Ho copiato questi log perche' non sono riuscito a salvarli dopo "sfoglia"
Spero che vadano bene.
Grazie mille.A presto
OTL Extras logfile created on: 16/07/2014 12.16.10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Defazio\Documenti\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
1014,36 Mb Total Physical Memory | 377,51 Mb Available Physical Memory | 37,22% Memory free
2,38 Gb Paging File | 1,87 Gb Available in Paging File | 78,62% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 119,16 Gb Total Space | 89,08 Gb Free Space | 74,76% Space Free | Partition Type: NTFS
Drive E: | 29,89 Gb Total Space | 27,20 Gb Free Space | 91,00% Space Free | Partition Type: NTFS
Computer Name: GIUSEPPE | User Name: Peppino | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programmi\Google\Google Earth\client\googleearth.exe" = C:\Programmi\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\Programmi\Java\jre7\bin\java.exe" = C:\Programmi\Java\jre7\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Programmi\Skype\Phone\Skype.exe" = C:\Programmi\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Programmi\AVG\AVG2014\avgmfapx.exe" = C:\Programmi\AVG\AVG2014\avgmfapx.exe:*:Enabled:Installazione di AVG
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03F15CFC-BA7D-48B8-AA16-7F152BA27547}" = OpenOffice 4.0.1
"{1D76557F-04F5-4CF9-AB20-6A621B0D52D7}" = MyPDFConverter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Strumento di caricamento di Windows Live
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 55
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6F695BCF-9BDC-48AB-8D46-D57CFAD7A248}" = Assistente per l'accesso a Windows Live
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{89505A66-35F0-4401-B3AD-D077051F8698}" = Qtrax Player
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{95120000-00AF-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Italian)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1040-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Italiano
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"ie8" = Windows Internet Explorer 8
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware versione 2.0.2.1012
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Mozilla Firefox 30.0 (x86 it)" = Mozilla Firefox 30.0 (x86 it)
"Mozilla Thunderbird 24.6.0 (x86 it)" = Mozilla Thunderbird 24.6.0 (x86 it)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Picasa 3" = Picasa 3
"Samsung ML-1660 Series" = Manutenzione Samsung ML-1660 Series
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google+ Auto Backup" = Google+ Auto Backup
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google+ Auto Backup" = Google+ Auto Backup
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Image Editor Packages" = Image Editor Packages
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 08/04/2014 12.48.51 | Computer Name = GIUSEPPE | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore machineidcreator.exe, versione
14.0.0.6, modulo che ha provocato l'errore avguidx.dll, versione 2012.0.0.1, indirizzo
errore 0x00028fa6.
Error - 08/04/2014 18.10.07 | Computer Name = GIUSEPPE | Source = MsiInstaller | ID = 10005
Description = SA_Error1709: StandardAction(0xC00706AD): Prodotto: AVG 2014 -- Errore
27054. CA_Error27054: SetupAction(0xC0070642): Installazione non riuscita.
Error - 09/04/2014 4.47.14 | Computer Name = GIUSEPPE | Source = Application Hang | ID = 1002
Description = Applicazione in stallo firefox.exe, versione 28.0.0.5186, modulo in
stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.
Error - 16/04/2014 6.14.24 | Computer Name = GIUSEPPE | Source = MsiInstaller | ID = 1013
Description = Product: Skype Click to Call -- Installation cannot proceed on this
operating system.
Error - 16/05/2014 13.54.17 | Computer Name = GIUSEPPE | Source = Application Hang | ID = 1002
Description = Applicazione in stallo iexplore.exe, versione 8.0.6001.18702, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.
Error - 08/06/2014 10.37.49 | Computer Name = GIUSEPPE | Source = Application Hang | ID = 1002
Description = Applicazione in stallo iexplore.exe, versione 8.0.6001.18702, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.
Error - 15/06/2014 6.26.52 | Computer Name = GIUSEPPE | Source = MsiInstaller | ID = 1013
Description = Product: Skype Click to Call -- Installation cannot proceed on this
operating system.
Error - 19/06/2014 12.28.41 | Computer Name = GIUSEPPE | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore machineidcreator.exe, versione
14.0.0.12, modulo che ha provocato l'errore avguidx.dll, versione 2012.0.0.1, indirizzo
errore 0x0002714a.
Error - 19/06/2014 12.28.47 | Computer Name = GIUSEPPE | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore machineidcreator.exe, versione
14.0.0.12, modulo che ha provocato l'errore avguidx.dll, versione 2012.0.0.1, indirizzo
errore 0x0002714a.
Error - 05/07/2014 11.28.59 | Computer Name = GIUSEPPE | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore mbam.exe, versione 1.0.0.532,
modulo che ha provocato l'errore mbamcore.dll, versione 1.0.11.0, indirizzo errore
0x000af5c8.
[ System Events ]
Error - 16/07/2014 5.07.04 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio Scheda WMI Performance. Questo
evento si è già verificato 1 volta(e).
Error - 16/07/2014 5.07.04 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7031
Description = Il servizio Bluetooth Service è terminato in modo imprevisto. Questo
problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite
tra 60000 millisecondi: Riavvia il servizio.
Error - 16/07/2014 5.07.04 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7031
Description = Il servizio Spooler di stampa è terminato in modo imprevisto. Questo
problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite
tra 60000 millisecondi: Riavvia il servizio.
Error - 16/07/2014 5.07.04 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7031
Description = Il servizio Apple Mobile Device è terminato in modo imprevisto. Questo
problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite
tra 60000 millisecondi: Riavvia il servizio.
Error - 16/07/2014 5.07.05 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio Servizio Gateway di livello applicazione.
Questo evento si è già verificato 1 volta(e).
Error - 16/07/2014 5.07.05 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio Java Quick Starter. Questo evento
si è già verificato 1 volta(e).
Error - 16/07/2014 5.09.02 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 millisecondi) durante l'attesa della connessione del
servizio Microsoft Antimalware Service.
Error - 16/07/2014 5.09.02 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7000
Description = Il servizio Microsoft Antimalware Service non è stato avviato per
il seguente errore: %%1053
Error - 16/07/2014 5.09.02 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7000
Description = Il servizio DgiVecp non è stato avviato per il seguente errore: %%2
Error - 16/07/2014 5.09.02 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7000
Description = Il servizio SSPORT non è stato avviato per il seguente errore: %%2
< End of report >
OTL Extras logfile created on: 16/07/2014 12.16.10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Defazio\Documenti\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
1014,36 Mb Total Physical Memory | 377,51 Mb Available Physical Memory | 37,22% Memory free
2,38 Gb Paging File | 1,87 Gb Available in Paging File | 78,62% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 119,16 Gb Total Space | 89,08 Gb Free Space | 74,76% Space Free | Partition Type: NTFS
Drive E: | 29,89 Gb Total Space | 27,20 Gb Free Space | 91,00% Space Free | Partition Type: NTFS
Computer Name: GIUSEPPE | User Name: Peppino | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programmi\Google\Google Earth\client\googleearth.exe" = C:\Programmi\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\Programmi\Java\jre7\bin\java.exe" = C:\Programmi\Java\jre7\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Programmi\Skype\Phone\Skype.exe" = C:\Programmi\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Programmi\AVG\AVG2014\avgmfapx.exe" = C:\Programmi\AVG\AVG2014\avgmfapx.exe:*:Enabled:Installazione di AVG
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03F15CFC-BA7D-48B8-AA16-7F152BA27547}" = OpenOffice 4.0.1
"{1D76557F-04F5-4CF9-AB20-6A621B0D52D7}" = MyPDFConverter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Strumento di caricamento di Windows Live
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 55
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6F695BCF-9BDC-48AB-8D46-D57CFAD7A248}" = Assistente per l'accesso a Windows Live
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{89505A66-35F0-4401-B3AD-D077051F8698}" = Qtrax Player
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{95120000-00AF-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Italian)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1040-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Italiano
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"ie8" = Windows Internet Explorer 8
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware versione 2.0.2.1012
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Mozilla Firefox 30.0 (x86 it)" = Mozilla Firefox 30.0 (x86 it)
"Mozilla Thunderbird 24.6.0 (x86 it)" = Mozilla Thunderbird 24.6.0 (x86 it)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Picasa 3" = Picasa 3
"Samsung ML-1660 Series" = Manutenzione Samsung ML-1660 Series
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google+ Auto Backup" = Google+ Auto Backup
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google+ Auto Backup" = Google+ Auto Backup
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Image Editor Packages" = Image Editor Packages
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 08/04/2014 12.48.51 | Computer Name = GIUSEPPE | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore machineidcreator.exe, versione
14.0.0.6, modulo che ha provocato l'errore avguidx.dll, versione 2012.0.0.1, indirizzo
errore 0x00028fa6.
Error - 08/04/2014 18.10.07 | Computer Name = GIUSEPPE | Source = MsiInstaller | ID = 10005
Description = SA_Error1709: StandardAction(0xC00706AD): Prodotto: AVG 2014 -- Errore
27054. CA_Error27054: SetupAction(0xC0070642): Installazione non riuscita.
Error - 09/04/2014 4.47.14 | Computer Name = GIUSEPPE | Source = Application Hang | ID = 1002
Description = Applicazione in stallo firefox.exe, versione 28.0.0.5186, modulo in
stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.
Error - 16/04/2014 6.14.24 | Computer Name = GIUSEPPE | Source = MsiInstaller | ID = 1013
Description = Product: Skype Click to Call -- Installation cannot proceed on this
operating system.
Error - 16/05/2014 13.54.17 | Computer Name = GIUSEPPE | Source = Application Hang | ID = 1002
Description = Applicazione in stallo iexplore.exe, versione 8.0.6001.18702, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.
Error - 08/06/2014 10.37.49 | Computer Name = GIUSEPPE | Source = Application Hang | ID = 1002
Description = Applicazione in stallo iexplore.exe, versione 8.0.6001.18702, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.
Error - 15/06/2014 6.26.52 | Computer Name = GIUSEPPE | Source = MsiInstaller | ID = 1013
Description = Product: Skype Click to Call -- Installation cannot proceed on this
operating system.
Error - 19/06/2014 12.28.41 | Computer Name = GIUSEPPE | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore machineidcreator.exe, versione
14.0.0.12, modulo che ha provocato l'errore avguidx.dll, versione 2012.0.0.1, indirizzo
errore 0x0002714a.
Error - 19/06/2014 12.28.47 | Computer Name = GIUSEPPE | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore machineidcreator.exe, versione
14.0.0.12, modulo che ha provocato l'errore avguidx.dll, versione 2012.0.0.1, indirizzo
errore 0x0002714a.
Error - 05/07/2014 11.28.59 | Computer Name = GIUSEPPE | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore mbam.exe, versione 1.0.0.532,
modulo che ha provocato l'errore mbamcore.dll, versione 1.0.11.0, indirizzo errore
0x000af5c8.
[ System Events ]
Error - 16/07/2014 5.07.04 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio Scheda WMI Performance. Questo
evento si è già verificato 1 volta(e).
Error - 16/07/2014 5.07.04 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7031
Description = Il servizio Bluetooth Service è terminato in modo imprevisto. Questo
problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite
tra 60000 millisecondi: Riavvia il servizio.
Error - 16/07/2014 5.07.04 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7031
Description = Il servizio Spooler di stampa è terminato in modo imprevisto. Questo
problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite
tra 60000 millisecondi: Riavvia il servizio.
Error - 16/07/2014 5.07.04 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7031
Description = Il servizio Apple Mobile Device è terminato in modo imprevisto. Questo
problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite
tra 60000 millisecondi: Riavvia il servizio.
Error - 16/07/2014 5.07.05 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio Servizio Gateway di livello applicazione.
Questo evento si è già verificato 1 volta(e).
Error - 16/07/2014 5.07.05 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio Java Quick Starter. Questo evento
si è già verificato 1 volta(e).
Error - 16/07/2014 5.09.02 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 millisecondi) durante l'attesa della connessione del
servizio Microsoft Antimalware Service.
Error - 16/07/2014 5.09.02 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7000
Description = Il servizio Microsoft Antimalware Service non è stato avviato per
il seguente errore: %%1053
Error - 16/07/2014 5.09.02 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7000
Description = Il servizio DgiVecp non è stato avviato per il seguente errore: %%2
Error - 16/07/2014 5.09.02 | Computer Name = GIUSEPPE | Source = Service Control Manager | ID = 7000
Description = Il servizio SSPORT non è stato avviato per il seguente errore: %%2
< End of report >
OTL logfile created on: 16/07/2014 12.16.10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Defazio\Documenti\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
1014,36 Mb Total Physical Memory | 377,51 Mb Available Physical Memory | 37,22% Memory free
2,38 Gb Paging File | 1,87 Gb Available in Paging File | 78,62% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 119,16 Gb Total Space | 89,08 Gb Free Space | 74,76% Space Free | Partition Type: NTFS
Drive E: | 29,89 Gb Total Space | 27,20 Gb Free Space | 91,00% Space Free | Partition Type: NTFS
Computer Name: GIUSEPPE | User Name: Peppino | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\xxxxxxx\Documenti\Download\OTL.exe (OldTimer Tools)
PRC - C:\Programmi\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programmi\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programmi\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Documents and Settings\All Users\Dati applicazioni\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ========== MOD - C:\Programmi\AVAST Software\Avast\defs\14071600\algo.dll ()
MOD - C:\Programmi\AVAST Software\Avast\defs\14071501\algo.dll ()
MOD - C:\Programmi\AVAST Software\Avast\libcef.dll ()
MOD - C:\Programmi\AVAST Software\Avast\aswProperty.dll ()
MOD - C:\Programmi\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programmi\File comuni\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programmi\File comuni\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\WINDOWS\system32\ssp7ml3.dll ()
MOD - C:\WINDOWS\system32\btwicons.dll ()
========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (MozillaMaintenance) -- C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (JavaQuickStarterService) -- C:\Programmi\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (MsMpSvc) -- c:\Programmi\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Programmi\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Skype C2C Service) -- C:\Documents and Settings\All Users\Dati applicazioni\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (Apple Mobile Device) -- C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (BBSvc) -- C:\Programmi\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found
DRV - (SSPORT) -- C:\WINDOWS\system32\Drivers\SSPORT.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (ialm) -- system32\DRIVERS\igxpmp32.sys File not found
DRV - (i2omgmt) -- File not found
DRV - (DgiVecp) -- C:\WINDOWS\system32\Drivers\DgiVecp.sys File not found
DRV - (Changer) -- File not found
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswsp.sys (AVAST Software)
DRV - (aswSnx) -- C:\WINDOWS\system32\drivers\aswsnx.sys (AVAST Software)
DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys ()
DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswrdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys ()
DRV - (aswHwid) -- C:\WINDOWS\system32\drivers\aswHwid.sys ()
DRV - (avgtp) -- C:\WINDOWS\system32\drivers\avgtpx86.sys (AVG Technologies)
DRV - (taphss) -- C:\WINDOWS\system32\drivers\taphss.sys (AnchorFree Inc)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (winbondhidcir) -- C:\WINDOWS\system32\drivers\winbondhidcir.sys (Winbond Electronics Corporation)
DRV - (hidshim) -- C:\WINDOWS\system32\drivers\hidshim.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (PQNTDrv) -- C:\WINDOWS\System32\drivers\PQNTDRV.sys (PowerQuest Corporation)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://www.google.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.comIE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{7C4BD5C5-D77C-470D-8B52-B0A0449EA0D4}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" =
https://it.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.comIE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.comIE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.comIE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.comIE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.comIE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.comIE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.comIE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
https://it.yahoo.com?fr=hp-avast&type=avastbcl
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
https://it.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://it.msn.com/?ocid=iehpIE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 84 A5 2D 3A 64 FB CB 01 [binary data]
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.comIE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.comIE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\..\SearchScopes\{7C4BD5C5-D77C-470D-8B52-B0A0449EA0D4}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLR_itIT576
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" =
https://it.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\..\SearchScopes\{ACB5CC93-A74D-4A17-82D8-6DC05D42740B}: "URL" =
http://it.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=114576&p={searchTerms}
IE - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..browser.search.defaultenginename: "Yahoo!"
FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
FF - prefs.js..keyword.URL: "http://it.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=114576&p="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programmi\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Programmi\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Programmi\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programmi\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programmi\Google\Google Updater\2.4.2166.3772\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programmi\AVAST Software\Avast\WebRep\FF [2014/07/08 09.59.07 | 000,000,000 | ---D | M]
[2013/03/22 20.13.11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Defazio\Dati applicazioni\Mozilla\Extensions
[2014/04/07 11.18.58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Defazio\Dati applicazioni\Mozilla\Firefox\Profiles\c1yuq6eb.default-1373220814140\extensions
[2014/02/22 20.17.33 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Documents and Settings\Defazio\Dati applicazioni\Mozilla\Firefox\Profiles\c1yuq6eb.default-1373220814140\extensions\ascsurfingprotection@iobit.com
[2014/05/21 10.57.27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Defazio\Dati applicazioni\Mozilla\Firefox\Profiles\c1yuq6eb.default-1373220814140\extensions\staged
[2014/04/07 11.18.58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Defazio\Dati applicazioni\Mozilla\Firefox\Profiles\e4dwgcxi(2).default\extensions
[2014/02/22 20.17.33 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Documents and Settings\Defazio\Dati applicazioni\Mozilla\Firefox\Profiles\e4dwgcxi(2).default\extensions\ascsurfingprotection@iobit.com
[2014/05/21 10.57.28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Defazio\Dati applicazioni\Mozilla\Firefox\Profiles\e4dwgcxi(2).default\extensions\staged
[2014/07/15 15.34.40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Defazio\Dati applicazioni\Mozilla\Firefox\Profiles\e4dwgcxi.default\extensions
[2014/06/04 20.52.01 | 000,967,387 | ---- | M] () (No name found) -- C:\Documents and Settings\Defazio\Dati applicazioni\Mozilla\Firefox\Profiles\e4dwgcxi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/02/22 20.07.26 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\Defazio\Dati applicazioni\Mozilla\Firefox\Profiles\c1yuq6eb.default-1373220814140\searchplugins\yahoo_ff.xml
[2014/06/15 12.29.56 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\browser\extensions
[2014/06/15 12.29.56 | 000,000,000 | ---D | M] (Default) -- C:\Programmi\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/06/15 12.29.55 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\distribution\extensions
[2014/06/15 12.29.55 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programmi\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
O1 HOSTS File: ([2013/05/26 10.31.41 | 000,448,583 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15405 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (no name) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - No CLSID value found.
O3 - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\..\Toolbar\WebBrowser: (no name) - {41564952-412D-5637-4300-7A786E7484D7} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Programmi\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] c:\Programmi\File comuni\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] c:\Programmi\File comuni\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004..\Run: [Adobe Reader Synchronizer] C:\Programmi\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Block This Image (ABP) - Reg Error: Value error. File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - Reg Error: Key error. File not found
O15 - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\..Trusted Domains: localhost ([]http in Intranet locale)
O15 - HKU\S-1-5-21-1123561945-1229272821-1417001333-1004\..Trusted Ranges: GD ([http] in Intranet locale)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.101.93.101 83.103.25.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5F56618-8703-499C-9488-908C3F249C8D}: DhcpNameServer = 62.101.93.101 83.103.25.250
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Defazio\Dati applicazioni\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Defazio\Dati applicazioni\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/04/05 09.13.00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 60 Days ========== [2014/07/16 11.28.49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/07/15 21.19.41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Defazio\Recent
[2014/07/12 16.50.43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Defazio\Documenti\Downloads
[2014/07/08 10.03.03 | 000,000,000 | ---D | C] -- C:\WINDOWS\jumpshot.com
[2014/07/08 09.59.04 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/07/03 10.26.11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Defazio\Impostazioni locali\Dati applicazioni\Adobe
[2014/07/01 18.57.40 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Thunderbird
[2014/06/24 16.49.44 | 000,000,000 | R--D | C] -- C:\Immagini
[2014/06/20 18.41.20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Auslogics
[2014/06/20 18.41.17 | 000,000,000 | ---D | C] -- C:\Programmi\Auslogics
[2014/06/19 18.28.53 | 000,042,272 | ---- | C] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2014/05/21 10.57.14 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\System32\sqlite3.dll
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\All Users\Dati applicazioni\*.tmp files -> C:\Documents and Settings\All Users\Dati applicazioni\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 60 Days ========== [2014/07/16 12.22.00 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5B2BBFCB-D88F-41A9-9DE4-3F8269B043D0}.job
[2014/07/16 12.02.00 | 000,001,130 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/16 11.55.00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/07/16 11.09.31 | 000,000,356 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/07/16 11.09.05 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/07/16 11.08.46 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/16 11.08.39 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Accesso.job
[2014/07/16 11.08.27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/07/16 10.48.09 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/07/15 14.41.25 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\Defazio\Desktop\Internet Explorer.lnk
[2014/07/15 14.41.18 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2014/07/14 19.15.34 | 000,000,147 | ---- | M] () -- C:\Documents and Settings\Defazio\Desktop\lela.crpe 251520pe.URL
[2014/07/09 12.55.46 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/07/09 12.55.46 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/07/08 19.43.30 | 000,017,940 | ---- | M] () -- C:\Documents and Settings\Defazio\Desktop\note importanti.odt
[2014/07/08 09.59.22 | 000,001,697 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2014/07/08 09.59.19 | 000,414,520 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2014/07/08 09.59.05 | 000,779,536 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsnx.sys
[2014/07/08 09.59.05 | 000,192,352 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/07/08 09.59.05 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/07/08 09.59.05 | 000,057,800 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/07/08 09.59.05 | 000,055,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswrdr.sys
[2014/07/08 09.59.05 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/07/08 09.59.05 | 000,024,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2014/07/08 09.59.04 | 000,276,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/07/08 09.59.04 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/07/07 15.53.48 | 000,000,181 | ---- | M] () -- C:\Documents and Settings\Defazio\Desktop\Valore SPREAD BTP Italia 10 anni - Bund di oggi aggiornato in tempo reale.URL
[2014/06/30 11.08.33 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2014/06/29 14.54.49 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Thunderbird.lnk
[2014/06/28 14.28.11 | 000,000,684 | ---- | M] () -- C:\Documents and Settings\Defazio\Desktop\Outlook.lnk
[2014/06/24 17.09.05 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\Defazio\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/06/20 23.43.55 | 000,042,272 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2014/06/20 18.41.20 | 000,000,871 | ---- | M] () -- C:\Documents and Settings\Defazio\Desktop\Auslogics Disk Defrag.lnk
[2014/06/08 16.46.47 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\Defazio\Desktop\Carispezia.url
[2014/06/08 15.00.00 | 000,000,220 | ---- | M] () -- C:\WINDOWS\tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Mensile.job
[2014/06/03 16.53.34 | 000,000,749 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\All Users\Dati applicazioni\*.tmp files -> C:\Documents and Settings\All Users\Dati applicazioni\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2014/06/29 14.54.49 | 000,001,638 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Mozilla Thunderbird.lnk
[2014/06/29 14.54.49 | 000,001,632 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Thunderbird.lnk
[2014/06/28 14.28.11 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\Defazio\Desktop\Outlook.lnk
[2014/06/20 18.41.20 | 000,000,871 | ---- | C] () -- C:\Documents and Settings\Defazio\Desktop\Auslogics Disk Defrag.lnk
[2014/06/08 16.46.47 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\Defazio\Desktop\Carispezia.url
[2014/04/24 16.37.38 | 000,192,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/04/24 16.37.38 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/04/24 16.37.38 | 000,024,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2013/12/28 12.06.05 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dati applicazioni\WBPU-TTL.DAT
[2013/12/28 12.06.04 | 000,000,110 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dati applicazioni\WB.CFG
[2013/05/15 12.26.44 | 000,085,373 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2013/01/08 14.15.31 | 000,007,943 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012/08/02 14.49.38 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/04/05 16.02.52 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\Defazio\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ========== [2011/04/15 17.33.12 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19.13.52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12.51.43 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19.13.58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2013/03/22 11.53.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\16F
[2011/04/05 11.15.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Alwil Software
[2013/04/26 18.20.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AnySend
[2014/01/28 14.52.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AppsWatcher
[2014/04/24 16.35.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVAST Software
[2014/04/09 00.13.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVG2014
[2011/04/06 19.02.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\avg9
[2011/04/06 19.06.52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Common Files
[2014/02/22 20.11.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\IObit
[2014/04/09 00.13.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MFAData
[2014/02/22 20.08.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\ProductData
[2013/12/26 15.36.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TEMP
[2012/01/22 19.49.47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\WinZip
[2012/01/21 13.33.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\WinZipEC
[2014/02/22 20.08.07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2012/01/29 21.50.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/10/13 10.36.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dati applicazioni\TuneUp Software
[2012/12/16 20.18.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\Adblock Pro
[2013/04/26 18.19.57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\AnySend
[2011/09/21 15.34.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\Auslogics
[2014/04/24 16.38.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\AVAST Software
[2011/04/06 19.07.37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\AVG10
[2011/11/25 18.52.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\AVG2012
[2012/10/04 19.25.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\AVG2013
[2014/04/06 21.01.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\AVG2014
[2013/11/18 21.35.03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\Dropbox
[2012/08/24 20.22.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\EmoticoonsToolbar
[2014/02/13 20.22.50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\Eusing
[2014/02/22 20.17.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\IObit
[2013/10/14 18.45.27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\OpenOffice
[2011/04/05 19.26.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\OpenOffice.org
[2012/07/30 00.19.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\Oracle
[2013/02/26 17.36.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\Spotflux
[2013/10/12 14.05.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\SumatraPDF
[2012/12/22 21.49.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\Thunderbird
[2012/10/04 19.23.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\TuneUp Software
[2011/06/05 18.44.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Defazio\Dati applicazioni\uTorrent
[2012/11/14 11.32.07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEMP\Dati applicazioni\AVG Secure Search
[2012/11/14 11.32.07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEMP\Dati applicazioni\AVG2013
[2012/11/14 11.32.07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TEMP\Dati applicazioni\TuneUp Software
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:AD022376
< End of report >
