~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by franco on 06/08/2014 at 6.43.52,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06/08/2014 at 6.47.12,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
mi sembra non ci sia nulla.

---

Questo e' il risultato dell'altra scansione-ADW Cleaner.anche qui mi sembra non ci sia neanche un topo!

# AdwCleaner v3.302 - Rapporto creato 06/08/2014 in 07:05:31
# Aggiornato 30/07/2014 di Xplode
# Sistema operativo : Microsoft Windows XP Service Pack 3 (32 bits)
# Nome utente : franco - FRANCO-0D1BACF2
# In esecuzione da : C:\Documents and Settings\franco\desktop\antivirus e altro\adwcleaner_3.302 (1).exe
# Opzione : Pulisci

***** [ Servizi ] *****


***** [ File / Cartelle ] *****


***** [ Compiti ] *****


***** [ Collegamenti ] *****


***** [ Registro ] *****


***** [ Browser ] *****

-\\ Internet Explorer v6.0.2900.5512


-\\ Mozilla Firefox v4.0.1 (it)

[ File : C:\Documents and Settings\franco\Dati applicazioni\Mozilla\Firefox\Profiles\zne34dqk.default\prefs.js ]


*************************
---------------------------------------------------------------------------------------------------------------------------------------------------------

Questo sono i log di OTL

OTL logfile created on: 06/08/2014 7.23.22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\franco\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 77,05% Memory free
3,85 Gb Paging File | 3,47 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2 3070 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 39,08 Gb Total Space | 30,74 Gb Free Space | 78,66% Space Free | Partition Type: NTFS
Drive D: | 408,49 Gb Total Space | 263,38 Gb Free Space | 64,48% Space Free | Partition Type: NTFS
Drive M: | 18,19 Gb Total Space | 6,81 Gb Free Space | 37,42% Space Free | Partition Type: NTFS

Computer Name: FRANCO-0D1BACF2 | User Name: franco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\franco\desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programmi\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - c:\Programmi\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmi\AVG\AVG2014\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmi\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmi\AVG\AVG2014\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmi\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmi\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital)
PRC - C:\Programmi\Macrium\Reflect\ReflectService.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
PRC - C:\Programmi\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\system32\ssm4mlm.dll ()
MOD - C:\Programmi\Macrium\Reflect\ReflectService.exe ()
MOD - C:\WINDOWS\system32\nvshell.dll ()


========== Services (SafeList) ==========

SRV - (AVGIDSAgent) -- C:\Programmi\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Programmi\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (WDRulesService) -- C:\Programmi\Western Digital\WD SmartWare\WDRulesEngine.exe (Western Digital )
SRV - (WDBackup) -- C:\Programmi\Western Digital\WD SmartWare\WDBackupEngine.exe (Western Digital )
SRV - (WDDriveService) -- C:\Programmi\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital)
SRV - (ServiceLayer) -- C:\Programmi\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (ReflectService) -- C:\Programmi\Macrium\Reflect\ReflectService.exe ()
SRV - (Apple Mobile Device) -- C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (ose) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (DgiVecp) -- C:\WINDOWS\system32\Drivers\DgiVecp.sys File not found
DRV - (Changer) -- File not found
DRV - (Avgdiskx) -- C:\WINDOWS\system32\drivers\avgdiskx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avglogx) -- C:\WINDOWS\system32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSHX) -- C:\WINDOWS\system32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriverl) -- C:\WINDOWS\system32\drivers\avgidsdriverlx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\WINDOWS\system32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.)
DRV - (WDC_SAM) -- C:\WINDOWS\system32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (pssnap) -- C:\WINDOWS\system32\drivers\pssnap.sys (Macrium Software)
DRV - (PSMounter) -- C:\WINDOWS\system32\drivers\psmounter.sys (Macrium Software)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (bsusbser) -- C:\WINDOWS\system32\drivers\bsusbser.sys (QUALCOMM Incorporated)
DRV - (UnlockerDriver5) -- C:\Programmi\Unlocker\UnlockerDriver5.sys ()
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (Nsynas32) -- C:\WINDOWS\System32\drivers\NSynas32.sys (Syncrosoft Hard- und Software GmbH)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1715567821-562591055-682003330-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1715567821-562591055-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1715567821-562591055-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.22
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programmi\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programmi\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2014/08/05 08.12.18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins

[2014/08/05 08.12.38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\franco\Dati applicazioni\Mozilla\Extensions
[2014/08/05 08.18.08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\franco\Dati applicazioni\Mozilla\Firefox\Profiles\zne34dqk.default\extensions
[2014/08/05 08.18.08 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\franco\Dati applicazioni\Mozilla\Firefox\Profiles\zne34dqk.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014/08/05 08.12.18 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2013/05/25 08.30.12 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMMI\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/04/14 18.53.17 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programmi\mozilla firefox\components\browsercomps.dll
[2010/01/01 10.00.00 | 000,002,252 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\bing.xml
[2010/01/01 10.00.00 | 000,000,744 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\eBay-it.xml
[2010/01/01 10.00.00 | 000,000,825 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\hoepli.xml
[2010/01/01 10.00.00 | 000,001,182 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\wikipedia-it.xml
[2010/01/01 10.00.00 | 000,000,953 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\yahoo-it.xml

O1 HOSTS File: ([2014/08/04 15.58.58 | 000,452,795 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 15549 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [WinPatrol] C:\Programmi\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Programmi\File comuni\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Programmi\File comuni\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1715567821-562591055-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-1715567821-562591055-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = [binary data]
O7 - HKU\S-1-5-21-1715567821-562591055-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = [binary data]
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programmi\Bonjour\mdnsNSP.dll (Apple Inc.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\File comuni\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmi\File comuni\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/05/23 17.52.58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2014/07/31 04.20.16 | 000,000,000 | --SD | M] - D:\AUTO cd -- [ NTFS ]
O33 - MountPoints2\{6f13ef9d-dad7-11e2-9aea-d5189c1aee76}\Shell\AutoRun\command - "" = L:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 60 Days ==========

[2014/08/06 07.20.26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\franco\Desktop\OTL.exe
[2014/08/06 06.43.48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/08/06 06.32.34 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/08/06 04.59.41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\.clamwin
[2014/08/06 04.59.39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\ClamWin Antivirus
[2014/08/06 04.59.33 | 000,000,000 | ---D | C] -- C:\Programmi\ClamWin
[2014/08/06 04.59.33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\.clamwin
[2014/08/05 14.29.32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Impostazioni locali\Dati applicazioni\Opera Software
[2014/08/05 14.29.32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\Opera Software
[2014/08/05 08.24.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Documenti\Download
[2014/08/05 08.12.24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Impostazioni locali\Dati applicazioni\Mozilla
[2014/08/05 08.12.24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\Mozilla
[2014/08/05 08.12.17 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Firefox
[2014/08/05 07.09.21 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2014/08/05 07.09.21 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2014/08/05 07.04.12 | 002,192,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2014/08/05 07.04.11 | 000,734,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2014/08/05 07.04.10 | 002,148,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2014/08/05 07.04.09 | 002,027,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2014/08/05 06.52.13 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys
[2014/08/05 06.45.23 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2014/08/05 06.42.40 | 003,115,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2014/08/05 06.37.41 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2014/08/05 06.36.07 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2014/08/05 06.36.07 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
[2014/08/05 06.29.37 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2014/08/04 18.55.02 | 000,123,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbvideo.sys
[2014/08/04 18.55.02 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2014/08/04 18.55.02 | 000,046,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irbus.sys
[2014/08/04 15.46.10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Spybot - Search & Destroy
[2014/08/04 15.46.05 | 000,000,000 | ---D | C] -- C:\Programmi\Spybot - Search & Destroy
[2014/08/04 15.10.36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Menu Avvio\Programmi\Revo Uninstaller
[2014/08/04 08.25.15 | 000,144,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbport.sys
[2014/08/04 08.25.15 | 000,032,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2014/08/04 08.25.15 | 000,030,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbehci.sys
[2014/08/04 04.58.46 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2014/08/04 04.58.04 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2014/08/04 04.50.47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2014/08/04 04.33.45 | 000,275,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2014/08/04 04.33.45 | 000,018,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2014/08/03 17.24.04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\AVG2014
[2014/08/03 17.22.38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\TuneUp Software
[2014/08/03 17.22.38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\AVG
[2014/08/03 17.22.21 | 000,000,000 | -H-D | C] -- C:\$AVG
[2014/08/03 17.22.21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\AVG2014
[2014/08/03 17.22.00 | 000,000,000 | ---D | C] -- C:\Programmi\AVG
[2014/08/03 16.10.25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Common Files
[2014/08/03 16.10.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Impostazioni locali\Dati applicazioni\MFAData
[2014/08/03 16.10.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\MFAData
[2014/08/03 16.10.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Impostazioni locali\Dati applicazioni\Avg2014
[2014/08/03 15.34.38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2014/08/03 09.49.28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\PCToolsFirewallPlus
[2014/08/03 09.48.23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\TEMP
[2014/08/03 08.21.46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
[2014/08/03 08.11.54 | 000,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014/08/03 08.11.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Malwarebytes' Anti-Malware
[2014/08/03 08.11.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\Malwarebytes
[2014/08/03 08.11.51 | 000,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2014/08/03 08.11.51 | 000,000,000 | ---D | C] -- C:\Programmi\Malwarebytes' Anti-Malware
[2014/08/03 08.11.51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
[2014/08/03 06.37.16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\WinPatrol
[2014/08/03 06.37.13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\WinPatrol
[2014/08/03 06.37.13 | 000,000,000 | ---D | C] -- C:\Programmi\BillP Studios
[2014/08/03 05.36.12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Impostazioni locali\Dati applicazioni\Opera
[2014/08/03 05.36.12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\Opera
[2014/08/03 05.36.08 | 000,000,000 | ---D | C] -- C:\Programmi\Opera
[2014/08/03 05.16.37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\PCHealth
[2014/08/03 03.29.34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Impostazioni locali\Dati applicazioni\PCHealth
[2014/08/03 03.29.27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\PCHealth
[2014/08/03 03.28.42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Windows Genuine Advantage
[2014/08/02 19.39.37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Desktop\antivirus e altro
[2014/08/02 19.32.46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\InstallShield
[2014/08/02 19.32.45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\MD-@
[2014/08/02 19.31.36 | 000,073,728 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\System32\ISUSPM.cpl
[2014/08/02 19.31.36 | 000,000,000 | ---D | C] -- C:\Programmi\H3G
[2014/08/02 19.31.04 | 000,094,848 | ---- | C] (QUALCOMM Incorporated) -- C:\WINDOWS\System32\drivers\bsusbser.sys
[2014/07/27 04.11.16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Watchtower Library 2007
[2014/07/27 04.11.16 | 000,000,000 | ---D | C] -- C:\Programmi\Watchtower
[2014/07/23 06.04.58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\franco\Phone Browser
[2014/07/13 09.58.55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Nokia PC Suite
[2014/07/13 09.58.54 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\PCSuite
[2014/07/13 09.58.51 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\Nokia
[2014/07/13 09.58.43 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2014/07/13 09.58.43 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2014/07/13 09.58.42 | 000,023,168 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys
[2014/07/13 09.58.41 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2014/07/13 09.58.40 | 000,000,000 | ---D | C] -- C:\Programmi\Nokia
[2014/06/30 12.43.12 | 000,121,624 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgdiskx.sys
[2014/06/17 16.22.02 | 000,188,696 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2014/06/17 16.21.22 | 000,197,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2014/06/17 16.18.00 | 000,241,944 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avglogx.sys
[2014/06/17 16.17.58 | 000,147,736 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidshx.sys
[2014/06/17 16.17.56 | 000,190,232 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsdriverlx.sys
[2014/06/17 16.06.24 | 000,098,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2014/06/17 16.06.22 | 000,027,416 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2014/06/17 16.06.20 | 000,021,272 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsshimx.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2014/08/06 07.21.18 | 000,000,084 | ---- | M] () -- C:\WINDOWS\flowstatics.db
[2014/08/06 07.20.38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\franco\Desktop\OTL.exe
[2014/08/06 07.07.57 | 000,005,441 | ---- | M] () -- C:\WINDOWS\WirelessCard.INI
[2014/08/06 07.07.03 | 000,000,398 | ---- | M] () -- C:\WINDOWS\tasks\Opera scheduled Autoupdate 1407242985.job
[2014/08/06 07.06.56 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2014/08/06 07.06.45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/08/05 08.12.24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2014/08/05 07.17.21 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014/08/04 15.58.58 | 000,452,795 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014/08/04 15.40.41 | 000,442,502 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2014/08/04 15.40.41 | 000,397,108 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/08/04 15.40.41 | 000,070,824 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2014/08/04 15.40.41 | 000,059,608 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/08/04 15.17.03 | 000,003,434 | ---- | M] () -- C:\Documents and Settings\franco\Documenti\cc_20140804_151657.reg
[2014/08/03 16.09.12 | 000,001,152 | ---- | M] () -- C:\Documents and Settings\franco\Documenti\cc_20140803_160908.reg
[2014/08/03 15.27.07 | 000,000,000 | ---- | M] () -- C:\WINDOWS\~sik6ddbcd8401c71cfa.dbf
[2014/08/03 08.22.49 | 000,249,915 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20140804-155858.backup
[2014/08/03 08.06.17 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/06/30 12.43.12 | 000,121,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgdiskx.sys
[2014/06/17 16.22.02 | 000,188,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2014/06/17 16.21.22 | 000,197,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2014/06/17 16.18.00 | 000,241,944 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avglogx.sys
[2014/06/17 16.17.58 | 000,147,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidshx.sys
[2014/06/17 16.17.56 | 000,190,232 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsdriverlx.sys
[2014/06/17 16.06.24 | 000,098,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2014/06/17 16.06.22 | 000,027,416 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2014/06/17 16.06.20 | 000,021,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsshimx.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/08/05 14.49.52 | 000,000,398 | ---- | C] () -- C:\WINDOWS\tasks\Opera scheduled Autoupdate 1407242985.job
[2014/08/05 08.12.24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2014/08/05 08.12.19 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Mozilla Firefox.lnk
[2014/08/04 15.17.01 | 000,003,434 | ---- | C] () -- C:\Documents and Settings\franco\Documenti\cc_20140804_151657.reg
[2014/08/04 05.00.23 | 000,000,084 | ---- | C] () -- C:\WINDOWS\flowstatics.db
[2014/08/04 04.58.28 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2014/08/04 04.58.28 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2014/08/03 16.09.11 | 000,001,152 | ---- | C] () -- C:\Documents and Settings\franco\Documenti\cc_20140803_160908.reg
[2014/08/03 15.27.07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\~sik6ddbcd8401c71cfa.dbf
[2014/08/03 05.36.10 | 000,001,462 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Opera.lnk
[2014/08/02 19.33.05 | 000,005,441 | ---- | C] () -- C:\WINDOWS\WirelessCard.INI
[2014/01/23 14.27.33 | 000,408,064 | ---- | C] () -- C:\WINDOWS\System32\SaXPWIA.dll
[2014/01/23 14.27.33 | 000,237,056 | ---- | C] () -- C:\WINDOWS\System32\SaXPUIEx.dll
[2014/01/23 14.27.33 | 000,125,272 | R--- | C] () -- C:\WINDOWS\Wiainst.exe
[2014/01/23 14.27.20 | 000,205,312 | ---- | C] () -- C:\WINDOWS\System32\SBuySupplies.exe
[2014/01/23 14.27.20 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\ssm4mlm.dll
[2014/01/23 14.27.09 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\Ssusbpn.dll
[2014/01/23 14.27.08 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Ssdevm.dll
[2014/01/03 05.57.02 | 000,065,793 | ---- | C] () -- C:\WINDOWS\System32\esfw66.bin
[2014/01/03 05.47.28 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2014/01/03 05.47.28 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2014/01/03 05.47.28 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2014/01/03 05.47.28 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2014/01/03 05.47.28 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2014/01/03 05.47.28 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2014/01/03 05.47.28 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2014/01/03 05.47.28 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2014/01/03 05.47.28 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2014/01/03 05.47.28 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2014/01/03 05.47.28 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2014/01/03 05.47.28 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2014/01/03 05.47.28 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2014/01/03 05.47.28 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2014/01/03 05.47.28 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2014/01/03 05.47.28 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2014/01/03 05.47.28 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2014/01/03 05.47.28 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2014/01/03 05.47.28 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2014/01/03 05.46.50 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE V10V100V350EIPS.ini
[2013/10/25 09.02.02 | 000,237,914 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-System.dat
[2013/10/25 09.02.02 | 000,237,914 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-S-1-5-21-1715567821-562591055-682003330-1003-0.dat
[2013/10/24 06.44.31 | 000,000,452 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2013/07/19 14.42.09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\LauncherAccess.dt
[2013/07/19 14.41.18 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2013/06/10 18.38.13 | 000,000,202 | ---- | C] () -- C:\WINDOWS\OPPE.INI
[2013/05/25 17.02.25 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2013/05/25 08.47.23 | 000,000,424 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013/05/23 19.44.26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013/05/23 19.43.23 | 000,220,840 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/05/23 18.33.21 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\franco\default.pls
[2013/05/23 18.33.15 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2013/05/23 18.21.50 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2013/05/23 18.13.40 | 000,076,800 | ---- | C] () -- C:\Documents and Settings\franco\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/23 17.55.08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/05/23 17.50.27 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2013/07/05 07.53.45 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19.13.52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12.51.43 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19.13.58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/08/03 17.23.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVG2014
[2014/08/03 16.10.25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Common Files
[2014/07/13 09.58.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Installations
[2013/05/24 06.08.20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Macrium
[2014/08/06 04.33.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MFAData
[2013/07/19 17.20.35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PC Suite
[2014/01/23 14.27.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Samsung
[2014/08/04 15.13.21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TEMP
[2013/10/23 14.12.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Western Digital
[2013/05/23 18.54.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Auslogics
[2014/08/03 17.24.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\AVG2014
[2013/12/17 05.48.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/06/10 20.20.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\EPSON
[2013/07/19 06.44.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\FileMaker
[2013/12/17 08.25.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Foxit
[2013/11/22 08.12.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\GlarySoft
[2013/07/19 04.28.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\NCH Swift Sound
[2013/07/19 17.59.47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Nokia
[2013/05/25 08.31.35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\OpenOffice.org
[2014/08/03 05.36.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Opera
[2014/08/05 14.50.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Opera Software
[2014/07/05 17.21.39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\PC Suite
[2014/08/04 15.14.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\PCToolsFirewallPlus
[2014/01/25 10.57.47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Samsung
[2013/11/11 07.58.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Steinberg
[2014/08/03 17.22.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\TuneUp Software
[2014/08/02 12.06.35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Vso
[2013/06/11 17.44.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Watchtower
[2014/08/03 06.37.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\WinPatrol

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:C31F31E6

< End of report >

---

OTL Extras


OTL Extras logfile created on: 06/08/2014 7.23.22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\franco\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 77,05% Memory free
3,85 Gb Paging File | 3,47 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2 3070 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 39,08 Gb Total Space | 30,74 Gb Free Space | 78,66% Space Free | Partition Type: NTFS
Drive D: | 408,49 Gb Total Space | 263,38 Gb Free Space | 64,48% Space Free | Partition Type: NTFS
Drive M: | 18,19 Gb Total Space | 6,81 Gb Free Space | 37,42% Space Free | Partition Type: NTFS

Computer Name: FRANCO-0D1BACF2 | User Name: franco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = SlimBrowserHtml] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1715567821-562591055-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- C:\Programmi\Opera\Launcher.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programmi\Bonjour\mDNSResponder.exe" = C:\Programmi\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Programmi\iTunes\iTunes.exe" = C:\Programmi\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe" = C:\WINDOWS\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe:*:Enabled:Samsung Scanner Discovery Module V3 -- ()
"C:\Programmi\Samsung\Easy Printer Manager\IDS.Application.exe" = C:\Programmi\Samsung\Easy Printer Manager\IDS.Application.exe:*:Enabled:Easy Printer Manager -- (Samsung Electronics Co., Ltd.)
"C:\Programmi\Samsung\Easy Printer Manager\OrderSupplies.exe" = C:\Programmi\Samsung\Easy Printer Manager\OrderSupplies.exe:*:Enabled:EPM Order Supplies -- (Samsung Electronics Co., Ltd.)
"C:\Programmi\Samsung\Easy Printer Manager\IDSAlert.exe" = C:\Programmi\Samsung\Easy Printer Manager\IDSAlert.exe:*:Enabled:EPM Alert -- (Samsung Electronics Co., Ltd.)
"C:\Programmi\Samsung\Easy Printer Manager\uninstall.exe" = C:\Programmi\Samsung\Easy Printer Manager\uninstall.exe:*:Enabled:Samsung uninstaller -- (Samsung Electronics Co., Ltd.)
"C:\Programmi\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe" = C:\Programmi\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe:*:Enabled:EPM CDA Scan2PC -- (Samsung Electronics Co., Ltd.)
"C:\Programmi\Samsung\Easy Document Creator\EDC.exe" = C:\Programmi\Samsung\Easy Document Creator\EDC.exe:*:Enabled:Samsung Easy Document Creator -- ()
"C:\Programmi\Opera\opera.exe" = C:\Programmi\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Programmi\AVG\AVG2014\avgnsx.exe" = C:\Programmi\AVG\AVG2014\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Programmi\AVG\AVG2014\avgdiagex.exe" = C:\Programmi\AVG\AVG2014\avgdiagex.exe:*:Enabled:Diagnostica AVG 2014 -- (AVG Technologies CZ, s.r.o.)
"C:\Programmi\AVG\AVG2014\avgmfapx.exe" = C:\Programmi\AVG\AVG2014\avgmfapx.exe:*:Enabled:Installazione di AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Programmi\AVG\AVG2014\avgemcx.exe" = C:\Programmi\AVG\AVG2014\avgemcx.exe:*:Enabled:Scansione email personale -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{031A0E14-0413-4C97-9772-2639B782F46F}" = Common Desktop Agent
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{235BBFC6-D863-4066-A01A-3BD504C31040}" = Nero 7 Premium
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2A845A64-3F80-41D7-9F33-6146E56997E6}" = OpenOffice.org 3.3
"{2A9CD591-2DB0-415E-AD6E-E0D905CFD057}" = Macrium Reflect - Free Edition
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{373CDA0D-A5B1-4BCB-8E74-C6337DC4A259}" = Microsoft .NET Framework 2.0 Language Pack - ITA
"{395AB8C5-F3A8-4380-8718-7A11EC5829F2}" = 3G HSDPA Wireless Modem MD-@
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6937D72E-73FA-4E26-A225-CB64A4A51916}" = Watchtower Library 2007 - Italiano
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72E40002-8CEC-47C1-A099-83AC8E173BF0}" = WD Drive Utilities
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{80FD852F-5AAC-4129-B931-06AAFFA43138}" = iTunes
"{83270912-15C7-4336-822E-E8F1B1BBCA60}" = WD Security
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{90110410-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90A40410-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 - Componenti Web
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2F8F3F6-5AE8-4BE7-AE0E-9FA930C8EE90}" = AVG 2014
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C330C4F4-FD7C-4821-A210-F8058E1FB81C}" = AVG 2014
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Pacchetto driver Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Pacchetto driver Windows - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe AIR" = Adobe AIR
"ASRock IES_is1" = ASRock IES v2.0.8
"ASRock InstantBoot_is1" = ASRock InstantBoot v1.23
"ASRock OC Tuner_is1" = ASRock OC Tuner v2.2.93
"AVG" = AVG 2014
"AxCrypt" = AxCrypt (Solo disinstallazione)
"CCleaner" = CCleaner
"ClamWin Free Antivirus_is1" = ClamWin Free Antivirus 0.97.2
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Pacchetto driver Windows - Nokia Modem (02/25/2011 4.7)
"EPSON Scanner" = EPSON Scan
"FormatFactory" = FormatFactory 2.50
"Foxit Reader" = Foxit Reader
"Glary Utilities_is1" = Glary Utilities 2.7.268
"iColorFolder" = iColorFolder
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.7.0 (Standard)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 2.0 Language Pack - ITA" = Microsoft .NET Framework 2.0 - Language Pack (italiano)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 4.0.1 (x86 it)" = Mozilla Firefox 4.0.1 (x86 it)
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 11.51.1087" = Opera 11.51
"Opera 23.0.1522.60" = Opera Stable 23.0.1522.60
"PerfV10_V100 Guida utente" = PerfV10_V100 Guida utente
"Revo Uninstaller" = Revo Uninstaller 1.89
"Samsung Easy Document Creator" = Samsung Easy Document Creator
"Samsung Easy Printer Manager" = Samsung Easy Printer Manager
"Samsung M2070 Series" = Samsung M2070 Series
"Samsung Printer Live Update" = Samsung Printer Live Update
"Samsung Scan Process Machine" = Samsung Scan Process Machine
"Steinberg Cubase SX" = Steinberg Cubase SX
"Steinberg Cubase SX v2.01" = Steinberg Cubase SX v2.01
"Syncrosoft's Protection Device Driver Package" = Syncrosoft's Protection Device Driver Package
"Unlocker" = Unlocker 1.8.5
"View User Guide" = Visualizza Guida dell’utente
"VLC media player" = VideoLAN VLC media player 0.8.6h
"VSO Image Resizer_is1" = VSO Image Resizer 1.3.4
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WinPatrol" = WinPatrol 2007

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 03/08/2014 8.11.37 | Computer Name = FRANCO-0D1BACF2 | Source = MSSecurityEssentials | ID = 5000
Description =

Error - 03/08/2014 9.07.28 | Computer Name = FRANCO-0D1BACF2 | Source = MPSampleSubmission | ID = 5000
Description =

Error - 03/08/2014 9.07.29 | Computer Name = FRANCO-0D1BACF2 | Source = MSSecurityEssentials | ID = 5000
Description =

Error - 03/08/2014 9.07.29 | Computer Name = FRANCO-0D1BACF2 | Source = MSSecurityEssentials | ID = 5000
Description =

Error - 03/08/2014 9.27.30 | Computer Name = FRANCO-0D1BACF2 | Source = MPSampleSubmission | ID = 5000
Description =

Error - 03/08/2014 9.27.30 | Computer Name = FRANCO-0D1BACF2 | Source = MSSecurityEssentials | ID = 5000
Description =

Error - 03/08/2014 9.27.31 | Computer Name = FRANCO-0D1BACF2 | Source = MSSecurityEssentials | ID = 5000
Description =

Error - 03/08/2014 10.07.44 | Computer Name = FRANCO-0D1BACF2 | Source = MSSecurityEssentials | ID = 5000
Description =

Error - 03/08/2014 10.07.45 | Computer Name = FRANCO-0D1BACF2 | Source = MSSecurityEssentials | ID = 5000
Description =

Error - 05/08/2014 23.33.50 | Computer Name = FRANCO-0D1BACF2 | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore sbframe.exe, versione 7.0.103.0,
modulo che ha provocato l'errore sbframe.exe, versione 7.0.103.0, indirizzo errore
0x000e476c.

[ System Events ]
Error - 06/08/2014 0.21.33 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7000
Description = Il servizio WD Rules non è stato avviato per il seguente errore: %%1053

Error - 06/08/2014 0.21.33 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7001
Description = Il servizio WD Backup dipende dal servizio WD Rules che non è stato
avviato per il seguente errore: %%1053

Error - 06/08/2014 0.38.58 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7000
Description = Il servizio DgiVecp non è stato avviato per il seguente errore: %%2

Error - 06/08/2014 0.38.58 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 millisecondi) durante l'attesa della connessione del
servizio WD Rules.

Error - 06/08/2014 0.38.58 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7000
Description = Il servizio WD Rules non è stato avviato per il seguente errore: %%1053

Error - 06/08/2014 0.38.58 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7001
Description = Il servizio WD Backup dipende dal servizio WD Rules che non è stato
avviato per il seguente errore: %%1053

Error - 06/08/2014 1.06.58 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7000
Description = Il servizio DgiVecp non è stato avviato per il seguente errore: %%2

Error - 06/08/2014 1.06.58 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 millisecondi) durante l'attesa della connessione del
servizio WD Rules.

Error - 06/08/2014 1.06.58 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7000
Description = Il servizio WD Rules non è stato avviato per il seguente errore: %%1053

Error - 06/08/2014 1.06.58 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7001
Description = Il servizio WD Backup dipende dal servizio WD Rules che non è stato
avviato per il seguente errore: %%1053


< End of report >

---

Questi sono i Log passati sul sito WIKI SEND-che mi sembra di aver capito di passarli.

OTL logfile created on: 06/08/2014 7.23.22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\franco\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 77,05% Memory free
3,85 Gb Paging File | 3,47 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2 3070 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 39,08 Gb Total Space | 30,74 Gb Free Space | 78,66% Space Free | Partition Type: NTFS
Drive D: | 408,49 Gb Total Space | 263,38 Gb Free Space | 64,48% Space Free | Partition Type: NTFS
Drive M: | 18,19 Gb Total Space | 6,81 Gb Free Space | 37,42% Space Free | Partition Type: NTFS

Computer Name: FRANCO-0D1BACF2 | User Name: franco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\franco\desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programmi\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - c:\Programmi\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmi\AVG\AVG2014\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmi\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmi\AVG\AVG2014\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmi\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programmi\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital)
PRC - C:\Programmi\Macrium\Reflect\ReflectService.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
PRC - C:\Programmi\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\system32\ssm4mlm.dll ()
MOD - C:\Programmi\Macrium\Reflect\ReflectService.exe ()
MOD - C:\WINDOWS\system32\nvshell.dll ()


========== Services (SafeList) ==========

SRV - (AVGIDSAgent) -- C:\Programmi\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Programmi\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (WDRulesService) -- C:\Programmi\Western Digital\WD SmartWare\WDRulesEngine.exe (Western Digital )
SRV - (WDBackup) -- C:\Programmi\Western Digital\WD SmartWare\WDBackupEngine.exe (Western Digital )
SRV - (WDDriveService) -- C:\Programmi\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital)
SRV - (ServiceLayer) -- C:\Programmi\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (ReflectService) -- C:\Programmi\Macrium\Reflect\ReflectService.exe ()
SRV - (Apple Mobile Device) -- C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (ose) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (DgiVecp) -- C:\WINDOWS\system32\Drivers\DgiVecp.sys File not found
DRV - (Changer) -- File not found
DRV - (Avgdiskx) -- C:\WINDOWS\system32\drivers\avgdiskx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avglogx) -- C:\WINDOWS\system32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSHX) -- C:\WINDOWS\system32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSDriverl) -- C:\WINDOWS\system32\drivers\avgidsdriverlx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\WINDOWS\system32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.)
DRV - (WDC_SAM) -- C:\WINDOWS\system32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (pssnap) -- C:\WINDOWS\system32\drivers\pssnap.sys (Macrium Software)
DRV - (PSMounter) -- C:\WINDOWS\system32\drivers\psmounter.sys (Macrium Software)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (bsusbser) -- C:\WINDOWS\system32\drivers\bsusbser.sys (QUALCOMM Incorporated)
DRV - (UnlockerDriver5) -- C:\Programmi\Unlocker\UnlockerDriver5.sys ()
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (Nsynas32) -- C:\WINDOWS\System32\drivers\NSynas32.sys (Syncrosoft Hard- und Software GmbH)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1715567821-562591055-682003330-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1715567821-562591055-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1715567821-562591055-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.22
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programmi\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programmi\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2014/08/05 08.12.18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins

[2014/08/05 08.12.38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\franco\Dati applicazioni\Mozilla\Extensions
[2014/08/05 08.18.08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\franco\Dati applicazioni\Mozilla\Firefox\Profiles\zne34dqk.default\extensions
[2014/08/05 08.18.08 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\franco\Dati applicazioni\Mozilla\Firefox\Profiles\zne34dqk.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014/08/05 08.12.18 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2013/05/25 08.30.12 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMMI\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/04/14 18.53.17 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programmi\mozilla firefox\components\browsercomps.dll
[2010/01/01 10.00.00 | 000,002,252 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\bing.xml
[2010/01/01 10.00.00 | 000,000,744 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\eBay-it.xml
[2010/01/01 10.00.00 | 000,000,825 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\hoepli.xml
[2010/01/01 10.00.00 | 000,001,182 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\wikipedia-it.xml
[2010/01/01 10.00.00 | 000,000,953 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\yahoo-it.xml

O1 HOSTS File: ([2014/08/04 15.58.58 | 000,452,795 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 15549 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [WinPatrol] C:\Programmi\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Programmi\File comuni\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Programmi\File comuni\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1715567821-562591055-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-1715567821-562591055-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = [binary data]
O7 - HKU\S-1-5-21-1715567821-562591055-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = [binary data]
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programmi\Bonjour\mdnsNSP.dll (Apple Inc.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\File comuni\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmi\File comuni\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/05/23 17.52.58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2014/07/31 04.20.16 | 000,000,000 | --SD | M] - D:\AUTO cd -- [ NTFS ]
O33 - MountPoints2\{6f13ef9d-dad7-11e2-9aea-d5189c1aee76}\Shell\AutoRun\command - "" = L:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 60 Days ==========

[2014/08/06 07.20.26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\franco\Desktop\OTL.exe
[2014/08/06 06.43.48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/08/06 06.32.34 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/08/06 04.59.41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\.clamwin
[2014/08/06 04.59.39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\ClamWin Antivirus
[2014/08/06 04.59.33 | 000,000,000 | ---D | C] -- C:\Programmi\ClamWin
[2014/08/06 04.59.33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\.clamwin
[2014/08/05 14.29.32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Impostazioni locali\Dati applicazioni\Opera Software
[2014/08/05 14.29.32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\Opera Software
[2014/08/05 08.24.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Documenti\Download
[2014/08/05 08.12.24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Impostazioni locali\Dati applicazioni\Mozilla
[2014/08/05 08.12.24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\Mozilla
[2014/08/05 08.12.17 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Firefox
[2014/08/05 07.09.21 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2014/08/05 07.09.21 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2014/08/05 07.04.12 | 002,192,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2014/08/05 07.04.11 | 000,734,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2014/08/05 07.04.10 | 002,148,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2014/08/05 07.04.09 | 002,027,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2014/08/05 06.52.13 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys
[2014/08/05 06.45.23 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2014/08/05 06.42.40 | 003,115,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2014/08/05 06.37.41 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2014/08/05 06.36.07 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2014/08/05 06.36.07 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
[2014/08/05 06.29.37 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2014/08/04 18.55.02 | 000,123,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbvideo.sys
[2014/08/04 18.55.02 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2014/08/04 18.55.02 | 000,046,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irbus.sys
[2014/08/04 15.46.10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Spybot - Search & Destroy
[2014/08/04 15.46.05 | 000,000,000 | ---D | C] -- C:\Programmi\Spybot - Search & Destroy
[2014/08/04 15.10.36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Menu Avvio\Programmi\Revo Uninstaller
[2014/08/04 08.25.15 | 000,144,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbport.sys
[2014/08/04 08.25.15 | 000,032,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2014/08/04 08.25.15 | 000,030,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbehci.sys
[2014/08/04 04.58.46 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2014/08/04 04.58.04 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2014/08/04 04.50.47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2014/08/04 04.33.45 | 000,275,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2014/08/04 04.33.45 | 000,018,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2014/08/03 17.24.04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\AVG2014
[2014/08/03 17.22.38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\TuneUp Software
[2014/08/03 17.22.38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\AVG
[2014/08/03 17.22.21 | 000,000,000 | -H-D | C] -- C:\$AVG
[2014/08/03 17.22.21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\AVG2014
[2014/08/03 17.22.00 | 000,000,000 | ---D | C] -- C:\Programmi\AVG
[2014/08/03 16.10.25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Common Files
[2014/08/03 16.10.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Impostazioni locali\Dati applicazioni\MFAData
[2014/08/03 16.10.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\MFAData
[2014/08/03 16.10.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Impostazioni locali\Dati applicazioni\Avg2014
[2014/08/03 15.34.38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2014/08/03 09.49.28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\PCToolsFirewallPlus
[2014/08/03 09.48.23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\TEMP
[2014/08/03 08.21.46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
[2014/08/03 08.11.54 | 000,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014/08/03 08.11.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Malwarebytes' Anti-Malware
[2014/08/03 08.11.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\Malwarebytes
[2014/08/03 08.11.51 | 000,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2014/08/03 08.11.51 | 000,000,000 | ---D | C] -- C:\Programmi\Malwarebytes' Anti-Malware
[2014/08/03 08.11.51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
[2014/08/03 06.37.16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\WinPatrol
[2014/08/03 06.37.13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\WinPatrol
[2014/08/03 06.37.13 | 000,000,000 | ---D | C] -- C:\Programmi\BillP Studios
[2014/08/03 05.36.12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Impostazioni locali\Dati applicazioni\Opera
[2014/08/03 05.36.12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Dati applicazioni\Opera
[2014/08/03 05.36.08 | 000,000,000 | ---D | C] -- C:\Programmi\Opera
[2014/08/03 05.16.37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni\PCHealth
[2014/08/03 03.29.34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Impostazioni locali\Dati applicazioni\PCHealth
[2014/08/03 03.29.27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\PCHealth
[2014/08/03 03.28.42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Windows Genuine Advantage
[2014/08/02 19.39.37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\franco\Desktop\antivirus e altro
[2014/08/02 19.32.46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\InstallShield
[2014/08/02 19.32.45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\MD-@
[2014/08/02 19.31.36 | 000,073,728 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\System32\ISUSPM.cpl
[2014/08/02 19.31.36 | 000,000,000 | ---D | C] -- C:\Programmi\H3G
[2014/08/02 19.31.04 | 000,094,848 | ---- | C] (QUALCOMM Incorporated) -- C:\WINDOWS\System32\drivers\bsusbser.sys
[2014/07/27 04.11.16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Watchtower Library 2007
[2014/07/27 04.11.16 | 000,000,000 | ---D | C] -- C:\Programmi\Watchtower
[2014/07/23 06.04.58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\franco\Phone Browser
[2014/07/13 09.58.55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Nokia PC Suite
[2014/07/13 09.58.54 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\PCSuite
[2014/07/13 09.58.51 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\Nokia
[2014/07/13 09.58.43 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2014/07/13 09.58.43 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2014/07/13 09.58.42 | 000,023,168 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys
[2014/07/13 09.58.41 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2014/07/13 09.58.40 | 000,000,000 | ---D | C] -- C:\Programmi\Nokia
[2014/06/30 12.43.12 | 000,121,624 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgdiskx.sys
[2014/06/17 16.22.02 | 000,188,696 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2014/06/17 16.21.22 | 000,197,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2014/06/17 16.18.00 | 000,241,944 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avglogx.sys
[2014/06/17 16.17.58 | 000,147,736 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidshx.sys
[2014/06/17 16.17.56 | 000,190,232 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsdriverlx.sys
[2014/06/17 16.06.24 | 000,098,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2014/06/17 16.06.22 | 000,027,416 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2014/06/17 16.06.20 | 000,021,272 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsshimx.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2014/08/06 07.21.18 | 000,000,084 | ---- | M] () -- C:\WINDOWS\flowstatics.db
[2014/08/06 07.20.38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\franco\Desktop\OTL.exe
[2014/08/06 07.07.57 | 000,005,441 | ---- | M] () -- C:\WINDOWS\WirelessCard.INI
[2014/08/06 07.07.03 | 000,000,398 | ---- | M] () -- C:\WINDOWS\tasks\Opera scheduled Autoupdate 1407242985.job
[2014/08/06 07.06.56 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2014/08/06 07.06.45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/08/05 08.12.24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2014/08/05 07.17.21 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014/08/04 15.58.58 | 000,452,795 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014/08/04 15.40.41 | 000,442,502 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2014/08/04 15.40.41 | 000,397,108 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/08/04 15.40.41 | 000,070,824 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2014/08/04 15.40.41 | 000,059,608 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/08/04 15.17.03 | 000,003,434 | ---- | M] () -- C:\Documents and Settings\franco\Documenti\cc_20140804_151657.reg
[2014/08/03 16.09.12 | 000,001,152 | ---- | M] () -- C:\Documents and Settings\franco\Documenti\cc_20140803_160908.reg
[2014/08/03 15.27.07 | 000,000,000 | ---- | M] () -- C:\WINDOWS\~sik6ddbcd8401c71cfa.dbf
[2014/08/03 08.22.49 | 000,249,915 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20140804-155858.backup
[2014/08/03 08.06.17 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/06/30 12.43.12 | 000,121,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgdiskx.sys
[2014/06/17 16.22.02 | 000,188,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2014/06/17 16.21.22 | 000,197,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2014/06/17 16.18.00 | 000,241,944 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avglogx.sys
[2014/06/17 16.17.58 | 000,147,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidshx.sys
[2014/06/17 16.17.56 | 000,190,232 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsdriverlx.sys
[2014/06/17 16.06.24 | 000,098,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2014/06/17 16.06.22 | 000,027,416 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2014/06/17 16.06.20 | 000,021,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsshimx.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/08/05 14.49.52 | 000,000,398 | ---- | C] () -- C:\WINDOWS\tasks\Opera scheduled Autoupdate 1407242985.job
[2014/08/05 08.12.24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2014/08/05 08.12.19 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Mozilla Firefox.lnk
[2014/08/04 15.17.01 | 000,003,434 | ---- | C] () -- C:\Documents and Settings\franco\Documenti\cc_20140804_151657.reg
[2014/08/04 05.00.23 | 000,000,084 | ---- | C] () -- C:\WINDOWS\flowstatics.db
[2014/08/04 04.58.28 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2014/08/04 04.58.28 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2014/08/03 16.09.11 | 000,001,152 | ---- | C] () -- C:\Documents and Settings\franco\Documenti\cc_20140803_160908.reg
[2014/08/03 15.27.07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\~sik6ddbcd8401c71cfa.dbf
[2014/08/03 05.36.10 | 000,001,462 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Opera.lnk
[2014/08/02 19.33.05 | 000,005,441 | ---- | C] () -- C:\WINDOWS\WirelessCard.INI
[2014/01/23 14.27.33 | 000,408,064 | ---- | C] () -- C:\WINDOWS\System32\SaXPWIA.dll
[2014/01/23 14.27.33 | 000,237,056 | ---- | C] () -- C:\WINDOWS\System32\SaXPUIEx.dll
[2014/01/23 14.27.33 | 000,125,272 | R--- | C] () -- C:\WINDOWS\Wiainst.exe
[2014/01/23 14.27.20 | 000,205,312 | ---- | C] () -- C:\WINDOWS\System32\SBuySupplies.exe
[2014/01/23 14.27.20 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\ssm4mlm.dll
[2014/01/23 14.27.09 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\Ssusbpn.dll
[2014/01/23 14.27.08 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Ssdevm.dll
[2014/01/03 05.57.02 | 000,065,793 | ---- | C] () -- C:\WINDOWS\System32\esfw66.bin
[2014/01/03 05.47.28 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2014/01/03 05.47.28 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2014/01/03 05.47.28 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2014/01/03 05.47.28 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2014/01/03 05.47.28 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2014/01/03 05.47.28 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2014/01/03 05.47.28 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2014/01/03 05.47.28 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2014/01/03 05.47.28 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2014/01/03 05.47.28 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2014/01/03 05.47.28 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2014/01/03 05.47.28 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2014/01/03 05.47.28 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2014/01/03 05.47.28 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2014/01/03 05.47.28 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2014/01/03 05.47.28 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2014/01/03 05.47.28 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2014/01/03 05.47.28 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2014/01/03 05.47.28 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2014/01/03 05.46.50 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE V10V100V350EIPS.ini
[2013/10/25 09.02.02 | 000,237,914 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-System.dat
[2013/10/25 09.02.02 | 000,237,914 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-S-1-5-21-1715567821-562591055-682003330-1003-0.dat
[2013/10/24 06.44.31 | 000,000,452 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2013/07/19 14.42.09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\LauncherAccess.dt
[2013/07/19 14.41.18 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2013/06/10 18.38.13 | 000,000,202 | ---- | C] () -- C:\WINDOWS\OPPE.INI
[2013/05/25 17.02.25 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2013/05/25 08.47.23 | 000,000,424 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013/05/23 19.44.26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013/05/23 19.43.23 | 000,220,840 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/05/23 18.33.21 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\franco\default.pls
[2013/05/23 18.33.15 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2013/05/23 18.21.50 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2013/05/23 18.13.40 | 000,076,800 | ---- | C] () -- C:\Documents and Settings\franco\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/23 17.55.08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/05/23 17.50.27 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2013/07/05 07.53.45 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19.13.52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12.51.43 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19.13.58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/08/03 17.23.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVG2014
[2014/08/03 16.10.25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Common Files
[2014/07/13 09.58.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Installations
[2013/05/24 06.08.20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Macrium
[2014/08/06 04.33.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MFAData
[2013/07/19 17.20.35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PC Suite
[2014/01/23 14.27.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Samsung
[2014/08/04 15.13.21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TEMP
[2013/10/23 14.12.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Western Digital
[2013/05/23 18.54.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Auslogics
[2014/08/03 17.24.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\AVG2014
[2013/12/17 05.48.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/06/10 20.20.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\EPSON
[2013/07/19 06.44.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\FileMaker
[2013/12/17 08.25.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Foxit
[2013/11/22 08.12.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\GlarySoft
[2013/07/19 04.28.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\NCH Swift Sound
[2013/07/19 17.59.47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Nokia
[2013/05/25 08.31.35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\OpenOffice.org
[2014/08/03 05.36.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Opera
[2014/08/05 14.50.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Opera Software
[2014/07/05 17.21.39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\PC Suite
[2014/08/04 15.14.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\PCToolsFirewallPlus
[2014/01/25 10.57.47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Samsung
[2013/11/11 07.58.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Steinberg
[2014/08/03 17.22.38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\TuneUp Software
[2014/08/02 12.06.35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Vso
[2013/06/11 17.44.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\Watchtower
[2014/08/03 06.37.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\franco\Dati applicazioni\WinPatrol

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:C31F31E6

< End of report >

---

EXTRAS


OTL Extras logfile created on: 06/08/2014 7.23.22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\franco\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 77,05% Memory free
3,85 Gb Paging File | 3,47 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2 3070 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 39,08 Gb Total Space | 30,74 Gb Free Space | 78,66% Space Free | Partition Type: NTFS
Drive D: | 408,49 Gb Total Space | 263,38 Gb Free Space | 64,48% Space Free | Partition Type: NTFS
Drive M: | 18,19 Gb Total Space | 6,81 Gb Free Space | 37,42% Space Free | Partition Type: NTFS

Computer Name: FRANCO-0D1BACF2 | User Name: franco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = SlimBrowserHtml] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1715567821-562591055-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- C:\Programmi\Opera\Launcher.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programmi\Bonjour\mDNSResponder.exe" = C:\Programmi\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Programmi\iTunes\iTunes.exe" = C:\Programmi\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe" = C:\WINDOWS\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe:*:Enabled:Samsung Scanner Discovery Module V3 -- ()
"C:\Programmi\Samsung\Easy Printer Manager\IDS.Application.exe" = C:\Programmi\Samsung\Easy Printer Manager\IDS.Application.exe:*:Enabled:Easy Printer Manager -- (Samsung Electronics Co., Ltd.)
"C:\Programmi\Samsung\Easy Printer Manager\OrderSupplies.exe" = C:\Programmi\Samsung\Easy Printer Manager\OrderSupplies.exe:*:Enabled:EPM Order Supplies -- (Samsung Electronics Co., Ltd.)
"C:\Programmi\Samsung\Easy Printer Manager\IDSAlert.exe" = C:\Programmi\Samsung\Easy Printer Manager\IDSAlert.exe:*:Enabled:EPM Alert -- (Samsung Electronics Co., Ltd.)
"C:\Programmi\Samsung\Easy Printer Manager\uninstall.exe" = C:\Programmi\Samsung\Easy Printer Manager\uninstall.exe:*:Enabled:Samsung uninstaller -- (Samsung Electronics Co., Ltd.)
"C:\Programmi\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe" = C:\Programmi\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe:*:Enabled:EPM CDA Scan2PC -- (Samsung Electronics Co., Ltd.)
"C:\Programmi\Samsung\Easy Document Creator\EDC.exe" = C:\Programmi\Samsung\Easy Document Creator\EDC.exe:*:Enabled:Samsung Easy Document Creator -- ()
"C:\Programmi\Opera\opera.exe" = C:\Programmi\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Programmi\AVG\AVG2014\avgnsx.exe" = C:\Programmi\AVG\AVG2014\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Programmi\AVG\AVG2014\avgdiagex.exe" = C:\Programmi\AVG\AVG2014\avgdiagex.exe:*:Enabled:Diagnostica AVG 2014 -- (AVG Technologies CZ, s.r.o.)
"C:\Programmi\AVG\AVG2014\avgmfapx.exe" = C:\Programmi\AVG\AVG2014\avgmfapx.exe:*:Enabled:Installazione di AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Programmi\AVG\AVG2014\avgemcx.exe" = C:\Programmi\AVG\AVG2014\avgemcx.exe:*:Enabled:Scansione email personale -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{031A0E14-0413-4C97-9772-2639B782F46F}" = Common Desktop Agent
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{235BBFC6-D863-4066-A01A-3BD504C31040}" = Nero 7 Premium
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2A845A64-3F80-41D7-9F33-6146E56997E6}" = OpenOffice.org 3.3
"{2A9CD591-2DB0-415E-AD6E-E0D905CFD057}" = Macrium Reflect - Free Edition
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{373CDA0D-A5B1-4BCB-8E74-C6337DC4A259}" = Microsoft .NET Framework 2.0 Language Pack - ITA
"{395AB8C5-F3A8-4380-8718-7A11EC5829F2}" = 3G HSDPA Wireless Modem MD-@
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6937D72E-73FA-4E26-A225-CB64A4A51916}" = Watchtower Library 2007 - Italiano
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72E40002-8CEC-47C1-A099-83AC8E173BF0}" = WD Drive Utilities
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{80FD852F-5AAC-4129-B931-06AAFFA43138}" = iTunes
"{83270912-15C7-4336-822E-E8F1B1BBCA60}" = WD Security
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{90110410-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90A40410-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 - Componenti Web
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2F8F3F6-5AE8-4BE7-AE0E-9FA930C8EE90}" = AVG 2014
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C330C4F4-FD7C-4821-A210-F8058E1FB81C}" = AVG 2014
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Pacchetto driver Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Pacchetto driver Windows - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe AIR" = Adobe AIR
"ASRock IES_is1" = ASRock IES v2.0.8
"ASRock InstantBoot_is1" = ASRock InstantBoot v1.23
"ASRock OC Tuner_is1" = ASRock OC Tuner v2.2.93
"AVG" = AVG 2014
"AxCrypt" = AxCrypt (Solo disinstallazione)
"CCleaner" = CCleaner
"ClamWin Free Antivirus_is1" = ClamWin Free Antivirus 0.97.2
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Pacchetto driver Windows - Nokia Modem (02/25/2011 4.7)
"EPSON Scanner" = EPSON Scan
"FormatFactory" = FormatFactory 2.50
"Foxit Reader" = Foxit Reader
"Glary Utilities_is1" = Glary Utilities 2.7.268
"iColorFolder" = iColorFolder
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.7.0 (Standard)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 2.0 Language Pack - ITA" = Microsoft .NET Framework 2.0 - Language Pack (italiano)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 4.0.1 (x86 it)" = Mozilla Firefox 4.0.1 (x86 it)
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 11.51.1087" = Opera 11.51
"Opera 23.0.1522.60" = Opera Stable 23.0.1522.60
"PerfV10_V100 Guida utente" = PerfV10_V100 Guida utente
"Revo Uninstaller" = Revo Uninstaller 1.89
"Samsung Easy Document Creator" = Samsung Easy Document Creator
"Samsung Easy Printer Manager" = Samsung Easy Printer Manager
"Samsung M2070 Series" = Samsung M2070 Series
"Samsung Printer Live Update" = Samsung Printer Live Update
"Samsung Scan Process Machine" = Samsung Scan Process Machine
"Steinberg Cubase SX" = Steinberg Cubase SX
"Steinberg Cubase SX v2.01" = Steinberg Cubase SX v2.01
"Syncrosoft's Protection Device Driver Package" = Syncrosoft's Protection Device Driver Package
"Unlocker" = Unlocker 1.8.5
"View User Guide" = Visualizza Guida dell’utente
"VLC media player" = VideoLAN VLC media player 0.8.6h
"VSO Image Resizer_is1" = VSO Image Resizer 1.3.4
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WinPatrol" = WinPatrol 2007

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 03/08/2014 8.11.37 | Computer Name = FRANCO-0D1BACF2 | Source = MSSecurityEssentials | ID = 5000
Description =

Error - 03/08/2014 9.07.28 | Computer Name = FRANCO-0D1BACF2 | Source = MPSampleSubmission | ID = 5000
Description =

Error - 03/08/2014 9.07.29 | Computer Name = FRANCO-0D1BACF2 | Source = MSSecurityEssentials | ID = 5000
Description =

Error - 03/08/2014 9.07.29 | Computer Name = FRANCO-0D1BACF2 | Source = MSSecurityEssentials | ID = 5000
Description =

Error - 03/08/2014 9.27.30 | Computer Name = FRANCO-0D1BACF2 | Source = MPSampleSubmission | ID = 5000
Description =

Error - 03/08/2014 9.27.30 | Computer Name = FRANCO-0D1BACF2 | Source = MSSecurityEssentials | ID = 5000
Description =

Error - 03/08/2014 9.27.31 | Computer Name = FRANCO-0D1BACF2 | Source = MSSecurityEssentials | ID = 5000
Description =

Error - 03/08/2014 10.07.44 | Computer Name = FRANCO-0D1BACF2 | Source = MSSecurityEssentials | ID = 5000
Description =

Error - 03/08/2014 10.07.45 | Computer Name = FRANCO-0D1BACF2 | Source = MSSecurityEssentials | ID = 5000
Description =

Error - 05/08/2014 23.33.50 | Computer Name = FRANCO-0D1BACF2 | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore sbframe.exe, versione 7.0.103.0,
modulo che ha provocato l'errore sbframe.exe, versione 7.0.103.0, indirizzo errore
0x000e476c.

[ System Events ]
Error - 06/08/2014 0.21.33 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7000
Description = Il servizio WD Rules non è stato avviato per il seguente errore: %%1053

Error - 06/08/2014 0.21.33 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7001
Description = Il servizio WD Backup dipende dal servizio WD Rules che non è stato
avviato per il seguente errore: %%1053

Error - 06/08/2014 0.38.58 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7000
Description = Il servizio DgiVecp non è stato avviato per il seguente errore: %%2

Error - 06/08/2014 0.38.58 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 millisecondi) durante l'attesa della connessione del
servizio WD Rules.

Error - 06/08/2014 0.38.58 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7000
Description = Il servizio WD Rules non è stato avviato per il seguente errore: %%1053

Error - 06/08/2014 0.38.58 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7001
Description = Il servizio WD Backup dipende dal servizio WD Rules che non è stato
avviato per il seguente errore: %%1053

Error - 06/08/2014 1.06.58 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7000
Description = Il servizio DgiVecp non è stato avviato per il seguente errore: %%2

Error - 06/08/2014 1.06.58 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 millisecondi) durante l'attesa della connessione del
servizio WD Rules.

Error - 06/08/2014 1.06.58 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7000
Description = Il servizio WD Rules non è stato avviato per il seguente errore: %%1053

Error - 06/08/2014 1.06.58 | Computer Name = FRANCO-0D1BACF2 | Source = Service Control Manager | ID = 7001
Description = Il servizio WD Backup dipende dal servizio WD Rules che non è stato
avviato per il seguente errore: %%1053


< End of report >

---

Spero di aver fatto tutto bene....se si ....posso anche essere assunto come tecnico assistente dell'Apollo 13!

Ciao! Adwcleaner e junkware, non hanno rilevato nulla. Per il log di OTL dovrai attendere il nostro R16. MI pare ci sia qualcosina a livello di internet explorer(che tu non usi)

---

Ciao Mitico.
Se ti riferisci a questa:

è legittima.
Anche il resto del log è pulito.
Ciao!