Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Come rimuovere Starburn Search spyware Opzioni
enzino85
Inviato: Sunday, November 04, 2012 10:57:15 PM

Rank: AiutAmico

Iscritto dal : 9/12/2008
Posts: 75
Chiedo aiuto, perchè non riesco a risolvere il problema della mia Pagina_iniziale, sia per Firefox che per Explorer.
Sia quando apro la mia pagina iniziale, che una nuova finestra, mi appare senpre la stessa pagina di
ricerca "Starburn Search" (www.search.starburnsoftware.com).
Per comodità e qualora risultasse utile, allego il log di HijackThis.
Nell'attesa, saluto.
********************************************************************************
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 22.33.58, on 04/11/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\Programmi\Sicurezza\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
D:\Programmi\Sicurezza\SASCORE.EXE
C:\Programmi\File comuni\ArcSoft\Connection Service\Bin\ACService.exe
D:\Programmi\Sicurezza\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\ASUS\AXSP\1.00.13\atkexComSvc.exe
C:\Programmi\ASUS\AAHM\1.00.12\aaHMSvc.exe
C:\Programmi\File comuni\AVerMedia\Service\AVerRemote.exe
C:\Programmi\File comuni\AVerMedia\Service\AVerScheduleService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\MAGIX Services\Database\bin\FABS.exe
C:\Programmi\Java\jre7\bin\jqs.exe
C:\Programmi\Nero\Update\NASvc.exe
D:\Programmi\Utility\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
D:\Programmi\Burn\CDBurnerXP\NMSAccessU.exe
C:\Programmi\File comuni\AVerMedia\AVerQuick\AVerHIDReceiver.exe
D:\Programmi\Sicurezza\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\PSIService.exe
D:\Programmi\Diskutility\Macrium\Reflect\ReflectService.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Programmi\SOS PC Self\clientBase\bin\ATAService.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmi\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\StkASv2K.exe
C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
C:\Programmi\Zune\ZuneBusEnum.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programmi\Analog Devices\SoundMAX\Smax4.exe
c:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Programmi\Sicurezza\Avira\AntiVir Desktop\avgnt.exe
C:\Programmi\Zune\ZuneLauncher.exe
C:\Programmi\Yout\Yout_Helper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\ATI Multimedia\RemCtrl\ATIRW.exe
C:\Programmi\ATI Multimedia\main\launchpd.exe
C:\Programmi\ATI Multimedia\main\ATIDtct.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\desktop\AutoHideDesktopIcons.exe
C:\WINDOWS\system32\rundll32.exe
c:\Programmi\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe
D:\Programmi\Utility\TotalCommander\TOTALCMD.EXE
D:\Programmi\Sicurezza\Sophos\Sophos Virus Removal Tool\SVRTgui.exe
D:\Programmi\Sicurezza\Sophos\Sophos Virus Removal Tool\SVRTservice.exe
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Programmi\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\msiexec.exe
D:\Programmi\Sicurezza\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://apype.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOfficeSearchInstallRTM?clid=1040&ver=12&app=outlook.exe&p1=32&p2=5&p3=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yout - {02871c6b-868d-412b-9f24-5a138b8c5fe7} - C:\DOCUME~1\desktop\Yout.dll
O2 - BHO: Yout - {02871c6b-868d-412b-9f24-5a138b8c5fe7} - C:\DOCUME~1\desktop\Yout.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll
O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\WINDOW~3\Datamngr\BROWSE~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Shareiiit - {E7AB3DAE-5A7A-41A7-8258-BD60657392E2} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yout - {02871c6b-868d-412b-9f24-5a138b8c5fe7} - C:\DOCUME~1\desktop\Yout.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programmi\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [StartCCC] "c:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [avgnt] "D:\Programmi\Sicurezza\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Zune Launcher] "C:\Programmi\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [Yout_Helper] C:\Programmi\Yout\Yout_Helper.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Programmi\File comuni\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Programmi\Enigma Software Group\SpyHunter\SpyHunter4.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ATI Remote Control] C:\Programmi\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Programmi\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Programmi\ATI Multimedia\main\ATIDtct.EXE
O4 - HKUS\S-1-5-21-1214440339-839522115-515967899-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Administrator')
O4 - HKUS\S-1-5-21-1214440339-839522115-515967899-500\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background (User 'Administrator')
O4 - Startup: AutoHideDesktopIcons.exe.lnk = C:\Documents and Settings\desktop\AutoHideDesktopIcons.exe
O4 - Global Startup: Collegamento a Connessione ADSL.bat.lnk = C:\Documents and Settings\All Users\Menu Avvio\Programmi\_Mia\All Mixer\Connessione ADSL.bat
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\desktop\Dati applicazioni\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\desktop\Dati applicazioni\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Shareiiit options - {38771E1F-85E0-4A3E-92D8-1D7E62C32719} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Programmi\ATI Multimedia\dtv\EXPLBAR.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0BA66152-A1CC-4104-9874-570B63BEEA3F}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{24D72452-51C1-427C-ABA6-9E690D4D66B6}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{B3E9DA0D-C581-45A6-9AB8-7CD38FC21199}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8E48A89-80A6-46E3-AB6A-58EF8E0F2572}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{0BA66152-A1CC-4104-9874-570B63BEEA3F}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Programmi\Sicurezza\SASWINLO.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Programmi\Sicurezza\SASCORE.EXE
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Programmi\File comuni\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - D:\Programmi\Sicurezza\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - D:\Programmi\Sicurezza\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Programmi\ASUS\AXSP\1.00.13\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Programmi\ASUS\AAHM\1.00.12\aaHMSvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVerRemote - AVerMedia - C:\Programmi\File comuni\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Programmi\File comuni\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Programmi\File comuni\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Programmi\File comuni\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programmi\Java\jre7\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Programmi\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Programmi\Nero\Update\NASvc.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - D:\Programmi\Utility\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Programmi\Burn\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\PosService\Pos.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - D:\Programmi\Diskutility\Macrium\Reflect\ReflectService.exe
O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\ServUpdater\ServiceUpd.exe
O23 - Service: Sophos Virus Removal Tool (SophosVirusRemovalTool) - Sophos Limited - D:\Programmi\Sicurezza\Sophos\Sophos Virus Removal Tool\SVRTservice.exe
O23 - Service: SOSPCService - Unknown owner - C:\Programmi\SOS PC Self\clientBase\bin\ATAService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programmi\Spyware Terminator\sp_rsser.exe
O23 - Service: Syntek STK1150 Service (StkASSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkASv2K.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 14428 bytes

Sponsor
Inviato: Sunday, November 04, 2012 10:57:15 PM

 
cbbusto
Inviato: Monday, November 05, 2012 12:11:42 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 10,231
Chiudi tutti i programmi e disconnesso lanci HJT e clicca sul secondo pulsante: Do a system scan only poi metti la spunta alle voci che ti indico e alla fine clic su Fix checked:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://apype.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
O2 - BHO: Shareiiit - {E7AB3DAE-5A7A-41A7-8258-BD60657392E2} - (no file)
O3 - Toolbar: Yout - {02871c6b-868d-412b-9f24-5a138b8c5fe7} - C:\DOCUME~1\desktop\Yout.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmi\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programmi\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [StartCCC] "c:\Programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Zune Launcher] "C:\Programmi\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [Yout_Helper] C:\Programmi\Yout\Yout_Helper.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Programmi\File comuni\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Programmi\Enigma Software Group\SpyHunter\SpyHunter4.exe
O4 - HKUS\S-1-5-21-1214440339-839522115-515967899-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Administrator')
O4 - HKUS\S-1-5-21-1214440339-839522115-515967899-500\..\Run: [MsnMsgr] "C:\Programmi\Windows Live\Messenger\MsnMsgr.Exe" /background (User 'Administrator')
O4 - Startup: AutoHideDesktopIcons.exe.lnk = C:\Documents and Settings\desktop\AutoHideDesktopIcons.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0BA66152-A1CC-4104-9874-570B63BEEA3F}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.24 7.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{24D72452-51C1-427C-ABA6-9E690D4D66B6}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{B3E9DA0D-C581-45A6-9AB8-7CD38FC21199}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.24 7.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8E48A89-80A6-46E3-AB6A-58EF8E0F2572}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{0BA66152-A1CC-4104-9874-570B63BEEA3F}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.24 7.20,156.154.70.1,156.154.71.1

Installa malwarebytes QUI lo aggiorni e poi fai una scansione COMPLETA non veloce, elimina quello che trova, posta il log.

Scarica Adwcleaner sul desktop:
http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
Avvialo e clicca sul pulsante cerca.
Finita la scansione, elimina il log che rilascia sul desktop, e clicca su "Elimina".
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Postalo qui.

Vai in C:\windows cerca la cartella prefetch e la svuoti tutta.
Rifai una scansione con HJT e posta il log aggiornato
Fai sapere come va. Ciao
enzino85
Inviato: Monday, November 05, 2012 9:50:14 AM

Rank: AiutAmico

Iscritto dal : 9/12/2008
Posts: 75
La nuova situazione:

Per quanto riguarda Firefox, all'avvio del computer e al primo avvio di Firefox, mantiene la mia Pagina_iniziale, ma successivamente
sia quando apro una nuova scheda che il browser mi appare la pagina Starburn Search con il dominio www.search.starburnsoftware.com
e nella pagina iniziale ci trovo http://apype.com

L'Explorer è compromesso soltanto se apro una nuova scheda, la mia pagina iniziale non è sovrascritta.

Allegando ciò che mi era stato chiesto, rimango in attesa di notizie.
Grazie


*****************************************************************************************
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Versione database: v2012.09.29.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Desktop :: FRANCO [amministratore]

05/11/2012 1.09.59
mbam-log-2012-11-05 (01-09-59).txt

Tipo di scansione: Scansione completa (C:\|M:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 342860
Tempo impiegato: 1 ore, 36 minuti, 5 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 0
(non sono stati rilevati elementi nocivi)

(fine)


***************************************************************************************
# AdwCleaner v2.006 - Logfile creato il 05/11/2012 alle 02:50:48
# Aggiornamento 30/10/2012 by Xplode
# Sistema Operativo : Microsoft Windows XP Service Pack 3 (32 bits)
# Utente : Desktop - FRANCO
# Modalità Avvio : Modalità Normale
# Eseguito da : C:\Documents and Settings\desktop\desktop\adwcleaner.exe
# Opzioni [Elimina]


***** [Servizi] *****


***** [File / Cartelle] *****

Cartella Eliminato : C:\Documents and Settings\All Users\Dati applicazioni\boost_interprocess
Cartella Eliminato : C:\Documents and Settings\All Users\Dati applicazioni\InstallMate
Cartella Eliminato : C:\Documents and Settings\All Users\Dati applicazioni\Premium
Cartella Eliminato : C:\Documents and Settings\All Users\Dati applicazioni\Tarma Installer
Cartella Eliminato : C:\Documents and Settings\desktop\Dati applicazioni\Desktopicon
Cartella Eliminato : C:\Documents and Settings\desktop\Dati applicazioni\OpenCandy
Cartella Eliminato : C:\Documents and Settings\desktop\Dati applicazioni\pdfforge
Cartella Eliminato : C:\Documents and Settings\desktop\Dati applicazioni\Toolbar4
Cartella Eliminato : C:\Programmi\AskBarDis
Cartella Eliminato : C:\Programmi\Ilivid
Cartella Eliminato : C:\Programmi\Windows iLivid Toolbar
File Eliminato : C:\Documents and Settings\desktop\desktop\sweetpcfix.url
File Eliminato : C:\Programmi\Mozilla FireFox\Components\AskSearch.js
File Eliminato : C:\Programmi\Mozilla Firefox\searchplugins\babylon.xml
File Eliminato : C:\Programmi\Mozilla FireFox\searchplugins\Search_Results.xml

***** [Registro] *****

Chiave Eliminata : HKCU\Software\AppDataLow\AskBarDis
Chiave Eliminata : HKCU\Software\AppDataLow\Software
Chiave Eliminata : HKCU\Software\Ask.com.tmp
Chiave Eliminata : HKCU\Software\AutocompletePro
Chiave Eliminata : HKCU\Software\AutocompleteProBHO
Chiave Eliminata : HKCU\Software\Conduit
Chiave Eliminata : HKCU\Software\DataMngr
Chiave Eliminata : HKCU\Software\DataMngr_Toolbar
Chiave Eliminata : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chiave Eliminata : HKCU\Software\Headlight
Chiave Eliminata : HKCU\Software\ilivid
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2D360201-FFF5-11D1-8D03-00A0C959BC0A}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chiave Eliminata : HKCU\Software\SmartBar
Chiave Eliminata : HKCU\Software\Softonic
Chiave Eliminata : HKCU\Software\Zugo
Chiave Eliminata : HKLM\Software\AskBarDis
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{2D360201-FFF5-11D1-8D03-00A0C959BC0A}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{622FD888-4E91-4D68-84D4-7262FD0811BF}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Prod.cap
Chiave Eliminata : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Chiave Eliminata : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar.CT3040593
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chiave Eliminata : HKLM\Software\Conduit
Chiave Eliminata : HKLM\Software\DataMngr
Chiave Eliminata : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Chiave Eliminata : HKLM\Software\Iminent
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\facemoods
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask Toolbar_is1
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facemoods
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Windows Searchqu Toolbar
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar
Chiave Eliminata : HKLM\Software\Tarma Installer
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{3041D03E-FD4B-44E0-B742-2D9B88305F98}]

***** [Browser Internet] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registro Pulito.

*************************

AdwCleaner[R1].txt - [16144 octets] - [05/11/2012 02:50:12]
AdwCleaner[S1].txt - [16106 octets] - [05/11/2012 02:50:48]

########## EOF - C:\AdwCleaner[S1].txt - [16167 octets] ##########

********************************************************************************************************************
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 3.04.13, on 05/11/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\Programmi\Sicurezza\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
D:\Programmi\Sicurezza\SASCORE.EXE
C:\Programmi\File comuni\ArcSoft\Connection Service\Bin\ACService.exe
D:\Programmi\Sicurezza\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\ASUS\AXSP\1.00.13\atkexComSvc.exe
C:\Programmi\ASUS\AAHM\1.00.12\aaHMSvc.exe
C:\Programmi\File comuni\AVerMedia\Service\AVerRemote.exe
C:\Programmi\File comuni\AVerMedia\Service\AVerScheduleService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\MAGIX Services\Database\bin\FABS.exe
C:\Programmi\Java\jre7\bin\jqs.exe
D:\Programmi\Utility\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
D:\Programmi\Burn\CDBurnerXP\NMSAccessU.exe
C:\Programmi\File comuni\AVerMedia\AVerQuick\AVerHIDReceiver.exe
D:\Programmi\Sicurezza\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\PSIService.exe
D:\Programmi\Diskutility\Macrium\Reflect\ReflectService.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Programmi\SOS PC Self\clientBase\bin\ATAService.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmi\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\StkASv2K.exe
C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe
C:\Programmi\Zune\ZuneBusEnum.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
D:\Programmi\Sicurezza\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\ATI Multimedia\RemCtrl\ATIRW.exe
C:\Programmi\ATI Multimedia\main\launchpd.exe
C:\Programmi\ATI Multimedia\main\ATIDtct.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\Programmi\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe
C:\Programmi\Mozilla Firefox\firefox.exe
d:\programmi\sicurezza\avira\antivir desktop\setup.exe
D:\Programmi\Utility\TotalCommander\TOTALCMD.EXE
C:\Programmi\Mozilla Firefox\plugin-container.exe
D:\Programmi\Sicurezza\HiJackThis_v2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOfficeSearchInstallRTM?clid=1040&ver=12&app=outlook.exe&p1=32&p2=5&p3=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yout - {02871c6b-868d-412b-9f24-5a138b8c5fe7} - C:\DOCUME~1\desktop\Yout.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Yout - {02871c6b-868d-412b-9f24-5a138b8c5fe7} - C:\DOCUME~1\desktop\Yout.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programmi\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [avgnt] "D:\Programmi\Sicurezza\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ATI Remote Control] C:\Programmi\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Programmi\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Programmi\ATI Multimedia\main\ATIDtct.EXE
O4 - Global Startup: Collegamento a Connessione ADSL.bat.lnk = C:\Documents and Settings\All Users\Menu Avvio\Programmi\_Mia\All Mixer\Connessione ADSL.bat
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\desktop\Dati applicazioni\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\desktop\Dati applicazioni\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Shareiiit options - {38771E1F-85E0-4A3E-92D8-1D7E62C32719} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Programmi\ATI Multimedia\dtv\EXPLBAR.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0BA66152-A1CC-4104-9874-570B63BEEA3F}: NameServer = 85.37.17.5 85.38.28.77
O17 - HKLM\System\CS1\Services\Tcpip\..\{0BA66152-A1CC-4104-9874-570B63BEEA3F}: NameServer = 85.37.17.5 85.38.28.77
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Programmi\Sicurezza\SASWINLO.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Programmi\Sicurezza\SASCORE.EXE
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Programmi\File comuni\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - D:\Programmi\Sicurezza\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - D:\Programmi\Sicurezza\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Programmi\ASUS\AXSP\1.00.13\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Programmi\ASUS\AAHM\1.00.12\aaHMSvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVerRemote - AVerMedia - C:\Programmi\File comuni\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Programmi\File comuni\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Programmi\File comuni\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Programmi\File comuni\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programmi\Java\jre7\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - D:\Programmi\Utility\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Programmi\Burn\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\PosService\Pos.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - D:\Programmi\Diskutility\Macrium\Reflect\ReflectService.exe
O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\ServUpdater\ServiceUpd.exe
O23 - Service: SOSPCService - Unknown owner - C:\Programmi\SOS PC Self\clientBase\bin\ATAService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programmi\Spyware Terminator\sp_rsser.exe
O23 - Service: Syntek STK1150 Service (StkASSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkASv2K.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 11898 bytes


cbbusto
Inviato: Monday, November 05, 2012 4:53:17 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 10,231
Allora per quanto riguarda la pagina iniziale che ti appare: http://apype.com/ è una voce che ti ho fatto eliminare e nel nuovo log non appare, strano che ti si ripresenti ci deve essere qualche sw che dirotta, avevi anche molti DNS modificati o aggiunti che dirottavano ad altri siti, erano le voci 017 che ti ho fatto eliminare ed ora ci sono solo i DNS di Telecom, controlla in proprietà di connessione, protocollo internet (TCP/IP)-proprietà dovresti avere
come Server DNS Preferito 85.17.37.5. e Server DNS Alternativo 85.38.28.77.

Disabilitiamo Bonjour Service, vai in Pannello di Controllo/Strumenti di Amministrazione/Servizi, scorri la lista e cerca
Bonjour Service, doppio clic su di essa e poi in tipo di avvio metti disabilitato, applica ok.
Ci sono altri 2 servizi da disabilitare, le relative voci Serch Finder, sono già state fixate in HJT, si tratta di
Pos Service (PowerOffer Service) e Serv Updater, anche queste cercale nei Servizi e se le trovi disabilitale, poi segui questi percorsi: C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\PosService\Pos.exe e C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\ServUpdater\ServiceUpd.exe elimina file e cartelle.
Poi Chiudi tutti i programmi e disconnesso lanci HJT e clicca sul secondo pulsante: Do a system scan only poi metti la spunta alle voci che ti indico e alla fine clic su Fix checked:
R3 - URLSearchHook: Yout - {02871c6b-868d-412b-9f24-5a138b8c5fe7} - C:\DOCUME~1\desktop\Yout.dll
O2 - BHO: Yout - {02871c6b-868d-412b-9f24-5a138b8c5fe7} - C:\DOCUME~1\desktop\Yout.dll

Fai una pulizia con Ccleaner compreso il registro.
Una domanda: come mai hai installato l'antivirus nella partizione o disco D: ? dovrebbe essere in C: assieme al Sistema operativo.
Fammi sapere come va, speriamo che quella pagina sparisca, comunque non si tratta di infezioni è solo una seccatura. Ciao




miticoalex
Inviato: Monday, November 05, 2012 5:05:05 PM

Rank: AiutAmico

Iscritto dal : 10/19/2010
Posts: 12,973
enzino85 ha scritto:
La nuova situazione:

Per quanto riguarda Firefox, all'avvio del computer e al primo avvio di Firefox, mantiene la mia Pagina_iniziale, ma successivamente
sia quando apro una nuova scheda che il browser mi appare la pagina Starburn Search con il dominio www.search.starburnsoftware.com
e nella pagina iniziale ci trovo http://apype.com


Ciao cbbusto; alcuni amici, avevano lo stesso problema, e hanno dovuto eliminare le voci nella configurazione avanzate di FireFox.

Fammi sapere.




cbbusto
Inviato: Monday, November 05, 2012 6:28:48 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 10,231
miticoalex ha scritto:
enzino85 ha scritto:
La nuova situazione:

Per quanto riguarda Firefox, all'avvio del computer e al primo avvio di Firefox, mantiene la mia Pagina_iniziale, ma successivamente
sia quando apro una nuova scheda che il browser mi appare la pagina Starburn Search con il dominio www.search.starburnsoftware.com
e nella pagina iniziale ci trovo http://apype.com


Ciao cbbusto; alcuni amici, avevano lo stesso problema, e hanno dovuto eliminare le voci nella configurazione avanzate di FireFox.

Fammi sapere.




Ciao mitico, avevo anche pensato a quello, stiamo a vedere eventualmente faremo anche quell'operazione, solo
che non mi ricordo quale voce cercare in about:config.
r16
Inviato: Monday, November 05, 2012 6:53:32 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,008
@cbbusto:
Con una scansione di OTL, lo vedi dove si trova reindirizzamento. (Starburn Search)
enzino85
Inviato: Monday, November 05, 2012 8:31:28 PM

Rank: AiutAmico

Iscritto dal : 9/12/2008
Posts: 75
Per quanto riguarda Explorer funziona tutto normale.
Per Firefox tutto ok nel caso di "Nuova scheda", forse è merito di FoxTab, che utilizzo all'apertira di nuova scheda.
Rimane invece il problema all'avvio del browser, in quanto la mia pagina iniziale diventa http://apype.com
Ho provato anche a fare le modifiche nella configurazione avanzata, ma al successivo riavvio di Firefox la mi pagina iniziale viene sostituita.
Rimango in attesa di eventuali nuovi interventi da fare.
Grazie.


cbbusto
Inviato: Monday, November 05, 2012 11:37:26 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 10,231
r16 ha scritto:
@cbbusto:
Con una scansione di OTL, lo vedi dove si trova reindirizzamento. (Starburn Search)


Sono d'accordo faccio fare la scansione però OTL non l'ho mai usato e come eliminare eventuale voce con lo script non lo so fare, eventualmente intervieni tu ?
Grazie.
cbbusto
Inviato: Monday, November 05, 2012 11:44:14 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 10,231
Scarica OTL, e salvalo sul desktop:

http://oldtimer.geekstogo.com/OTL.exe

Clicca sull'icona di OTL che trovi sul tuo desktop .

Metti la spunta su SCAN ALL USERS.

Sotto output, metti la spunta : minimal output

Clicca sulla freccettina di File Age e seleziona 60 Days

Metti la spunta a LOP Check e Purity Check.

Clicca su RUN SCAN

Lascia fare la scansione senza interferire.

Al termine della scansione trovi 2 log sul desktop. OTL.txt ed Extras.txt, salvali e caricali su Wikisend, per postarli sul forum.

Per postare i log:

Collegati ad internet e vai alla pagina WikiSend: http://www.wikisend.com/
Clicca sul bottone "Sfoglia"
Seleziona il file appena salvato
Clicca su Upload file
Dopo qualche secondo, vieni spostato su una nuova pagina con il link in diversi formati:
Download Link / Forum Link
Seleziona Forum Link, copialo e incollalo in un nuovo messaggio per il forum.

Vediamo di rintracciare quel link. Ciao
miticoalex
Inviato: Monday, November 05, 2012 11:52:17 PM

Rank: AiutAmico

Iscritto dal : 10/19/2010
Posts: 12,973
cbbusto ha scritto:
Ciao mitico, avevo anche pensato a quello, stiamo a vedere eventualmente faremo anche quell'operazione, solo
che non mi ricordo quale voce cercare in about:config.


Se dovesse essere necessario, fai sapere. Io ho risolto in questo modo.

Ciao




cbbusto
Inviato: Tuesday, November 06, 2012 12:04:29 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 10,231
miticoalex ha scritto:
cbbusto ha scritto:
Ciao mitico, avevo anche pensato a quello, stiamo a vedere eventualmente faremo anche quell'operazione, solo
che non mi ricordo quale voce cercare in about:config.


Se dovesse essere necessario, fai sapere. Io ho risolto in questo modo.

Ciao


OK grazie.
enzino85
Inviato: Tuesday, November 06, 2012 1:06:54 AM

Rank: AiutAmico

Iscritto dal : 9/12/2008
Posts: 75
Ho inviato il file OTL.txt a http://www.wikisend.com/
Questo dovrebbe esse il Forum Link OTL.Txt
Ciao
cbbusto
Inviato: Tuesday, November 06, 2012 10:23:34 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 10,231
enzino85 ha scritto:
Ho inviato il file OTL.txt a http://www.wikisend.com/
Questo dovrebbe esse il Forum Link OTL.Txt
Ciao


I log dovevano essere 2 manca il log Extras.txt. Ciao
cbbusto
Inviato: Tuesday, November 06, 2012 2:09:30 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 10,231
X r16

Dal log OTL.txt ho trovato queste 2 file che riguardano il sito web in discussione:
FF - prefs.js..browser.startup.homepage: "http://apype.com" da eliminare ?
FF - prefs.js..keyword.URL: "http://apype.com/results.php?q=" da eliminare ?

Sarebbero solo queste da eliminare ? ci pensi tu a dare le istruzioni per la rimozione ? Grazie

Enzino85, ora mi devo assentare eventualmente attendi istruzioni da r16. Ciao
r16
Inviato: Tuesday, November 06, 2012 6:06:26 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,008
Ciao cbbusto.
Esatto, sono quelle.
E visto che ci siamo tentiamo di eliminare anche search.findeer.com (in realtà è quello, che produce il reindirizzamento)
Se l'eliminazione fallisse, procederemo alla eliminazione manuale.



@enzino85
Avvia OTL.

Sotto "Custom Scans\Fixes" copia-incolla questo codice:


Code:
:OTL

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
FF - prefs.js..browser.startup.homepage: "http://apype.com"
FF - prefs.js..keyword.URL: "http://apype.com/results.php?q="

:Files
C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\Conduit
ipconfig /flushdns /c

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"

:commands
[purity]
[emptytemp]
[Emptyjava]
[start explorer]
[CLEARALLRESTOREPOINTS]
[Reboot]


Clicca sul pulsante RUN FIX.
Lascia fare la scansione senza interferire.
Posta il log.

Poi verifichiamo che le voci non si siano rigenerate.
Per cui esegui una nuova scansione con OTL, e posta il log.
Comunica anche se il problema persiste, oppure no.
enzino85
Inviato: Tuesday, November 06, 2012 10:41:03 PM

Rank: AiutAmico

Iscritto dal : 9/12/2008
Posts: 75
Come indicato ho eseguito OTL con RUN FIX.
Purtroppo il problema persiste.
Seguono il log di Run Fix, OTL ed Extras

*****************************************************************************
All processes killed
========== OTL ==========
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "http://apype.com" removed from browser.startup.homepage
Prefs.js: "http://apype.com/results.php?q=" removed from keyword.URL
========== FILES ==========
C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\Conduit\Community Alerts\Log folder moved successfully.
C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\Conduit\Community Alerts\LanguagePacks folder moved successfully.
C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\Conduit\Community Alerts folder moved successfully.
C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\Conduit folder moved successfully.
< ipconfig /flushdns /c >
Configurazione IP di Windows
Svuotata la cache del resolver DNS.
C:\Documents and Settings\desktop\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\desktop\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: desktop
->Temp folder emptied: 6988957 bytes
->Temporary Internet Files folder emptied: 11853308 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 132090133 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 65437696 bytes
->Flash cache emptied: 1310 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 262546 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1400488 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 377485 bytes
%systemroot%\System32 .tmp files removed: 4760901 bytes
%systemroot%\System32\dllcache .tmp files removed: 73430110 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 139999 bytes
RecycleBin emptied: 22353104 bytes

Total Files Cleaned = 304,00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: Default User

User: desktop
->Java cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0,00 mb

Error creating restore point.

OTL by OldTimer - Version 3.2.69.0 log created on 11062012_214138

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

********************************************************************************
OTL logfile created on: 06/11/2012 22.09.18 - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\desktop\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 70,03% Memory free
3,87 Gb Paging File | 3,23 Gb Available in Paging File | 83,46% Paging File free
Paging file location(s): C:\pagefile.sys 2064 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 99,06 Gb Total Space | 61,56 Gb Free Space | 62,14% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 181,38 Gb Free Space | 77,89% Space Free | Partition Type: NTFS
Drive E: | 258,79 Gb Total Space | 239,47 Gb Free Space | 92,53% Space Free | Partition Type: NTFS
Drive J: | 7,79 Gb Total Space | 3,35 Gb Free Space | 43,06% Space Free | Partition Type: FAT32
Drive M: | 48,83 Gb Total Space | 48,74 Gb Free Space | 99,83% Space Free | Partition Type: NTFS

Computer Name: FRANCO | User Name: Desktop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Programmi\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programmi\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.)
PRC - C:\Documents and Settings\desktop\desktop\OTL.exe (OldTimer Tools)
PRC - D:\Programmi\Sicurezza\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - D:\Programmi\Sicurezza\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - D:\Programmi\Sicurezza\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - D:\Programmi\Sicurezza\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programmi\SOS PC Self\clientBase\bin\ATAService.exe ()
PRC - C:\Programmi\Spyware Terminator\sp_rsser.exe (Crawler.com)
PRC - C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Programmi\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
PRC - D:\Programmi\Sicurezza\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Programmi\Zune\ZuneBusEnum.exe (Microsoft Corporation)
PRC - D:\Programmi\Utility\Nitro PDF\Reader\NitroPDFReaderDriverService.exe (Nitro PDF Software)
PRC - C:\Programmi\ASUS\AAHM\1.00.12\aaHMSvc.exe ()
PRC - C:\Programmi\ASUS\AXSP\1.00.13\atkexComSvc.exe ()
PRC - D:\Programmi\Diskutility\Macrium\Reflect\ReflectService.exe ()
PRC - C:\Programmi\File comuni\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Programmi\File comuni\AVerMedia\Service\AVerScheduleService.exe ()
PRC - D:\Programmi\Burn\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Programmi\File comuni\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Programmi\File comuni\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
PRC - C:\Programmi\File comuni\AVerMedia\Service\AVerRemote.exe (AVerMedia)
PRC - D:\Programmi\Utility\TotalCommander\TOTALCMD.EXE (C. Ghisler & Co.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\PSIService.exe ()
PRC - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\WINDOWS\system32\StkASv2K.exe (Syntek America Inc.)
PRC - C:\Programmi\ATI Multimedia\main\LaunchPd.exe (ATI Technologies Inc.)
PRC - C:\Programmi\ATI Multimedia\main\atidtct.exe (ATI Technologies Inc.)
PRC - C:\Programmi\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)
PRC - C:\Programmi\ATI Multimedia\RemCtrl\ATIRW.EXE (ATI Technologies Inc.)
PRC - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)


========== Modules (No Company Name) ==========

MOD - D:\Programmi\Sicurezza\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\Programmi\SOS PC Self\clientBase\bin\ATAService.exe ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_8083bbef\system.drawing.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_49358d8d\system.windows.forms.dll ()
MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_76cf17f3\mscorlib.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_ab8137e9\system.xml.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_a9c060f2\system.dll ()
MOD - c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll ()
MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()
MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll ()
MOD - C:\Programmi\Lavasoft\Ad-Aware\RPAPI.dll ()
MOD - C:\Programmi\Lavasoft\Ad-Aware\Viprebridge.dll ()
MOD - C:\Programmi\Lavasoft\Ad-Aware\Vipre.dll ()
MOD - C:\Programmi\ASUS\AAHM\1.00.12\aaHMSvc.exe ()
MOD - C:\Programmi\ASUS\AXSP\1.00.13\atkexComSvc.exe ()
MOD - D:\Programmi\Diskutility\Macrium\Reflect\ReflectService.exe ()
MOD - C:\Programmi\ASUS\AXSP\1.00.13\ATKEX.dll ()
MOD - c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll ()
MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll ()
MOD - c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll ()
MOD - C:\Programmi\File comuni\AVerMedia\Service\AVerScheduleService.exe ()
MOD - D:\Programmi\Burn\CDBurnerXP\NMSAccessU.exe ()
MOD - C:\Programmi\File comuni\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
MOD - c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_it_b77a5c561934e089\mscorlib.resources.dll ()
MOD - c:\windows\assembly\gac\system.windows.forms.resources\1.0.5000.0_it_b77a5c561934e089\system.windows.forms.resources.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\PSIService.exe ()
MOD - C:\Programmi\Lexmark 1200 Series\ConvDIB.dll ()
MOD - C:\WINDOWS\system32\spool\prtprocs\w32x86\LXCZPP5C.DLL ()


========== Services (SafeList) ==========

SRV - (x10nets) -- File not found
SRV - (MozillaMaintenance) -- C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (JavaQuickStarterService) -- C:\Programmi\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SpyHunter 4 Service) -- C:\Programmi\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.)
SRV - (AntiVirService) -- D:\Programmi\Sicurezza\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- D:\Programmi\Sicurezza\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (SOSPCService) -- C:\Programmi\SOS PC Self\clientBase\bin\ATAService.exe ()
SRV - (sp_rssrv) -- C:\Programmi\Spyware Terminator\sp_rsser.exe (Crawler.com)
SRV - (Lavasoft Ad-Aware Service) -- C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (!SASCORE) -- D:\Programmi\Sicurezza\SASCore.exe (SUPERAntiSpyware.com)
SRV - (ZuneWlanCfgSvc) -- C:\Programmi\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV - (WMZuneComm) -- C:\Programmi\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc) -- C:\Programmi\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (ZuneBusEnum) -- C:\Programmi\Zune\ZuneBusEnum.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Programmi\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (NitroReaderDriverReadSpool) -- D:\Programmi\Utility\Nitro PDF\Reader\NitroPDFReaderDriverService.exe (Nitro PDF Software)
SRV - (WMService) -- d:\Programmi\Utility\WinMate\WMService.exe ()
SRV - (Adobe LM Service) -- C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (asHmComSvc) -- C:\Programmi\ASUS\AAHM\1.00.12\aaHMSvc.exe ()
SRV - (asComSvc) -- C:\Programmi\ASUS\AXSP\1.00.13\atkexComSvc.exe ()
SRV - (ReflectService) -- D:\Programmi\Diskutility\Macrium\Reflect\ReflectService.exe ()
SRV - (ACDaemon) -- C:\Programmi\File comuni\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (AVerScheduleService) -- C:\Programmi\File comuni\AVerMedia\Service\AVerScheduleService.exe ()
SRV - (NMSAccessU) -- D:\Programmi\Burn\CDBurnerXP\NMSAccessU.exe ()
SRV - (Fabs) -- C:\Programmi\File comuni\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (AVerRemote) -- C:\Programmi\File comuni\AVerMedia\Service\AVerRemote.exe (AVerMedia)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programmi\File comuni\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (p2pgasvc) -- C:\WINDOWS\system32\p2pgasvc.dll (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- D:\Programmi\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (odserv) -- C:\Programmi\File comuni\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ProtexisLicensing) -- C:\WINDOWS\system32\PSIService.exe ()
SRV - (lxcz_device) -- C:\WINDOWS\system32\lxczcoms.exe ( )
SRV - (ose) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (UleadBurningHelper) -- C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (StkASSrv) -- C:\WINDOWS\system32\StkASv2K.exe (Syntek America Inc.)
SRV - (SoundMAX Agent Service (default) -- C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (atitray) -- File not found
DRV - (ASUSHWIO) -- File not found
DRV - (aohb37mv) -- File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (EsgScanner) -- C:\WINDOWS\system32\drivers\EsgScanner.sys ()
DRV - (VBoxDrv) -- C:\WINDOWS\system32\drivers\VBoxDrv.sys (Oracle Corporation)
DRV - (VBoxNetFlt) -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys (Oracle Corporation)
DRV - (VBoxNetAdp) -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV - (VBoxUSBMon) -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys (Oracle Corporation)
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira GmbH)
DRV - (pwdrvio) -- C:\WINDOWS\system32\pwdrvio.sys ()
DRV - (pwdspio) -- C:\WINDOWS\system32\pwdspio.sys ()
DRV - (Lbd) -- C:\WINDOWS\system32\drivers\Lbd.sys (Lavasoft AB)
DRV - (Lavasoft Kernexplorer) -- C:\Programmi\Lavasoft\Ad-Aware\kernexplorer.sys ()
DRV - (cpuz135) -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys (CPUID)
DRV - (SASDIFSV) -- D:\Programmi\Sicurezza\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- D:\Programmi\Sicurezza\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (esgiguard) -- C:\Programmi\Enigma Software Group\SpyHunter\esgiguard.sys ()
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys ()
DRV - (pssnap) -- C:\WINDOWS\system32\drivers\pssnap.sys (Macrium Software)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (AsIO) -- C:\WINDOWS\system32\drivers\AsIO.sys ()
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (StkCMini) -- C:\WINDOWS\system32\drivers\StkCMini.sys (Syntek)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (timounter) -- C:\WINDOWS\system32\drivers\timntr.sys (Acronis)
DRV - (snapman) -- C:\WINDOWS\system32\drivers\snapman.sys (Acronis)
DRV - (tifsfilter) -- C:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis)
DRV - (EUFS) -- C:\WINDOWS\system32\drivers\eufs.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV - (EUDSKACS) -- C:\WINDOWS\system32\drivers\eudskacs.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV - (EUBAKUP) -- C:\WINDOWS\system32\drivers\eubakup.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV - (EuDisk) -- C:\WINDOWS\system32\drivers\EuDisk.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (AVerAF35) -- C:\WINDOWS\system32\drivers\AVerAF35.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV - (sp_rsdrv2) -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys ()
DRV - (ACEDRV09) -- C:\WINDOWS\system32\drivers\ACEDRV09.sys (Protect Software GmbH)
DRV - (ss_bmdm) -- C:\WINDOWS\system32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bbus) -- C:\WINDOWS\system32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (mcdbus) -- C:\WINDOWS\system32\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (iaStor) -- C:\WINDOWS\system32\drivers\iaStor55.sys (Intel Corporation)
DRV - (UnlockerDriver5) -- C:\Programmi\Unlocker\UnlockerDriver5.sys ()
DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation)
DRV - (usb_rndis) -- C:\WINDOWS\system32\drivers\usb8023.sys (Microsoft Corporation)
DRV - (VF0350Afx) -- C:\WINDOWS\system32\drivers\V0350Afx.sys (Creative Technology Ltd.)
DRV - (VF0350Vid) -- C:\WINDOWS\system32\drivers\V0350Vid.sys (Creative Technology Ltd.)
DRV - (VF0350Vfx) -- C:\WINDOWS\system32\drivers\V0350Vfx.sys (EyePower Games Pte. Ltd.)
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)
DRV - (StkAMini) -- C:\WINDOWS\system32\drivers\StkAMini.sys (Syntek America Inc.)
DRV - (StkScan) -- C:\WINDOWS\system32\drivers\StkScan.sys (Syntek America Inc.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
DRV - (senfilt) -- C:\WINDOWS\system32\drivers\senfilt.sys (Sensaura)
DRV - (ASAPIW2K) -- C:\WINDOWS\system32\drivers\asapiW2k.sys (VOB Computersysteme GmbH)
DRV - (MRENDIS5) -- C:\Programmi\Common Files\Motive\MRENDIS5.sys (Motive, Inc.)
DRV - (PhTVTune) -- C:\WINDOWS\system32\drivers\PhTVTune.sys (Philips Semiconductors)
DRV - (MidiSyn) -- C:\WINDOWS\system32\drivers\MidiSyn.sys (Analog Devices, Inc.)
DRV - (MVDCODEC) -- C:\WINDOWS\system32\drivers\atinmdxx.sys (ATI Technologies Inc.)
DRV - (atinrvxx) -- C:\WINDOWS\system32\drivers\atinrvxx.sys (ATI Technologies Inc.)
DRV - (ATIXSAudio) -- C:\WINDOWS\system32\drivers\atinxsxx.sys (ATI Technologies Inc.)
DRV - (ativraxx) -- C:\WINDOWS\system32\drivers\atinraxx.sys (ATI Technologies Inc.)
DRV - (TTDec) -- C:\WINDOWS\system32\drivers\atinttxx.sys (ATI Technologies Inc.)
DRV - (ATITUNEP) -- C:\WINDOWS\system32\drivers\atintuxx.sys (ATI Technologies Inc.)
DRV - (Cap7134) -- C:\WINDOWS\system32\drivers\Cap7134.sys (Philips Semiconductors)
DRV - (a347scsi) -- C:\WINDOWS\system32\drivers\a347scsi.sys ( )
DRV - (PCLEPCI) -- C:\WINDOWS\system32\drivers\PCLEPCI.sys (Pinnacle Systems GmbH)
DRV - (EL2000) -- C:\WINDOWS\system32\drivers\EL2K_XP.sys (3Com Corporation)
DRV - (ATI Remote Wonder II) -- C:\WINDOWS\system32\drivers\atirwvd.sys (Jungo)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (sonyhcs) -- C:\WINDOWS\system32\drivers\sonyhcs.sys (Sony Corporation)
DRV - (sonyhcb) -- C:\WINDOWS\system32\drivers\sonyhcb.sys (Sony Corporation)
DRV - (SBKUPNT) -- C:\WINDOWS\system32\drivers\SBKUPNT.SYS ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {02871c6b-868d-412b-9f24-5a138b8c5fe7} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ig?hl=it
IE - HKU\S-1-5-21-1214440339-839522115-515967899-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1214440339-839522115-515967899-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1214440339-839522115-515967899-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLJ_it
IE - HKU\S-1-5-21-1214440339-839522115-515967899-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Custom search"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Custom search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://apype.com"
FF - prefs.js..extensions.enabledAddons: clickclean@hotcleaner.com:4.0
FF - prefs.js..extensions.enabledAddons: compatibility@addons.mozilla.org:1.1
FF - prefs.js..extensions.enabledAddons: it-IT@dictionaries.addons.mozilla.org:3.3.2
FF - prefs.js..extensions.enabledAddons: newtaburl@sogame.cat:2.2.3
FF - prefs.js..extensions.enabledAddons: Noia4Options@ArisT2:1.7.5
FF - prefs.js..extensions.enabledAddons: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledAddons: PlacesCleaner@sto.tw:0.41
FF - prefs.js..extensions.enabledAddons: service@touchpdf.com:1.15
FF - prefs.js..extensions.enabledAddons: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:16.6
FF - prefs.js..extensions.enabledAddons: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.2.2
FF - prefs.js..extensions.enabledAddons: {5384767E-00D9-40E9-B72F-9CC39D655D6F}:1.4.2.1
FF - prefs.js..extensions.enabledAddons: {64161300-e22b-11db-8314-0800200c9a66}:0.9.6.10
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10
FF - prefs.js..extensions.enabledAddons: {aff87fa2-a58e-4edd-b852-0a20203c1e17}:0.9
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.11
FF - prefs.js..extensions.enabledAddons: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.10
FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15
FF - prefs.js..extensions.enabledAddons: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.5
FF - prefs.js..extensions.enabledAddons: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:6.1
FF - prefs.js..extensions.enabledAddons: {faf13420-5e24-11e0-80e3-0800200c9a66}:1.7.5
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2
FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76
FF - prefs.js..extensions.enabledItems: NuvolaFF@paenglab.ch:1.9.9
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91
FF - prefs.js..keyword.URL: "http://apype.com/results.php?q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: File not found
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: D:\Programmi\Utility\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Programmi\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programmi\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=3.0: C:\Programmi\Virtual Earth 3D\ [2009/10/09 09.45.06 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Programmi\Virtual Earth 3D\ [2009/10/09 09.45.06 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: D:\Programmi\Utility\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: D:\Programmi\Utility\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: D:\Programmi\Nokia\Nokia PC Suite 7\bkmrksync\ [2011/09/05 14.57.03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2012/11/05 20.04.20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2012/05/31 15.33.24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\96Fnmt189J9C@skywebsearch.com: C:\DOCUME~1\desktop\Yout.xpi

[2012/11/04 12.44.28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Extensions
[2012/10/25 12.12.49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\0\extensions
[2012/10/25 12.12.49 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\0\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/11/05 22.30.43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions
[2012/10/25 00.48.16 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2011/05/06 23.18.37 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2012/10/10 10.05.04 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011/10/25 22.40.25 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012/04/25 07.48.15 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2011/05/06 23.20.17 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2011/03/31 21.45.20 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/11/01 19.18.34 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/10/28 21.11.22 | 000,000,000 | ---D | M] (DealPly) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2012/02/16 13.38.09 | 000,000,000 | ---D | M] (Click&amp;Clean) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\clickclean@hotcleaner.com
[2012/03/18 23.45.35 | 000,000,000 | ---D | M] (Dizionario italiano) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\it-IT@dictionaries.addons.mozilla.org
[2012/10/18 23.26.57 | 000,000,000 | ---D | M] ("Nuvola") -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\NuvolaFF@paenglab.ch
[2012/10/06 23.45.07 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\OneClickDownload@OneClickDownload.com
[2011/04/01 10.25.47 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\personas@christopher.beard
[2011/05/06 23.18.37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}\chrome\mozapps\extensions
[2012/10/18 23.26.56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\NuvolaFF@paenglab.ch\mozapps\extensions
[2010/11/05 09.43.34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Sunbird\Profiles\s1hbhr7n.default\extensions
[2012/02/23 09.14.13 | 000,164,722 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\compatibility@addons.mozilla.org.xpi
[2011/12/16 00.03.06 | 000,051,994 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\newtaburl@sogame.cat.xpi
[2012/10/21 21.06.01 | 000,154,926 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\Noia4Options@ArisT2.xpi
[2012/03/19 00.21.53 | 000,044,371 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\PlacesCleaner@sto.tw.xpi
[2012/03/19 00.21.53 | 000,018,815 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\service@touchpdf.com.xpi
[2012/10/10 10.05.05 | 000,281,285 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
[2012/03/19 00.21.53 | 000,042,737 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi
[2012/07/29 22.43.48 | 000,741,958 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/03/18 23.51.03 | 000,434,392 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2012/09/13 11.03.09 | 000,698,867 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2012/11/05 18.06.30 | 000,189,128 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012/03/28 08.02.02 | 000,685,019 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
[2012/11/04 18.43.48 | 000,045,219 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}.xpi
[2012/10/21 21.06.01 | 001,556,566 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi
[2008/03/20 13.43.48 | 000,001,502 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}\chrome\mozapps\xpinstall\xpinstallConfirm.css
[2008/03/26 12.50.46 | 000,001,362 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}\chrome\mozapps\xpinstall\xpinstallItemGeneric.png
[2011/11/24 18.16.44 | 000,000,066 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\NuvolaFF@paenglab.ch\mozapps\extensions\xpinstallConfirm.css
[2011/10/07 12.49.56 | 000,001,767 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\NuvolaFF@paenglab.ch\mozapps\xpinstall\xpinstallConfirm.css
[2009/12/05 22.36.40 | 000,002,214 | ---- | M] () (No name found) -- C:\Documents and Settings\desktop\Dati applicazioni\Mozilla\Firefox\Profiles\ulf9tv84.default\extensions\NuvolaFF@paenglab.ch\mozapps\xpinstall\xpinstallItemGeneric.png
[2012/11/04 12.44.28 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2012/11/05 20.04.20 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programmi\mozilla firefox\components\browsercomps.dll
[1999/12/31 16.00.00 | 000,170,080 | ---- | M] (Tracker Software Products Ltd.) -- C:\Programmi\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2012/11/05 20.04.15 | 000,001,393 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\amazon-it.xml
[2012/11/05 20.04.15 | 000,002,465 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\bing.xml
[2012/11/05 00.38.17 | 000,002,261 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\Custom search.xml
[2012/11/05 20.04.15 | 000,000,744 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\eBay-it.xml
[2012/11/05 20.04.15 | 000,000,817 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\hoepli.xml
[2012/11/05 20.04.15 | 000,001,182 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\wikipedia-it.xml
[2012/11/05 20.04.15 | 000,000,953 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\yahoo-it.xml

========== Chrome ==========

CHR - homepage: http://search.iminent.com/?appId=314CF7B8-5A39-4314-815A-CF7B34E16FD2
CHR - default_search_provider: Iminent (Enabled)
CHR - default_search_provider: search_url = http://search.iminent.com/?appId=314CF7B8-5A39-4314-815A-CF7B34E16FD2&ref=toolbox&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://search.iminent.com/?appId=314CF7B8-5A39-4314-815A-CF7B34E16FD2
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programmi\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programmi\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programmi\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programmi\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programmi\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programmi\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Programmi\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Programmi\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Programmi\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Programmi\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Programmi\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programmi\Windows Media Player\npdsplay.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Programmi\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Programmi\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programmi\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programmi\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = d:\Programmi\Utility\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2010/01/15 00.46.26 | 000,372,744 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 12872 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O4 - HKLM..\Run: [ATICCC] C:\Programmi\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avgnt] D:\Programmi\Sicurezza\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [PosService] File not found
O4 - HKU\S-1-5-21-1214440339-839522115-515967899-1003..\Run: [] File not found
O4 - HKU\S-1-5-21-1214440339-839522115-515967899-1003..\Run: [ATI DeviceDetect] C:\Programmi\ATI Multimedia\main\atidtct.exe (ATI Technologies Inc.)
O4 - HKU\S-1-5-21-1214440339-839522115-515967899-1003..\Run: [ATI Launchpad] C:\Programmi\ATI Multimedia\main\launchpd.exe (ATI Technologies Inc.)
O4 - HKU\S-1-5-21-1214440339-839522115-515967899-1003..\Run: [ATI Remote Control] C:\Programmi\ATI Multimedia\RemCtrl\ATIRW.EXE (ATI Technologies Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Collegamento a Connessione ADSL.bat.lnk = C:\Documents and Settings\All Users\Menu Avvio\Programmi\_Mia\All Mixer\Connessione ADSL.bat ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuMyMusic = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuNetworkPlaces = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF 03 [binary data]
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAddPrinter = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeAnimation = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSecurityTab = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoChangeKeyboardNavigationIndicators = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoChangeAnimation = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 0
O7 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSizeChoice = 0
O8 - Extra context menu item: E&sporta in Microsoft Excel - D:\Programmi\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\desktop\Dati applicazioni\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\desktop\Dati applicazioni\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programmi\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programmi\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Shareiiit options - {38771E1F-85E0-4A3E-92D8-1D7E62C32719} - Reg Error: Value error. File not found
O9 - Extra Button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Programmi\ATI Multimedia\dtv\EXPLBAR.DLL (ATI Technologies Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programmi\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programmi\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\..Trusted Domains: mps.it ([hb] https in Siti attendibili)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0BA66152-A1CC-4104-9874-570B63BEEA3F}: NameServer = 85.37.17.5 85.38.28.77
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (D:\Programmi\Sicurezza\SASWINLO.DLL) - D:\Programmi\Sicurezza\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programmi\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Programmi\Sicurezza\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/24 21.14.23 | 000,000,193 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 22.42.20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/01/12 20.57.24 | 000,019,278 | ---- | M] () - J:\AutoHideDesktopIcons.zip -- [ FAT32 ]
O33 - MountPoints2\{28e44d04-eef1-11dd-a7cc-000ea6429028}\Shell - "" = AutoRun
O33 - MountPoints2\{28e44d04-eef1-11dd-a7cc-000ea6429028}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{4621f1a7-1773-11e2-958f-000ea6429028}\Shell - "" = AutoRun
O33 - MountPoints2\{4621f1a7-1773-11e2-958f-000ea6429028}\Shell\AutoRun\command - "" = F:\Windows\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-1214440339-839522115-515967899-1003\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 60 Days ==========

[2012/11/06 21.41.38 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/11/06 01.45.04 | 000,000,000 | ---D | C] -- C:\spoolerlogs
[2012/11/06 00.28.53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\desktop\Desktop\OTL.exe
[2012/11/05 19.02.55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\desktop\Recent
[2012/11/05 18.54.35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\CCleaner
[2012/11/05 18.54.16 | 000,000,000 | ---D | C] -- C:\Programmi\CCleaner
[2012/11/05 12.49.53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Malwarebytes' Anti-Malware
[2012/11/05 12.49.51 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/11/05 12.49.51 | 000,000,000 | ---D | C] -- C:\Programmi\Malwarebytes' Anti-Malware
[2012/11/05 09.05.40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Avira
[2012/11/04 22.31.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\desktop\Menu Avvio\Programmi\HiJackThis
[2012/11/04 22.17.18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\desktop\Menu Avvio\Programmi\SpyHunter
[2012/11/04 22.17.15 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2012/11/04 22.17.15 | 000,000,000 | ---D | C] -- C:\Programmi\Enigma Software Group
[2012/11/04 20.28.21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Sophos
[2012/11/04 20.28.06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\desktop\Menu Avvio\Programmi\Sophos
[2012/11/04 19.45.19 | 000,000,000 | ---D | C] -- C:\Programmi\Lavasoft
[2012/11/04 19.45.19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Lavasoft
[2012/11/04 19.45.19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft
[2012/11/04 11.48.32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Spybot - Search & Destroy
[2012/11/04 10.33.29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Yout
[2012/11/04 01.17.38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Google Earth
[2012/11/02 01.59.23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\desktop\Dati applicazioni\Ahead
[2012/10/29 17.37.38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\SOS PC Self
[2012/10/29 17.33.18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\Telecom Italia
[2012/10/29 17.33.18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\desktop\Dati applicazioni\Telecom Italia
[2012/10/29 17.22.36 | 000,000,000 | ---D | C] -- C:\Programmi\SOS PC Self
[2012/10/25 15.31.34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\desktop\Dati applicazioni\Intermedia Software
[2012/10/25 15.31.26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Intermedia Software
[2012/10/25 15.31.26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Helium Audio Converter
[2012/10/25 00.31.29 | 000,017,280 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe
[2012/10/25 00.31.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\desktop\Dati applicazioni\systweak
[2012/10/24 15.58.21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Direct MIDI to MP3 Converter
[2012/10/21 22.09.57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\W.I.N.C.O
[2012/10/21 21.44.24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\W.I.N.C.O
[2012/10/09 21.43.00 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\Java
[2012/10/09 21.42.43 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/10/09 21.42.28 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/10/09 21.42.28 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/10/09 21.42.28 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/10/07 18.23.56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Corel Paint Shop Pro Photo X2
[2012/10/07 18.23.13 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\Corel
[2012/10/07 18.23.13 | 000,000,000 | ---D | C] -- C:\Programmi\Corel
[2012/10/05 14.55.44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\desktop\Dati applicazioni\Corel
[2012/10/05 14.55.36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Corel
[2012/09/27 10.20.23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\PDFCreator
[2012/09/27 10.20.19 | 000,081,920 | ---- | C] (pdfforge GbR) -- C:\WINDOWS\System32\pdfcmon.dll
[2012/09/27 10.20.18 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCIT.DLL
[2012/09/27 10.20.18 | 000,122,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6IT.DLL
[2012/09/27 10.20.18 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCC2IT.DLL
[2012/09/27 10.20.17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMPIDE.DLL
[2012/09/14 19.29.31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\desktop\Dati applicazioni\Audacity
[2012/09/12 20.56.07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\MiniTool Partition Wizard Home Edition 7.1
[2012/01/15 14.43.07 | 000,032,768 | ---- | C] (Nenad Hrg (SoftwareOK.com)) -- C:\Documents and Settings\desktop\AutoHideDesktopIcons.exe
[2011/01/11 01.04.38 | 007,760,687 | ---- | C] (Boraxsoft) -- C:\Documents and Settings\desktop\Dati applicazioni\SetupGFD.exe
[2009/10/05 23.42.42 | 004,284,535 | ---- | C] (ffdshow ) -- C:\Documents and Settings\desktop\Dati applicazioni\ffdshow.exe
[2009/10/05 23.42.24 | 000,642,685 | ---- | C] (Xvid team ) -- C:\Documents and Settings\desktop\Dati applicazioni\xvid.exe
[2009/10/05 23.41.24 | 002,169,915 | ---- | C] (LIGHTNING UK!) -- C:\Documents and Settings\desktop\Dati applicazioni\Imgburn.exe
[2009/10/05 23.39.31 | 004,182,178 | ---- | C] (The Public) -- C:\Documents and Settings\desktop\Dati applicazioni\Avisynth.exe

========== Files - Modified Within 60 Days ==========

[2012/11/06 22.11.15 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/11/06 22.08.00 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/06 21.51.12 | 000,005,949 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2012/11/06 21.48.23 | 000,001,250 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-839522115-515967899-1003UA.job
[2012/11/06 21.47.02 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\userinit.exe
[2012/11/06 21.47.02 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\userinit.exe
[2012/11/06 21.46.22 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012/11/06 21.46.17 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/11/06 21.45.20 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/06 21.45.19 | 000,000,252 | ---- | M] () -- C:\WINDOWS\tasks\JetBoost_Startup.job
[2012/11/06 21.45.11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/11/06 21.45.08 | 2146,230,272 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/06 21.10.07 | 000,000,414 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{BAA84876-83C2-408E-B173-4487A0AA420E}.job
[2012/11/06 13.48.00 | 000,001,198 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-839522115-515967899-1003Core.job
[2012/11/05 22.29.09 | 002,194,312 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/11/05 18.54.35 | 000,000,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/11/05 14.23.14 | 000,008,350 | ---- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2012/11/05 14.23.09 | 000,778,700 | -H-- | M] () -- C:\treeinfo.wc
[2012/11/05 12.49.54 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/05 09.24.02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/11/05 09.05.40 | 000,000,879 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira Control Center.lnk
[2012/11/05 01.25.46 | 000,000,396 | -HS- | M] () -- C:\boot.ini
[2012/11/05 00.38.17 | 000,000,034 | ---- | M] () -- C:\Programmi\Mozilla Firefoxoverride.ini
[2012/11/05 00.38.16 | 000,023,103 | ---- | M] () -- C:\Documents and Settings\desktop\config.cfg
[2012/11/05 00.30.18 | 000,540,977 | ---- | M] () -- C:\Documents and Settings\desktop\Desktop\adwcleaner.exe
[2012/11/04 22.31.25 | 000,002,002 | ---- | M] () -- C:\Documents and Settings\desktop\Desktop\HiJackThis.lnk
[2012/11/04 22.17.19 | 000,001,957 | ---- | M] () -- C:\Documents and Settings\desktop\Desktop\SpyHunter.lnk
[2012/11/04 20.28.06 | 000,002,092 | ---- | M] () -- C:\Documents and Settings\desktop\Desktop\Sophos Virus Removal Tool.lnk
[2012/11/04 19.45.50 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2012/11/04 11.48.32 | 000,000,883 | ---- | M] () -- C:\Documents and Settings\desktop\Desktop\Spybot - Search & Destroy.lnk
[2012/11/04 01.17.38 | 000,001,893 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2012/10/29 22.24.10 | 000,000,809 | ---- | M] () -- C:\Documents and Settings\desktop\Desktop\SOSPCSelf.lnk
[2012/10/29 17.37.38 | 000,001,529 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SOSPCSelf.lnk
[2012/10/29 11.34.13 | 000,575,950 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2012/10/29 11.34.13 | 000,501,794 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/10/29 11.34.13 | 000,112,902 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2012/10/29 11.34.13 | 000,088,262 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/10/26 00.57.32 | 000,000,589 | ---- | M] () -- C:\Documents and Settings\desktop\Desktop\Da YouTube da_mp4_a_p3.lnk
[2012/10/25 12.12.39 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\desktop\Desktop\DVDVideoSoft Free Studio.lnk
[2012/10/25 12.12.39 | 000,000,743 | ---- | M] () -- C:\Documents and Settings\desktop\Desktop\Free YouTube Download.lnk
[2012/10/24 15.58.21 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\desktop\Desktop\Direct MIDI to MP3 Converter.lnk
[2012/10/21 22.23.43 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\desktop\Desktop\wXapAssistant.lnk
[2012/10/17 00.47.51 | 000,000,824 | ---- | M] () -- C:\Documents and Settings\desktop\.recently-used.xbel
[2012/10/16 14.54.53 | 000,000,716 | ---- | M] () -- C:\Documents and Settings\desktop\Desktop\_Programmi.lnk
[2012/10/09 21.42.18 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/10/09 21.42.17 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/10/09 21.42.17 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/10/09 21.42.17 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/10/09 21.42.17 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/10/09 21.42.16 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012/10/09 21.42.16 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012/10/09 12.15.13 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/10/09 12.15.13 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/10/07 18.23.58 | 000,002,041 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Corel Paint Shop Pro Photo X2.lnk
[2012/10/05 21.57.16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\desktop\Desktop\OTL.exe
[2012/10/03 15.13.01 | 000,000,692 | ---- | M] () -- C:\Documents and Settings\desktop\Desktop\CdCoverCreator.lnk
[2012/09/29 19.54.26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/09/27 10.20.23 | 000,000,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PDFCreator.lnk
[2012/09/27 09.56.59 | 000,001,152 | ---- | M] () -- C:\WINDOWS\System32\LexFiles.usr
[2012/09/12 20.56.08 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MiniTool Partition Wizard Home Edition.lnk

========== Files Created - No Company Name ==========

[2012/11/05 18.54.35 | 000,000,660 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/11/05 12.49.53 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/05 01.12.23 | 000,540,977 | ---- | C] () -- C:\Documents and Settings\desktop\Desktop\adwcleaner.exe
[2012/11/04 22.31.25 | 000,002,002 | ---- | C] () -- C:\Documents and Settings\desktop\Desktop\HiJackThis.lnk
[2012/11/04 22.17.19 | 000,001,957 | ---- | C] () -- C:\Documents and Settings\desktop\Desktop\SpyHunter.lnk
[2012/11/04 20.28.06 | 000,002,092 | ---- | C] () -- C:\Documents and Settings\desktop\Desktop\Sophos Virus Removal Tool.lnk
[2012/11/04 19.46.02 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012/11/04 19.45.50 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2012/11/04 11.48.32 | 000,000,883 | ---- | C] () -- C:\Documents and Settings\desktop\Desktop\Spybot - Search & Destroy.lnk
[2012/11/04 11.24.55 | 000,023,103 | ---- | C] () -- C:\Documents and Settings\desktop\config.cfg
[2012/11/04 10.33.30 | 000,000,034 | ---- | C] () -- C:\Programmi\Mozilla Firefoxoverride.ini
[2012/11/04 00.53.05 | 000,001,893 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2012/11/01 22.47.22 | 000,417,792 | ---- | C] () -- C:\WINDOWS\Nero PhotoShow.scr
[2012/10/29 22.24.10 | 000,000,809 | ---- | C] () -- C:\Documents and Settings\desktop\Desktop\SOSPCSelf.lnk
[2012/10/29 17.37.38 | 000,001,529 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SOSPCSelf.lnk
[2012/10/26 00.58.35 | 000,000,589 | ---- | C] () -- C:\Documents and Settings\desktop\Desktop\Da YouTube da_mp4_a_p3.lnk
[2012/10/25 12.12.39 | 000,000,863 | ---- | C] () -- C:\Documents and Settings\desktop\Desktop\DVDVideoSoft Free Studio.lnk
[2012/10/25 12.12.39 | 000,000,743 | ---- | C] () -- C:\Documents and Settings\desktop\Desktop\Free YouTube Download.lnk
[2012/10/24 15.58.21 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\desktop\Desktop\Direct MIDI to MP3 Converter.lnk
[2012/10/21 22.24.35 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\desktop\Desktop\wXapAssistant.lnk
[2012/10/17 00.47.51 | 000,000,824 | ---- | C] () -- C:\Documents and Settings\desktop\.recently-used.xbel
[2012/10/16 14.54.53 | 000,000,716 | ---- | C] () -- C:\Documents and Settings\desktop\Desktop\_Programmi.lnk
[2012/10/07 18.23.58 | 000,002,041 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Corel Paint Shop Pro Photo X2.lnk
[2012/09/27 10.20.23 | 000,000,660 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PDFCreator.lnk
[2012/09/12 20.56.08 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MiniTool Partition Wizard Home Edition.lnk
[2012/07/05 23.58.18 | 000,000,072 | ---- | C] () -- C:\WINDOWS\MediaManager.INI
[2012/06/22 12.01.30 | 000,019,984 | ---- | C] () -- C:\WINDOWS\System32\ESGScanner.sys
[2012/06/22 12.01.30 | 000,019,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\EsgScanner.sys
[2012/05/13 21.33.36 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\7D4B27D0E0.sys
[2012/05/10 11.37.30 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2012/04/25 20.59.00 | 000,225,866 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2012/04/25 20.16.18 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2012/04/25 20.16.15 | 000,789,962 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012/04/25 20.16.15 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012/03/18 18.48.35 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2012/03/14 23.52.03 | 000,008,350 | ---- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2012/03/14 23.52.03 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\E0D0274B7D.sys
[2012/03/14 18.45.04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2012/03/01 14.36.05 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2012/03/01 14.36.05 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2012/02/27 14.41.42 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2012/02/27 14.41.41 | 000,014,456 | ---- | C] () -- C:\WINDOWS\System32\Kara_v.dll
[2012/02/24 15.43.15 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\imgproc.dll
[2012/02/17 14.39.48 | 000,197,648 | ---- | C] () -- C:\WINDOWS\System32\drivers\StkCSF.sys
[2012/02/17 14.39.48 | 000,084,616 | ---- | C] () -- C:\WINDOWS\StkUnist.exe
[2012/02/16 12.20.52 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/14 20.26.39 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2012/02/14 20.25.01 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\AVerIO.dll
[2012/02/14 20.25.01 | 000,003,456 | ---- | C] () -- C:\WINDOWS\System32\AVerIO.sys
[2012/02/14 20.24.47 | 000,598,016 | ---- | C] () -- C:\WINDOWS\System32\sptlib21.dll
[2012/02/14 20.24.47 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\sptlib01.dll
[2012/02/14 20.24.47 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\sptlib11.dll
[2012/02/14 20.24.47 | 000,290,816 | ---- | C] () -- C:\WINDOWS\System32\sptlib22.dll
[2012/02/14 20.24.47 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\sptlib03.dll
[2012/02/14 20.24.47 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\sptlib02.dll
[2012/02/14 20.24.47 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\sptlib12.dll
[2012/02/06 21.26.09 | 000,000,244 | ---- | C] () -- C:\Documents and Settings\desktop\Dati applicazioni\YouChoob-Stats.xml
[2012/02/06 21.26.08 | 000,000,413 | ---- | C] () -- C:\Documents and Settings\desktop\Dati applicazioni\YouChoob.xml
[2012/01/15 14.43.11 | 000,000,056 | -H-- | C] () -- C:\Documents and Settings\desktop\AutoHideDesktopIcons.ini
[2012/01/14 17.46.05 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011/11/20 02.35.59 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2011/11/20 02.35.59 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2011/11/20 02.35.56 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2011/11/04 10.39.16 | 000,000,620 | ---- | C] () -- C:\WINDOWS\MyHeritage.INI
[2011/11/04 10.34.07 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2011/09/13 12.13.24 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011/09/13 12.13.24 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011/09/13 12.13.11 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\desktop\Dati applicazioni\$_hpcst$.hpc
[2011/07/11 10.17.33 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxczcnv7.dll
[2011/07/11 10.17.33 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxczcnv6.dll
[2011/07/11 10.17.33 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxczcnv5.dll
[2011/07/11 10.17.33 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxczcnv4.dll
[2011/07/11 10.17.33 | 000,039,899 | ---- | C] () -- C:\WINDOWS\System32\rtsicis.ini
[2011/07/11 10.17.15 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxczinpa.dll
[2011/07/11 10.17.15 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\LXCZhcp.dll
[2011/07/11 10.17.14 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\lxczserv.dll
[2011/07/11 10.17.14 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\lxczusb1.dll
[2011/07/11 10.17.14 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxczhbn3.dll
[2011/07/11 10.17.14 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxczpmui.dll
[2011/07/11 10.17.14 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxczlmpm.dll
[2011/07/11 10.17.14 | 000,537,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxczcoms.exe
[2011/07/11 10.17.14 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxczcomm.dll
[2011/07/11 10.17.14 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcziesc.dll
[2011/07/11 10.17.14 | 000,385,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxczih.exe
[2011/07/11 10.17.14 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxczprox.dll
[2011/07/11 10.17.14 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxczpplc.dll
[2011/07/11 10.17.13 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxczcomc.dll
[2011/07/11 10.17.13 | 000,381,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lxczcfg.exe
[2011/07/03 16.42.19 | 000,000,022 | ---- | C] () -- C:\WINDOWS\System32\syoepk_lib0.dll
[2011/07/03 16.42.18 | 000,000,096 | -HS- | C] () -- C:\WINDOWS\WSYS049.SYS
[2011/03/22 14.59.27 | 000,000,126 | ---- | C] () -- C:\WINDOWS\PRLTP_USBdrv.ini
[2011/03/12 13.59.09 | 000,991,014 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-S-1-5-21-1214440339-839522115-515967899-1003-0.dat
[2011/03/12 00.48.28 | 000,763,614 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-System.dat
[2011/03/08 22.31.29 | 000,000,279 | ---- | C] () -- C:\WINDOWS\ImageInc.ini
[2011/02/10 21.23.07 | 000,085,296 | ---- | C] () -- C:\WINDOWS\hpgins01.dat.temp
[2011/02/08 21.57.31 | 000,000,145 | ---- | C] () -- C:\WINDOWS\hpgmdl01.dat.temp
[2011/01/24 01.13.20 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2011/01/11 01.08.24 | 000,696,882 | ---- | C] () -- C:\WINDOWS\System32\unins000.exe
[2011/01/11 01.08.23 | 000,126,785 | ---- | C] () -- C:\WINDOWS\System32\unins000.dat
[2011/01/11 01.02.27 | 005,243,208 | ---- | C] ( ) -- C:\Documents and Settings\desktop\Dati applicazioni\AvsP.exe
[2011/01/03 18.58.25 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\7D2530727A.sys
[2011/01/03 02.20.47 | 000,000,050 | ---- | C] () -- C:\WINDOWS\Megakey.INI
[2010/11/22 09.41.18 | 000,003,476 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2010/11/09 22.55.54 | 000,038,305 | ---- | C] () -- C:\WINDOWS\AFUDOS.exe
[2010/07/19 22.01.36 | 000,000,185 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\Microsoft.SqlServer.Compact.351.32.bc
[2010/01/16 19.27.27 | 000,008,204 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010/01/14 21.55.35 | 000,000,335 | ---- | C] () -- C:\Documents and Settings\desktop\Dati applicazioni\burnaware.ini
[2009/02/27 01.09.09 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\desktop\Dati applicazioni\vso_ts_preview.xml
[2009/01/22 14.34.35 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\fusioncache.dat
[2009/01/15 16.35.53 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\desktop\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/01/14 14.44.44 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 18.13.52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11.55.46 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 18.13.58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/02/14 20.28.39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVerTV
[2011/12/18 00.16.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\BlueSprig
[2009/01/15 10.59.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\BVRP Software
[2011/10/25 23.39.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Canneverbe Limited
[2010/11/16 12.15.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\DAEMON Tools Lite
[2011/07/08 23.20.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Driver Mender
[2010/04/04 22.20.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\DriverCure
[2011/09/11 19.42.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Easy Driver Pro
[2012/04/25 21.54.07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Freemake
[2011/09/05 14.52.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Installations
[2012/10/25 15.31.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Intermedia Software
[2011/03/08 21.40.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\IObit
[2010/10/31 01.33.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Macrium
[2011/09/22 09.48.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MAGIX
[2009/01/15 15.58.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\muvee Technologies
[2011/11/05 08.17.50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MyHeritage
[2011/05/15 21.57.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Nitro PDF
[2010/06/22 00.20.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Nokia
[2010/03/01 10.26.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\NokiaMusic
[2010/04/04 22.17.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ParetoLogic
[2011/09/22 09.48.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PC Suite
[2011/09/22 09.48.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PicturesToExe
[2009/08/28 20.53.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Pinnacle
[2009/08/28 20.31.41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Pinnacle Studio
[2012/05/10 22.29.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Pinnacle Studio Plus
[2009/09/28 14.49.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Pinnacle Studio Ultimate
[2012/03/24 19.13.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Pinnacle VideoSpin
[2009/01/17 15.31.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Recisio
[2011/01/03 12.52.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\regid.1986-12.com.adobe
[2009/02/04 19.05.41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Simple Star
[2009/02/04 23.29.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Simple Star Shared
[2010/03/31 19.48.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Smart Soft
[2009/09/28 23.47.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\SmartSound Software Inc
[2012/03/15 19.33.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Socusoft
[2010/11/01 00.32.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Softland
[2011/09/22 09.48.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Soluto
[2012/11/04 20.28.21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Sophos
[2012/05/11 22.54.45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Spyware Terminator
[2012/05/10 22.29.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Studio 12
[2010/11/22 22.38.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Sync App Settings
[2012/09/05 21.12.55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TEMP
[2011/11/03 01.31.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Ulead Systems
[2009/10/05 19.05.01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{83C91755-2546-441D-AC40-9A6B4B860800}
[2010/01/09 01.02.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Acronis
[2010/02/07 22.50.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\aignes
[2009/10/12 22.01.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Any Video Converter Professional
[2010/11/22 23.04.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\ASCOMP Software
[2012/10/27 15.43.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Audacity
[2011/03/03 00.55.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\avidemux
[2011/12/26 23.48.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\BitTorrent
[2012/03/01 01.40.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Boilsoft
[2010/08/15 13.49.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Bump Technologies, Inc
[2009/01/17 12.10.17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\BwgSoftware
[2010/09/13 21.54.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Canneverbe Limited
[2011/09/04 20.10.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\ChemTable Software
[2011/03/08 22.31.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Christofer Persson
[2010/10/09 15.16.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Convivea
[2011/12/26 23.48.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\DAEMON Tools Lite
[2009/12/02 14.45.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\DeepBurner
[2009/08/19 13.47.39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Design-Lib.Com
[2010/12/09 00.08.57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Dexclock
[2010/12/06 12.42.50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\DNA
[2011/05/15 21.56.07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Downloaded Installations
[2010/04/04 22.18.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\DriverCure
[2012/01/04 23.39.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\driveridentifier
[2012/10/25 12.13.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\DVDVideoSoft
[2012/10/25 12.12.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\DVDVideoSoftIEHelpers
[2010/06/04 22.32.41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Easeware
[2012/02/10 10.37.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Easy Image Modifier
[2009/02/20 10.59.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\eMule
[2011/08/04 21.05.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Family Tree Pilot
[2011/10/09 21.38.17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\ffDiaporama
[2010/01/14 22.38.40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\FontCreator
[2011/12/07 12.12.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Foxit Software
[2009/02/11 23.30.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Free Audio Editor
[2012/09/07 10.11.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Free PDF to Word Converter
[2012/09/04 16.43.39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\FreeAudioPack
[2012/02/28 10.40.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\FreeFileSync
[2010/01/18 21.24.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\FreeFixer
[2010/07/12 11.55.20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\GARMIN
[2010/01/31 19.37.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\GetRightToGo
[2012/02/22 16.00.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\GlarySoft
[2009/08/27 14.07.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\GrabPro
[2012/08/22 21.24.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\gtk-2.0
[2010/10/16 00.56.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\HD Tune Pro
[2012/05/29 22.39.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Hulubulu
[2011/01/17 21.20.39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\IAScratch
[2009/08/04 08.46.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\ImgBurn
[2009/01/24 23.28.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\InfraRecorder
[2010/01/17 18.19.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\inkscape
[2012/10/25 15.31.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Intermedia Software
[2009/01/20 10.07.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\iolo
[2010/11/22 22.18.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Itsth
[2012/05/14 01.50.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\JAM Software
[2010/12/14 09.37.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Juan M. Aguirregabiria
[2009/10/08 08.53.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\kiwi.software.NET
[2010/03/16 23.03.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Koala
[2010/01/14 01.53.55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Leadertech
[2011/07/11 09.12.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Lunascape
[2011/01/20 13.11.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\MAGIX
[2012/11/06 13.29.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\MailWasherFree
[2012/04/16 14.57.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Maxthon3
[2011/08/01 14.28.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Moonchild Productions
[2012/02/29 22.38.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\MotionDSP
[2009/01/20 10.51.45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\muvee Technologies
[2011/08/04 20.22.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\MyHeritage
[2011/07/08 23.07.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\mypcdrivers
[2011/01/30 14.49.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Neowise
[2009/01/15 01.29.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Netscape
[2012/08/30 12.47.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Nitro PDF
[2010/03/01 10.35.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Nokia
[2009/01/20 20.13.21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\OpenOffice.org
[2009/01/15 01.08.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Opera
[2012/05/31 15.33.29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Oracle
[2010/01/01 19.38.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Orbit
[2010/07/14 20.52.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\PC Suite
[2009/08/28 16.57.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Pegasys Inc
[2011/01/09 02.38.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Photodex
[2010/08/20 11.26.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\PhotoFiltre
[2010/07/23 12.33.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\PhotoScape
[2010/01/14 01.40.37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Registry Booster
[2011/09/13 12.13.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Samsung
[2012/03/15 20.44.57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Simple Star
[2010/11/01 00.32.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Softland
[2009/02/02 22.06.35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Software Informer
[2012/05/11 22.59.29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Spyware Terminator
[2012/05/17 14.21.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\StarBurn
[2011/12/07 18.10.13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\SumatraPDF
[2011/01/16 01.00.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Sync App Settings
[2012/10/25 00.39.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\systweak
[2012/03/27 23.15.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\T55
[2012/10/29 17.33.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Telecom Italia
[2010/02/09 13.02.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\TeraCopy
[2011/11/04 10.34.07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\The Complete Genealogy Reporter - FTB
[2009/01/20 15.15.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\TuneUp Software
[2011/11/03 01.42.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Ulead Systems
[2012/11/04 23.23.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\uTorrent
[2012/04/25 20.18.07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Video DVD Maker FREE
[2012/11/05 18.58.13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Vso
[2011/04/12 22.36.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\WalaSoft
[2009/01/15 00.04.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Windows Desktop Search
[2009/01/19 23.58.45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Windows Search
[2012/08/15 11.36.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\wsInspector
[2009/11/02 21.03.50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\X10 Commander
[2012/03/18 22.40.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\XMedia Recode
[2011/12/29 12.37.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\XnConvert
[2012/11/04 00.50.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\XnView
[2011/12/22 12.28.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\Zoner
[2011/01/17 17.03.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\desktop\Dati applicazioni\{4916c8ce-b9e7-4e25-9a23-25493e41e04c}
[2009/11/12 02.31.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dati applicazioni\PeerNetworking

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:890CC2F3
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:A31FAD21

< End of report

**************************************************************************************
OTL Extras logfile created on: 06/11/2012 22.09.18 - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\desktop\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 70,03% Memory free
3,87 Gb Paging File | 3,23 Gb Available in Paging File | 83,46% Paging File free
Paging file location(s): C:\pagefile.sys 2064 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 99,06 Gb Total Space | 61,56 Gb Free Space | 62,14% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 181,38 Gb Free Space | 77,89% Space Free | Partition Type: NTFS
Drive E: | 258,79 Gb Total Space | 239,47 Gb Free Space | 92,53% Space Free | Partition Type: NTFS
Drive J: | 7,79 Gb Total Space | 3,35 Gb Free Space | 43,06% Space Free | Partition Type: FAT32
Drive M: | 48,83 Gb Total Space | 48,74 Gb Free Space | 99,83% Space Free | Partition Type: NTFS

Computer Name: FRANCO | User Name: Desktop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- D:\Programmi\Internet\Maxthon3\Bin\Maxthon.exe (Maxthon International ltd.)
.url [@ = InternetShortcut] -- D:\Programmi\Internet\Maxthon3\Bin\Maxthon.exe (Maxthon International ltd.)

[HKEY_USERS\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
htmlfile [edit] -- "D:\Programmi\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "D:\Programmi\Internet\Maxthon3\Bin\Maxthon.exe" "%1" (Maxthon International ltd.)
InternetShortcut [open] -- "D:\Programmi\Internet\Maxthon3\Bin\Maxthon.exe" "%1" (Maxthon International ltd.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Gruppi peer-to-peer Windows
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Gruppi peer-to-peer Windows
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programmi\Windows Live\Messenger\msnmsgr.exe" = C:\Programmi\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programmi\Mozilla Firefox\firefox.exe" = C:\Programmi\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)
"C:\Programmi\ASUS\AsusUpdate\Update.exe" = C:\Programmi\ASUS\AsusUpdate\Update.exe:*:Enabled:ASUS Update -- (ASUSTek Computer Inc.)
"C:\WINDOWS\system32\LEXPPS.EXE" = C:\WINDOWS\system32\LEXPPS.EXE:*:Disabled:LEXPPS.EXE -- (Lexmark International, Inc.)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"D:\Programmi\Microsoft Office\Office12\OUTLOOK.EXE" = D:\Programmi\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"D:\Programmi\Microsoft Office\Office12\GROOVE.EXE" = D:\Programmi\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"D:\Programmi\Microsoft Office\Office12\ONENOTE.EXE" = D:\Programmi\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"D:\Programmi\Internet\eMule\emule.exe" = D:\Programmi\Internet\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"D:\Programmi\Internet\Ascolta Radio\RadioPlay.exe" = D:\Programmi\Internet\Ascolta Radio\RadioPlay.exe:*:Enabled:RadioPlay -- ()
"D:\Programmi\Internet\TVLC\Main\App\vlc\vlc.exe" = D:\Programmi\Internet\TVLC\Main\App\vlc\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Programmi\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Programmi\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Programmi\Windows Live\Messenger\msnmsgr.exe" = C:\Programmi\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"D:\Programmi\Internet\uTorrent\uTorrent.exe" = D:\Programmi\Internet\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\Programmi\Video\Pinnacle\Studio 12\Programs\Studio.exe" = D:\Programmi\Video\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio program file -- (Pinnacle Systems)
"D:\Programmi\Internet\BitTorrent\BitTorrent.exe" = D:\Programmi\Internet\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"F:\PortableApps\eMule\emule.exe" = F:\PortableApps\eMule\emule.exe:*:Enabled:eMule
"D:\Programmi\Video\Freemake\Freemake Video Converter\FreemakeVC.exe" = D:\Programmi\Video\Freemake\Freemake Video Converter\FreemakeVC.exe:*:Enabled:Freemake Video Converter -- (Freemake)
"D:\Programmi\Internet\eMule2\eMule.exe" = D:\Programmi\Internet\eMule2\eMule.exe:*:Enabled:eMule ScarAngel -- (http://www.emule-project.net)
"C:\Programmi\Skype\Phone\Skype.exe" = C:\Programmi\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\WINDOWS\system32\lxczcoms.exe" = C:\WINDOWS\system32\lxczcoms.exe:*:Enabled:1200 Series Server -- ( )
"C:\Programmi\SightSpeed\SightSpeed.exe" = C:\Programmi\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed -- (SightSpeed Inc.)
"D:\Programmi\Grafica\Samsung New PC Studio\npsasvr.exe" = D:\Programmi\Grafica\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"D:\Programmi\Grafica\Samsung New PC Studio\npsvsvr.exe" = D:\Programmi\Grafica\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programmi\Bonjour\mDNSResponder.exe" = C:\Programmi\Bonjour\mDNSResponder.exe:*:Enabled: Servizio Bonjour -- (Apple Inc.)
"D:\Programmi\Video\VideoSpin\Programs\RM.exe" = D:\Programmi\Video\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems)
"D:\Programmi\Video\VideoSpin\Programs\umi.exe" = D:\Programmi\Video\VideoSpin\Programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems)
"D:\Programmi\Video\VideoSpin\Programs\VideoSpin.exe" = D:\Programmi\Video\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin -- (Pinnacle Systems)
"D:\Programmi\Burn\Nero 7\Nero Home\NeroHome.exe" = D:\Programmi\Burn\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home
"D:\Programmi\Internet\Maxthon3\Bin\Maxthon.exe" = D:\Programmi\Internet\Maxthon3\Bin\Maxthon.exe:*:Enabled:Maxthon -- (Maxthon International ltd.)
"D:\Programmi\Internet\Maxthon3\Bin\MxUp.exe" = D:\Programmi\Internet\Maxthon3\Bin\MxUp.exe:*:Enabled:MxUp -- (Maxthon International ltd.)
"D:\Programmi\Internet\Maxthon3\Modules\MxMiniThunder\ThunderMini.exe" = D:\Programmi\Internet\Maxthon3\Modules\MxMiniThunder\ThunderMini.exe:*:Enabled:MxMiniThunder -- (深圳市迅雷网络技术有限公司)
"D:\Programmi\Video\Pinnacle\Studio 12\Programs\RM.exe" = D:\Programmi\Video\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems)
"D:\Programmi\Video\Pinnacle\Studio 12\Programs\umi.exe" = D:\Programmi\Video\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems)
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\Programmi\uTorrent\uTorrent.exe" = C:\Programmi\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01AD30EF-7C6C-4279-81AA-FF5C28A27504}" = MAGIX 3D Maker (embedded MSI)
"{03ADC8AB-C130-0C3D-1FF9-2C385DF25689}" = CCC Help Czech
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{07EFA2FE-53D9-413B-B350-A80A159DE4C5}" = IDF Alice Gate 2 plus USB
"{08E2EC5A-9C9D-4472-AB52-4165774BB8D8}" = Studio 10.1 Patch
"{09C468CA-2940-466A-AAE8-DCC0C6E9323C}" = Nokia Software Updater
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B500125-92A7-40BF-ACF0-45A9221ADE21}_is1" = PowerOffer 2.0
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{10CDF671-AA99-4048-AFEF-0B3A209B55FA}" = ATIRW2
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1526AF0F-C293-4383-8143-139A618FE4EA}" = Client Windows Rights Management con Service Pack 2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1943A043-5C85-4A16-A0D0-D687B2C1A40F}" = VirtualCom driver
"{1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}" = DeepBurner v1.6.0.198
"{1B4AA674-F5CA-4BB5-831A-CD37B4021959}" = ImageMixer for Sony
"{1B5F186C-2B4E-4698-B4EF-15125729DBD3}" = CalcTape
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Strumento di caricamento di Windows Live
"{20A5C327-8A22-463C-BEB0-38B681E097A6}" = Vilma Registry Explorer
"{20EFD980-3787-11D5-B64E-00C04F790F76}" = MovieShaker 3.1 per MICROMV
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{221B9E1F-8120-492F-9894-292C4C4D171F}" = Installazione Guidata Alice
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}" = HDD Regenerator
"{25E86A0D-ADE4-4837-97C4-FC228D1F3103}_is1" = WinMate
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26230539-8DAE-46CF-BC7A-E8BCA8205DCF}" = WinXP Manager
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{27263813-8BDE-4CD2-84D3-02536743428A}_is1" = Attribute Changer 6.20
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Bing Maps 3D
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{300B9E83-E406-4DF7-8A21-E8A90E4F8B91}_is1" = Convert DVD to AVI 1.1
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31BBFD8F-A3BA-49BA-9511-6332B7022564}" = MAGIX Screenshare
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{328019A7-0012-401D-96A2-4CDDD02675A8}" = Garmin POI Loader
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{34A153FE-6926-4C14-B48A-B71E68C672A8}_is1" = MiniTool Partition Wizard Home Edition 7.1
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{39AE27EE-A148-48A3-B98D-35498C4D9719}" = Windows Live Messenger
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CB05291-F546-458E-A796-B5BCF5A3CDC4}" = Studio 10
"{3CBA0E30-6F54-47EF-910E-1D4D450AFE45}" = ATI Multimedia Center
"{3E5A81BA-4702-490A-B729-0BFF6E7CBF96}" = Pinnacle PCI Performance Enhancer
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{43002AE2-4093-49E0-A03D-990EE184C568}" = Lyrics Plugin for Windows Media Player
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{45518B6D-9DDF-4144-83E4-A56762524F35}" = USB2.0 Grabber
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45D228AA-4284-467A-9DB6-942B92BFF656}" = DVDDec
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{53EF6570-21A4-47ED-A40A-E6470A5677A3}" = Studio 8
"{564A8DD3-70BC-4018-A5C3-7CEB10BBB6E9}" = Image Transfer
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{5BABB201-7E5C-4C94-A4D0-E2AF0DB2CCBC}" = Alice Messenger
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Driver Pinnacle Video
"{5F32D89B-D3A0-4562-AC03-F6DE4614AE1A}" = DVB-T USB DEVICE
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{63539D3B-F3A0-425E-9AE6-5896FC5DAADA}" = ListGenerator
"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6896D5C3-823C-4c87-BA28-75810DA97725}" = Windows 7 Upgrade Advisor
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7184F382-8A6C-4B85-A3AC-B63734B1E241}" = SAMSUNG Mobile USB Driver
"{71CB2612-627C-3D58-8D82-B77444B27B6A}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - ITA
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{752CA503-E29F-4610-A1A4-B21CDC58EF8D}" = SAS10
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7784A172-61F1-445E-8368-601607E0DD22}" = MP3 Player Utilities 3.74
"{7845EB52-DF1E-4B5E-AB48-3012C0EF8D16}" = VCT
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7B86ABB4-3FAD-4D08-870F-E148DC85FD24}" = MAGIX Speed 2 (MSI)
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{82FC3904-4B76-4A96-B62B-2BEDAA03949B}" = Installazione Guidata Alice
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{85F0337D-33AC-43B4-A003-DF35061F1D8D}" = OpenOffice.org 3.0
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{88BFE745-3D1F-4B80-8C40-E626E5A8E613}" = Samsung S5230 Wallpaper Creator
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8B667052-ECC4-41F2-9490-BA4F2FA0C580}" = hpg4070
"{8CF3206B-6330-42D6-B35E-CA7098337CB8}_is1" = Helium Audio Converter (build 290)
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD
"{8F9C3F7D-0C85-4AB9-A602-89385276AC80}" = TV AV
"{90120000-0010-0410-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Italian) 12
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_ENTERPRISE_{741A792D-4ED8-4C66-B32E-A47865FA1163}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_ENTERPRISE_{741A792D-4ED8-4C66-B32E-A47865FA1163}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_ENTERPRISE_{741A792D-4ED8-4C66-B32E-A47865FA1163}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_ENTERPRISE_{741A792D-4ED8-4C66-B32E-A47865FA1163}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_ENTERPRISE_{741A792D-4ED8-4C66-B32E-A47865FA1163}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_ENTERPRISE_{741A792D-4ED8-4C66-B32E-A47865FA1163}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2007
"{90120000-0044-0410-0000-0000000FF1CE}_ENTERPRISE_{741A792D-4ED8-4C66-B32E-A47865FA1163}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_ENTERPRISE_{B9896689-DF51-4A16-AAD5-002622D86C72}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}_ENTERPRISE_{741A792D-4ED8-4C66-B32E-A47865FA1163}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2007
"{90120000-00BA-0410-0000-0000000FF1CE}_ENTERPRISE_{741A792D-4ED8-4C66-B32E-A47865FA1163}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{932D0FC7-6DF1-4136-A2EC-166E8DEFD6A4}" = Ad-Aware
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95120000-0122-0410-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{99C97C46-2BFA-4A02-8B2A-2508D9C598C9}" = Nitro PDF Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B2E8AF3-0BF6-4822-BF21-32D493319042}" = Component Checker
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CEB017E-CC16-4C89-B9E4-AAB5A1DD12F9}" = Windows Live Essentials
"{9E2F2BAC-A9FD-35BC-B8E0-253FEBED0F9B}" = Windows Phone SDK 7.1 Assemblies
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A72AA49D-D6D2-45DC-B442-63B35D502036}" = BwgBurn Version 0.7.5
"{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}" = DiscAPI
"{A7BA5663-08FD-41B1-8008-DD3C3752C2E5}" = Garmin City Navigator Europe NT 2010.20 Update
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A835519A-4EFC-4554-9D61-0BB4FC54D81B}" = Pinnacle Instant PhotoAlbum
"{A8DF1374-7E6B-448A-87BB-2DCE71874F2B}" = Macrium Reflect - Free Edition
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9D65D46-3708-4F5B-9117-0199C7098D11}" = WanMiniport1st
"{AA468551-1794-42FE-B504-C41D75EEBDF2}_is1" = Partition Wizard Home Edition 4.2.2
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AC76BA86-7AD7-5670-0000-900000000003}" = Korean Fonts Support For Adobe Reader 9
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B0F64C44-DC77-497D-9A27-C0F5BAB12493}" = muveeNow 2.0 - Creative
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B8116CB8-070C-4F64-AD02-D034D6AD5492}_is1" = Security Autorun 1.2
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{BB05D173-9681-4812-A7FA-BD4042A3DA00}" = Alky for Applications (Windows XP)
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{BE82A2BE-FCD3-4C93-B727-6B2764433775}" = Microsoft Calculator Plus
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C3C640B8-95B6-40AE-A058-BE4896CD3010}" = Windows Live Call
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook Personal Folders Backup
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C7D03947-5734-46FC-89A3-D3B0CF1CAFFF}_is1" = Mz Ultimate Tweaker v5.9
"{C88E49AA-41C5-4420-A08D-BE1B6C5A3A74}" = DAO
"{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet
"{C9F0B814-4CBE-4DE2-83B2-C0D770CF9CA6}" = ArcSoft MediaImpression
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD5BB533-7354-4F92-8F0B-27416AE443E5}" = Pirelli USB Driver
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{D0D14551-3A2D-433B-861F-F4DCE5422759}" = Nokia PC Suite
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{D17111CB-C992-42A9-9D56-C19395102AAA}" = Garmin WebUpdater
"{D3F9003B-7D17-4317-B61B-0694FF5333F8}" = Oracle VM VirtualBox 4.1.18
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{D8463866-A5D6-4155-8B57-9E7BBBEE42FC}" = MAGIX Online Print Service
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{D9DA5C41-964F-455F-B5E7-3664519440E8}_is1" = Bit Che
"{DBA5E973-660D-4CBE-A469-F5C37FBF0CE4}" = DesktopEarth
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DC7B9AB3-2635-45AA-957D-90FDE7CD51D7}" = Assistente per l'accesso a Windows Live
"{DD0DDC9E-2ED4-44DD-B461-0EFC126813A0}" = On2 VP7 Personal Edition
"{DDABC667-56B3-4122-82B0-2F5782EA2F9A}" = SpyHunter
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{DE114695-AE58-4B66-8E0F-2505188602FB}_is1" = Uninstall Startup Inspector
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DF487E0B-8B2F-430B-A7F9-94DEF592555D}" = RTC Client API v1.3 msm
"{DFDCD270-A4DF-4AFF-8EBF-C1D2AB778EFF}_is1" = Stampa Copertine Vers. 3.0.5
"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"{E31A24A7-CF73-42B7-8FA1-26644296C9E3}" = Windows Live Mail
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{E64012E9-D6A1-4185-A719-9D719EAE8C31}" = MAGIX Foto su CD & DVD 9
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" = Alcohol 120%
"{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}" = ATI Catalyst Control Center
"{EBD5D9BF-1759-4FB1-9B7B-E5A2F1C286BF}" = wXapAssistant
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EC905264-BCFE-423B-9C42-C3A106266790}" = SP2 compatibilità versioni precedenti Client Windows Rights Management
"{ECBA216D-3644-4744-88A3-FE0EA1D9EAA6}" = InterVideo FilterSDK for 10moons
"{EEECE229-49F6-4851-A73A-99B058221F8C}" = RAPID
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{EFEDD205-43FE-4208-B682-0937E803E19E}_is1" = NexusFont 2.5 (ver 2.5.6.1478)
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F2D2B58B-B2FD-46D1-8319-DCE564079934}" = Microsoft .NET Framework 1.1 Italian Language Pack
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F45298E5-0083-426F-A668-1A2C5F04B8A0}" = FaxTools
"{F4B3D500-8DAD-4563-A312-5BF3A03921E3}_is1" = MyPCDrivers 4.1
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"{FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1" = Boilsoft Video Joiner 6.56
"{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}" = Pinnacle VideoSpin
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Pacchetto driver Windows - Nokia Modem (10/05/2009 4.2)
"1ClickDownload" = 1ClickDownloader
"34EA302E7F4CBD17A19E33BBCB72363234956D7E" = Pacchetto driver Windows - Nokia Modem (06/09/2010 4.5)
"3Planesoft Screensaver Manager_is1" = 3Planesoft Screensaver Manager 1.0
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"504244733D18C8F63FF584AEB290E3904E791693" = Pacchetto driver Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6A630DCEC5EEC912115F2FF59D8C2C769798D930" = Pacchetto driver Windows - Nokia Modem (10/12/2007 3.6)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Pacchetto driver Windows - Nokia Modem (02/25/2011 7.01.0.9)
"7-Zip" = 7-Zip 4.65
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pacchetto driver Windows - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"aignesamdeadlink_is1" = AM-DeadLink 4.4
"Alky for Applications" = Alky for Applications (Windows XP)
"All ATI Software" = ATI - Software Uninstall Utility
"Allok Video Splitter_is1" = Allok Video Splitter 3.1.1117
"Analogy" = Analogy Screen Saver
"Anvsoft DVD Menu Template Package 1" = Menu Template Package 1 Ver 1.10
"Aspi Installer" = Aspi Installer
"ATI Display Driver" = ATI Display Driver
"AVerMedia A835 USB TV Tuner" = AVerMedia A835 USB TV Tuner 8.0.0.43
"Avidemux 2.5" = Avidemux 2.5 (32-bit)
"Avira AntiVir Desktop" = Avira Free Antivirus
"AviSplit Classic (Freeware)_is1" = AviSplit Classic Version 1.43
"AviSynth" = AviSynth 2.5
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AvsP_is1" = AvsP
"Batch PSD to JPG1.51" = Batch PSD to JPG
"BitTorrent" = BitTorrent
"BurnAware Free_is1" = BurnAware Free 3.1.5
"CCleaner" = CCleaner
"CdCoverCreator" = CdCoverCreator 2.5.3
"Codice Fiscale 32-bit v4.21_is1" = Codice Fiscale 32-bit v4.21
"Coral Clock 3D Screensaver_is1" = Coral Clock 3D Screensaver 1.0
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"Creative Live! Cam Center" = Creative Live! Cam Center
"Creative Live! Cam Doodling" = Creative Live! Cam Doodling
"Creative Live! Cam FX Creator" = Creative Live! Cam FX Creator
"Creative Live! Cam Manager" = Creative Live! Cam Manager
"Creative Live! Cam User's Guide" = Manuale dell'utente Creative Live! Cam
"Creative Photo Calendar" = Fotocalendario Creative
"Creative Photo Manager" = Creative Photo Manager
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative VF0350" = Creative Live! Cam Video Chat or Video IM Driver (1.02.01.00)
"Direct MIDI to MP3 Converter_is1" = Direct MIDI to MP3 Converter versione 6.2.2.46
"Disk Investigator" = Disk Investigator 1.4
"DriverEasy_is1" = DriverEasy version 2.2.0
"DVD Photo Slideshow Professional_is1" = DVD Photo Slideshow Professional 8.00
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Pacchetto driver Windows - Nokia Modem (02/25/2011 4.7)
"E24870CB6AA1C3511635FF9020A3E9471287FBE7" = Pacchetto driver Windows - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)
"Earth 3D Screensaver_is1" = Earth 3D Screensaver 1.0
"EasyBCD" = EasyBCD 2.1
"EasyPrediction" = EasyPrediction
"EEEE705096F837B7907659F100C9FE6DA001970F" = Pacchetto driver Windows - Nokia Modem (06/09/2010 7.01.0.7)
"eMule" = eMule
"eMule_is1" = eMule ScarAngel 4.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Family Tree Builder" = MyHeritage Family Tree Builder
"Family Tree Pilot_is1" = Family Tree Pilot 1.04
"FBackup 4_is1" = FBackup 4
"ffdshow_is1" = ffdshow [rev 2202] [2008-10-10]
"FindyKill" = FindyKill
"Free DVD Video Burner_is1" = Free DVD Video Burner version 3.2.0.508
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 2.2
"Free PDF to Word Converter_is1" = Free PDF to Word Converter 5.1.0.383
"Free Video to DVD Converter_is1" = Free Video to DVD Converter version 1.6.18.305
"Free YouTube Download_is1" = Free YouTube Download version 3.1.39.1015
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"FreeFileSync" = FreeFileSync v5.3
"FreeHideIP" = Free Hide IP 2.1
"Freemake Video Converter_is1" = Freemake Video Converter versione 3.0.2
"GenoPro" = GenoPro 2.5.3.9
"GOM Player" = GOM Player
"GUI for dvdauthor" = GUI for dvdauthor 1.07
"Hollywood FX 4.6" = Pinnacle Hollywood FX 4.6
"Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio
"IBM_HostCD" = Disinstallazione del software IBM
"ICE ECC" = ICE ECC v2.7
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"InstallShield_{10CDF671-AA99-4048-AFEF-0B3A209B55FA}" = ATI Remote Wonder 2.0
"InstallShield_{3CBA0E30-6F54-47EF-910E-1D4D450AFE45}" = ATI Multimedia Center 9.14
"InstallShield_{45D228AA-4284-467A-9DB6-942B92BFF656}" = ATI DVD Decoder 2.2.0.0
"InstallShield_{752CA503-E29F-4610-A1A4-B21CDC58EF8D}" = AuthorScript Engine 1.0
"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"iRecover" = iRecover 1.0 [build 1.1.5.222]
"iRecover_is1" = DIY DataRecovery iRecover 3
"Java(TM) SE Runtime Environment 6" = Java(TM) 6 Update 7
"Karaoke 5_is1" = Karaoke 5 ver. 40.12
"Kernel Outlook PST Viewer_is1" = Kernel Outlook PST Viewer ver 11.05.01
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.2.0 (Full)
"LAME_is1" = LAME v3.99.3 (for Windows)
"Lexmark 1200 Series" = Lexmark 1200 Series
"LinuxLive USB Creator" = LinuxLive USB Creator
"Lunascape6" = Lunascape6 (All Users)
"MailWasher Free_is1" = MailWasher Free 6.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.65.1.1000
"Marvell Miniport Driver" = Marvell Miniport Driver
"Maxthon3" = Maxthon 3
"McAfee Security Scan" = McAfee Security Scan
"Media Player - Codec Pack" = Media Player Codec Pack 3.9.5
"Megaupload Downloader" = Megaupload Downloader
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Silverlight" = Microsoft Silverlight
"MixPad" = MixPad Audio Mixer
"Mozilla Firefox 16.0.2 (x86 it)" = Mozilla Firefox 16.0.2 (x86 it)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MultiRes (remove only)" = MultiRes (remove only)
"NirSoft Wireless Network Watcher" = NirSoft Wireless Network Watcher
"Nokia PC Suite" = Nokia PC Suite
"PC Wizard 2012_is1" = PC Wizard 2012.2.0
"PDF Editor 2" = PDF Editor 2
"PhotoScape" = PhotoScape
"PhotoStage" = PhotoStage Slideshow Producer
"PrintFile" = PrintFile
"Prism" = Prism Video File Converter
"Radeon Omega Drivers for Windows 2k/XPv3.8.413" = Radeon Omega Drivers v3.8.413 Setup Files and Tools
"RealProducer 8.5" = RealProducer Basic 8.5
"Recuva" = Recuva
"RefreshPC_is1" = RefreshPC
"Registry Mechanic_is1" = Registry Mechanic 7.0
"Restorer Ultimate_is1" = Restorer Ultimate 5.1
"Revo Uninstaller" = Revo Uninstaller 1.91
"SAMSUNG Android USB Modem" = SAMSUNG Android USB Modem Software
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"SAMSUNG Mobile Modem V2" = SAMSUNG Mobile Modem V2 Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Download Driver" = SAMSUNG Mobile USB Download Driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Samsung Mobile USB Modem Device" = Samsung Mobile USB Modem Device Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"SereneScreen Marine Aquarium Time_is1" = SereneScreen Marine Aquarium Time
"SightSpeed" = SightSpeed (remove only)
"Smart Toolbar Remover_is1" = Smart Toolbar Remover v2.0
"Software Informer_is1" = Software Informer 1.0 BETA
"SolveigMM AVI Trimmer 2.0.1201.11" = SolveigMM AVI Trimmer
"SOSPCSelf" = SOSPCSelf
"Spazio Calendario_is1" = Spazio Calendario 1.0.9
"Spyware Terminator_is1" = Spyware Terminator
"ST5UNST #1" = SMWLink3.0
"SumatraPDF" = SumatraPDF 1.9
"Sweet Home 3D_is1" = Sweet Home 3D version 3.0
"SysInfo" = Creative System Information
"The Lost Watch 3D Screensaver_is1" = The Lost Watch 3D Screensaver 1.0
"Toolbar Cleaner" = Toolbar Cleaner 1.0
"TreeSize Free_is1" = TreeSize Free V2.7
"TVLC" = TVLC
"UltraDefrag" = Ultra Defragmenter
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.8.7
"uTorrent" = µTorrent
"VideoPad" = VideoPad Video Editor
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"VirtualLab 5 Client_is1" = VirtualLab Client 5.5.7
"VLC media player" = VLC media player 2.0.1
"VMidi" = vanBasco's Karaoke Player
"vReveal 3" = vReveal 3
"WavePad" = WavePad Sound Editor
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Rights Management Client" = Client Windows Rights Management con Service Pack 2
"Windows Rights Management Client Backwards" = SP2 compatibilità versioni precedenti Client Windows Rights Management
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR gestione archivi
"winusb0100" = Microsoft WinUsb 1.0
"XMedia Recode" = XMedia Recode 3.0.8.5
"Zune" = Zune

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1214440339-839522115-515967899-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"Dexclock" = Dexclock
"Google Chrome" = Google Chrome
"InAlbum 2.0 Deluxe" = InAlbum 2.0 Deluxe (remove only)
"PhotoFiltre" = PhotoFiltre
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 05/11/2012 13.00.06 | Computer Name = FRANCO | Source = PowerOffer Upd Service | ID = 0
Description = Impossibile avviare il servizio. Handle non valido

Error - 05/11/2012 14.03.02 | Computer Name = FRANCO | Source = Windows Search Service | ID = 3013
Description = Impossibile aggiornare la voce <C:\DOCUMENTS AND SETTINGS\DESKTOP\RECENT\DESKTOP.INI>
nella mappa di hash. Contesto: applicazione , catalogo SystemIndex Dettagli: Una periferica
collegata al sistema non è in funzione. (0x8007001f)

Error - 05/11/2012 14.03.02 | Computer Name = FRANCO | Source = Windows Search Service | ID = 3013
Description = Impossibile aggiornare la voce <C:\DOCUMENTS AND SETTINGS\DESKTOP\RECENT\DESKTOP.INI>
nella mappa di hash. Contesto: applicazione , catalogo SystemIndex Dettagli: Una periferica
collegata al sistema non è in funzione. (0x8007001f)

Error - 05/11/2012 17.28.31 | Computer Name = FRANCO | Source = SecurityCenter | ID = 1804
Description = Impossibile caricare istanze di AntiVirusProduct da WMI.

Error - 05/11/2012 17.31.41 | Computer Name = FRANCO | Source = Windows Search Service | ID = 3013
Description = Impossibile aggiornare la voce <C:\DOCUMENTS AND SETTINGS\DESKTOP\RECENT\DESKTOP.INI>
nella mappa di hash. Contesto: applicazione , catalogo SystemIndex Dettagli: Una periferica
collegata al sistema non è in funzione. (0x8007001f)

Error - 05/11/2012 17.31.41 | Computer Name = FRANCO | Source = Windows Search Service | ID = 3013
Description = Impossibile aggiornare la voce <C:\DOCUMENTS AND SETTINGS\DESKTOP\RECENT\DESKTOP.INI>
nella mappa di hash. Contesto: applicazione , catalogo SystemIndex Dettagli: Una periferica
collegata al sistema non è in funzione. (0x8007001f)

Error - 05/11/2012 20.45.22 | Computer Name = FRANCO | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore spoolsv.exe, versione 5.1.2600.6024,
modulo che ha provocato l'errore localspl.dll, versione 5.1.2600.5809, indirizzo
errore 0x0003017c.

Error - 06/11/2012 8.15.42 | Computer Name = FRANCO | Source = SecurityCenter | ID = 1804
Description = Impossibile caricare istanze di AntiVirusProduct da WMI.

Error - 06/11/2012 16.07.00 | Computer Name = FRANCO | Source = SecurityCenter | ID = 1804
Description = Impossibile caricare istanze di AntiVirusProduct da WMI.

Error - 06/11/2012 16.45.53 | Computer Name = FRANCO | Source = SecurityCenter | ID = 1804
Description = Impossibile caricare istanze di AntiVirusProduct da WMI.

[ OSession Events ]
Error - 27/01/2009 12.41.29 | Computer Name = FRANCO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6148
seconds with 3240 seconds of active time. This session ended with a crash.

Error - 13/07/2009 16.16.28 | Computer Name = FRANCO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 19
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/01/2010 15.06.28 | Computer Name = FRANCO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 42
seconds with 0 seconds of active time. This session ended with a crash.

Error - 10/05/2011 17.32.52 | Computer Name = FRANCO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6215.1000. This session lasted 37
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 06/11/2012 16.41.50 | Computer Name = FRANCO | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio ProtexisLicensing. Questo evento
si è già verificato 1 volta(e).

Error - 06/11/2012 16.41.50 | Computer Name = FRANCO | Source = Service Control Manager | ID = 7031
Description = Il servizio SOSPCService è terminato in modo imprevisto. Questo problema
si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra
300000 millisecondi: Riavvia il servizio.

Error - 06/11/2012 16.41.50 | Computer Name = FRANCO | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio SoundMAX Agent Service. Questo
evento si è già verificato 1 volta(e).

Error - 06/11/2012 16.41.50 | Computer Name = FRANCO | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio NitroPDFReaderDriverCreatorReadSpool.
Questo evento si è già verificato 1 volta(e).

Error - 06/11/2012 16.41.50 | Computer Name = FRANCO | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio Syntek STK1150 Service. Questo
evento si è già verificato 1 volta(e).

Error - 06/11/2012 16.41.50 | Computer Name = FRANCO | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio Ulead Burning Helper. Questo
evento si è già verificato 1 volta(e).

Error - 06/11/2012 16.41.50 | Computer Name = FRANCO | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio Spyware Terminator Realtime Shield
Service. Questo evento si è già verificato 1 volta(e).

Error - 06/11/2012 16.41.50 | Computer Name = FRANCO | Source = Service Control Manager | ID = 7031
Description = Il servizio Zune Bus Enumerator è terminato in modo imprevisto. Questo
problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite
tra 0 millisecondi: Riavvia il servizio.

Error - 06/11/2012 16.46.12 | Computer Name = FRANCO | Source = Service Control Manager | ID = 7026
Description = All'avvio non è stato possibile caricare i seguenti driver: atitray

Error - 06/11/2012 16.47.16 | Computer Name = FRANCO | Source = Service Control Manager | ID = 7016
Description = Il servizio SOSPCService ha riportato lo stato non valido corrente
0.


< End of report >
r16
Inviato: Wednesday, November 07, 2012 6:05:38 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,008
Commenta:
Purtroppo il problema persiste.

Perchè OTL non ha eliminato le voci.

Segui queste indicazioni:
Apri Firefox da Start-->tutti i Programmi-->Mozilla Firefox e scegli il suo avvio in Modalità Provvisoria
Nella barra indirizzi digita about:config
Accetta la finestra di alert.
Nella barra Filtro digita keyword.URL
Tasto destro sulla voce keyword.URL e scegli Modifica
Sostituisci l'URL (che dovrebbe essere: "http://apype.com/results.php?q="
con questo: http://www.google.com/search?q= (qui fai tasto destro-->Copia indirizzo e poi lo incolli nella finestra di Modifica).

Apri un'altra scheda nel browser e vai sulla tua normale pagine iniziale, resettandola come tale da Strumenti-->Opzioni-->Generale-->Usa pagina corrente
Chiudi il browser
enzino85
Inviato: Wednesday, November 07, 2012 8:45:21 PM

Rank: AiutAmico

Iscritto dal : 9/12/2008
Posts: 75
Purtroppo non funziona neanche con questo intervento.
Quando chiudo e riapro il browser il mia pagina iniziale ritorna http://apype.com e nell'indirizzo www.search.starburnsoftware.com
Ciao.


Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.