 14.12.44 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Azureus
[2008/12/05 17.04.14 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Big Fish Games
[2008/12/13 23.09.59 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Canneverbe_Limited
[2012/06/25 18.47.06 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\DAEMON Tools Lite
[2009/08/20 12.16.47 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Datalayer
[2008/12/13 17.31.54 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\eSobi
[2008/12/11 09.17.21 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Gaijin Ent
[2008/12/12 19.49.13 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\GameHouse
[2008/12/27 19.03.15 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\GlarySoft
[2012/06/25 18.39.29 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\IObit
[2009/08/25 14.24.10 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\live-player
[2010/07/18 16.15.14 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\NCH Swift Sound
[2012/01/19 21.11.42 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Nokia
[2012/01/19 21.11.15 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\PC Suite
[2010/11/18 15.11.13 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\PeerNetworking
[2008/12/12 22.30.59 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\PlayFirst
[2011/11/16 23.08.05 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\PlayPond
[2011/07/13 13.21.34 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Publish Providers
[2010/07/18 15.45.10 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Recordpad
[2011/07/13 13.21.10 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Sony
[2011/11/20 17.42.37 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Sports Interactive
[2012/02/27 21.12.05 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\TeamViewer
[2012/07/04 21.31.13 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Template
[2011/08/18 15.06.43 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\TomTom
[2010/07/01 09.25.57 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Uniblue
[2012/04/20 08.54.33 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:953FDC1A
@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:4E6B8D68
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:1D6B18F1
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:8CE646EE
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:193426B4
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:C86B29EB
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:4BB26BE9
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:FC420CE6
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:C95B63DA
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:5C321E34
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:861A898F
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4F636E25
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:8173A019
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:708BB0FA
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:E36F5B57
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:131C0EE9
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:B623B5B8
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:A561576B
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:FEBEC560
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:957E9765
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:580E04D8
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:793F316E
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:9E22BBE8

< End of report >





OTL Extras logfile created on: 09/12/2012 17.14.26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\maury\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19328)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,99 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 41,79% Memory free
6,19 Gb Paging File | 4,23 Gb Available in Paging File | 68,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 21,05 Gb Free Space | 14,61% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 25,14 Gb Free Space | 17,89% Space Free | Partition Type: NTFS

Computer Name: PC-MAURY | User Name: maury | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D78ACD8-5174-46D7-BBEE-054859E700DD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{22A742CF-7948-454F-A245-F75022004B14}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{29C251D1-E701-4E9A-B17C-F749A41CD25D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3AA444A7-19F7-424C-93B3-E8B85120F0BF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4107BEB9-F298-48A8-93FC-077E690C1371}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{441691D8-3399-460A-9FB5-AA1B1B2550C3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4EFC4823-C2F2-4D7D-948A-E9067516E2C2}" = lport=6667 | protocol=6 | dir=in | name=mirc |
"{5686ECE2-A3B8-47C9-9F61-7F4E080BEB95}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6E708977-A45C-4D5D-A348-7EA9604F9681}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{75DDCEAB-EF1D-4089-A19A-6AA34B0EB4A2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7A4CC2F7-36C3-4F3B-97B4-62D7EE59108F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7C95BAA6-AF7F-453E-86CF-819BF2C8BEA5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A681D75C-8643-4EAB-8E6E-560679B1A730}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A6D30EB7-393D-4948-8DF6-96998BC93E3F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A7475F19-2DAC-4D6C-83F0-91DDD8297BCB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B6C7083B-87C3-4285-A8E4-D40AB81C98E2}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C7E43A77-E87A-4381-AE9C-4A81B21A2F82}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CA225279-264E-4354-8B5B-8B8A37C878F0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DE260FFD-615A-44E9-A98F-6D6ED6D96090}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{F0FBBA35-60C6-4032-B8B9-39643CF2A928}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F427C660-B8E1-4D1A-B002-8EFD33D4AF6E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A8FEC5-44DC-4DD8-B586-5C55A6332F6C}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{07FE7BA7-4668-4518-B15D-15D3B696612C}" = protocol=6 | dir=in | app=c:\users\maury\downloads\facemoods.exe |
"{0A25D828-8CD8-4FA5-84F2-E02F9D8C1ECA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{0B85B455-85E6-45DE-8000-527F23303AED}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{0F812B6D-C574-4137-82BB-A3B8EF2FF869}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{17B795B1-9461-4B94-AC29-589A7540E4EC}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{197524E8-956D-415C-A4B8-A56B092176D0}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{1AAED7BB-F3D0-48B1-8A85-AEEB3BD3D5B3}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{1AFB3819-9A0C-4335-BE97-534734FFB79C}" = dir=in | app=f:\setup\hpznui01.exe |
"{20312EE7-BE81-43B3-9232-CE516B3E7CEA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{259C0454-5431-4CA0-98C0-CA91C430971E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{28D4C9F3-2E55-4E6B-A562-72E4FB67C449}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{33675FBA-7042-47D3-979A-5E037457AB40}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{39835E83-5D14-497D-8D41-2F9674A77476}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgam.exe |
"{3CF2C154-F8AB-45FF-868F-CB430A6E79EA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3FB9E931-513E-48D1-80E9-098B2639A1C8}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{468D2593-3670-4E74-81B0-5AC65EE682B1}" = dir=in | app=c:\users\maury\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{47408533-D7FE-4507-8BFC-555051B312D0}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{4B9A4869-8728-41FF-BB82-9CAC9CF8D5BE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{5A41FC6E-A4DC-4291-B770-61E821F557F5}" = protocol=6 | dir=out | app=system |
"{5C818E3C-916F-4361-942F-315F58443FF7}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{5F417D10-4645-4074-8B49-F94F394D958F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{644DDEDB-1A3C-440E-9380-D20370F98FD4}" = protocol=17 | dir=in | app=c:\users\maury\desktop\mp3convertersetup.exe |
"{64F5E76A-8875-45BA-95F9-FA43246D6B41}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{65EF3B7E-F484-4380-B4F3-DBA5FC1D311A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{683ED7E4-A738-4E91-8AD2-5D2F30E1731A}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{6A7A6249-8284-4C71-A330-DEC476ED578D}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{6BD4A549-6913-46B4-A308-84606C81313D}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{6DDF7FC4-B53F-4DD6-8883-423F0DDEFC6E}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{719F9CAF-6C8F-41FE-A165-0910710B5769}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{73BD75E1-BB3C-4EBE-98F7-4CAE606B724E}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{7B2C2CB9-3A9A-462D-AD0E-21C4934A704C}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{7BC1A911-DB18-4F72-99E5-F9A00AD273D7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{7D44E950-2500-4CCB-81F3-401DDBD9B505}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{7DE8C8FC-448A-44BD-858B-7C56E41016B6}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe |
"{7E6C1A24-92E1-4092-8735-DF9AFD2CF7AE}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{8763456A-99E2-49C2-941E-8E53B9DE1CE4}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{9590F07A-8DCF-49A6-8BF4-4C20E0551268}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{9E01FD19-7F51-46F7-901D-AC599997F2F4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9E28AF28-035C-49CF-A14A-E93F22F33A2A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{A1CC208A-EC49-4A48-B89E-71E6BF852808}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{A201EE3F-BF41-461D-86CC-8477A5D849BC}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgam.exe |
"{A320A392-61F5-4929-BB44-15345EFCB2DA}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{A3D9DE8E-B349-4E51-B25F-FDD5689E1021}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A46C4E43-9B4F-4707-9BE4-8208EAC11E17}" = protocol=17 | dir=in | app=c:\users\maury\downloads\facemoods.exe |
"{A6D456D2-5E0B-409D-A5B0-398A96C4C707}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{A8194743-FE88-4531-AB49-F6991F70D6AE}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{A902A243-55F5-42EF-9C71-BE33203C1854}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{AAA44B44-E5C3-44D0-AFB0-EA2A2EE1C05F}" = protocol=6 | dir=in | app=c:\users\maury\desktop\mp3convertersetup.exe |
"{AC33474E-C781-4745-8757-7E8451EB0CF6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AF27A98D-D520-4D83-8BC0-E70DD1C10F8D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B0019A41-B4B8-4110-A010-2A3A90612816}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{B92EF3D0-B3FE-4CD0-A608-9A3E2EF5F8FB}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{BD96860D-91BE-4A96-B986-A1398B718D07}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BF6B2D9B-A8D1-45F2-8CF3-A8C8FC087BFA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C2E09CB1-0A65-45E8-AC32-78C5BCE3A6E9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C6A93465-568F-48B4-9A84-DD92D6B36694}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{C91912F1-4D86-4ADD-94AC-9058ADEACFC5}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{C9F4E661-F9E4-4FFE-B412-71A720027C69}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D36CE8DD-9CE3-4FAB-B466-6757F10A2A44}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D6A7BF95-AC45-4C2C-9D7B-CC86A449F37A}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{D6E6B9FE-ADE8-4829-8990-39E989560F6E}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{D7D8A384-7D33-4357-855D-87C684053A82}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D990840D-B3C3-4AD3-93F9-D1F625AB966C}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{DF76A0B4-7C77-42A8-B533-5797E6B8CFE2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E95ABFCE-C8EE-4057-9AA2-88B5CEB5A0DE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F34C1BB7-1311-486B-A2EB-CE1EBB7D78EF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{F702B149-0413-4308-87AB-9C67C0A9FDD2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FAB88F1A-A7D3-4A34-B447-ACE97AA2214E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"TCP Query User{0830D48D-E59D-4FE7-9B28-BB251E5FA7CE}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{207BB5B6-E562-43E4-BED1-B253E7D1E1DB}C:\users\maury\desktop\mirc italiano\mirc.exe" = protocol=6 | dir=in | app=c:\users\maury\desktop\mirc italiano\mirc.exe |
"TCP Query User{26F82410-A54C-4EF0-B518-A5076C55EC78}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{317A907F-4004-4B44-8D48-ADEF10E717FC}E:\portableapps\skypeportable\app\skype\phone\skype.exe" = protocol=6 | dir=in | app=e:\portableapps\skypeportable\app\skype\phone\skype.exe |
"TCP Query User{339226AE-3539-458A-BAA8-8C6A9FEEECDD}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{578E6ADF-0FF9-4AB1-80AC-B154FD775F1D}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=6 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe |
"TCP Query User{62C47115-6899-45B7-90F7-5BDC745E842B}C:\users\maury\desktop\emule.exe" = protocol=6 | dir=in | app=c:\users\maury\desktop\emule.exe |
"TCP Query User{66EE15D7-7006-4806-9D0C-EAFF32FCA8E5}C:\program files\live-player\live-player.exe" = protocol=6 | dir=in | app=c:\program files\live-player\live-player.exe |
"TCP Query User{8E2285ED-772A-4D1B-9AE6-04B5A91E985F}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{A6F98098-BB68-40C2-A6E3-D6B0227CA502}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{A987A82F-F1B3-401D-91C4-190F63BF0CB7}C:\program files\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"TCP Query User{AF67263F-B560-4427-98CE-7BC053BB9AB2}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{C1A028CD-1195-4009-A5E6-C65A5B42FEE8}C:\users\maury\appdata\local\mediaget2\mediaget.exe" = protocol=6 | dir=in | app=c:\users\maury\appdata\local\mediaget2\mediaget.exe |
"TCP Query User{C3DAC782-53F7-4C8F-B961-AE5802C6A9FA}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{C8F1DE91-1381-4C16-8589-DB624536171D}C:\users\maury\desktop\pes2011.exe" = protocol=6 | dir=in | app=c:\users\maury\desktop\pes2011.exe |
"TCP Query User{D040145D-3817-4A83-B50E-73E05DFC9A7C}E:\portableapps\skypeportable\app\skype\phone\skype.exe" = protocol=6 | dir=in | app=e:\portableapps\skypeportable\app\skype\phone\skype.exe |
"TCP Query User{F1983C74-1173-4613-9FA0-6BEBB8CB28C8}C:\program files\fifa 12\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files\fifa 12\game\fifa.exe |
"UDP Query User{1B4B9985-5E21-4E34-927F-5A57B187C8A9}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{21AC7402-9AB7-4358-B19D-10C297328F43}C:\program files\fifa 12\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files\fifa 12\game\fifa.exe |
"UDP Query User{2C9BF450-8EED-4AFA-B403-0B7A98B536F3}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{31D3A465-AF18-4D5C-8902-A5C05B38B088}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" = protocol=17 | dir=in | app=c:\program files\dsnet corp\atube catcher 2.0\yct.exe |
"UDP Query User{3ABAADEA-A9CF-46D4-B0A9-C5621C8601C8}E:\portableapps\skypeportable\app\skype\phone\skype.exe" = protocol=17 | dir=in | app=e:\portableapps\skypeportable\app\skype\phone\skype.exe |
"UDP Query User{3D327F6E-0B0B-4132-9B6E-4362150B2FBC}C:\users\maury\desktop\mirc italiano\mirc.exe" = protocol=17 | dir=in | app=c:\users\maury\desktop\mirc italiano\mirc.exe |
"UDP Query User{3DEBA162-1041-414B-9C51-89CC00E5874C}C:\users\maury\desktop\pes2011.exe" = protocol=17 | dir=in | app=c:\users\maury\desktop\pes2011.exe |
"UDP Query User{559B100C-A7E3-427E-9D69-6FC9E4A80CF9}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{658099F7-FF41-4DD2-9DEE-F64652CE4B3B}C:\program files\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"UDP Query User{6B943D73-253D-4068-A097-03588E052B97}C:\users\maury\appdata\local\mediaget2\mediaget.exe" = protocol=17 | dir=in | app=c:\users\maury\appdata\local\mediaget2\mediaget.exe |
"UDP Query User{6CB84504-BB8B-4875-BCC1-B28A9D34F70F}E:\portableapps\skypeportable\app\skype\phone\skype.exe" = protocol=17 | dir=in | app=e:\portableapps\skypeportable\app\skype\phone\skype.exe |
"UDP Query User{792021AF-D62F-4A71-8BAA-04481355B76B}C:\program files\live-player\live-player.exe" = protocol=17 | dir=in | app=c:\program files\live-player\live-player.exe |
"UDP Query User{A03C6CF1-FC39-494D-AE6F-56B161B08F25}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{B0DBF4AD-2A34-47D0-BB71-A016D073E01A}C:\users\maury\desktop\emule.exe" = protocol=17 | dir=in | app=c:\users\maury\desktop\emule.exe |
"UDP Query User{D41B600E-D500-4111-84E3-DC12CE6F59B6}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{E99FA3D9-9872-460A-8082-8D9489D8318E}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{F8D9AB78-F689-46A3-BEC2-4359EA3CB2D8}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0D343C5F-FE5C-4914-91D9-E9E7A440590E}" = Windows Live Writer
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{10F498FF-5392-4DF3-8F73-FE172A9F3800}" = Winbond CIR Device Drivers
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{15D4C4F7-E0A6-43B0-9BB9-5779A853FE7E}" = Windows Live Movie Maker
"{16D0F2D2-242C-4885-BEF1-4B1655C141AE}" = Bing Bar
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1859BB19-EF0A-4196-9F48-569499FE7420}" = Raccolta foto di Windows Live
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Strumento di caricamento di Windows Live
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{39AE27EE-A148-48A3-B98D-35498C4D9719}" = Windows Live Messenger
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{497072FE-0A75-4E5C-A5B7-EB1FA67F66F1}" = DJ_AIO_06_F4500_SW_MIN
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{55A7B938-3D1E-4819-A87B-F83E736EF52E}" = F4500
"{55CA4086-0D2C-30E3-A7B5-C76BA737CECE}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ita
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5AC11070-A1CB-11E0-A0DC-0013D3D69929}" = Vegas Pro 10.0
"{5DF7AA5E-A1CB-11E0-A7D6-0013D3D69929}" = MSVCRT Redists
"{62D5B0B1-9E1D-4d66-A593-D68F3FED7709}" = Microsoft Works
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Supporto applicazioni Apple
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F695BCF-9BDC-48AB-8D46-D57CFAD7A248}" = Assistente per l'accesso a Windows Live
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7F08A772-2816-4F46-84F1-49578502AD28}" = HP Deskjet F4500 Printer Driver Software 13.0 Rel .6
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0018-0000-0000-0000000FF1CE}" = Microsoft Office PowerPoint 2007
"{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_POWERPOINT_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2007
"{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_WORD_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_WORD_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_WORD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_WORD_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_WORD_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_WORD_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6F87E6-66CE-4419-BE0E-1A71F21EB8DB}" = Windows Live Toolbar
"{9CEB017E-CC16-4C89-B9E4-AAB5A1DD12F9}" = Windows Live Essentials
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A4467C16-B334-4473-AE7C-BD9229E632D9}" = Windows Live Family Safety
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC0A04F7-2BBE-4323-B64C-1B71F2BDBF0D}" = Anteprima (Windows Live Toolbar)
"{AC76BA86-7AD7-1040-7B44-A95000000001}" = Adobe Reader 9.5.2 - Italiano
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B3EABECF-D820-4246-94B8-0CF300CA505A}" = Menu intelligenti (Windows Live Toolbar)
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C3C640B8-95B6-40AE-A058-BE4896CD3010}" = Windows Live Call
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C89F2092-B9E4-46FD-83BB-C6F2D7838CED}" = Windows Live Sync
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E31A24A7-CF73-42B7-8FA1-26644296C9E3}" = Windows Live Mail
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E4026284-E0B1-4AFC-8C3C-0B12510CFB09}" = LAGO Lucky Lindbergh 1.04
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{ECCD28B2-8798-4D16-8126-625D728294A1}" = SPBA 5.8
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2EB512B-1FA1-4BFF-A269-B279726EA2A8}" = Acer Dialer
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"504244733D18C8F63FF584AEB290E3904E791693" = Pacchetto driver Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Acer Acer Bio Protection 6.0.00.17" = Acer Bio Protection

AAU 6.0.00.17
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"aTube Catcher" = aTube Catcher
"avast" = avast! Internet Security
"CCleaner" = CCleaner
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"DAEMON Tools Lite" = DAEMON Tools Lite
"EF Englishtown Advanced Speech Recognition_is1" = EF Englishtown Advanced Speech Recognition versione 4.3.0.0
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 - Un secolo di Aviazione
"FormatFactory" = FormatFactory 2.60
"Glary Utilities_is1" = Glary Utilities 2.10.0.622
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"GridVista" = Acer GridVista
"hcvprlga" = Favorit
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.61.0.1400
"Media Player - Codec Pack" = Media Player Codec Pack 4.0.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - ita" = Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mp3-2-wav" = mp3-2-wav converter 1.14
"NVIDIA Drivers" = NVIDIA Drivers
"POWERPOINT" = Microsoft Office PowerPoint 2007
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TomTom HOME" = TomTom HOME 2.8.2.2264
"TutoreDattilo" = TutoreDattilo 7.14
"USB MP3 Player WIN98 Drivers" = USB MP3 Player WIN98 Drivers
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV 0.9.18
"VMidi" = vanBasco's Karaoke Player
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WORD" = Microsoft Office Word 2007

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/05/2011 12.15.24 | Computer Name = PC-maury | Source = Bonjour Service | ID = 100
Description = 400: ERROR: read_msg errno 10054 (Connessione in corso interrotta
forzatamente dall'host remoto.)

Error - 11/05/2011 12.15.24 | Computer Name = PC-maury | Source = Bonjour Service | ID = 100
Description = 420: ERROR: read_msg errno 10054 (Connessione in corso interrotta
forzatamente dall'host remoto.)

Error - 11/05/2011 12.15.24 | Computer Name = PC-maury | Source = Bonjour Service | ID = 100
Description = 416: ERROR: read_msg errno 10054 (Connessione in corso interrotta
forzatamente dall'host remoto.)

Error - 11/05/2011 12.15.24 | Computer Name = PC-maury | Source = Bonjour Service | ID = 100
Description = 408: ERROR: read_msg errno 10054 (Connessione in corso interrotta
forzatamente dall'host remoto.)

Error - 11/05/2011 12.15.24 | Computer Name = PC-maury | Source = Bonjour Service | ID = 100
Description = 412: ERROR: read_msg errno 10054 (Connessione in corso interrotta
forzatamente dall'host remoto.)

Error - 20/05/2011 5.31.41 | Computer Name = PC-maury | Source = WinMgmt | ID = 10
Description =

Error - 21/05/2011 8.04.55 | Computer Name = PC-maury | Source = WinMgmt | ID = 10
Description =

Error - 21/05/2011 12.50.59 | Computer Name = PC-maury | Source = WinMgmt | ID = 10
Description =

Error - 23/05/2011 4.21.31 | Computer Name = PC-maury | Source = WinMgmt | ID = 10
Description =

Error - 26/05/2011 17.05.54 | Computer Name = PC-maury | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 08/12/2012 22.04.29 | Computer Name = PC-maury | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 09/12/2012 11.41.00 | Computer Name = PC-maury | Source = volmgr | ID = 262190
Description = Impossibile inizializzare i dettagli arresto anomalo del sistema.

Error - 09/12/2012 11.41.10 | Computer Name = PC-maury | Source = volmgr | ID = 262190
Description = Impossibile inizializzare i dettagli arresto anomalo del sistema.

Error - 09/12/2012 11.43.08 | Computer Name = PC-maury | Source = Service Control Manager | ID = 7011
Description =

Error - 09/12/2012 11.43.08 | Computer Name = PC-maury | Source = Service Control Manager | ID = 7011
Description =

Error - 09/12/2012 11.53.52 | Computer Name = PC-maury | Source = volmgr | ID = 262190
Description = Impossibile inizializzare i dettagli arresto anomalo del sistema.

Error - 09/12/2012 11.54.12 | Computer Name = PC-maury | Source = EventLog | ID = 6008
Description = Precedente arresto del sistema inatteso a 16.45.19 su 09/12/2012.

Error - 09/12/2012 11.54.03 | Computer Name = PC-maury | Source = volmgr | ID = 262190
Description = Impossibile inizializzare i dettagli arresto anomalo del sistema.

Error - 09/12/2012 12.05.56 | Computer Name = PC-maury | Source = volmgr | ID = 262190
Description = Impossibile inizializzare i dettagli arresto anomalo del sistema.

Error - 09/12/2012 12.06.08 | Computer Name = PC-maury | Source = volmgr | ID = 262190
Description = Impossibile inizializzare i dettagli arresto anomalo del sistema.


< End of report >