pregasi un contollo del log - Sicurezza VIRUS

Benvenuto Ospite

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » pregasi un contollo del log

pregasi un contollo del log

Opzioni

Topic Precedente · Topic Sucessivo

alexs

Inviato: Friday, October 26, 2012 5:28:55 PM

Rank: AiutAmico

Iscritto dal : 12/12/2008
Posts: 1,277

recentemente ho avuto dei problemi di schermata blu,poichè da qualche mese mi è stata installata una nuova scheda video danvidia ad una Asus,gli aggiornamenti del driver precedenti credo non siano stati eliminati,potreste controlarmi il log per sapere se debbo eliminare qualche voce,grazie

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17.21.44, on 26/10/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Giacomino\Downloads\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 6677 bytes

Torna in alto

Sponsor

Inviato: Friday, October 26, 2012 5:28:55 PM

Torna in alto

r16

Inviato: Friday, October 26, 2012 6:03:50 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Ciao.
Scusa non ho capito.
I driver che hai istallato ora sono NVIDIA .
Il log non presenta infezioni attive.

Torna in alto

alexs

Inviato: Friday, October 26, 2012 6:25:01 PM

Rank: AiutAmico

Iscritto dal : 12/12/2008
Posts: 1,277

per r16,circa 4 anni fà ho acquistato un pc HP Pavilion a6442 dove era montata una scheda video NVIDIA Ge Force 8600GT,qualche mese fà è stata sostituita con una ASUS HD 6450 Silent,precedentemente nel tempo avevo fatto degli aggiornamenti del driver sulla scheda NVIDIA,credo9 che nella sostituzione della scheda il tecnico non ha eliminato questi aggiornamenti della NVIDIA,è possibile se ancora a ttivi possano essere in conflitto con la nuova scheda video?hiedevo appunto un controllo del log,grazie.

Torna in alto

r16

Inviato: Friday, October 26, 2012 6:40:42 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Facciamo una scansione più approfondita di HijackThis.

Scarica OTL, e salvalo sul desktop:

http://oldtimer.geekstogo.com/OTL.exe

Clicca sull'icona di OTL che trovi sul tuo desktop .

Metti la spunta su SCAN ALL USERS.

Sotto output, metti la spunta : minimal output

Clicca sulla freccettina di File Age e seleziona 60 Days

Metti la spunta a LOP Check e Purity Check.

Clicca su RUN SCAN

Lascia fare la scansione senza interferire.

Al termine della scansione trovi 2 log sul desktop. OTL.txt ed Extras.txt, salvali e caricali su Wikisend, per postarli sul forum.

Per spiegarti meglio su come postare i log:

Collegati ad internet e vai alla pagina WikiSend: http://www.wikisend.com/
Clicca sul bottone "Sfoglia"
Seleziona il file appena salvato
Clicca su Upload file
Dopo qualche secondo, vieni spostato su una nuova pagina con il link in diversi formati:
Download Link / Forum Link
Seleziona Forum Link, copialo e incollalo in un nuovo messaggio per il forum.

Torna in alto

alexs

Inviato: Saturday, October 27, 2012 11:54:32 AM

Rank: AiutAmico

Iscritto dal : 12/12/2008
Posts: 1,277

OTL.Txt
Extras.Txt

Torna in alto

alexs

Inviato: Saturday, October 27, 2012 12:17:51 PM

Rank: AiutAmico

Iscritto dal : 12/12/2008
Posts: 1,277

bleNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{76A2589A-A3D8-4EA9-A588-1B8B4DC3B2A6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A7162823-2EA6-4DEF-BB9A-62C752E950A4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{CD296044-DB03-4E50-8285-A124FCFE65E3}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E06EE992-2A9E-4A40-AB11-F4BC60509FA7}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{65E0462D-AF47-4FF4-861C-5071306078A2}" = protocol=17 | dir=in | app=c:\users\ro\appdata\roaming\dropbox\bin\dropbox.exe |
"{6C34EDBB-84E8-433B-8DE8-2DEBBBE53DA2}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{910CC004-7A35-4CA9-BF0B-80DA915B8982}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C4705717-DCB6-454B-8766-ED6BC59C8031}" = protocol=6 | dir=in | app=c:\users\ro\appdata\roaming\dropbox\bin\dropbox.exe |
"{C830E3F6-B73A-4327-B503-4A7ACE8BD609}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E40FF1B0-7410-4700-9ABA-F1EB88B23DFD}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"TCP Query User{43637813-2957-4BD5-9C9F-D5F0B279303B}C:\program files\vodafone\vodafonestation2\vodafonestation2.exe" = protocol=6 | dir=in | app=c:\program files\vodafone\vodafonestation2\vodafonestation2.exe |
"TCP Query User{59B75569-B95A-4EBD-B218-6551E716A289}C:\program files\vodafone\vodafonestation2\python\win\vfsocket.exe" = protocol=6 | dir=in | app=c:\program files\vodafone\vodafonestation2\python\win\vfsocket.exe |
"TCP Query User{F2C63441-E60D-4548-B273-7CFE4FDFAC72}C:\users\ro\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\ro\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{0D727F68-7C24-4892-8E03-84DFE692D3C2}C:\program files\vodafone\vodafonestation2\python\win\vfsocket.exe" = protocol=17 | dir=in | app=c:\program files\vodafone\vodafonestation2\python\win\vfsocket.exe |
"UDP Query User{3837E51B-55FA-4B86-A20C-5D4B2592C25E}C:\program files\vodafone\vodafonestation2\vodafonestation2.exe" = protocol=17 | dir=in | app=c:\program files\vodafone\vodafonestation2\vodafonestation2.exe |
"UDP Query User{B1450656-B0FF-46A8-90EA-4F7228792297}C:\users\ro\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\ro\appdata\roaming\dropbox\bin\dropbox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series" = Canon iP2700 series Printer Driver
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{1ADB558F-1E50-43F2-8EAC-E7D75294C1D8}" = OpenOffice.org 3.4.1
"{1BCE2581-B7CA-4BB4-BDFB-D113506AA38B}" = HP Easy Setup - Frontend
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{34A08914-7A33-4040-A959-1577BF5AFF8A}" = Microsoft Works
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{434890AA-2E4F-48B6-8417-6E1AB735F55F}" = Trust WB-1200p Mini Webcam
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client IT-IT Language Pack
"{5115C036-C0D5-4E1B-81C9-542CA967478A}" = muvee autoProducer 6.1
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{55CA4086-0D2C-30E3-A7B5-C76BA737CECE}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ita
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C5D7191-140A-11D6-B5A0-0050DA208A93}" = ArcSoft PhotoImpression
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7462E859-C453-4E08-BE0D-7D5E13E4CD1F}" = Microsoft Antimalware Service IT-IT Language Pack
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7CA37670-74FB-6BFD-3C2F-BDB01B6B4349}" = VodafoneStation2
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{95120000-00AF-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Italian)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2011.10.29
"{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Italiano
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Driver 3D Vision 296.10
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Pannello di controllo NVIDIA 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver grafico 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Driver del controller 3D Vision 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aggiornamenti NVIDIA 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BCE46757-7674-4416-BEDB-68205A60409E}" = CanoScan Toolbox Ver4.1
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C8D47273-7A1A-4614-A3D8-263632D8A5ED}" = HP Customer Experience Enhancements
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Agnitum Outpost Firewall_is1" = Outpost Firewall 2009
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Glary Utilities_is1" = Glary Utilities 2.45.0.1481
"InstallShield_{434890AA-2E4F-48B6-8417-6E1AB735F55F}" = Trust WB-1200p Mini Webcam
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.65.1.1000
"Microsoft .NET Framework 3.5 Language Pack SP1 - ita" = Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 16.0.2 (x86 it)" = Mozilla Firefox 16.0.2 (x86 it)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"org.mart3.VodafoneStation" = VodafoneStation2
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"Registrazione utente Canon iP2700 series" = Registrazione utente Canon iP2700 series
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR gestione archivi

Error encountered while reading event logs.

< End of report >
OTL logfile created on: 27/10/2012 11.27.40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Giacomino\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3,25 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 52,38% Memory free
6,70 Gb Paging File | 5,38 Gb Available in Paging File | 80,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,82 Gb Total Space | 342,03 Gb Free Space | 75,04% Space Free | Partition Type: NTFS
Drive D: | 9,94 Gb Total Space | 1,71 Gb Free Space | 17,21% Space Free | Partition Type: NTFS

Computer Name: PC-CASASALERNO | User Name: Giacomino | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Giacomino\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - c:\Programmi\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
PRC - c:\Programmi\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programmi\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Programmi\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programmi\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programmi\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programmi\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation)
PRC - C:\Programmi\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Programmi\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\System32\atieclxx.exe (AMD)
PRC - C:\WINDOWS\System32\atiesrxx.exe (AMD)
PRC - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programmi\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Programmi\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programmi\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programmi\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programmi\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programmi\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
PRC - C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)

========== Modules (No Company Name) ==========

MOD - C:\Programmi\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programmi\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Programmi\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\WINDOWS\System32\atitmpxx.dll ()

========== Services (SafeList) ==========

SRV - (MozillaMaintenance) -- C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NisSrv) -- c:\Programmi\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programmi\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Programmi\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Programmi\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nvUpdatusService) -- C:\Programmi\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Programmi\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AMD External Events Utility) -- C:\WINDOWS\System32\atiesrxx.exe (AMD)
SRV - (wlidsvc) -- C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (acssrv) -- C:\Programmi\Agnitum\Outpost Firewall\acs.exe (Agnitum Ltd.)
SRV - (IAANTMON) -- C:\Programmi\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (WinDefend) -- C:\Programmi\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programmi\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (SymIMMP) -- system32\DRIVERS\SymIM.sys File not found
DRV - (SymIM) -- system32\DRIVERS\SymIM.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (MpKsl07e97c8b) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{65E747D7-AAB2-4B8A-9848-09FF51B130A0}\MpKsl07e97c8b.sys (Microsoft Corporation)
DRV - (NisDrv) -- C:\WINDOWS\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\WINDOWS\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (amdkmdag) -- C:\WINDOWS\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\WINDOWS\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (SandBox) -- C:\WINDOWS\System32\drivers\SandBox.sys (Agnitum Ltd.)
DRV - (afw) -- C:\WINDOWS\System32\drivers\afw.sys (Agnitum Ltd.)
DRV - (afwcore) -- C:\WINDOWS\System32\drivers\afwcore.sys (Agnitum Ltd.)
DRV - (RTL8169) -- C:\WINDOWS\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (PAC207) -- C:\WINDOWS\System32\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - (Ps2) -- C:\WINDOWS\System32\drivers\PS2.sys (Hewlett-Packard Company)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {57ED4BAB-08B1-416A-A57D-4939472360ED}
IE - HKLM\..\SearchScopes\{57ED4BAB-08B1-416A-A57D-4939472360ED}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=6eba66b7-2984-11e1-a70f-001e8cc53832&q={searchTerms}
IE - HKLM\..\SearchScopes\{782C3F28-B2E8-4B3E-A4FB-731BB1ABD4AF}: "URL" = http://it.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913930
IE - HKLM\..\SearchScopes\{8D31E9A7-3F2D-437E-A3AA-AF9ADB69357A}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1120&query={searchTerms}&invocationType=tb50hpcndtie7-it-it
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3616263833-1863374948-3577338511-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3616263833-1863374948-3577338511-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3616263833-1863374948-3577338511-1000\..\SearchScopes,DefaultScope = {57ED4BAB-08B1-416A-A57D-4939472360ED}
IE - HKU\S-1-5-21-3616263833-1863374948-3577338511-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
IE - HKU\S-1-5-21-3616263833-1863374948-3577338511-1000\..\SearchScopes\{2EB530A3-BCB4-419C-B528-69EC4869B0DB}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=6eba66b7-2984-11e1-a70f-001e8cc53832&q={searchTerms}
IE - HKU\S-1-5-21-3616263833-1863374948-3577338511-1000\..\SearchScopes\{57ED4BAB-08B1-416A-A57D-4939472360ED}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=6eba66b7-2984-11e1-a70f-001e8cc53832&q={searchTerms}
IE - HKU\S-1-5-21-3616263833-1863374948-3577338511-1000\..\SearchScopes\{782C3F28-B2E8-4B3E-A4FB-731BB1ABD4AF}: "URL" = http://it.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913930
IE - HKU\S-1-5-21-3616263833-1863374948-3577338511-1000\..\SearchScopes\{8D31E9A7-3F2D-437E-A3AA-AF9ADB69357A}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1120&query={searchTerms}&invocationType=tb50hpcndtie7-it-it
IE - HKU\S-1-5-21-3616263833-1863374948-3577338511-1000\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://it.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_it&p={searchTerms}
IE - HKU\S-1-5-21-3616263833-1863374948-3577338511-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.it/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=adbartrp&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/27 11.18.03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/27 11.17.29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/27 11.18.03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/27 11.17.29 | 000,000,000 | ---D | M]

[2011/01/24 12.35.07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Giacomino\AppData\Roaming\mozilla\Extensions
[2012/01/22 15.39.15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Giacomino\AppData\Roaming\mozilla\Firefox\Profiles\x44se1im.default\extensions
[2012/01/22 14.41.48 | 000,000,792 | ---- | M] () -- C:\Users\Giacomino\AppData\Roaming\mozilla\firefox\profiles\x44se1im.default\searchplugins\startsear.xml
[2010/09/30 21.47.07 | 000,001,583 | ---- | M] () -- C:\Users\Giacomino\AppData\Roaming\mozilla\firefox\profiles\x44se1im.default\searchplugins\web-search.xml
[2012/10/27 11.17.28 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2012/10/27 11.17.28 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programmi\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/10/28 19.38.22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/10/27 11.18.03 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/10/11 10.25.32 | 000,001,393 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-it.xml
[2011/03/17 16.58.29 | 000,002,191 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/10/11 10.25.32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/11 10.25.32 | 000,000,744 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-it.xml
[2012/10/11 10.25.32 | 000,000,817 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\hoepli.xml
[2012/10/11 10.25.32 | 000,001,182 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-it.xml
[2012/10/11 10.25.32 | 000,000,953 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-it.xml

O1 HOSTS File: ([2006/09/18 23.41.30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programmi\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programmi\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [OutpostMonitor] C:\Programmi\Agnitum\Outpost Firewall\op_mon.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3616263833-1863374948-3577338511-1000..\Run: [WMPNSCFG] C:\Programmi\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Giacomino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Programmi\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Marisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programmi\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Marisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programmi\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Marisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Programmi\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Ro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = File not found
O4 - Startup: C:\Users\Ro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programmi\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Ro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programmi\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Ro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Programmi\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3616263833-1863374948-3577338511-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3616263833-1863374948-3577338511-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6BBFA1E-E77A-4BBD-A1E1-F14FFDA3EA89}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmi\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programmi\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmi\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Programmi\Agnitum\Outpost Firewall\wl_hook.dll (Agnitum Ltd.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/01/01 23.20.33 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{37da9eb5-200e-11e0-ac69-001e8cc53832}\Shell - "" = AutoRun
O33 - MountPoints2\{37da9eb5-200e-11e0-ac69-001e8cc53832}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 60 Days ==========

[2012/10/27 11.17.28 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/10/17 12.57.32 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/10/17 12.57.32 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/10/17 12.57.32 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012/10/12 09.18.41 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/10/11 09.28.05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/10/11 09.27.27 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/10/11 09.27.27 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/10/06 12.13.54 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/10/06 12.13.53 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/10/06 12.13.53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/10/06 12.13.53 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/10/06 12.13.53 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/10/06 12.13.52 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/10/06 12.13.52 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/10/06 12.13.50 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/09/12 12.58.06 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun
[2012/09/12 12.57.00 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2012/09/12 12.45.02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/09/12 12.44.14 | 000,000,000 | ---D | C] -- C:\Program Files\Java

========== Files - Modified Within 60 Days ==========

[2012/10/27 11.29.23 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/27 11.29.23 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/27 11.17.00 | 000,001,144 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/27 11.09.59 | 000,001,164 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3616263833-1863374948-3577338511-1001UA.job
[2012/10/27 11.00.59 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/27 10.57.58 | 000,001,140 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/27 10.57.58 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012/10/27 10.57.53 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\Registry Reviver-Giacomino-Startup.job
[2012/10/27 09.35.55 | 008,106,582 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2012/10/27 09.35.55 | 002,992,812 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/10/27 09.35.55 | 002,727,860 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2012/10/27 09.35.55 | 002,401,098 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/10/27 09.29.16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/27 09.29.13 | 3486,863,360 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/26 16.09.59 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3616263833-1863374948-3577338511-1001Core.job
[2012/10/24 17.38.06 | 000,058,669 | ---- | M] () -- C:\Users\Giacomino\Desktop\Estremi_bonifico.jpg
[2012/10/24 17.36.01 | 000,047,653 | ---- | M] () -- C:\Users\Giacomino\Desktop\Estremi bonifico.jpg
[2012/10/24 17.17.59 | 000,415,455 | ---- | M] () -- C:\Users\Giacomino\Desktop\Modulo di richiesta.JPG
[2012/10/24 17.15.49 | 001,476,530 | ---- | M] () -- C:\Users\Giacomino\Desktop\Documento di identità.JPG
[2012/10/24 17.12.14 | 000,068,389 | ---- | M] () -- C:\Users\Giacomino\Desktop\Bonifico.jpg
[2012/10/17 13.17.06 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/10/09 13.01.17 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/10/09 13.01.16 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/09/29 19.54.26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/24 23.16.36 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012/09/24 23.08.27 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/09/24 23.07.57 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/09/24 20.17.58 | 001,466,812 | ---- | M] () -- C:\Users\Giacomino\Desktop\esenzione.JPG
[2012/09/13 15.28.08 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/09/12 19.54.19 | 000,318,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/09/12 12.57.41 | 000,001,030 | ---- | M] () -- C:\Users\Giacomino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2012/09/12 12.44.20 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/09/12 12.44.20 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012/08/30 22.03.50 | 000,099,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NisDrvWFP.sys
[2012/08/29 13.27.41 | 003,602,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/08/29 13.27.41 | 003,550,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

========== Files Created - No Company Name ==========

[2012/10/24 17.36.57 | 000,058,669 | ---- | C] () -- C:\Users\Giacomino\Desktop\Estremi_bonifico.jpg
[2012/10/24 17.34.18 | 000,047,653 | ---- | C] () -- C:\Users\Giacomino\Desktop\Estremi bonifico.jpg
[2012/10/24 17.17.39 | 000,415,455 | ---- | C] () -- C:\Users\Giacomino\Desktop\Modulo di richiesta.JPG
[2012/10/24 17.15.00 | 001,476,530 | ---- | C] () -- C:\Users\Giacomino\Desktop\Documento di identità.JPG
[2012/10/24 17.08.31 | 000,068,389 | ---- | C] () -- C:\Users\Giacomino\Desktop\Bonifico.jpg
[2012/10/12 09.18.42 | 000,000,860 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/09/24 20.16.47 | 001,466,812 | ---- | C] () -- C:\Users\Giacomino\Desktop\esenzione.JPG
[2012/09/12 12.57.41 | 000,001,030 | ---- | C] () -- C:\Users\Giacomino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2012/04/20 09.32.59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/04/20 09.32.42 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2012/04/19 16.23.45 | 000,000,680 | ---- | C] () -- C:\Users\Giacomino\AppData\Local\d3d9caps.dat
[2012/02/29 14.26.56 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011/10/29 09.30.17 | 000,001,297 | ---- | C] () -- C:\Windows\System32\.ini
[2011/05/24 16.24.16 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2011/04/20 06.30.06 | 000,233,765 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/03/04 20.24.59 | 000,001,282 | ---- | C] () -- C:\Users\Giacomino\AppData\Roaming\wklnhst.dat
[2011/01/07 20.34.00 | 000,000,182 | ---- | C] () -- C:\Windows\System32\EBPPORT4.DAT
[2011/01/07 20.32.19 | 000,000,025 | ---- | C] () -- C:\Windows\CDE CX5400I.ini
[2011/01/07 14.07.28 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2011/01/07 14.07.28 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2011/01/07 14.07.28 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2011/01/07 14.07.28 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2011/01/07 14.07.28 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2011/01/07 14.07.28 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2011/01/07 14.07.28 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2011/01/07 14.07.28 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2011/01/07 14.07.28 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2011/01/07 14.07.28 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2011/01/07 14.07.28 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2011/01/07 14.07.28 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2011/01/07 14.07.28 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2011/01/07 14.07.28 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2011/01/07 14.07.28 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2011/01/07 14.07.28 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2011/01/07 14.07.28 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2011/01/07 14.07.28 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2011/01/07 14.07.28 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010/08/30 19.42.07 | 000,000,000 | ---- | C] () -- C:\Users\Giacomino\AppData\Local\prvlcl.dat
[2010/06/01 22.30.51 | 000,064,635 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/06/01 19.44.54 | 000,064,635 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/05/28 16.08.22 | 000,014,848 | ---- | C] () -- C:\Users\Giacomino\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/28 16.03.21 | 000,143,872 | ---- | C] () -- C:\Program Files\1040.MST
[2010/05/28 16.03.21 | 000,005,186 | ---- | C] () -- C:\Program Files\0x0410.ini
[2010/05/28 16.03.20 | 009,001,984 | ---- | C] () -- C:\Program Files\Trust WB-1200p Mini Webcam.msi
[2010/05/28 14.59.35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/05/28 12.35.01 | 000,969,424 | ---- | C] () -- C:\ProgramData\LuUninstall.LiveUpdate

========== ZeroAccess Check ==========

[2006/11/02 14.54.22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 19.47.00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23.28.20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23.28.26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010/10/19 10.49.16 | 000,000,000 | ---D | M] -- C:\Users\Giacomino\AppData\Roaming\AVG10
[2011/01/18 10.49.45 | 000,000,000 | ---D | M] -- C:\Users\Giacomino\AppData\Roaming\Canneverbe Limited
[2012/10/24 17.18.34 | 000,000,000 | ---D | M] -- C:\Users\Giacomino\AppData\Roaming\Canon
[2011/01/08 13.50.13 | 000,000,000 | ---D | M] -- C:\Users\Giacomino\AppData\Roaming\EPSON
[2011/01/12 18.09.00 | 000,000,000 | ---D | M] -- C:\Users\Giacomino\AppData\Roaming\GlarySoft
[2010/09/18 09.42.28 | 000,000,000 | ---D | M] -- C:\Users\Giacomino\AppData\Roaming\OpenCandy
[2010/06/02 22.42.05 | 000,000,000 | ---D | M] -- C:\Users\Giacomino\AppData\Roaming\OpenOffice.org
[2012/05/31 14.07.49 | 000,000,000 | ---D | M] -- C:\Users\Giacomino\AppData\Roaming\org.mart3.VodafoneStation
[2011/02/03 13.04.11 | 000,000,000 | ---D | M] -- C:\Users\Giacomino\AppData\Roaming\PCToolsFirewallPlus
[2011/04/11 12.38.13 | 000,000,000 | ---D | M] -- C:\Users\Giacomino\AppData\Roaming\Template
[2010/05/29 12.47.00 | 000,000,000 | ---D | M] -- C:\Users\Giacomino\AppData\Roaming\WinBatch
[2011/04/01 21.31.36 | 000,000,000 | ---D | M] -- C:\Users\Marisa\AppData\Roaming\OpenOffice.org
[2010/05/28 16.11.50 | 000,000,000 | ---D | M] -- C:\Users\Marisa\AppData\Roaming\PCToolsFirewallPlus
[2010/10/19 12.39.09 | 000,000,000 | ---D | M] -- C:\Users\Ro\AppData\Roaming\AVG10
[2012/09/18 20.55.18 | 000,000,000 | ---D | M] -- C:\Users\Ro\AppData\Roaming\Canon
[2012/10/25 14.06.45 | 000,000,000 | ---D | M] -- C:\Users\Ro\AppData\Roaming\Dropbox
[2010/06/07 18.20.33 | 000,000,000 | ---D | M] -- C:\Users\Ro\AppData\Roaming\OpenOffice.org
[2012/07/28 12.48.56 | 000,000,000 | ---D | M] -- C:\Users\Ro\AppData\Roaming\org.mart3.VodafoneStation
[2010/12/28 13.54.55 | 000,000,000 | ---D | M] -- C:\Users\Ro\AppData\Roaming\PCToolsFirewallPlus
[2011/05/08 12.11.27 | 000,000,000 | ---D | M] -- C:\Users\Ro\AppData\Roaming\YCanPDF

========== Purity Check ==========

< End of report >

Torna in alto

r16

Inviato: Saturday, October 27, 2012 12:22:04 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Ciao.
Il log non presenta infezioni, per cui le schermate blu non dipendono da virus.
Poi io vedo qualche servizio di NVIDIA, ma non me la sento di fartelo eliminare, non avendo chiara la situazione.
Inoltre non vedo nessun driver della scheda Asus.

Torna in alto

alexs

Inviato: Saturday, October 27, 2012 1:06:26 PM

Rank: AiutAmico

Iscritto dal : 12/12/2008
Posts: 1,277

ti chiedo cortersemente se sulla scheda Asus HD6450 Silent esistono deigli aggiornamenti dei driver ed eventualmente come potrei scaricarli, avevo trovato un sito ma era a pagamento per gli aggiornamenti complessivi,grazie

Torna in alto

r16

Inviato: Saturday, October 27, 2012 1:48:26 PM

Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016

Purtroppo non è il mio campo.
Sul sito ufficiale ho trovato questo:
http://it.official-drivers.com/installer/?seed=asus&local=it&gclid=CJ_m6MONobMCFcZb3godxmcAsw
Spero ti sia utile.

Torna in alto

miticoalex

Inviato: Saturday, October 27, 2012 2:05:59 PM

Rank: AiutAmico

Iscritto dal : 10/19/2010
Posts: 14,635

alexs ha scritto:

Salve! Scaricali dal sito ufficiale, questo.(cliccare su download alla voce global)

Controlla l'architettura del tuo sistema operativo da computer, click destro su proprietà; controlla se è a 32 o 64 bit.

Ricorda di controllare anche le temperature della scheda; con speccy per esempio.

Torna in alto

Utenti presenti in questo topic

Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » pregasi un contollo del log

Salta al Forum

Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Invia topic via Email

RSS Feed

Watch this topic

Stampa topic

Normale

Threaded