computer lento - logfile - Sicurezza VIRUS

Benvenuto Ospite

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » computer lento - logfile

computer lento - logfile

Opzioni

Topic Precedente · Topic Sucessivo

massimob

Inviato: Saturday, January 04, 2014 3:40:27 PM

Rank: AiutAmico

Iscritto dal : 12/13/2005
Posts: 162

Salve a tutti, ho il computer molto lento, ho fatto varie pulizie ma non ho ottenuto molto.
Allego il logfile per una lettura, spero che qualcuno possa aiutarmi.
Grazie.
Massimo

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22.05.13, on 03/01/2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16526)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Windows\System32\rundll32.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\maury\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
D:\protezione\HiJackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=2&o=vp32&d=1008&m=aspire_6930g
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fissa.com/it/?s=h&c=1101054697&suid=EmRvU03qr&d=6&pid=28
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=2&o=vp32&d=1008&m=aspire_6930g
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=2&o=vp32&d=1008&m=aspire_6930g
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~3\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.107.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.107.0\BingExt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\maury\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Visualizza o nasconde HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Servizio di Google Update (gupdate1c9bd11597f6a50) (gupdate1c9bd11597f6a50) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Skype C2C Service - Unknown owner - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 14234 bytes

Torna in alto

Sponsor

Inviato: Saturday, January 04, 2014 3:40:27 PM

Torna in alto

shapiro

Inviato: Saturday, January 04, 2014 5:00:49 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

ciao Massimo hai delle infezioni da adware ed altro prova a fare queste due scansioni

scarica adwcleaner e mettilo sul desktop
Chiudi tutti i browser (è importante che siano chiusi: IE,Firefox, Chrome ecc...)
Clicca sul pulsante "Scan".
Finita la scansione clicca su "Clean"
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Postalo qui.

Scarica e installa malwarebytes
Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
Esegui una "scansione completa" (seleziona l'opzione)
A scansione completa, fai clic su OK => Mostra i Risultati.
Assicurarti che tutto sia selezionato e clicca clic su Rimuovi selezionati.
Se ti chiede di riavviare, riavvia per completare il processo di pulizia.
Posta il rapporto .

Torna in alto

massimob

Inviato: Saturday, January 04, 2014 5:44:12 PM

Rank: AiutAmico

Iscritto dal : 12/13/2005
Posts: 162

grazie per il supporto
ho utilizzato adwcleaner e allego il log

# AdwCleaner v3.016 - Report created 04/01/2014 at 17:36:49
# Updated 23/12/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : maury - PC-MAURY
# Running from : C:\Users\maury\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Live-Player
Folder Deleted : C:\Program Files\file scout
Folder Deleted : C:\Program Files\Live-Player
Folder Deleted : C:\Program Files\NCH Software
Folder Deleted : C:\Program Files\Common Files\Spigot
Folder Deleted : C:\Users\maury\AppData\Local\PackageAware
Folder Deleted : C:\Users\maury\AppData\Roaming\Live-Player
Folder Deleted : C:\Users\maury\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\maury\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\maury\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Deleted : C:\Users\maury\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Folder Deleted : C:\Users\maury\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Deleted : C:\Users\maury\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
File Deleted : C:\Users\maury\AppData\Roaming\Mozilla\Firefox\Profiles\a3phgt45.default\user.js
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7AD3F2B-7E0D-4DE6-AADE-1D1884FE6405}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7AD3F2B-7E0D-4DE6-AADE-1D1884FE6405}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CD8643E-60A7-4FC1-BC0C-EE7929E9148B}
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\NCH Software
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\NCH Software
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16526

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v2.0 (en-US)

[ File : C:\Users\maury\AppData\Roaming\Mozilla\Firefox\Profiles\a3phgt45.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\maury\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5457 octets] - [04/01/2014 17:34:15]
AdwCleaner[S0].txt - [5449 octets] - [04/01/2014 17:36:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5509 octets] ##########

Torna in alto

shapiro

Inviato: Saturday, January 04, 2014 7:56:12 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

mi serve anche la scansione con mbam

Torna in alto

massimob

Inviato: Saturday, January 04, 2014 8:17:28 PM

Rank: AiutAmico

Iscritto dal : 12/13/2005
Posts: 162

ok è ancora in esecuzione.

Torna in alto

massimob

Inviato: Saturday, January 04, 2014 9:52:36 PM

Rank: AiutAmico

Iscritto dal : 12/13/2005
Posts: 162

Salve, questo è il log di mbam.
grazie

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Versione database: v2014.01.03.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
maury :: PC-MAURY [amministratore]

04/01/2014 17.45.46
mbam-log-2014-01-04 (17-45-46).txt

Tipo di scansione: Scansione completa (C:\|D:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 445701
Tempo impiegato: 3 ore, 55 minuti, 54 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 4
C:\AdwCleaner\Quarantine\C\Program Files\file scout\filescout.exe.vir (PUP.Optional.FileScout.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\maury\Downloads\SoftonicDownloader_per_vlc-media-player.exe (PUP.Optional.Softonic.A) -> Spostato in quarantena ed eliminato con successo.
D:\setup programmi\4shared_Desktop_3.3.2.exe (PUP.Optional.4Shared) -> Spostato in quarantena ed eliminato con successo.
D:\setup programmi\DTLite4451-0236.exe (PUP.Optional.OpenCandy) -> Spostato in quarantena ed eliminato con successo.

(fine)

Torna in alto

shapiro

Inviato: Saturday, January 04, 2014 10:02:52 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

un controllo in piu' non guasta

scarica OTL
Metti la spunta su SCAN ALL USERS.
Sotto output spunta minimal output
Clicca sulla freccettina di File Age e seleziona 60 Days
Metti la spunta a LOP Check and Purity Check.
A fine scansione OTL produrrà due file di log (OTL.txt ed Extras.txt) che dovrai allegare come il precedente

Torna in alto

massimob

Inviato: Saturday, January 04, 2014 10:33:11 PM

Rank: AiutAmico

Iscritto dal : 12/13/2005
Posts: 162

A fine scansione ha prodotto solo un log! questo:

Massimo

OTL logfile created on: 04/01/2014 22.15.16 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\maury\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,99 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 64,70% Memory free
6,18 Gb Paging File | 5,03 Gb Available in Paging File | 81,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 96,08 Gb Free Space | 66,70% Space Free | Partition Type: NTFS
Drive D: | 140,50 Gb Total Space | 78,90 Gb Free Space | 56,15% Space Free | Partition Type: NTFS
Drive E: | 931,28 Gb Total Space | 193,76 Gb Free Space | 20,81% Space Free | Partition Type: FAT32

Computer Name: PC-MAURY | User Name: maury | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Users\maury\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\maury\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe (IObit)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe ()
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Common Files\SPBA\upeksvr.exe (UPEK Inc.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Program Files\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\ACER\Mobility Center\MobilityService.exe ()
PRC - C:\Windows\System32\wpcumi.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll ()
MOD - C:\Program Files\IObit\Advanced SystemCare 6\ASCExtMenu.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll ()
MOD - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll ()

========== Services (SafeList) ==========

SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe File not found
SRV - (BBUpdate) -- C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\7.3.124.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdvancedSystemCareService6) -- C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe (IObit)
SRV - (IGBASVC) -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe ()
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (CLHNService) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (RS_Service) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (MobilityService) -- C:\ACER\Mobility Center\MobilityService.exe ()

========== Driver Services (SafeList) ==========

DRV - (USBAAPL) -- System32\Drivers\usbaapl.sys File not found
DRV - (ProcObsrv) -- C:\Program Files\Glary Utilities 4\ProcObsrv.sys File not found
DRV - (ONDAusbvoice) -- system32\DRIVERS\ONDAusbvoice.sys File not found
DRV - (ONDAusbser6k) -- system32\DRIVERS\ONDAusbser6k.sys File not found
DRV - (ONDAusbnmea) -- system32\DRIVERS\ONDAusbnmea.sys File not found
DRV - (ONDAusbnet) -- system32\DRIVERS\ONDAusbnet.sys File not found
DRV - (ONDAusbmdm6k) -- system32\DRIVERS\ONDAusbmdm6k.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (Netaapl) -- system32\DRIVERS\netaapl.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found
DRV - (BootDefragDriver) -- C:\Windows\System32\drivers\BootDefragDriver.sys (Glarysoft Ltd)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (npf) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (L1E) -- C:\Windows\System32\drivers\L1E60x86.sys (Atheros Communications, Inc.)
DRV - (NETw5v32) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (AlfaFF) -- C:\Windows\System32\drivers\AlfaFF.sys (Alfa Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (WSVD) -- C:\Windows\System32\drivers\WSVD.sys (CyberLink)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (NTIPPKernel) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (winbondcir) -- C:\Windows\System32\drivers\winbondcir.sys (Winbond Electronics Corporation)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys ()

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW

IE - HKU\.DEFAULT\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{38F45FC7-BA24-4F22-8C06-0473FE7201E6}: "URL" = http://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=668083&p={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{38F45FC7-BA24-4F22-8C06-0473FE7201E6}: "URL" = http://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=668083&p={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0410&s=2&o=vp32&d=1008&m=aspire_6930g
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C8 E8 2C 80 2D 24 CB 01 [binary data]
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\..\SearchScopes\{0F36E18A-6296-4333-9D99-269AAFE3D111}_Trova Rapido: "URL" = http://www.trovarapido.com/?t=Q090825882&s=b&keywords={searchTerms}
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\..\SearchScopes\{55AE5E02-9EAC-4137-9559-B5408187DEE5}: "URL" = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_itIT304
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\..\SearchScopes\{74F13B24-ADB7-4422-9719-44C37E913792}: "URL" = http://www.fastbrowsersearch.com/results/results.aspx?q={searchTerms}&c=web&s=DSP&v=18&tid={F1EC9B96-34E3-4c9d-B5D2-3C6AD2B41281}
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\..\SearchScopes\Yahoo!: "URL" = http://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=668083&p={searchTerms}
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=668083&ilc=12&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=668083"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mytalkpal.com/ffplugin: C:\Program Files\Talkpal\Speech Plugin For EF\npTalkpalPlugin.dll (Shanghai Qitai Tech. Co., Ltd.)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\maury\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/07 22.43.39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/07 22.43.39 | 000,000,000 | ---D | M]

[2011/08/18 15.07.03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maury\AppData\Roaming\mozilla\Extensions
[2011/08/18 15.07.03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maury\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2010/07/05 14.24.27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maury\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2014/01/04 13.14.35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maury\AppData\Roaming\mozilla\Firefox\Profiles\a3phgt45.default\extensions
[2010/07/05 14.16.49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maury\AppData\Roaming\mozilla\Firefox\Profiles\a3phgt45.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2014/01/04 13.14.36 | 000,000,000 | ---D | M] (Ads Removal) -- C:\Users\maury\AppData\Roaming\mozilla\Firefox\Profiles\a3phgt45.default\extensions\adsremoval@adsremoval.net
[2013/03/14 10.35.42 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\maury\AppData\Roaming\mozilla\Firefox\Profiles\a3phgt45.default\extensions\ascsurfingprotection@iobit.com
[2009/01/13 22.10.17 | 000,000,000 | ---D | M] (Microsoft Choice Guard) -- C:\Users\maury\AppData\Roaming\mozilla\Firefox\Profiles\a3phgt45.default\extensions\ChoiceGuard@Microsoft
[2009/08/25 14.23.50 | 000,002,370 | ---- | M] () -- C:\Users\maury\AppData\Roaming\mozilla\firefox\profiles\a3phgt45.default\searchplugins\Trova Rapido.xml
[2008/12/12 18.56.19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008/12/12 17.57.04 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
File not found (No name found) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\REAL-NETWORKS@PARTNERS.MOZILLA.COM
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\TALKBACK@MOZILLA.ORG

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Talkpal Scriptable Plugin for Mozilla (Enabled) = C:\Program Files\Talkpal\Speech Plugin For EF\npTalkpalPlugin.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\maury\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Ads Removal = C:\Users\maury\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod\1.0.0_0\
CHR - Extension: Skype Click to Call = C:\Users\maury\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\maury\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: Google Wallet = C:\Users\maury\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\

O1 HOSTS File: ([2006/09/18 22.41.30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [NvCplDaemon] "RUNDLL32.EXE" File not found
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-4123135755-2403480350-4181657236-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx File not found
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html File not found
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.101.93.101 83.103.25.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{198710FC-58B1-4C0E-AC09-E1E572A1AEC2}: DhcpNameServer = 62.101.93.101 83.103.25.250
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll) - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O20 - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Users\maury\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Sfondo di Raccolta foto di Windows Live.jpg
O24 - Desktop BackupWallPaper: C:\Users\maury\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Sfondo di Raccolta foto di Windows Live.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/11 17.01.03 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/03/22 15.44.06 | 000,000,000 | ---D | M] - E:\AutoCAD 2011 -- [ FAT32 ]
O33 - MountPoints2\{0c0dbb1f-e973-11dd-991c-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{0c0dbb1f-e973-11dd-991c-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{0c0dbbc5-e973-11dd-991c-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{0c0dbbc5-e973-11dd-991c-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{19509927-0b43-11e1-bfdb-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{19509927-0b43-11e1-bfdb-00238b127a7a}\Shell\AutoRun\command - "" = E:\Autorun_By_VictorVal.exe
O33 - MountPoints2\{1fdb24fa-4beb-11e0-bceb-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{1fdb24fa-4beb-11e0-bceb-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{33c3eb79-0fd2-11de-9664-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{33c3eb79-0fd2-11de-9664-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{525fb8aa-d2b1-11dd-a764-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{525fb8aa-d2b1-11dd-a764-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{525fb8dc-d2b1-11dd-a764-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{525fb8dc-d2b1-11dd-a764-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{73653560-e8b5-11dd-af8b-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{73653560-e8b5-11dd-af8b-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{dd96165c-5b8b-11de-b882-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{dd96165c-5b8b-11de-b882-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e006c2e0-0f3b-11de-9557-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{e006c2e0-0f3b-11de-9557-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e006c319-0f3b-11de-9557-00238b127a7a}\Shell - "" = AutoRun
O33 - MountPoints2\{e006c319-0f3b-11de-9557-00238b127a7a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 60 Days ==========

[2014/01/04 22.13.35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\maury\Desktop\OTL.exe
[2014/01/04 17.34.09 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/04 17.30.40 | 000,000,000 | ---D | C] -- C:\Users\maury\Desktop\protezione
[2014/01/04 17.14.50 | 000,000,000 | ---D | C] -- C:\Users\maury\AppData\Local\uTorrent
[2014/01/04 17.11.20 | 000,000,000 | ---D | C] -- C:\Users\maury\AppData\Roaming\vlc
[2014/01/04 17.10.36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/01/04 17.10.13 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2014/01/04 16.20.19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
[2014/01/04 14.33.29 | 000,000,000 | R--D | C] -- C:\Users\maury\Desktop\Icone Multimedia
[2014/01/04 13.12.29 | 000,000,000 | ---D | C] -- C:\ProgramData\GlarySoft
[2014/01/04 13.12.29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4
[2014/01/04 13.12.25 | 000,101,664 | ---- | C] (Glarysoft Ltd) -- C:\Windows\System32\BootDefrag.exe
[2014/01/04 13.12.25 | 000,014,528 | ---- | C] (Glarysoft Ltd) -- C:\Windows\System32\drivers\BootDefragDriver.sys
[2014/01/04 13.12.07 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities 4
[2014/01/04 10.27.57 | 000,000,000 | ---D | C] -- C:\Users\maury\Desktop\ENAV
[2014/01/04 10.27.50 | 000,000,000 | ---D | C] -- C:\Users\maury\Desktop\Desktop Massimiliano
[2014/01/03 20.29.49 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/01/03 20.29.15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014/01/03 20.28.40 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014/01/03 20.27.34 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014/01/03 20.27.34 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014/01/03 20.27.34 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014/01/03 20.27.34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/01/03 19.02.59 | 000,000,000 | ---D | C] -- C:\Users\maury\{4a6e255d-bf69-404c-a991-fd1183825205}
[2014/01/03 17.27.29 | 000,000,000 | R--D | C] -- C:\Users\maury\Music
[2014/01/03 17.27.02 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2014/01/03 17.27.01 | 001,824,000 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2014/01/03 17.27.01 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll
[2014/01/03 17.27.01 | 000,819,648 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll
[2014/01/03 17.27.01 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll
[2014/01/03 17.27.00 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2014/01/03 17.27.00 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2014/01/03 17.27.00 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2014/01/03 17.27.00 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2014/01/03 17.27.00 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll
[2014/01/03 17.26.59 | 000,604,928 | ---- | C] (DTS, Inc.) -- C:\Windows\System32\sltech32.dll
[2014/01/03 17.26.59 | 000,218,368 | ---- | C] (TODO: <Company name>) -- C:\Windows\System32\slprp32.dll
[2014/01/03 17.26.57 | 000,938,752 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\slcnt32.dll
[2014/01/03 17.26.56 | 000,919,600 | ---- | C] (Sony Corporation) -- C:\Windows\System32\SFSS_APO.dll
[2014/01/03 17.26.56 | 000,823,040 | ---- | C] (DTS, Inc.) -- C:\Windows\System32\sl3apo32.dll
[2014/01/03 17.26.56 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2014/01/03 17.26.55 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2014/01/03 17.26.54 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2014/01/03 17.26.53 | 001,596,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2014/01/03 17.26.49 | 002,547,928 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2014/01/03 17.26.47 | 000,126,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInstII.dll
[2014/01/03 17.26.47 | 000,013,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoLDR.dll
[2014/01/03 17.26.45 | 000,782,040 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2014/01/03 17.26.40 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2014/01/03 17.26.39 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2014/01/03 17.26.39 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2014/01/03 17.26.39 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2014/01/03 17.26.38 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2014/01/03 17.26.38 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2014/01/03 17.26.34 | 041,974,272 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2014/01/03 17.26.33 | 007,162,128 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2014/01/03 17.26.33 | 000,865,592 | ---- | C] (Nahimic Inc) -- C:\Windows\System32\NAHIMICAPOSettingsIPC.dll
[2014/01/03 17.26.33 | 000,352,016 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2014/01/03 17.26.33 | 000,106,768 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2014/01/03 17.26.33 | 000,091,920 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2014/01/03 17.26.33 | 000,062,224 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2014/01/03 17.26.31 | 005,115,672 | ---- | C] (Nahimic Inc) -- C:\Windows\System32\NAHIMICAPOlfx.dll
[2014/01/03 17.26.31 | 000,852,016 | ---- | C] (Sony Corporation) -- C:\Windows\System32\MISS_APO.dll
[2014/01/03 17.26.29 | 000,926,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxSpeechAPO.dll
[2014/01/03 17.26.29 | 000,761,088 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVoiceAPO20.dll
[2014/01/03 17.26.29 | 000,509,184 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2014/01/03 17.26.28 | 003,629,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioVnN.dll
[2014/01/03 17.26.26 | 027,369,216 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioVnA.dll
[2014/01/03 17.26.25 | 001,677,568 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek2.dll
[2014/01/03 17.26.24 | 013,881,600 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2014/01/03 17.26.24 | 001,935,104 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2014/01/03 17.26.23 | 001,097,984 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO50.dll
[2014/01/03 17.26.23 | 000,860,416 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPOShell.dll
[2014/01/03 17.26.22 | 000,873,728 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO40.dll
[2014/01/03 17.26.22 | 000,509,184 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2014/01/03 17.26.22 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2014/01/03 17.26.22 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2014/01/03 17.26.21 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2014/01/03 17.26.17 | 002,395,680 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2014/01/03 17.26.17 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2014/01/03 17.26.17 | 000,426,944 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2014/01/03 17.26.17 | 000,403,392 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2014/01/03 17.26.17 | 000,346,048 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2014/01/03 17.26.16 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2014/01/03 17.26.16 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2014/01/03 17.26.16 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2014/01/03 17.26.16 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2014/01/03 17.26.16 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2014/01/03 17.26.16 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2014/01/03 17.26.15 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2014/01/03 17.26.15 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2014/01/03 17.26.15 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2014/01/03 17.26.15 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2014/01/03 17.26.15 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2014/01/03 17.26.14 | 006,176,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\DDPP32A.dll
[2014/01/03 17.26.14 | 001,489,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\DDPD32A.dll
[2014/01/03 17.26.14 | 000,272,048 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\DDPO32A.dll
[2014/01/03 17.26.14 | 000,219,312 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\DDPA32.dll
[2014/01/03 17.26.14 | 000,092,584 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
[2014/01/03 17.26.13 | 000,182,472 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2014/01/03 17.26.13 | 000,095,840 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2014/01/03 17.05.03 | 000,000,000 | ---D | C] -- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2014/01/03 15.30.30 | 000,000,000 | R--D | C] -- C:\Users\maury\Desktop\Icone Ufficio
[2014/01/03 15.23.03 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/01/03 15.22.55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/01/03 15.22.55 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/01/03 15.22.53 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/01/03 15.22.53 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/01/03 15.22.48 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/01/03 15.22.48 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014/01/03 15.22.42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/01/01 20.50.48 | 000,000,000 | ---D | C] -- C:\Users\maury\AppData\Roaming\AVAST Software
[2013/12/12 18.07.54 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/12/12 18.07.52 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2013/12/12 18.07.52 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2013/12/12 18.07.52 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2013/12/12 18.07.48 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2013/12/12 18.07.48 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll
[2013/12/07 17.34.53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2013/12/07 17.13.04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
[2013/11/15 14.43.16 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2014/01/04 22.24.40 | 000,132,723 | ---- | M] () -- C:\ProgramData\nvModes.001
[2014/01/04 22.13.50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\maury\Desktop\OTL.exe
[2014/01/04 21.47.11 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2014/01/04 21.46.01 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/04 21.45.55 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\Driver Booster Update.job
[2014/01/04 21.45.50 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 4.job
[2014/01/04 21.45.34 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/04 21.45.33 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/04 21.45.14 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2014/01/04 21.45.08 | 3213,787,136 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/04 21.43.30 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2014/01/04 21.03.13 | 000,001,178 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4123135755-2403480350-4181657236-1000UA.job
[2014/01/04 17.32.53 | 001,233,962 | ---- | M] () -- C:\Users\maury\Desktop\adwcleaner.exe
[2014/01/04 17.28.01 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/04 16.10.21 | 000,002,299 | ---- | M] () -- C:\Users\maury\AppData\Roaming\acervcmtmp.ini
[2014/01/04 13.39.00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2014/01/04 13.23.37 | 000,132,723 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2014/01/03 21.03.01 | 000,001,156 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4123135755-2403480350-4181657236-1000Core.job
[2014/01/03 20.27.05 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014/01/03 20.26.31 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014/01/03 20.26.31 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014/01/03 20.26.30 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014/01/03 18.39.47 | 000,662,846 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2014/01/03 18.39.47 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/03 18.39.47 | 000,120,326 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2014/01/03 18.39.47 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/03 17.45.58 | 000,401,056 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/01/03 17.34.31 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2014/01/03 17.27.02 | 001,824,000 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2014/01/03 17.27.02 | 001,783,056 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2014/01/03 17.27.01 | 001,379,760 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll
[2014/01/03 17.27.01 | 000,819,648 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll
[2014/01/03 17.27.01 | 000,134,584 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll
[2014/01/03 17.27.01 | 000,058,264 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll
[2014/01/03 17.27.00 | 000,345,328 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2014/01/03 17.27.00 | 000,185,584 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2014/01/03 17.27.00 | 000,173,296 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2014/01/03 17.27.00 | 000,140,528 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2014/01/03 17.26.59 | 000,604,928 | ---- | M] (DTS, Inc.) -- C:\Windows\System32\sltech32.dll
[2014/01/03 17.26.59 | 000,218,368 | ---- | M] (TODO: <Company name>) -- C:\Windows\System32\slprp32.dll
[2014/01/03 17.26.58 | 000,938,752 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\slcnt32.dll
[2014/01/03 17.26.57 | 000,823,040 | ---- | M] (DTS, Inc.) -- C:\Windows\System32\sl3apo32.dll
[2014/01/03 17.26.56 | 000,919,600 | ---- | M] (Sony Corporation) -- C:\Windows\System32\SFSS_APO.dll
[2014/01/03 17.26.56 | 000,214,368 | ---- | M] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2014/01/03 17.26.55 | 000,074,080 | ---- | M] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2014/01/03 17.26.55 | 000,068,960 | ---- | M] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2014/01/03 17.26.54 | 005,681,196 | ---- | M] () -- C:\Windows\System32\drivers\rtvienna.dat
[2014/01/03 17.26.54 | 001,596,488 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2014/01/03 17.26.50 | 002,547,928 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2014/01/03 17.26.47 | 000,126,680 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInstII.dll
[2014/01/03 17.26.47 | 000,013,416 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoLDR.dll
[2014/01/03 17.26.45 | 002,329,304 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2014/01/03 17.26.45 | 000,782,040 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2014/01/03 17.26.40 | 000,359,768 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2014/01/03 17.26.40 | 000,078,680 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2014/01/03 17.26.39 | 000,170,840 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2014/01/03 17.26.39 | 000,064,856 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2014/01/03 17.26.38 | 000,693,329 | ---- | M] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2014/01/03 17.26.38 | 000,295,768 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2014/01/03 17.26.38 | 000,295,768 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2014/01/03 17.26.37 | 041,974,272 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2014/01/03 17.26.34 | 007,162,128 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2014/01/03 17.26.33 | 000,865,592 | ---- | M] (Nahimic Inc) -- C:\Windows\System32\NAHIMICAPOSettingsIPC.dll
[2014/01/03 17.26.33 | 000,352,016 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2014/01/03 17.26.33 | 000,106,768 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2014/01/03 17.26.33 | 000,091,920 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2014/01/03 17.26.33 | 000,062,224 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2014/01/03 17.26.32 | 005,115,672 | ---- | M] (Nahimic Inc) -- C:\Windows\System32\NAHIMICAPOlfx.dll
[2014/01/03 17.26.31 | 000,852,016 | ---- | M] (Sony Corporation) -- C:\Windows\System32\MISS_APO.dll
[2014/01/03 17.26.29 | 003,629,824 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioVnN.dll
[2014/01/03 17.26.29 | 000,926,976 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxSpeechAPO.dll
[2014/01/03 17.26.29 | 000,761,088 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVoiceAPO20.dll
[2014/01/03 17.26.29 | 000,509,184 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2014/01/03 17.26.28 | 027,369,216 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioVnA.dll
[2014/01/03 17.26.25 | 013,881,600 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2014/01/03 17.26.25 | 001,677,568 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek2.dll
[2014/01/03 17.26.24 | 001,935,104 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2014/01/03 17.26.23 | 001,097,984 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO50.dll
[2014/01/03 17.26.23 | 000,873,728 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO40.dll
[2014/01/03 17.26.23 | 000,860,416 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPOShell.dll
[2014/01/03 17.26.22 | 000,509,184 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2014/01/03 17.26.22 | 000,232,792 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2014/01/03 17.26.22 | 000,132,368 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2014/01/03 17.26.21 | 000,357,712 | ---- | M] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2014/01/03 17.26.17 | 002,395,680 | ---- | M] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2014/01/03 17.26.17 | 000,631,400 | ---- | M] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2014/01/03 17.26.17 | 000,601,704 | ---- | M] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2014/01/03 17.26.17 | 000,426,944 | ---- | M] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2014/01/03 17.26.17 | 000,403,392 | ---- | M] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2014/01/03 17.26.17 | 000,346,048 | ---- | M] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2014/01/03 17.26.16 | 001,509,480 | ---- | M] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2014/01/03 17.26.16 | 001,292,904 | ---- | M] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2014/01/03 17.26.16 | 000,458,344 | ---- | M] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2014/01/03 17.26.16 | 000,375,400 | ---- | M] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2014/01/03 17.26.16 | 000,218,728 | ---- | M] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2014/01/03 17.26.16 | 000,218,216 | ---- | M] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2014/01/03 17.26.15 | 006,176,944 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\DDPP32A.dll
[2014/01/03 17.26.15 | 001,220,200 | ---- | M] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2014/01/03 17.26.15 | 000,654,952 | ---- | M] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2014/01/03 17.26.15 | 000,389,736 | ---- | M] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2014/01/03 17.26.15 | 000,218,728 | ---- | M] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2014/01/03 17.26.14 | 001,489,072 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\DDPD32A.dll
[2014/01/03 17.26.14 | 000,272,048 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\DDPO32A.dll
[2014/01/03 17.26.14 | 000,219,312 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\DDPA32.dll
[2014/01/03 17.26.14 | 000,092,584 | ---- | M] (Real Sound Lab SIA) -- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
[2014/01/03 17.26.13 | 000,502,584 | ---- | M] () -- C:\Windows\System32\audioLibVc.dll
[2014/01/03 17.26.13 | 000,188,696 | ---- | M] () -- C:\Windows\System32\AcpiServiceVnA.dll
[2014/01/03 17.26.13 | 000,182,472 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2014/01/03 17.26.13 | 000,095,840 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2014/01/03 16.48.02 | 000,001,959 | ---- | M] () -- C:\Users\maury\Desktop\Google Chrome.lnk
[2014/01/03 15.40.47 | 000,000,104 | ---- | M] () -- C:\Users\maury\Desktop\Cestino - collegamento.lnk
[2014/01/03 15.32.33 | 000,133,120 | ---- | M] () -- C:\Users\maury\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/12/24 03.06.38 | 000,101,664 | ---- | M] (Glarysoft Ltd) -- C:\Windows\System32\BootDefrag.exe
[2013/12/23 05.01.30 | 000,014,528 | ---- | M] (Glarysoft Ltd) -- C:\Windows\System32\drivers\BootDefragDriver.sys
[2013/12/07 17.33.55 | 000,774,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/12/07 17.33.55 | 000,403,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/12/07 17.33.55 | 000,178,304 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/12/07 17.33.55 | 000,057,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/12/07 17.33.55 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/12/07 17.33.54 | 000,070,384 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/12/07 17.33.54 | 000,054,832 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2013/12/07 17.33.54 | 000,035,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/12/07 17.33.53 | 000,269,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/12/07 17.33.53 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/12/07 17.26.38 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/12/07 17.07.45 | 000,001,356 | ---- | M] () -- C:\Users\maury\AppData\Local\d3d9caps.dat
[2013/11/26 12.25.54 | 000,230,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013/11/14 23.50.50 | 001,806,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/11/14 23.42.32 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/11/14 23.41.18 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/11/14 23.40.04 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/11/14 23.38.54 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/11/14 23.37.32 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/11/14 23.35.52 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/11/14 23.32.56 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/04 17.32.21 | 001,233,962 | ---- | C] () -- C:\Users\maury\Desktop\adwcleaner.exe
[2014/01/04 13.12.29 | 000,000,853 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4.lnk
[2014/01/04 13.12.28 | 000,000,320 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize 4.job
[2014/01/03 17.34.31 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/01/03 17.26.54 | 005,681,196 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
[2014/01/03 17.26.38 | 000,693,329 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2014/01/03 17.26.13 | 000,502,584 | ---- | C] () -- C:\Windows\System32\audioLibVc.dll
[2014/01/03 17.26.13 | 000,188,696 | ---- | C] () -- C:\Windows\System32\AcpiServiceVnA.dll
[2014/01/03 16.48.02 | 000,001,959 | ---- | C] () -- C:\Users\maury\Desktop\Google Chrome.lnk
[2013/12/07 17.13.20 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\Driver Booster Update.job
[2013/11/20 14.46.45 | 3213,787,136 | -HS- | C] () -- C:\hiberfil.sys
[2013/11/15 14.43.18 | 000,218,228 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2013/05/09 20.22.50 | 000,000,644 | RHS- | C] () -- C:\Users\maury\ntuser.pol
[2013/03/22 18.52.33 | 000,178,304 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/22 18.52.33 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/01/31 08.08.34 | 000,039,904 | ---- | C] () -- C:\Windows\System32\dischandler.exe
[2013/01/25 17.48.32 | 003,915,776 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll
[2013/01/25 17.47.32 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2013/01/25 17.46.18 | 000,271,360 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2013/01/25 17.46.16 | 000,157,184 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2013/01/25 17.46.16 | 000,099,840 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2013/01/25 17.46.12 | 000,211,968 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2013/01/25 17.46.12 | 000,147,456 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2013/01/25 17.46.08 | 001,525,760 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2013/01/25 17.46.08 | 000,114,688 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2013/01/25 17.00.40 | 000,384,472 | ---- | C] () -- C:\Windows\System32\swscale-lav-2.dll
[2013/01/25 17.00.40 | 000,247,920 | ---- | C] () -- C:\Windows\System32\avutil-lav-52.dll
[2013/01/25 17.00.40 | 000,183,976 | ---- | C] () -- C:\Windows\System32\libbluray.dll
[2013/01/25 17.00.40 | 000,165,160 | ---- | C] () -- C:\Windows\System32\avresample-lav-1.dll
[2013/01/25 17.00.38 | 007,833,552 | ---- | C] () -- C:\Windows\System32\avcodec-lav-54.dll
[2013/01/25 17.00.38 | 001,257,464 | ---- | C] () -- C:\Windows\System32\avformat-lav-54.dll
[2013/01/25 17.00.38 | 000,169,888 | ---- | C] () -- C:\Windows\System32\avfilter-lav-3.dll
[2012/09/29 23.47.28 | 000,000,178 | ---- | C] () -- C:\Windows\System32\Formats.ini
[2012/07/04 21.31.08 | 000,000,000 | ---- | C] () -- C:\Users\maury\AppData\Roaming\wklnhst.dat
[2010/11/18 15.11.14 | 000,025,705 | ---- | C] () -- C:\Users\maury\AppData\Roaming\UserTile.png
[2008/12/13 21.35.40 | 000,000,088 | ---- | C] () -- C:\Users\maury\AppData\Local\tbfedi.bat
[2008/12/13 15.43.41 | 000,002,299 | ---- | C] () -- C:\Users\maury\AppData\Roaming\acervcmtmp.ini
[2008/12/02 15.43.03 | 000,001,356 | ---- | C] () -- C:\Users\maury\AppData\Local\d3d9caps.dat
[2008/12/02 15.39.20 | 000,132,723 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/12/02 15.39.07 | 000,132,723 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/12/01 20.11.32 | 000,133,120 | ---- | C] () -- C:\Users\maury\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 13.54.22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18.47.00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07.28.19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07.28.25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008/07/31 17.52.22 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2008/07/31 17.52.22 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2009/08/20 16.37.36 | 000,000,000 | -HSD | M] -- C:\Users\maury\AppData\Roaming\.#
[2008/12/04 15.11.08 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Acer
[2008/07/31 17.52.22 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Acer GameZone Console
[2011/10/16 15.37.33 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Ashampoo
[2012/04/20 18.50.45 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Autodesk
[2014/01/01 20.50.48 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\AVAST Software
[2011/08/16 15.48.14 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\AVG10
[2010/11/18 14.12.44 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Azureus
[2008/12/05 17.04.14 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Big Fish Games
[2008/12/13 23.09.59 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Canneverbe_Limited
[2013/03/18 14.57.18 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\DAEMON Tools Lite
[2009/08/20 12.16.47 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Datalayer
[2008/12/13 17.31.54 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\eSobi
[2008/12/11 09.17.21 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Gaijin Ent
[2008/12/12 19.49.13 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\GameHouse
[2014/01/04 13.12.37 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\GlarySoft
[2013/12/07 17.14.03 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\IObit
[2010/07/18 16.15.14 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\NCH Swift Sound
[2012/01/19 21.11.42 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Nokia
[2013/05/09 21.33.42 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\OOo4Kids
[2012/01/19 21.11.15 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\PC Suite
[2010/11/18 15.11.13 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\PeerNetworking
[2008/12/12 22.30.59 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\PlayFirst
[2011/11/16 23.08.05 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\PlayPond
[2011/07/13 13.21.34 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Publish Providers
[2010/07/18 15.45.10 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Recordpad
[2011/07/13 13.21.10 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Sony
[2011/11/20 17.42.37 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Sports Interactive
[2013/01/02 16.24.08 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\TeamViewer
[2012/07/04 21.31.13 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Template
[2011/08/18 15.06.43 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\TomTom
[2010/07/01 09.25.57 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\Uniblue
[2014/01/04 17.14.50 | 000,000,000 | ---D | M] -- C:\Users\maury\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:953FDC1A
@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:4E6B8D68
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:1D6B18F1
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:8CE646EE
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:193426B4
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:C86B29EB
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:4BB26BE9
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:FC420CE6
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:C95B63DA
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:5C321E34
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:861A898F
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4F636E25
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:8173A019
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:708BB0FA
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:E36F5B57
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:131C0EE9
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:B623B5B8
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:A561576B
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:FEBEC560
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:957E9765
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:580E04D8
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:793F316E
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:9E22BBE8

< End of report >

Torna in alto

shapiro

Inviato: Sunday, January 05, 2014 10:40:48 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

pulisci il sistema con avast Browser Cleanup

controlla se il pc ha ancora problemi

Torna in alto

massimob

Inviato: Sunday, January 05, 2014 11:23:04 AM

Rank: AiutAmico

Iscritto dal : 12/13/2005
Posts: 162

Grazie shapiro il computer sembra essere tornato normale. Se non ti dispiace faccio un altra richiesta, sul mio notebook ho gli altoparlanti che gracchiano.
Secondo te può essere un problema di software o è solo colpa dell'hardware?
Grazie.
Massimo

Torna in alto

shapiro

Inviato: Sunday, January 05, 2014 11:47:32 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

se fanno rumore sicuramnte il problema e' di natura hardware, apri una discussione nella sezione adatta

ora apri otl e clicca su cleanup rimuoverai otl al riavvio

disattiva il ripristino, riavvia il pc riattivalo e crea un nuovo punto

fai pulizia con ccleaner qui trovi una guida molto utile preparata da Alfonso col suo sudore Drool

Torna in alto

Utenti presenti in questo topic

Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » computer lento - logfile

Salta al Forum

Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Invia topic via Email

RSS Feed

Watch this topic

Stampa topic

Normale

Threaded