Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » R16 log otl

R16 log otl Opzioni
Topic Precedente · Topic Sucessivo
carducci
Inviato: Wednesday, September 04, 2013 8:45:36 PM
Rank: AiutAmico

Iscritto dal : 12/29/2005
Posts: 479


OTL logfile created on: 04/09/2013 20.04.35 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Documents and Settings\Franco\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,08 Gb Available Physical Memory | 53,95% Memory free
3,35 Gb Paging File | 2,48 Gb Available in Paging File | 73,85% Paging File free
Paging file location(s): f:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Programmi
Drive C: | 152,66 Gb Total Space | 126,47 Gb Free Space | 82,84% Space Free | Partition Type: NTFS
Drive F: | 74,52 Gb Total Space | 41,71 Gb Free Space | 55,98% Space Free | Partition Type: NTFS
Drive H: | 931,51 Gb Total Space | 589,17 Gb Free Space | 63,25% Space Free | Partition Type: NTFS

Computer Name: FRANCO-9A863AFC | User Name: Franco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - F:\Documents and Settings\Franco\desktop\OTL.exe (OldTimer Tools)
PRC - F:\Programmi\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - F:\Programmi\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - F:\Programmi\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - F:\Programmi\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - F:\Programmi\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - F:\Programmi\Howard\Howard.exe (CompSoft)
PRC - F:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - F:\Documents and Settings\All Users\Dati applicazioni\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - F:\Programmi\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - F:\Programmi\File comuni\Java\Java Update\jusched.exe (Oracle Corporation)
PRC - F:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
PRC - F:\Programmi\PC Tools Firewall Plus\FWService.exe (PC Tools)
PRC - F:\WINDOWS\vVX1000.exe (Microsoft Corporation)
PRC - F:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - F:\Programmi\File comuni\Acronis\Fomatik\TrueImageTryStartService.exe ()
PRC - F:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - F:\Programmi\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - F:\Programmi\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - F:\Programmi\Mozilla Firefox\mozjs.dll ()
MOD - F:\Programmi\Howard\LogitechLcd.dll ()
MOD - F:\Programmi\NVIDIA Corporation\nView\nvShell.dll ()
MOD - F:\Programmi\ffdshow\ffdshow.ax ()
MOD - F:\WINDOWS\system32\LcProxy.ax ()
MOD - F:\WINDOWS\system32\btwicons.dll ()
MOD - F:\WINDOWS\system32\msdmo.dll ()
MOD - F:\Programmi\File comuni\Acronis\Fomatik\TrueImageTryStartService.exe ()
MOD - F:\WINDOWS\system32\ac3filter.acm ()
MOD - F:\WINDOWS\system32\CNQL3203.DLL ()


========== Services (SafeList) ==========

SRV - (AntiVirSchedulerService) -- F:\Programmi\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- F:\Programmi\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- F:\Programmi\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeFlashPlayerUpdateSvc) -- F:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- F:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Skype C2C Service) -- F:\Documents and Settings\All Users\Dati applicazioni\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (JavaQuickStarterService) -- F:\Programmi\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (SkypeUpdate) -- F:\Programmi\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MsMpSvc) -- F:\Programmi\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- F:\Programmi\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (nvUpdatusService) -- F:\Programmi\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (PCToolsFirewallPlus) -- F:\Programmi\PC Tools Firewall Plus\FWService.exe (PC Tools)
SRV - (odserv) -- F:\Programmi\File comuni\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (TryAndDecideService) -- F:\Programmi\File comuni\Acronis\Fomatik\TrueImageTryStartService.exe ()
SRV - (AcrSch2Svc) -- F:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (MSCamSvc) -- F:\Programmi\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
SRV - (ose) -- F:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (IDriverT) -- F:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (Scutum50) -- System32\Drivers\Scutum50.sys File not found
DRV - (rt2870) -- system32\DRIVERS\rt2870.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (dwshd) -- F:\WINDOWS\System32\drivers\dwshd.sys File not found
DRV - (654B0816) -- f:\documents and settings\franco\impostazioni locali\temp\654B0816.sys File not found
DRV - (avipbb) -- F:\WINDOWS\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- F:\WINDOWS\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- F:\WINDOWS\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- F:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (UsbserFilt) -- F:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- F:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- F:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- F:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (timounter) -- F:\WINDOWS\system32\drivers\timntr.sys (Acronis)
DRV - (tifsfilter) -- F:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis)
DRV - (snapman) -- F:\WINDOWS\system32\drivers\snapman.sys (Acronis)
DRV - (tdrpman) -- F:\WINDOWS\system32\drivers\tdrpman.sys (Acronis)
DRV - (pccsmcfd) -- F:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (PCTAppEvent) -- F:\WINDOWS\system32\drivers\PCTAppEvent.sys (PC Tools)
DRV - (pctgntdi) -- F:\WINDOWS\system32\drivers\pctgntdi.sys (PC Tools)
DRV - (pctplfw) -- F:\WINDOWS\system32\drivers\pctplfw.sys (PC Tools)
DRV - (PCTFW-PacketFilter) -- F:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys (PC Tools)
DRV - (npf) -- F:\WINDOWS\system32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (pctNdisMP) -- F:\WINDOWS\system32\drivers\pctNdis.sys (PC Tools)
DRV - (pctNdis) -- F:\WINDOWS\system32\drivers\pctNdis.sys (PC Tools)
DRV - (UnlockerDriver5) -- F:\Programmi\Unlocker\UnlockerDriver5.sys ()
DRV - (VX1000) -- F:\WINDOWS\system32\drivers\VX1000.sys (Microsoft Corporation)
DRV - (FsUsbExDisk) -- F:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (pfc) -- F:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (ANVOSDNT) -- F:\WINDOWS\system32\drivers\anvosdnt.sys (ASUS)
DRV - (BTKRNL) -- F:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btaudio) -- F:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (gameenum) -- F:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (Changer) -- F:\WINDOWS\System32\drivers\changer.sys (Microsoft Corporation)
DRV - (lbrtfdc) -- F:\WINDOWS\System32\drivers\lbrtfdc.sys (Toshiba Corp.)
DRV - (BTWUSB) -- F:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (btwhid) -- F:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (BTDriver) -- F:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (btwmodem) -- F:\WINDOWS\system32\drivers\btwmodem.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- F:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (SCDEmu) -- F:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (Afc) -- F:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (SISNICXP) -- F:\WINDOWS\system32\drivers\sisnicxp.sys (SiS Corporation)
DRV - (Tosrfusb) -- F:\WINDOWS\system32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (Tosrfbd) -- F:\WINDOWS\system32\drivers\TosRfbd.sys (TOSHIBA CORPORATION)
DRV - (Tosrfhid) -- F:\WINDOWS\system32\drivers\TosRfhid.sys (TOSHIBA Corporation.)
DRV - (TosRfSnd) -- F:\WINDOWS\system32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (tosporte) -- F:\WINDOWS\system32\drivers\Tosporte.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- F:\WINDOWS\system32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (Tosrfcom) -- F:\WINDOWS\system32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (SISNIC) -- F:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation)
DRV - (Tosrfbnp) -- F:\WINDOWS\system32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (sisagp) -- F:\WINDOWS\system32\drivers\SISAGPX.SYS (Silicon Integrated Systems Corporation)
DRV - (toshidpt) -- F:\WINDOWS\system32\drivers\Toshidpt.sys (TOSHIBA Corporation.)
DRV - (ANVIOCTL) -- F:\WINDOWS\system32\drivers\anvioctl.sys (ASUSTeK)
DRV - (DFE528TX) -- F:\WINDOWS\system32\drivers\DLKRTL.SYS (D-Link Corporation )
DRV - (ms_mpu401) -- F:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (irsir) -- F:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
DRV - (VIAudio) -- F:\WINDOWS\system32\drivers\vinyl97.sys (VIA Technologies, Inc.)
DRV - (sisidex) -- F:\WINDOWS\system32\drivers\sisidex.sys (Windows (R) 2000 DDK provider)
DRV - (dc3d) -- F:\WINDOWS\system32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (sisperf) -- F:\WINDOWS\system32\drivers\sisperf.sys (Silicon Integrated Systems Corp.)
DRV - (SiSide) -- F:\WINDOWS\system32\drivers\siside.sys (Silicon Integrated Systems Corp.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2e51ec4e-2fa9-40fa-9007-2411de34e7ca}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YWxdm009YYit&ptb=A5B06B34-4E10-482F-BA8E-AD49E7EBF43B&ind=2011091717&ptnrS=YWxdm009YYit&si=maps4pc&n=77ded305&psa=&st=sb&searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}: "URL" = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
IE - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\..\SearchScopes\{2e51ec4e-2fa9-40fa-9007-2411de34e7ca}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YWxdm009YYit&ptb=A5B06B34-4E10-482F-BA8E-AD49E7EBF43B&ind=2011091717&ptnrS=YWxdm009YYit&si=maps4pc&n=77ded305&psa=&st=sb&searchfor={searchTerms}
IE - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\..\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}: "URL" = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
IE - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.it/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: F:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: F:\Programmi\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@ei.Maps4PC_0c.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: F:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: F:\Programmi\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Maps4PC_0c.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: F:\Programmi\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: F:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: F:\Programmi\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: F:\Programmi\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: F:\Documents and Settings\All Users\Dati applicazioni\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: F:\Programmi\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: F:\Documents and Settings\All Users\Dati applicazioni\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: F:\Programmi\Mozilla Firefox\plugins [2013/09/04 14.04.18 | 000,000,000 | ---D | M]

[2011/09/18 21.36.07 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Franco\Dati applicazioni\Mozilla\Extensions
[2013/08/28 15.53.54 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Franco\Dati applicazioni\Mozilla\Firefox\Profiles\boiae7zi.default-1377697626920\extensions
[2013/08/28 15.53.54 | 000,824,302 | ---- | M] () (No name found) -- F:\Documents and Settings\Franco\Dati applicazioni\Mozilla\Firefox\Profiles\boiae7zi.default-1377697626920\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/08/11 00.52.34 | 000,000,000 | ---D | M] (No name found) -- F:\Programmi\Mozilla Firefox\extensions
[2013/08/18 18.23.54 | 000,000,000 | ---D | M] (Skype Click to Call) -- F:\Programmi\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/08/11 00.52.33 | 000,000,000 | ---D | M] (No name found) -- F:\Programmi\Mozilla Firefox\browser\extensions
[2013/08/18 18.23.54 | 000,000,000 | ---D | M] (Skype Click to Call) -- F:\Programmi\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/08/18 20.59.43 | 000,000,000 | ---D | M] (Default) -- F:\Programmi\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2013/08/26 16.08.43 | 000,450,598 | ---- | M]) - F:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15468 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Programmi\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - F:\Programmi\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Programmi\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Guida per l'accesso a Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Programmi\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
O3 - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\..\Toolbar\WebBrowser: (no name) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - No CLSID value found.
O3 - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\..\Toolbar\WebBrowser: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
O3 - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O4 - HKLM..\Run: [00PCTFW] F:\Programmi\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O4 - HKLM..\Run: [avgnt] F:\Programmi\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NvCplDaemon] F:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] F:\Programmi\File comuni\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [VX1000] F:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] F:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] F:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - Startup: F:\Documents and Settings\Franco\Menu Avvio\Programmi\Esecuzione automatica\Howard.lnk = F:\Programmi\Howard\Howard.exe (CompSoft)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108862
O7 - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O8 - Extra context menu item: Invia a Bluetooth - F:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Invia a periferica &Bluetooth... - F:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - F:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - F:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\Programmi\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - F:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - F:\Programmi\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - F:\Programmi\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - F:\Programmi\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340800070625 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.101.93.101 83.103.25.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE5D044A-795D-43F8-AFFA-003642D98CC4}: DhcpNameServer = 62.101.93.101 83.103.25.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CDDF055C-4586-4E8F-BFC2-16DBB02F71D1}: DhcpNameServer = 62.101.93.101 83.103.25.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E0258B1C-68B1-4B0A-B1D9-B7628432A250}: DhcpNameServer = 62.101.93.101 83.103.25.250
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - F:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - F:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - F:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - F:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - F:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - F:\Programmi\File comuni\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - F:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (F:\WINDOWS\system32\userinit.exe) - F:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O30 - LSA: Authentication Packages - (relog_ap) - F:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/05/24 21.37.34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/08/27 09.04.56 | 000,000,000 | RH-D | M] - H:\autorun -- [ NTFS ]
O32 - Unable to obtain root file information for disk H:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 60 Days ==========

[2013/09/04 17.29.03 | 000,000,000 | ---D | C] -- F:\Programmi\Howard
[2013/09/04 17.19.37 | 000,000,000 | RH-D | C] -- F:\Documents and Settings\Franco\Recent
[2013/09/04 17.14.46 | 003,416,756 | ---- | C] (CompSoft ) -- F:\Documents and Settings\Franco\Desktop\HowardSetup.exe
[2013/09/03 10.14.09 | 000,218,592 | ---- | C] (PC Tools) -- F:\WINDOWS\System32\drivers\PCTCore.sys
[2013/09/03 10.14.09 | 000,160,576 | ---- | C] (PC Tools) -- F:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2013/09/03 10.14.07 | 000,251,560 | ---- | C] (PC Tools) -- F:\WINDOWS\System32\drivers\pctgntdi.sys
[2013/09/03 10.12.06 | 000,089,472 | ---- | C] (PC Tools) -- F:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys
[2013/09/03 10.12.06 | 000,057,536 | ---- | C] (PC Tools) -- F:\WINDOWS\System32\drivers\pctNdis.sys
[2013/09/03 10.12.06 | 000,032,808 | ---- | C] (PC Tools) -- F:\WINDOWS\System32\drivers\pctNdis-DNS.sys
[2013/09/03 10.12.06 | 000,000,000 | ---D | C] -- F:\Programmi\File comuni\PC Tools
[2013/09/03 10.12.02 | 000,125,248 | ---- | C] (PC Tools) -- F:\WINDOWS\System32\drivers\pctplfw.sys
[2013/09/03 10.11.59 | 000,000,000 | ---D | C] -- F:\Programmi\PC Tools Firewall Plus
[2013/09/03 03.01.04 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Dati applicazioni\Agnitum
[2013/08/29 21.25.05 | 000,602,112 | ---- | C] (OldTimer Tools) -- F:\Documents and Settings\Franco\Desktop\OTL.exe
[2013/08/29 20.50.03 | 000,000,000 | ---D | C] -- F:\AdwCleaner
[2013/08/28 15.29.04 | 000,000,000 | ---D | C] -- F:\Programmi\Spybot - Search & Destroy
[2013/08/28 15.03.13 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Franco\Menu Avvio\Programmi\HiJackThis
[2013/08/28 14.52.16 | 000,000,000 | ---D | C] -- F:\Programmi\Trend Micro
[2013/08/27 17.35.32 | 000,000,000 | ---D | C] -- F:\Documents and Settings\LocalService\Dati applicazioni\Adobe
[2013/08/27 17.15.08 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\NtmsData
[2013/08/27 00.30.34 | 000,000,000 | R--D | C] -- F:\Documents and Settings\All Users\Menu Avvio\Programmi\Avira
[2013/08/27 00.30.13 | 000,028,520 | ---- | C] (Avira GmbH) -- F:\WINDOWS\System32\drivers\ssmdrv.sys
[2013/08/27 00.30.09 | 000,135,136 | ---- | C] (Avira Operations GmbH & Co. KG) -- F:\WINDOWS\System32\drivers\avipbb.sys
[2013/08/27 00.30.09 | 000,084,744 | ---- | C] (Avira Operations GmbH & Co. KG) -- F:\WINDOWS\System32\drivers\avgntflt.sys
[2013/08/27 00.30.09 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- F:\WINDOWS\System32\drivers\avkmgr.sys
[2013/08/27 00.30.02 | 000,000,000 | ---D | C] -- F:\Programmi\Avira
[2013/08/27 00.30.02 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Dati applicazioni\Avira
[2013/08/27 00.24.02 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Franco\Dati applicazioni\Avira
[2013/08/26 22.25.38 | 000,000,000 | R--D | C] -- F:\Documents and Settings\All Users\Menu Avvio\Programmi\VideoLAN
[2013/08/26 18.45.48 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\MRT
[2013/08/19 16.17.23 | 000,000,000 | ---D | C] -- F:\WINDOWS\ERUNT
[2013/08/19 15.59.56 | 000,000,000 | ---D | C] -- F:\JRT
[2013/08/11 00.52.31 | 000,000,000 | ---D | C] -- F:\Programmi\Mozilla Firefox
[2013/07/26 14.33.48 | 001,510,400 | ---- | C] (The Shchuka's Place) -- F:\Documents and Settings\Franco\Desktop\unire file MP3.exe
[2013/07/26 13.06.24 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Menu Avvio\Programmi\aTube Catcher
[2013/07/23 13.13.02 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Franco\Dati applicazioni\Canon
[2013/07/23 13.03.29 | 000,069,632 | ---- | C] (CANON INC.) -- F:\WINDOWS\System32\CNQU86.DLL
[2013/07/23 13.03.29 | 000,069,632 | ---- | C] (Canon Inc.) -- F:\WINDOWS\System32\CNQA3203.DLL
[2013/07/23 13.03.29 | 000,000,000 | -H-D | C] -- F:\CanoScan
[2013/07/09 17.51.36 | 004,745,728 | ---- | C] (AVAST Software) -- F:\Documents and Settings\Franco\Desktop\aswMBR.exe
[2 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp -> ]
[2 F:\Documents and Settings\Franco\Desktop\*.tmp files -> F:\Documents and Settings\Franco\Desktop\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2013/09/04 19.27.03 | 000,000,978 | ---- | M] () -- F:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/09/04 17.29.07 | 000,000,611 | ---- | M] () -- F:\Documents and Settings\Franco\Menu Avvio\Programmi\Esecuzione automatica\Howard.lnk
[2013/09/04 17.26.36 | 000,000,416 | -H-- | M] () -- F:\WINDOWS\tasks\User_Feed_Synchronization-{E9463A99-1661-4C8F-88CF-ABC83AE94A29}.job
[2013/09/04 17.25.34 | 000,002,262 | ---- | M] () -- F:\WINDOWS\System32\wpa.dbl
[2013/09/04 17.24.33 | 000,002,048 | --S- | M] () -- F:\WINDOWS\bootstat.dat
[2013/09/02 13.42.48 | 000,002,427 | ---- | M] () -- F:\Documents and Settings\Franco\Desktop\HiJackThis.lnk
[2013/08/29 21.25.15 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\Franco\Desktop\OTL.exe
[2013/08/29 20.32.01 | 000,994,642 | ---- | M] () -- F:\Documents and Settings\Franco\Desktop\adwcleaner.exe
[2013/08/28 15.29.13 | 000,000,918 | ---- | M] () -- F:\Documents and Settings\Franco\Desktop\Spybot - Search & Destroy.lnk
[2013/08/27 00.21.47 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\WINDOWS\System32\drivers\avipbb.sys
[2013/08/27 00.21.47 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\WINDOWS\System32\drivers\avgntflt.sys
[2013/08/27 00.21.47 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- F:\WINDOWS\System32\drivers\avkmgr.sys
[2013/08/27 00.21.47 | 000,028,520 | ---- | M] (Avira GmbH) -- F:\WINDOWS\System32\drivers\ssmdrv.sys
[2013/08/26 23.40.38 | 000,001,912 | ---- | M] () -- F:\WINDOWS\epplauncher.mif
[2013/08/26 23.37.00 | 000,000,398 | -H-- | M] () -- F:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/08/26 23.26.00 | 000,303,624 | ---- | M] () -- F:\WINDOWS\System32\FNTCACHE.DAT
[2013/08/26 23.23.51 | 000,807,260 | ---- | M] () -- F:\WINDOWS\System32\perfh010.dat
[2013/08/26 23.23.51 | 000,710,614 | ---- | M] () -- F:\WINDOWS\System32\perfh009.dat
[2013/08/26 23.23.51 | 000,206,170 | ---- | M] () -- F:\WINDOWS\System32\perfc010.dat
[2013/08/26 23.23.51 | 000,162,484 | ---- | M] () -- F:\WINDOWS\System32\perfc009.dat
[2013/08/26 17.01.44 | 000,002,480 | ---- | M] () -- F:\WINDOWS\wininit.ini
[2013/08/26 16.08.43 | 000,450,598 | R--- | M] () -- F:\WINDOWS\System32\drivers\etc\hosts.20130828-153318.backup
[2013/08/26 16.08.43 | 000,450,598 | ---- | M] () -- F:\WINDOWS\System32\drivers\etc\hosts
[2013/08/25 23.57.54 | 128,953,512 | ---- | M] () -- F:\Documents and Settings\Franco\Desktop\ald988xu.exe
[2013/08/25 17.32.43 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- F:\WINDOWS\System32\FlashPlayerApp.exe
[2013/08/25 17.32.40 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- F:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/08/19 00.33.58 | 003,416,756 | ---- | M] (CompSoft ) -- F:\Documents and Settings\Franco\Desktop\HowardSetup.exe
[2013/07/31 10.20.31 | 000,000,237 | ---- | M] () -- F:\Documents and Settings\Franco\.swfinfo
[2013/07/26 04.47.14 | 000,920,064 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\wininet.dll
[2013/07/26 04.47.13 | 000,759,296 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\vgx.dll
[2013/07/26 04.47.12 | 001,215,488 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\urlmon.dll
[2013/07/26 04.47.12 | 000,105,984 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\url.dll
[2013/07/26 04.47.12 | 000,105,984 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\url.dll
[2013/07/26 04.47.11 | 000,611,840 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\mstime.dll
[2013/07/26 04.47.11 | 000,611,840 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\mstime.dll
[2013/07/26 04.47.11 | 000,206,848 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\occache.dll
[2013/07/26 04.47.10 | 006,017,536 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\mshtml.dll
[2013/07/26 04.47.10 | 000,067,072 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\mshtmled.dll
[2013/07/26 04.47.04 | 000,630,272 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\msfeeds.dll
[2013/07/26 04.47.04 | 000,630,272 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msfeeds.dll
[2013/07/26 04.47.04 | 000,055,296 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\msfeedsbs.dll
[2013/07/26 04.47.04 | 000,055,296 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013/07/26 04.47.03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/07/26 04.47.03 | 000,043,520 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\licmgr10.dll
[2013/07/26 04.47.03 | 000,043,520 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\licmgr10.dll
[2013/07/26 04.47.03 | 000,025,600 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\jsproxy.dll
[2013/07/26 04.47.03 | 000,025,600 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\jsproxy.dll
[2013/07/26 04.47.02 | 002,005,504 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\iertutil.dll
[2013/07/26 04.47.02 | 001,469,440 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\inetcpl.cpl
[2013/07/26 04.47.02 | 001,469,440 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013/07/26 04.47.00 | 000,184,320 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\iepeers.dll
[2013/07/26 04.47.00 | 000,184,320 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\iepeers.dll
[2013/07/26 04.46.59 | 011,113,472 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\ieframe.dll
[2013/07/26 04.46.57 | 000,743,424 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/07/26 04.46.56 | 000,387,584 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\iedkcs32.dll
[2013/07/26 04.46.56 | 000,387,584 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013/07/25 21.24.56 | 000,174,592 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\ie4uinit.exe
[2013/07/25 21.24.56 | 000,174,592 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\ie4uinit.exe
[2013/07/25 17.54.52 | 000,385,024 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\html.iec
[2013/07/23 13.52.33 | 000,001,629 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Canon My Printer.lnk
[2013/07/10 12.37.53 | 000,406,016 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\usp10.dll
[2013/07/09 17.52.21 | 004,745,728 | ---- | M] (AVAST Software) -- F:\Documents and Settings\Franco\Desktop\aswMBR.exe
[2013/07/09 10.33.33 | 000,000,000 | ---- | M] () -- F:\cookies.sqlite
[2 F:\WINDOWS\System32\*.tmp files -> F:\WINDOWS\System32\*.tmp -> ]
[2 F:\Documents and Settings\Franco\Desktop\*.tmp files -> F:\Documents and Settings\Franco\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/09/04 17.29.07 | 000,000,611 | ---- | C] () -- F:\Documents and Settings\Franco\Menu Avvio\Programmi\Esecuzione automatica\Howard.lnk
[2013/09/02 17.29.36 | 000,390,632 | ---- | C] () -- F:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-S-1-5-21-73586283-1606980848-1060284298-1003-0.dat
[2013/08/29 20.31.56 | 000,994,642 | ---- | C] () -- F:\Documents and Settings\Franco\Desktop\adwcleaner.exe
[2013/08/28 15.29.12 | 000,000,918 | ---- | C] () -- F:\Documents and Settings\Franco\Desktop\Spybot - Search & Destroy.lnk
[2013/08/28 15.03.13 | 000,002,427 | ---- | C] () -- F:\Documents and Settings\Franco\Desktop\HiJackThis.lnk
[2013/08/25 23.18.23 | 128,953,512 | ---- | C] () -- F:\Documents and Settings\Franco\Desktop\ald988xu.exe
[2013/07/23 13.52.33 | 000,001,629 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\Canon My Printer.lnk
[2013/07/23 13.03.29 | 000,434,176 | ---- | C] () -- F:\WINDOWS\System32\CNQL3203.DLL
[2013/07/23 13.03.29 | 000,393,225 | ---- | C] () -- F:\WINDOWS\System32\C3203TA.PLG
[2013/07/23 13.03.29 | 000,393,225 | ---- | C] () -- F:\WINDOWS\System32\C3203.PLG
[2013/07/09 16.54.53 | 000,000,398 | -H-- | C] () -- F:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/07/09 10.33.33 | 000,000,000 | ---- | C] () -- F:\cookies.sqlite
[2013/05/13 10.57.03 | 000,000,086 | ---- | C] () -- F:\Documents and Settings\Franco\Dati applicazioni\mbam.context.scan
[2012/12/20 02.22.57 | 000,327,310 | ---- | C] () -- F:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-System.dat
[2012/11/23 10.08.01 | 000,000,237 | ---- | C] () -- F:\Documents and Settings\Franco\.swfinfo
[2012/10/13 20.45.27 | 000,002,440 | ---- | C] () -- F:\WINDOWS\System32\ASOROSet.bin
[2012/09/04 11.33.33 | 003,248,128 | ---- | C] () -- F:\WINDOWS\System32\DVAPfg.exe
[2012/09/04 11.33.08 | 000,085,504 | ---- | C] () -- F:\WINDOWS\System32\ff_vfw.dll
[2012/02/29 17.08.20 | 000,002,480 | ---- | C] () -- F:\WINDOWS\wininit.ini
[2012/02/15 13.38.59 | 000,003,072 | ---- | C] () -- F:\WINDOWS\System32\iacenc.dll
[2011/10/19 18.17.40 | 000,139,264 | ---- | C] () -- F:\WINDOWS\System32\IDEproperty.dll
[2011/10/19 17.41.39 | 000,045,056 | ---- | C] () -- F:\WINDOWS\System32\vusetup.dll
[2011/10/19 17.31.53 | 000,000,033 | ---- | C] () -- F:\WINDOWS\System32\VGAunistlog.ini
[2011/06/26 22.20.29 | 000,000,370 | RHS- | C] () -- F:\Documents and Settings\All Users\ntuser.pol
[2011/06/17 00.53.55 | 000,000,000 | ---- | C] () -- F:\Documents and Settings\Franco\Impostazioni locali\Dati applicazioni\{FED954B1-0653-4A2B-A961-374CB5F1AAA8}
[2011/06/17 00.53.55 | 000,000,000 | ---- | C] () -- F:\Documents and Settings\Franco\Impostazioni locali\Dati applicazioni\{9FBC2EF8-BAF8-4D1B-ADAE-2845BAD2C6E4}
[2011/02/02 22.28.29 | 000,002,528 | ---- | C] () -- F:\Documents and Settings\Franco\Dati applicazioni\$_hpcst$.hpc
[2009/01/28 14.11.55 | 000,000,135 | ---- | C] () -- F:\Documents and Settings\Franco\Impostazioni locali\Dati applicazioni\fusioncache.dat
[2008/07/07 10.39.46 | 000,001,755 | ---- | C] () -- F:\Documents and Settings\All Users\Dati applicazioni\QTSBandwidthCache
[2008/05/20 23.46.06 | 000,000,040 | -HS- | C] () -- F:\Documents and Settings\All Users\Dati applicazioni\.zreglib
[2008/05/14 12.46.29 | 000,024,064 | ---- | C] () -- F:\Documents and Settings\Franco\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/05/13 22.39.56 | 000,000,040 | -HS- | C] () -- F:\Documents and Settings\Franco\Dati applicazioni\.zreglib
[2008/05/13 22.34.20 | 000,001,024 | ---- | C] () -- F:\Documents and Settings\Franco\.rnd

========== ZeroAccess Check ==========

[2008/05/14 22.51.33 | 000,000,227 | RHS- | M] () -- F:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/10/16 03.00.26 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = F:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12.51.43 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = F:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 04.13.56 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009/05/18 20.27.03 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\ACD Systems
[2010/06/17 20.14.41 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Acronis
[2013/09/04 14.04.08 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Agnitum
[2008/05/14 23.11.51 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Azureus
[2010/06/25 22.54.45 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\BanzaiInteractive
[2010/11/22 13.39.42 | 000,000,000 | -H-D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\CanonBJ
[2013/01/28 19.50.05 | 000,000,000 | -H-D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\CanonEPP
[2013/01/28 19.50.05 | 000,000,000 | -H-D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\CanonIJEPPEX2
[2010/09/20 11.13.26 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\clp
[2013/07/03 16.46.27 | 000,000,000 | -H-D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Common Files
[2010/06/27 13.15.02 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Curious Sense
[2011/03/06 00.59.35 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Driver Whiz
[2013/06/21 15.22.05 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\EmailTray
[2010/10/09 16.59.11 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Floodlight Games
[2012/12/20 13.15.45 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Freemake
[2010/08/14 15.16.21 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\GiocoDigitale
[2008/05/22 15.01.31 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Grisoft
[2010/06/28 22.43.19 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\HideAndSecret3
[2010/12/31 15.52.22 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\HitPoint Studios
[2012/09/29 12.15.40 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Installations
[2008/05/16 14.57.38 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\JollyBear
[2008/10/01 23.14.27 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\MAGIX
[2010/06/29 21.04.11 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Merscom
[2010/06/28 22.23.13 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\NeptunesAdve
[2010/07/23 17.09.12 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Nitro PDF
[2012/09/29 12.47.01 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Nokia
[2011/06/30 15.25.53 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\NokiaAccount
[2011/03/07 18.38.40 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\NokiaInstallerCache
[2011/03/07 19.14.21 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\PC Suite
[2008/07/04 09.39.46 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Pinnacle
[2010/12/28 23.04.07 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\PlayFirst
[2010/06/26 21.26.47 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\PoBros
[2009/01/28 14.09.40 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\PowerQuest
[2011/04/01 13.05.12 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Princess Isabella
[2010/06/26 13.12.56 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Sandlot Games
[2009/01/08 21.14.48 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\SpinTop Games
[2013/09/04 17.27.12 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\TEMP
[2010/06/25 00.04.28 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\The Mirror Mysteries
[2008/05/28 23.50.09 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\TreeCardGames
[2013/07/08 21.32.47 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\TuneUp Software
[2010/06/25 00.03.43 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Zylom
[2013/07/03 16.58.48 | 000,000,000 | -HSD | M] -- F:\Documents and Settings\All Users\Dati applicazioni\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2013/07/03 16.58.48 | 000,000,000 | -HSD | M] -- F:\Documents and Settings\All Users\Dati applicazioni\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2011/04/11 14.25.31 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\A Gypsy's Tale - The Tower of Secrets
[2008/05/15 20.21.46 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\ACD Systems
[2009/02/24 13.48.06 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Acronis
[2010/07/12 09.50.59 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Artifex Mundi
[2010/12/07 15.25.01 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Artisteer
[2009/06/02 23.57.33 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\avidemux
[2010/10/22 23.32.14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Awem
[2011/12/14 20.10.00 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Azureus
[2010/10/25 20.28.37 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Babylonia
[2010/06/25 22.54.45 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\BanzaiInteractive
[2013/08/18 21.13.07 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Canon
[2008/05/26 22.12.31 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\CD-LabelPrint
[2008/12/10 09.44.09 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\CoSoSys
[2012/10/06 21.47.04 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\CrystalIdea Software
[2010/06/27 13.15.02 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Curious Sense
[2010/06/29 14.39.46 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Dekovir
[2011/06/22 19.27.11 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Downloaded Installations
[2010/06/28 22.34.09 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\ElementalsTheMagicKey
[2012/12/22 15.46.38 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\ElevatedDiagnostics
[2009/04/17 13.31.13 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\eMule
[2010/09/23 22.12.45 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Fighters
[2010/10/09 16.59.11 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Floodlight Games
[2011/04/11 13.59.55 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\FlyWheelGames
[2011/06/06 12.17.34 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Foxit
[2012/01/15 21.07.10 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Free PDF to Word Converter
[2012/01/15 21.08.02 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Free PDF to Word Converter.INI
[2013/07/26 14.45.48 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\FreeVideoConverter
[2010/06/26 20.51.19 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Friday's games
[2008/06/03 23.43.58 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\GARMIN
[2013/03/24 17.16.40 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\GetRightToGo
[2012/10/01 18.57.23 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\GlarySoft
[2010/11/11 17.39.01 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\GrabPro
[2010/12/31 15.52.22 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\HitPoint Studios
[2010/06/25 19.12.04 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\IronCode
[2009/01/28 14.12.58 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\IsolatedStorage
[2008/09/01 22.32.36 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Lingoes
[2011/01/08 02.10.46 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\LockHunter
[2008/10/02 21.08.05 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\LuckyTender
[2010/09/08 09.07.00 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Magic3
[2008/10/01 23.15.48 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\MAGIX
[2010/06/27 11.52.31 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\MastersOfMystery2
[2010/06/29 21.04.11 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Merscom
[2011/04/01 00.15.04 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Mystery of Mortlake Mansion
[2011/06/21 15.51.15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Nitro PDF
[2013/04/04 22.18.14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Nokia
[2013/04/04 22.18.32 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Nokia Suite
[2012/01/18 12.13.56 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\OpenOffice.org
[2013/02/15 15.02.27 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Orbit
[2011/03/07 19.17.44 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\PC Suite
[2013/09/03 10.15.51 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\PCToolsFirewallPlus
[2010/10/25 20.35.14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\PeaceCraft2
[2010/12/28 23.04.07 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\PlayFirst
[2010/06/26 21.26.47 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\PoBros
[2010/11/11 17.39.18 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\ProgSense
[2011/02/03 17.13.50 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Samsung
[2011/06/26 22.27.28 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\ScanSoft
[2011/09/14 19.10.13 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\searchqutoolbar(2)
[2010/07/12 10.43.58 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Settlement. Colossus
[2008/05/13 22.41.06 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\SlySoft
[2011/01/29 16.21.18 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Smart PDF Creator Pro
[2011/01/29 16.28.42 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\SmartSoftOCRHelper
[2009/02/24 14.09.19 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\SolSuite
[2012/04/04 18.01.47 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Spesoft Audio Converter
[2010/06/25 11.25.21 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\SpinTop
[2009/02/13 19.21.36 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Sports Interactive
[2009/06/03 11.43.49 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Toshiba
[2013/07/04 16.20.27 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\TuneUp Software
[2013/08/02 12.48.59 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\uTorrent
[2010/09/22 17.10.34 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\VampireSaga
[2011/01/08 22.39.24 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\VendelGAMES
[2013/07/31 10.42.49 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\vso
[2009/05/18 20.41.17 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\XnView
[2013/05/18 22.06.31 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\xVideoServiceThief
[2012/03/19 15.21.11 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\YCanPDF
[2011/06/26 22.30.01 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Zeon
[2011/01/08 22.39.16 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Zylom
[2010/06/25 11.10.36 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Zylomv1001
[2009/03/04 14.13.13 | 000,000,000 | ---D | M] -- F:\Documents and Settings\LocalService\Dati applicazioni\Acronis
[2011/11/12 02.09.01 | 000,000,000 | ---D | M] -- F:\Documents and Settings\UpdatusUser\Dati applicazioni\Acronis
[2011/11/14 15.54.36 | 000,000,000 | ---D | M] -- F:\Documents and Settings\UpdatusUser.FRANCO-9A863AFC\Dati applicazioni\Acronis
[2012/02/22 11.48.15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\UpdatusUser.FRANCO-9A863AFC.000\Dati applicazioni\Acronis

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 151 bytes -> F:\Documents and Settings\All Users\Dati applicazioni\TEMP:C31F31E6
@Alternate Data Stream - 144 bytes -> F:\Documents and Settings\All Users\Dati applicazioni\TEMP:40DB6D00
@Alternate Data Stream - 143 bytes -> F:\Documents and Settings\All Users\Dati applicazioni\TEMP:63238B95
@Alternate Data Stream - 100 bytes -> F:\Documents and Settings\All Users\Dati applicazioni\TEMP:3D36932D

< End of report >
Torna in alto
 
Sponsor
Inviato: Wednesday, September 04, 2013 8:45:36 PM

 
Torna in alto
 
r16
Inviato: Wednesday, September 04, 2013 9:23:55 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
No carducci; non puoi aprire sempre un nuovo topic per ogni scansione.d'oh!
Non funziona così.
Non posso saltare come un capretto da un topic all'altro, per lo stesso utente, e medesimo problema.
Si deve rispondere SEMPRE nel topic che hai aperto. (il primo)
Inoltre ti avevo "pregato" di postare il log in un'altro modo.

Scarica ed installa MalwareBytes:
clicca qui per il download : http://www.aiutamici.com/software?id=80346
Prima di fare la scansione AGGIORNALO. (è molto importante)
Esegui una scansione completa del sistema. (NON veloce)
Elimina gli eventuali file infetti trovati.
Posta il log.



Torna in alto
 
carducci
Inviato: Wednesday, September 04, 2013 10:06:22 PM
Rank: AiutAmico

Iscritto dal : 12/29/2005
Posts: 479
scusa R16 per i nuovi topic,ho frainteso, qundo mi hai scritto copialo e incollalo in un nuovo messaggio per il forum,pensavo che dovevo
allegarlo ad un nuovo topic.
il log credevo di averlo allegato nel modo giusto,mi spiace
grazie
ora faccio la scansione
ciao
Torna in alto
 
carducci
Inviato: Thursday, September 05, 2013 2:52:43 AM
Rank: AiutAmico

Iscritto dal : 12/29/2005
Posts: 479


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Versione database: v2013.09.04.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Franco :: FRANCO-9A863AFC [amministratore]

04/09/2013 23.05.09
mbam-log-2013-09-04 (23-05-09).txt

Tipo di scansione: Scansione completa (F:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 448578
Tempo impiegato: 3 ore, 1 minuti, 54 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 3
F:\AdwCleaner\Quarantine\F\Programmi\AskPartnerNetwork\Toolbar\APNSetup.exe.vir (PUP.Optional.ASKToolbar.A) -> Spostato in quarantena ed eliminato con successo.
F:\System Volume Information\_restore{5FA73D8E-8873-42CF-B858-B96C08D42ABE}\RP268\A0052379.rbf (PUP.Optional.ASKToolbar.A) -> Spostato in quarantena ed eliminato con successo.
F:\System Volume Information\_restore{5FA73D8E-8873-42CF-B858-B96C08D42ABE}\RP271\A0052920.exe (PUP.Optional.ASKToolbar.A) -> Spostato in quarantena ed eliminato con successo.

(fine)
Torna in alto
 
r16
Inviato: Thursday, September 05, 2013 8:15:54 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Adesso spiegami che problemi riscontri.
Torna in alto
 
carducci
Inviato: Friday, September 06, 2013 3:43:10 PM
Rank: AiutAmico

Iscritto dal : 12/29/2005
Posts: 479
ciao
il computer funziona abbastanza bene solo che spesse volte esce sta torcia che cerca il file selezionato, oppure la pagina caricata
si apre e ci mette un sacco a caricarsi,allora non sapendo se il computer è bloccato o il programma è in esecuzione,apro
task manager windows e noto che il programma è in esecuzione ma l'utilizzo della cpu è al 100%.
e il ripristino configurazione non funziona ancora.
Torna in alto
 
r16
Inviato: Friday, September 06, 2013 6:46:59 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao.
Vai in "Installazione Applicazioni" e rimuovi il Firewall. (PC Tools Firewall Plus )
Una volta rimosso, riavvia il pc.
All'avvio del pc fai una pulizia con CCleaner, e pulisci anche il registro. (sempre con CCleaner)

Dimmi che cos'è questo eseguibile che hai sul desktop:
ald988xu.exe

Poi:
Avvia OTL.

Sotto "Custom Scans\Fixes" copia-incolla questo codice:

Code:
:OTL
SRV - (MsMpSvc) -- F:\Programmi\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
DRV - (Scutum50) -- System32\Drivers\Scutum50.sys File not found
DRV - (654B0816) -- f:\documents and settings\franco\impostazioni locali\temp\654B0816.sys File not found
IE - HKLM\..\SearchScopes\{2e51ec4e-2fa9-40fa-9007-2411de34e7ca}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YWxdm009YYit&ptb=A5B06B34-4E10-482F-BA8E-AD49E7EBF43B&ind=2011091717&ptnrS=YWxdm009YYit&si=maps4pc&n=77ded305&psa=&st=sb&searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}: "URL" = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\..\SearchScopes\{2e51ec4e-2fa9-40fa-9007-2411de34e7ca}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YWxdm009YYit&ptb=A5B06B34-4E10-482F-BA8E-AD49E7EBF43B&ind=2011091717&ptnrS=YWxdm009YYit&si=maps4pc&n=77ded305&psa=&st=sb&searchfor={searchTerms}
IE - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\..\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}: "URL" = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
O3 - HKLM\..\Toolbar: (no name) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
O3 - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\..\Toolbar\WebBrowser: (no name) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - No CLSID value found.
O3 - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\..\Toolbar\WebBrowser: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
O3 - HKU\S-1-5-21-73586283-1606980848-1060284298-1003\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O4 - HKLM..\Run: [SunJavaUpdateSched] F:\Programmi\File comuni\Java\Java Update\jusched.exe (Oracle Corporation)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340800070625 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
[2013/08/19 15.59.56 | 000,000,000 | ---D | C] -- F:\JRT
[2010/06/25 22.54.45 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\BanzaiInteractive
[2010/10/09 16.59.11 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\Floodlight Games
[2010/06/28 22.43.19 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\HideAndSecret3
[2008/05/16 14.57.38 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\JollyBear
[2009/01/28 14.09.40 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Dati applicazioni\PowerQuest
[2010/07/12 09.50.59 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Artifex Mundi
[2010/12/07 15.25.01 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Artisteer
[2009/06/02 23.57.33 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\avidemux
[2010/10/22 23.32.14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Awem
[2011/12/14 20.10.00 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Azureus
[2010/10/25 20.28.37 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Babylonia
[2010/06/25 22.54.45 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\BanzaiInteractive
[2008/12/10 09.44.09 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\CoSoSys
[2010/09/23 22.12.45 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Fighters
[2010/10/09 16.59.11 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Floodlight Games
[2011/04/11 13.59.55 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\FlyWheelGames
[2011/01/08 02.10.46 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\LockHunter
[2008/10/02 21.08.05 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\LuckyTender
[2011/09/14 19.10.13 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\searchqutoolbar(2)
[2010/07/12 10.43.58 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Settlement. Colossus
[2008/05/13 22.41.06 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\SlySoft
[2010/06/25 11.25.21 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\SpinTop
[2009/02/13 19.21.36 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Sports Interactive
[2011/06/26 22.30.01 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Franco\Dati applicazioni\Zeon
@Alternate Data Stream - 151 bytes -> F:\Documents and Settings\All Users\Dati applicazioni\TEMP:C31F31E6
@Alternate Data Stream - 144 bytes -> F:\Documents and Settings\All Users\Dati applicazioni\TEMP:40DB6D00
@Alternate Data Stream - 143 bytes -> F:\Documents and Settings\All Users\Dati applicazioni\TEMP:63238B95
@Alternate Data Stream - 100 bytes -> F:\Documents and Settings\All Users\Dati applicazioni\TEMP:3D36932D

:Files
ipconfig /flushdns /c

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"

:commands
[purity]
[emptytemp]
[Emptyjava]
[EMPTYFLASH]
[start explorer]
[Reboot]


Clicca sul pulsante RUN FIX.
Lascia fare la scansione senza interferire.

Posta il log che rilascia. (postalo con Wikisend)

N.B:
Penso sia inutile dirti di NON aprire un'altro topic per postare il log.
Torna in alto
 
carducci
Inviato: Saturday, September 07, 2013 10:55:41 PM
Rank: AiutAmico

Iscritto dal : 12/29/2005
Posts: 479
ciao
speriamo stavolta di avere fatto la cosa giusta con il log otl
per quanto riguarda ald988xu.exe è l'antivirus dottor web
in ccleaner è diverse settimane che provo ma in registro non riesce ad eliminare(Estensione file non usata {80b8c23c-16e0-4cd8-bbc3-cecec9a78b79} HKCR\{80b8c23c-16e0-4cd8-bbc3-cecec9a78b79}) se vado in apri regedit mi fa vedere l'estensione gia evidenziata.posso eliminarla?

OTL.log
Torna in alto
 
r16
Inviato: Sunday, September 08, 2013 1:35:16 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
carducci ha scritto:

speriamo stavolta di avere fatto la cosa giusta con il log otl

Sei stato perfetto.

Commenta:
per quanto riguarda ald988xu.exe è l'antivirus dottor web

Non ti serve.
Puoi benissimo eliminarlo.

Commenta:
in ccleaner è diverse settimane che provo ma in registro non riesce ad eliminare(Estensione file non usata {80b8c23c-16e0-4cd8-bbc3-cecec9a78b79} HKCR\{80b8c23c-16e0-4cd8-bbc3-cecec9a78b79})


Si tratta di una chiave di Avira, quindi legittima.
Quando CCleaner te la rileva, cliccaci sopra con il tasto destro, e scegli: "Aggiungi a Lista Esclusioni".
In questo modo non la rileva più.

Rifai una scansione con OTL per vedere se tutto è a posto.
Dimmi anche, se riscontri ancora problemi.

P.S:
Dimenticavo il Ripristino configurazione sistema:
Scarica questa cartella .zip sul desktop:
http://wikisend.com/download/376172/sysrestorepair-1_1.zip
Scompatta la cartella sul desktop. (estrai tutti i file)
Doppio click su "System Restore Repair".
Eseguilo.
Ti compare una finestra Dos.
Ti compare un'altra finestra.
Clicca un tasto qualsiasi per continuare.
Ti chiederà se vuoi mandare in esecuzione System Restore Repair.
Clicca S per eseguirlo.
Torna in alto
 
carducci
Inviato: Sunday, September 08, 2013 8:48:20 PM
Rank: AiutAmico

Iscritto dal : 12/29/2005
Posts: 479
ciao
dopo aver fattto quello che mi hai consigliato ho usato il computer fino ad ora e non ho
riscontrato problemi.
ho usato "System Restore Repair".
ho creato un punto di ripristino poi ho fatto un ripristino della configurazione e ora funziona
ti allego il log otl .con wikisend è possibile allegare anche immagini?
Il firewall pc tools plus che ho disinstallato posso usarlo di nuovo o mi consigli altro.


OTL.Txt
Torna in alto
 
r16
Inviato: Sunday, September 08, 2013 9:27:34 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
carducci ha scritto:
ciao
ho creato un punto di ripristino poi ho fatto un ripristino della configurazione e ora funziona

Spiegami bene sta storia.....Think
Hai creato un punto di ripristino, e poi hai fatto un "Ripristino configurazione sistema"?
Perchè un'operazione del genere non ha senso.
Commenta:
Il firewall pc tools plus che ho disinstallato posso usarlo di nuovo o mi consigli altro.

Puoi anche reistallarlo, ma poi non lamentarti se il pc si è rallentato.
E' una cosa normale.

Commenta:
con wikisend è possibile allegare anche immagini?

Sì.
Torna in alto
 
carducci
Inviato: Sunday, September 08, 2013 10:45:40 PM
Rank: AiutAmico

Iscritto dal : 12/29/2005
Posts: 479
ciao
da quello che scrivi ora capisco che se il pc ha effettuato un punto di ripristino anche il ripristino funzionava, non lo sapevo.
tutti i firewall rallentano il pc?
usare quello windows? uguale?
grazie R16 per la tua disponibilità
Torna in alto
 
r16
Inviato: Monday, September 09, 2013 6:17:21 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Commenta:
usare quello windows? uguale?

Purtroppo no con XP.

Prova questo:
http://www.aiutamici.it/software?ID=80361
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » R16 log otl


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.