Salve ragazzi come da titolo il mio pc era molto lento e siccome avevo avuto lo stesso problema con un altro mio pc ho eseguito le stesse scansioni.
adwcleaner
# AdwCleaner v2.300 - Logfile creato il 08/05/2013 alle 20:27:52
# Aggiornamento 28/04/2013 by Xplode
# Sistema Operativo : Microsoft Windows XP Service Pack 3 (32 bits)
# Utente : Acer - ACER-CD3A2DD4E4
# Modalità Avvio : Modalità Normale
# Eseguito da : C:\Documents and Settings\Acer\Documenti\Downloads\adwcleaner.exe
# Opzioni [Elimina]
***** [Servizi] *****
Fermato & Eliminato : BrowserProtect
Fermato & Eliminato : IBUpdaterService
***** [File / Cartelle] *****
Cartella Eliminato : C:\Documents and Settings\Acer\Dati applicazioni\BabSolution
Cartella Eliminato : C:\Documents and Settings\Acer\Dati applicazioni\Babylon
Cartella Eliminato : C:\Documents and Settings\Acer\Dati applicazioni\DealPly
Cartella Eliminato : C:\Documents and Settings\Acer\Dati applicazioni\Delta
Cartella Eliminato : C:\Documents and Settings\Acer\Dati applicazioni\file scout
Cartella Eliminato : C:\Documents and Settings\Acer\Dati applicazioni\PerformerSoft
Cartella Eliminato : C:\Documents and Settings\Acer\Dati applicazioni\SpeedAnalysis2
Cartella Eliminato : C:\Documents and Settings\Acer\Menu Avvio\Programmi\BrowserProtect
Cartella Eliminato : C:\Documents and Settings\Acer\Menu Avvio\Programmi\DealPly
Cartella Eliminato : C:\Documents and Settings\All Users\Dati applicazioni\Babylon
Cartella Eliminato : C:\Documents and Settings\All Users\Dati applicazioni\IBUpdaterService
Cartella Eliminato : C:\Programmi\DealPly
Cartella Eliminato : C:\Programmi\Delta
Cartella Eliminato : C:\Programmi\Smiley Bar for Facebook
Cartella Eliminato : C:\Programmi\Speed Analysis 2
Eliminato al riavvio : C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Eliminato al riavvio : C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Eliminato al riavvio : C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Eliminato al riavvio : C:\Documents and Settings\All Users\Dati applicazioni\BrowserProtect
File Eliminato : C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\bProtector Web Data
File Eliminato : C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\bprotectorpreferences
File Eliminato : C:\WINDOWS\Tasks\DealPlyUpdate.job
File Eliminato : C:\WINDOWS\Tasks\EPUpdater.job
***** [Registro] *****
Chiave Eliminata : HKCU\Software\APN PIP
Chiave Eliminata : HKCU\Software\BabylonToolbar
Chiave Eliminata : HKCU\Software\DataMngr
Chiave Eliminata : HKCU\Software\DataMngr_Toolbar
Chiave Eliminata : HKCU\Software\DealPly
Chiave Eliminata : HKCU\Software\Delta
Chiave Eliminata : HKCU\Software\f6d68de63ce546
Chiave Eliminata : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BrowserProtect
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Chiave Eliminata : HKCU\Software\Smiley Bar for Facebook
Chiave Eliminata : HKCU\Software\Softonic
Chiave Eliminata : HKCU\Software\Speed Analysis 2
Chiave Eliminata : HKLM\Software\Babylon
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Chiave Eliminata : HKLM\SOFTWARE\Classes\delta.deltaappCore
Chiave Eliminata : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Chiave Eliminata : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Chiave Eliminata : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\escort.escortIEPane
Chiave Eliminata : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Chiave Eliminata : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\Prod.cap
Chiave Eliminata : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Chiave Eliminata : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chiave Eliminata : HKLM\Software\DataMngr
Chiave Eliminata : HKLM\Software\DealPly
Chiave Eliminata : HKLM\Software\Delta
Chiave Eliminata : HKLM\SOFTWARE\f6d68de63ce546
Chiave Eliminata : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Chiave Eliminata : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Chiave Eliminata : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smiley Bar for Facebook
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Speed Analysis 2
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Chiave Eliminata : HKLM\Software\PIP
Chiave Eliminata : HKU\S-1-5-21-515967899-261903793-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Dato Eliminata : HKLM\..\Windows [AppInit_DLLs] = c:\docume~1\alluse~1\datiap~1\browse~1\261249~1.132\{c16c1~1\browse~1.dll
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Valore Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
***** [Browser Internet] *****
-\\ Internet Explorer v8.0.6001.18702
Sostituito : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www2.delta-search.com/?affID=119982&tt=gc_&babsrc=HP_ss&mntrId=D08D00242C0E8E7F --> hxxp://www.google.com
Sostituito : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www2.delta-search.com/?affID=119982&tt=gc_&babsrc=NT_ss&mntrId=D08D00242C0E8E7F --> hxxp://www.google.com
Sostituito : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://www2.delta-search.com/?affID=119982&tt=gc_&babsrc=NT_ss&mntrId=D08D00242C0E8E7F --> hxxp://www.google.com
-\\ Google Chrome v26.0.1410.64
File : C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Preferences
[OK] File Pulito.
*************************
AdwCleaner[S1].txt - [11205 octets] - [08/05/2013 20:27:52]
########## EOF - C:\AdwCleaner[S1].txt - [11266 octets] ##########
otl
OTL logfile created on: 08/05/2013 20.34.35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Acer\Documenti\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
1013,88 Mb Total Physical Memory | 558,69 Mb Available Physical Memory | 55,10% Memory free
2,39 Gb Paging File | 2,01 Gb Available in Paging File | 84,16% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 149,04 Gb Total Space | 126,39 Gb Free Space | 84,80% Space Free | Partition Type: NTFS
Computer Name: ACER-CD3A2DD4E4 | User Name: Acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Acer\Documenti\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - c:\Programmi\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programmi\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\PCShowServerPMWrapper.exe (NDS Technologies)
PRC - C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\NDSPCShowServer.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ========== MOD - C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll ()
MOD - C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\26.0.1410.64\pdf.dll ()
MOD - C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll ()
MOD - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\PDFShell.ITA ()
MOD - C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\z.dll ()
MOD - C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\ndsLogStore.dll ()
MOD - C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\libxml2-2.dll ()
MOD - C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\libgstreamer-0.10.dll ()
MOD - C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\gsttspplugin.dll ()
MOD - C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\NDSPCShowServer.exe ()
MOD - C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\DrmSingleton.dll ()
MOD - C:\Programmi\WinRAR\RarExt.dll ()
========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MsMpSvc) -- c:\Programmi\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Programmi\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (osppsvc) -- C:\Programmi\File comuni\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found
DRV - (USBCCID) -- system32\DRIVERS\Rts5161ccid.sys File not found
DRV - (Rts516xIR) -- system32\DRIVERS\Rts516xIR.sys File not found
DRV - (RSUSBSTOR) -- System32\Drivers\RTS5121.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (L1e) -- C:\WINDOWS\system32\drivers\l1e51x86.sys (Atheros Communications, Inc.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (rt2870) -- C:\WINDOWS\system32\drivers\rt2870.sys (Ralink Technology, Corp.)
DRV - (M3000Srv) -- C:\WINDOWS\system32\drivers\M3000KNT.sys ()
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{B5580C1D-F61F-448C-96AA-BCEC3448DF41}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-515967899-261903793-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-21-515967899-261903793-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKU\S-1-5-21-515967899-261903793-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://it.msn.com/?ocid=iehpIE - HKU\S-1-5-21-515967899-261903793-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKU\S-1-5-21-515967899-261903793-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 18 47 45 4E 4E FB CB 01 [binary data]
IE - HKU\S-1-5-21-515967899-261903793-1417001333-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-515967899-261903793-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-515967899-261903793-1417001333-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-515967899-261903793-1417001333-1003\..\SearchScopes\{B5580C1D-F61F-448C-96AA-BCEC3448DF41}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_itIT461
IE - HKU\S-1-5-21-515967899-261903793-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programmi\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programmi\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\npPCShowPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\npPlayerPlugin.dll (NDS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\powerofferffx@poweroffer.net: C:\Documents and Settings\All Users\Documenti\PowerOffer\powerofferffx@poweroffer.net [2011/08/23 13.58.42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\speedanalysis02@SpeedAnalysis.com: C:\Documents and Settings\Acer\Dati applicazioni\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com [2013/05/05 15.04.33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\pluswinks@PlusWinks: C:\Documents and Settings\Acer\Dati applicazioni\Mozilla\Extensions\pluswinks@PlusWinks [2013/05/05 15.07.04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\speedanalysis02@SpeedAnalysis.com: C:\Documents and Settings\Acer\Dati applicazioni\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com [2013/05/05 15.04.33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\pluswinks@PlusWinks: C:\Documents and Settings\Acer\Dati applicazioni\Mozilla\Extensions\pluswinks@PlusWinks [2013/05/05 15.07.04 | 000,000,000 | ---D | M]
[2013/05/05 15.04.20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Acer\Dati applicazioni\Mozilla\Extensions
[2013/05/05 15.07.04 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Documents and Settings\Acer\Dati applicazioni\Mozilla\Extensions\pluswinks@PlusWinks
[2013/05/05 15.04.33 | 000,000,000 | ---D | M] (Speed Analysis 2) -- C:\Documents and Settings\Acer\Dati applicazioni\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
[2013/05/04 14.12.52 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
http://www2.delta-search.com/?affID=119982&tt=gc_&babsrc=HP_ss&mntrId=D08D00242C0E8E7FCHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: PowerOffer (Enabled) = C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\ahljkfjmfmncehepcbmjfgdjnlfajeig\1.0_0\npPowerOffer.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programmi\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Programmi\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Programmi\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programmi\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programmi\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programmi\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Programmi\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: PowerOffer = C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\ahljkfjmfmncehepcbmjfgdjnlfajeig\1.0_0\
CHR - Extension: YouTube = C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Ricerca Google = C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Smiley Bar for Facebook = C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2012/05/06 12.18.07 | 000,000,815 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programmi\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKU\S-1-5-21-515967899-261903793-1417001333-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [MSC] c:\Programmi\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-515967899-261903793-1417001333-1003..\Run: [PCShowServer] C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\PCShowServerPMWrapper.exe (NDS Technologies)
O4 - HKU\S-1-5-21-515967899-261903793-1417001333-1003..\Run: [PoService] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-515967899-261903793-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&sporta in Microsoft Excel - C:\Programmi\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: I&nvia a OneNote - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5874A9A-0163-43F6-8011-656FA88B28BF}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\docume~1\alluse~1\datiap~1\browse~1\261249~1.132\{c16c1~1\browse~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/04/14 17.28.58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{49d38bdc-672c-11e0-b1f0-f4833310b5f0}\Shell - "" = AutoRun
O33 - MountPoints2\{49d38bdc-672c-11e0-b1f0-f4833310b5f0}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 60 Days ========== [2013/05/05 15.08.18 | 000,000,000 | ---D | C] -- C:\Programmi\MyPC Backup
[2013/05/05 15.06.22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer\Dati applicazioni\PlusWinks
[2013/05/05 15.05.26 | 000,017,464 | ---- | C] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
[2013/05/05 15.04.20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer\Dati applicazioni\Mozilla
[2013/05/04 14.13.57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Extensions
[2013/05/04 14.13.56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\searchplugins
[2013/05/04 14.12.52 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Firefox
[2013/04/29 21.51.35 | 000,000,000 | ---D | C] -- C:\William Hill Casino
[2013/04/21 11.49.38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer\Desktop\Lanterna
[2013/04/09 20.55.05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Acer\Recent
[2013/04/09 20.54.08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer\Desktop\Salmo - Midnite (2013)
[2013/04/03 22.03.45 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\Symantec Shared
[2013/04/03 22.03.30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NSS
[2013/04/03 22.03.30 | 000,000,000 | ---D | C] -- C:\Programmi\Norton Security Scan
[2013/04/03 22.03.30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Norton Security Scan
[2013/04/03 22.03.30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NSS\0307020.00A
[2013/04/03 22.03.29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Norton
[2013/04/03 22.03.22 | 000,000,000 | ---D | C] -- C:\Programmi\NortonInstaller
[2013/04/03 22.03.22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\NortonInstaller
[2013/03/30 15.08.35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\aTube Catcher
[2013/03/16 16.11.44 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013/03/16 16.11.44 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Acer\*.tmp files -> C:\Documents and Settings\Acer\*.tmp -> ]
========== Files - Modified Within 60 Days ========== [2013/05/08 20.34.04 | 000,000,432 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{149ECED3-565F-4A6F-8595-17B78B9D79ED}.job
[2013/05/08 20.30.14 | 000,001,122 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/08 20.30.09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/05/08 20.27.03 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/08 20.16.34 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/05/07 19.03.15 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/05/07 18.52.01 | 000,001,238 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-261903793-1417001333-1003UA.job
[2013/05/04 20.52.30 | 000,001,186 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-261903793-1417001333-1003Core.job
[2013/05/02 17.28.50 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2013/04/27 22.50.49 | 000,230,912 | ---- | M] () -- C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/13 12.14.09 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Acer.job
[2013/04/13 11.53.42 | 000,002,331 | ---- | M] () -- C:\Documents and Settings\Acer\Desktop\Google Chrome.lnk
[2013/04/13 10.59.07 | 000,270,192 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/04/11 22.08.20 | 000,000,584 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/04/03 22.03.42 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Security Scan.lnk
[2013/03/13 00.05.04 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/03/13 00.05.03 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Acer\*.tmp files -> C:\Documents and Settings\Acer\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/04/11 22.00.44 | 000,000,584 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013/04/03 22.03.45 | 000,000,430 | -H-- | C] () -- C:\WINDOWS\tasks\Norton Security Scan for Acer.job
[2013/04/03 22.03.42 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Security Scan.lnk
[2013/04/03 22.03.30 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NSS\0307020.00A\isolate.ini
[2012/10/28 12.51.12 | 000,151,552 | ---- | C] () -- C:\WINDOWS\KMSEmulator.exe
[2012/09/20 22.11.38 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/02/16 19.55.15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/08/23 13.58.30 | 000,715,806 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2011/08/23 13.58.30 | 000,000,776 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2011/05/22 13.44.57 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/04/15 19.51.59 | 000,230,912 | ---- | C] () -- C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ========== [2011/04/15 10.55.07 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19.13.52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12.51.43 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19.13.58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2013/05/05 15.06.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer\Dati applicazioni\PlusWinks
[2012/10/07 15.14.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer\Dati applicazioni\SKIT
[2011/12/11 18.39.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer\Dati applicazioni\YoudaGames
[2012/05/06 11.52.37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVAST Software
[2011/11/14 22.21.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Boss Media
[2011/04/15 08.50.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Ralink Driver
========== Purity Check ========== < End of report >
extras
OTL Extras logfile created on: 08/05/2013 20.34.35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Acer\Documenti\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
1013,88 Mb Total Physical Memory | 558,69 Mb Available Physical Memory | 55,10% Memory free
2,39 Gb Paging File | 2,01 Gb Available in Paging File | 84,16% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 149,04 Gb Total Space | 126,39 Gb Free Space | 84,80% Space Free | Partition Type: NTFS
Computer Name: ACER-CD3A2DD4E4 | User Name: Acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-515967899-261903793-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML.LUSVDIYJMXS7S7X6VWHYPCX5U4] -- C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programmi\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programmi\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Documents and Settings\Acer\Dati applicazioni\File Scout\filescout.exe" /open "%1"
Directory [AddToPlaylistVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Casino\Vegas Club - Lottomatica\casino.exe" = C:\Casino\Vegas Club - Lottomatica\casino.exe:*:Enabled:casino -- ()
"C:\Programmi\Messenger\msmsgs.exe" = C:\Programmi\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Documents and Settings\Acer\Desktop\mIRC 7.19 Italiano\mirc.exe" = C:\Documents and Settings\Acer\Desktop\mIRC 7.19 Italiano\mirc.exe:*:Enabled:mIRC
"C:\Programmi\Java\jre6\bin\javaw.exe" = C:\Programmi\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\Acer\Desktop\Vegas Club - Lottomatica\casino.exe" = C:\Documents and Settings\Acer\Desktop\Vegas Club - Lottomatica\casino.exe:*:Enabled:casino
"D:\Programmi\Lanterna\Lantmirc.exe" = D:\Programmi\Lanterna\Lantmirc.exe:*:Enabled:mIRC
"C:\Programmi\Skype\Phone\Skype.exe" = C:\Programmi\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Programmi\Microsoft Office\Office14\ONENOTE.EXE" = C:\Programmi\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Programmi\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Programmi\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\WINDOWS\KMSEmulator.exe" = C:\WINDOWS\KMSEmulator.exe:*:Enabled:KMSEmulator -- ()
"E:\Lanterna\Lantmirc.exe" = E:\Lanterna\Lantmirc.exe:*:Enabled:mIRC
"D:\Lanterna\Lantmirc.exe" = D:\Lanterna\Lantmirc.exe:*:Enabled:mIRC
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 29
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3E70F8B2-2ADE-4F83-8AD8-BDB602985E98}_is1" = Vlc versione 1.1.8
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client IT-IT Language Pack
"{55CA4086-0D2C-30E3-A7B5-C76BA737CECE}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ita
"{56A648C2-D185-46A9-BBFF-78AE7A503000}" = Webcam
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{7462E859-C453-4E08-BE0D-7D5E13E4CD1F}" = Microsoft Antimalware Service IT-IT Language Pack
"{842F9881-E181-30B3-A152-008D61433274}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ITA
"{86BA3130-5938-3192-BBCF-6B0A2D86FA58}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ITA
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0010-0410-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Italian) 14
"{90140000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2010
"{90140000-0016-0410-0000-0000000FF1CE}_Office14.STANDARDR_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2010
"{90140000-0018-0410-0000-0000000FF1CE}_Office14.STANDARDR_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2010
"{90140000-0019-0410-0000-0000000FF1CE}_Office14.STANDARDR_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2010
"{90140000-001A-0410-0000-0000000FF1CE}_Office14.STANDARDR_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2010
"{90140000-001B-0410-0000-0000000FF1CE}_Office14.STANDARDR_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.STANDARDR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARDR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.STANDARDR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.STANDARDR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2010
"{90140000-002C-0410-0000-0000000FF1CE}_Office14.STANDARDR_{711BC808-AC64-48E2-82B2-6B53BB802142}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2010
"{90140000-006E-0410-0000-0000000FF1CE}_Office14.STANDARDR_{C9172EE7-BDCA-4E57-9217-4C589947298B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2010
"{90140000-00A1-0410-0000-0000000FF1CE}_Office14.STANDARDR_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010
"{91140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARDR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Italiano
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B97C9E80-50F0-45D7-98F4-B02ACADBE670}_is1" = PowerOffer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FEC1DF97-E716-4CD8-A55B-75C373912D35}" = Sky Go Player
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"CCleaner" = CCleaner
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 3.5 Language Pack SP1 - ita" = Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"mIRC" = mIRC
"NSS" = Norton Security Scan
"Office14.STANDARDR" = Microsoft Office Standard 2010
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Vegas Club - Lottomatica" = Vegas Club - Lottomatica
"Vegas Club - Lottomatica " = Vegas Club - Lottomatica
"VLC media player" = VLC media player 1.1.8
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WHCASINOREAL.IT" = William Hill Casino
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-515967899-261903793-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 28/12/2012 11.44.18 | Computer Name = ACER-CD3A2DD4E4 | Source = Application Hang | ID = 1002
Description = Applicazione in stallo casino.exe, versione 0.0.0.0, modulo in stallo
hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.
Error - 11/01/2013 18.14.20 | Computer Name = ACER-CD3A2DD4E4 | Source = Application Hang | ID = 1002
Description = Applicazione in stallo casino.exe, versione 0.0.0.0, modulo in stallo
hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.
Error - 30/03/2013 20.27.07 | Computer Name = ACER-CD3A2DD4E4 | Source = Application Hang | ID = 1002
Description = Applicazione in stallo sllauncher.exe, versione 5.1.20125.0, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.
Error - 01/04/2013 5.51.46 | Computer Name = ACER-CD3A2DD4E4 | Source = Application Hang | ID = 1002
Description = Applicazione in stallo sllauncher.exe, versione 5.1.20125.0, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.
Error - 10/04/2013 13.19.18 | Computer Name = ACER-CD3A2DD4E4 | Source = ESENT | ID = 485
Description = wuauclt (3176) Tentativo di eliminazione del file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edbtmp.log"
non riuscito con errore di sistema 32 (0x00000020): "Impossibile accedere al file.
Il file è utilizzato da un altro processo. ". L'operazione di eliminazione del
file non verrà effettuata con errore -1032 (0xfffffbf8).
Error - 05/05/2013 8.39.03 | Computer Name = ACER-CD3A2DD4E4 | Source = Application Hang | ID = 1002
Description = Applicazione in stallo iexplore.exe, versione 8.0.6001.18702, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.
Error - 05/05/2013 8.39.08 | Computer Name = ACER-CD3A2DD4E4 | Source = Application Hang | ID = 1002
Description = Applicazione in stallo iexplore.exe, versione 8.0.6001.18702, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.
Error - 05/05/2013 8.44.19 | Computer Name = ACER-CD3A2DD4E4 | Source = Application Hang | ID = 1002
Description = Applicazione in stallo chrome.exe, versione 26.0.1410.64, modulo in
stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.
Error - 05/05/2013 8.44.36 | Computer Name = ACER-CD3A2DD4E4 | Source = Application Hang | ID = 1001
Description = Bucket -775772590 errato.
Error - 05/05/2013 9.07.47 | Computer Name = ACER-CD3A2DD4E4 | Source = Application Hang | ID = 1002
Description = Applicazione in stallo PCPerformer.exe, versione 11.10.1.2217, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.
[ System Events ]
Error - 14/04/2013 12.22.47 | Computer Name = ACER-CD3A2DD4E4 | Source = W32Time | ID = 39452701
Description = Il time provider NtpClient è configurato per acquisire l'ora da una
o più origini dell'ora, ma nessuna origine dell'ora è accessibile attualmente e non
verrà eseguito alcun tentativo di contattare un'origine per 14 minuti. NtpClient
non dispone di alcuna origine di ora esatta.
Error - 14/04/2013 12.35.49 | Computer Name = ACER-CD3A2DD4E4 | Source = Microsoft Antimalware | ID = 2001
Description = %%860 ha rilevato un errore durante il tentativo di aggiornamento
delle firme. Versione nuova firma: Versione firma precedente: 1.147.1774.0 Origine
aggiornamento: %%859 Fase aggiornamento: %%852 Percorso aggiornamento:
http://www.microsoft.com Tipo
firma: %%800 Tipo aggiornamento: %%803 Utente: NT AUTHORITY\SYSTEM Versione motore
corrente: Versione motore precedente: 1.1.9302.0 Codice errore: 0x8024402c Descrizione
errore: Problema imprevisto durante la ricerca degli aggiornamenti. Per informazioni
sull'installazione degli aggiornamenti o la risoluzione dei problemi relativi,
consultare Guida e supporto tecnico.
Error - 14/04/2013 13.20.29 | Computer Name = ACER-CD3A2DD4E4 | Source = Dhcp | ID = 1002
Description = Il lease 192.168.1.8 dell'indirizzo IP della scheda di rete con indirizzo
00235A616F58 è stato negato dal server DHCP 192.168.1.1. Il server DHCP ha inviato
un messaggio DHCPNACK.
Error - 24/04/2013 13.00.03 | Computer Name = ACER-CD3A2DD4E4 | Source = Dhcp | ID = 1002
Description = Il lease 192.168.1.6 dell'indirizzo IP della scheda di rete con indirizzo
00242C0E8E7F è stato negato dal server DHCP 192.168.1.1. Il server DHCP ha inviato
un messaggio DHCPNACK.
Error - 25/04/2013 11.20.59 | Computer Name = ACER-CD3A2DD4E4 | Source = Dhcp | ID = 1002
Description = Il lease 192.168.1.6 dell'indirizzo IP della scheda di rete con indirizzo
00242C0E8E7F è stato negato dal server DHCP 192.168.1.1. Il server DHCP ha inviato
un messaggio DHCPNACK.
Error - 26/04/2013 5.05.54 | Computer Name = ACER-CD3A2DD4E4 | Source = Dhcp | ID = 1002
Description = Il lease 192.168.1.6 dell'indirizzo IP della scheda di rete con indirizzo
00242C0E8E7F è stato negato dal server DHCP 192.168.1.1. Il server DHCP ha inviato
un messaggio DHCPNACK.
Error - 29/04/2013 12.06.01 | Computer Name = ACER-CD3A2DD4E4 | Source = Dhcp | ID = 1002
Description = Il lease 192.168.1.6 dell'indirizzo IP della scheda di rete con indirizzo
00242C0E8E7F è stato negato dal server DHCP 192.168.1.1. Il server DHCP ha inviato
un messaggio DHCPNACK.
Error - 05/05/2013 17.35.05 | Computer Name = ACER-CD3A2DD4E4 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 millisecondi) durante l'attesa della connessione del
servizio Computer Backup (MyPC Backup).
Error - 05/05/2013 17.35.05 | Computer Name = ACER-CD3A2DD4E4 | Source = Service Control Manager | ID = 7000
Description = Il servizio Computer Backup (MyPC Backup) non è stato avviato per
il seguente errore: %%1053
Error - 07/05/2013 12.46.31 | Computer Name = ACER-CD3A2DD4E4 | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio Computer Backup (MyPC Backup).
Questo evento si è già verificato 1 volta(e).
< End of report >
se non bastasse vi posto anche il log di hijackthis per eventuali programmi all avvio da togliere e altre cose ;)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21.09.57, on 08/05/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Programmi\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\PCShowServerPMWrapper.exe
C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\NDSPCShowServer.exe
C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Acer\Desktop\HiJackThis-2.0.4[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [MSC] "c:\Programmi\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PCShowServer] "C:\Documents and Settings\Acer\Impostazioni locali\Dati applicazioni\Sky Italia\Sky Go Player\PCShowServerPMWrapper.exe"
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\docume~1\alluse~1\datiap~1\browse~1\261249~1.132\{c16c1~1\browse~1.dll
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programmi\Skype\Updater\Updater.exe
--
End of file - 6258 bytes
Grazie mille ringrazio anticipatamente e porgo cordiali saluti.
