ho rifatto la scansione con JRT e questo è il log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x86
Ran by Luciano on 01/12/2013 at 11:53:14,88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/12/2013 at 11:56:43,42
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
questo è il log extras
OTL Extras logfile created on: 01/12/2013 10:52:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Luciano\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
3,25 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 60,16% Memory free
6,50 Gb Paging File | 5,12 Gb Available in Paging File | 78,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 642,86 Gb Free Space | 69,01% Space Free | Partition Type: NTFS
Computer Name: LUCIANO-PC | User Name: Luciano | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-3461215093-3171702158-3098542607-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{102ED891-8E51-4B01-809D-BCF7A2D37D94}" = lport=137 | protocol=17 | dir=in | app=system |
"{17D1F9F7-B42F-4863-9FC7-4DAB56F3586F}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{1A757D05-F214-4AAD-B8FF-2D8DA1275C0F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{2201660C-5DC4-4C7F-9035-008B40D6AE3B}" = lport=139 | protocol=6 | dir=in | app=system |
"{31905B78-2632-49E1-AED8-562D31893C2F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3D22412C-4CAA-4C36-8E07-BE26FBD60A6B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3EA945AB-D6B0-4CA6-B132-B16449BB2B79}" = lport=138 | protocol=17 | dir=in | app=system |
"{41F61007-2DBD-4F32-B7C4-DBBF69767364}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{459BAB85-3429-49B1-AF4A-3778DD15855E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4C945DB4-D2D4-4CBF-A3B1-E536E8978390}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{574B93D5-5758-4A2D-83C1-9AFECDCA5008}" = lport=2869 | protocol=6 | dir=in | app=system |
"{604A0A46-499E-4FAF-A260-76A9DAC54505}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6E71F068-E05F-4505-92C2-6B051E2362F9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{87C21B61-0809-4A6E-A927-179AEC66C0ED}" = lport=445 | protocol=6 | dir=in | app=system |
"{90BB84E1-75C1-495A-97BF-8FB72F2F557E}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{924E40FE-CD10-475E-AD38-4FBF5F868947}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{97EB708E-D3A7-48C8-947C-08AB726E784D}" = rport=139 | protocol=6 | dir=out | app=system |
"{99BC3BBE-AD6D-4C01-8098-7853F419516D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AF7A1887-5DA3-47AC-A13A-E6D55C336C7F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B88476D5-99D9-4812-B107-D1DD1CA56CDD}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{C75512AF-042E-4679-8995-D4D551F6D771}" = rport=137 | protocol=17 | dir=out | app=system |
"{C867AAE3-629F-4563-A8B2-295A474ADCF2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CE4096ED-1296-402E-98FD-535C63D311F5}" = rport=445 | protocol=6 | dir=out | app=system |
"{D24DABC7-7FAE-4040-A38A-08939E0B1F79}" = rport=138 | protocol=17 | dir=out | app=system |
"{D556A1BE-44AF-42C2-AB91-70716E2890CD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DA2C1528-09A7-47FC-AB3C-3CF4AF9451FE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{DCC21A92-3EFC-4896-89A9-FA6973F63CE4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DED614BC-D1FB-4E03-815D-5AB3206EDE9E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E5E08DA5-0C82-4E9C-89D5-C64A44D0112D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0495CDED-A7B6-44E5-B819-35C8F0AC1CFC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0649E3A6-5DFA-4A4A-87D5-727ECE964BD5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{064EB5C8-615F-4522-A122-446ACB99809C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0928FC5E-DE94-4354-AAA6-121AD81AA9CC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{10908E90-7404-4BE1-A0F8-D21EB07BFAA0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{129CE4FB-D1A1-45B1-A37A-679DFC0705F5}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\umi.exe |
"{132D5DDC-191B-4454-9D97-2C7296F4FDE8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{15D15A8D-BAF1-4F75-B5B3-9713CFFEE7CE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1A2ACDD1-75E5-42E3-836B-97CE39F81DF8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{200FE78C-C1CC-4726-8301-B5760F0A1451}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{217AB4E3-626A-48B8-BE91-33F1830AC8E5}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\umi.exe |
"{21FC939C-810C-40A5-A11E-B2DDD432C512}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3035A2E6-600B-461E-B9D3-83CC95603314}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{311EE622-B332-4985-BA71-C6B9BF259BB6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3A15BBC7-8221-456E-9A4A-EB57F6BDFC46}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{3E8060EF-ABDF-4B42-8162-B3D9FE2CA81B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{421F8FE1-0E5F-450E-8EF1-68504970B6B0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{44E37071-496C-4321-8C41-D537A261AFEA}" = protocol=6 | dir=in | app=c:\users\luciano\desktop\utorrent.exe |
"{461ECC56-3BE7-4343-AC6A-B937CE2A8FE6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{47976D7A-8964-4BAC-8D6B-60D0BB94F49C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{48E11C66-C8A6-4279-8EC3-982880326DD2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{4B92522E-0D71-414A-B280-77BEDC6FB62E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4E418E72-AB71-4A7F-B4B2-23233D4F0A11}" = protocol=17 | dir=in | app=c:\users\luciano\desktop\utorrent.exe |
"{50A3F6C2-2C6F-410B-BF4F-4B3B69554F30}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{551FE6AD-EED7-41E5-B36C-36C1676270DB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5867AF4D-B656-4FE3-B870-A733490E3455}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6393B3A0-8ABB-4190-98F4-80D259D51E84}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{6CA4A087-C493-4604-8FE4-74E418F5DD37}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{70AD8D5B-06EB-44AE-B295-AA8AC5822CA7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{724A5019-A7CE-4D4B-B4C6-60B951C46506}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7439945B-6A0D-4A73-B284-24E2018CB44E}" = protocol=6 | dir=out | app=system |
"{7D722CA5-B854-4D86-A788-19A5E1A72EB4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{82050D10-09B9-40E3-9EEF-A2938EC5EE3E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{8C4DAABD-4BC6-420F-B219-6EF64483D553}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{8F191B05-BC15-4703-85E9-4F3D1809962F}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{905E237E-9B22-4A11-B5DD-983D2072246C}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{914DF245-B2AB-412F-A4B5-A3C31645CBD0}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\rm.exe |
"{918AF9F8-BE03-42CB-9BAF-629D0DF45DDC}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{92333941-1A11-4095-8D78-101396D8B96E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9436538F-6720-4507-B625-09B7F5EBFB36}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{9995B6F8-0D56-4988-947F-236C88BFC080}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\studio.exe |
"{A6B671EE-07C3-4248-982C-FA073B777737}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{B00F65DF-F234-41DA-A952-113316B654FF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{B0A38B91-7638-45DA-860F-B2B880ABA59F}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\studio.exe |
"{B2B06956-E86D-40DF-88FD-DEDC688BCE61}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{B742F585-D620-4F10-AA44-F4393C2FC44C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{B9084538-8DA8-4C52-A9BB-C441CB963811}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{BD0DDB77-22F7-46DC-897C-02E46CAEC7A3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{C7C83543-BDFE-45AB-98C3-1C47725BAFD3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{D6217814-4D29-4C56-AA13-4BA5084ADD32}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DD9151F5-3946-4551-B0A9-A82789F6F1BF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |
"{E7117441-5202-4632-A009-12250CD4D2C7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{EA1DC676-6865-4A25-AF3E-3836A6F37812}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{EB16CBBC-4FD6-4993-81A1-74C5D8C42CDD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{ED16B8AF-2E15-43F4-8679-EB912E788862}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{F05F9BD1-43AB-403F-9275-775896BE7078}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{F071A020-FDF2-4060-91FD-4176D3B63A26}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{FAB3518A-5430-4322-9D02-85190AA2D251}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{FDC100A2-B74A-4333-A24D-B4AC149F507B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{FDC7D1DE-E141-4DDD-B18B-B2E450945320}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\rm.exe |
"{FF1B7C8A-31E9-4162-A30D-AB963D86C914}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"TCP Query User{1777E3A1-08C8-463B-84F5-944DB824072B}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{61AC3362-3256-4622-9719-1823B57C72F3}C:\users\luciano\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\luciano\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{C06ED0C2-2E8C-4453-941A-138BE338BC30}C:\program files\orbitron\orbitron.exe" = protocol=6 | dir=in | app=c:\program files\orbitron\orbitron.exe |
"TCP Query User{CA736239-DD26-4E25-BC46-45186A1D76A3}C:\users\luciano\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\luciano\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{CC70B58E-14A3-436B-88EF-73E50682F47D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{09C6FA3D-FA2A-40CA-9EB6-B2EAD15721DE}C:\users\luciano\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\luciano\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{4CECC399-0418-4C01-BFA8-4F7DDDB02AD6}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{B910C395-B25D-42D8-80D2-D96EDEE18510}C:\program files\orbitron\orbitron.exe" = protocol=17 | dir=in | app=c:\program files\orbitron\orbitron.exe |
"UDP Query User{ED29F9ED-39B7-4903-959E-795CF885A35D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{F96A1C83-0D94-4B0C-BF2A-BEF4F194C93F}C:\users\luciano\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\luciano\appdata\roaming\utorrent\utorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803" = CanoScan 4400F
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{19D2B63E-C1F1-4803-BA8B-4AB8FE216952}" = EPSON PRINT Image Framer Tool
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.5.1
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{20C6FF70-690B-4DF7-8F5D-269DD3A7FD23}" = iCloud
"{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{2879D951-52D9-4851-A2B4-4EE389167ECF}_is1" = Convert PDF to Image Desktop Software versione 2.0
"{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver
"{2DD388FF-6422-43C9-86A1-C7A99C83E946}" = ASUS nVidia Driver
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{30E01116-5666-4807-8EF1-D80E9FF16717}" = Epson Easy Photo Print 2
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Supporto applicazioni Apple
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client IT-IT Language Pack
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65F5B7AF-3363-11D7-BB6B-00018021113F}" = EPSON PhotoQuicker3.5
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{685B0843-6C8D-4E42-B60D-2B86B45526E0}" = PS_AIO_02_Software_Min
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Driver Pinnacle Video
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7462E859-C453-4E08-BE0D-7D5E13E4CD1F}" = Microsoft Antimalware Service IT-IT Language Pack
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7F2B12E7-2302-4A86-AE26-33DDD84E478A}" = MAGIX Burn routines
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2010
"{90140000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2010
"{90140000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2010
"{90140000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2010
"{90140000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2010
"{90140000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2010
"{90140000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2010
"{90140000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2010
"{90140000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2010
"{90140000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2010
"{907611B4-1B1B-4810-88CD-965FA49F35F6}" = C5200
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{94F8D42D-BB31-4858-9705-7D756D8D9655}" = PS_AIO_02_Software
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{988329F4-A1A1-4D51-803C-EF2725A97627}" = HP Photosmart All-In-One Driver Software 13.0 Rel. 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AC76BA86-7AD7-1040-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Italiano
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B28635AB-1DF3-4F07-BFEA-975D911B549B}" = hpphotosmartdisclabelplugin
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Driver 3D Vision 331.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Pannello di controllo NVIDIA 331.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver grafico 331.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Driver del controller 3D Vision 331.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aggiornamenti NVIDIA 8.3.14
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.5
"{B4B2096B-B13E-408E-8985-BD07463D5487}" = PS_AIO_02_ProductContext
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C197BC08-3D82-4651-8886-E68C21578A38}" = iTunes
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}" = WinZip 15.0
"{cef78f86-19a8-4bbd-91fa-e9b6b2d37348}" = C5200_Help
"{D16A31F9-276D-4968-A753-FFEAC56995D0}" = Epson Print CD
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.14
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Software della webcam Logitech
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}" = HPPhotoSmartDiscLabel_PaperLabel
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Pacchetto driver Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"Adobe AIR" = Adobe AIR
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"CanoScan Toolbox 5.0" = Canon CanoScan Toolbox 5.0
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DVD Shrink_is1" = DVD Shrink 3.1.7
"EPSON Printer and Utilities" = Software per stampante EPSON
"Firebird SQL Server I" = Firebird SQL Server - MAGIX Edition
"GIMP-2_is1" = GIMP 2.8.6
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"ImgBurn" = ImgBurn
"MAGIX 3D Maker I" = MAGIX 3D Maker (embeded)
"MAGIX Foto su CD & DVD 8 deluxe I" = MAGIX Foto su CD & DVD 8 deluxe 8.0.3.2 (I)
"MAGIX Screenshare I" = MAGIX Screenshare 4.3.6.1987 (I)
"MAGIX Xtreme Photo Designer 6 I" = MAGIX Xtreme Photo Designer 6 6.0.27.0 (I)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.75.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Orbitron_is1" = Orbitron - Satellite Tracking System
"Revo Uninstaller" = Revo Uninstaller 1.95
"Shop for HP Supplies" = Shop for HP Supplies
"TeamViewer 5" = TeamViewer 5
"VLC media player" = VLC media player 2.0.7
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3461215093-3171702158-3098542607-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
< End of report >
e questo è il log OTL
OTL logfile created on: 01/12/2013 10:52:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Luciano\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
3,25 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 60,16% Memory free
6,50 Gb Paging File | 5,12 Gb Available in Paging File | 78,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,51 Gb Total Space | 642,86 Gb Free Space | 69,01% Space Free | Partition Type: NTFS
Computer Name: LUCIANO-PC | User Name: Luciano | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ========== PRC - C:\Users\Luciano\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Luciano\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
PRC - C:\Programmi\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
PRC - c:\Programmi\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation)
PRC - c:\Programmi\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
PRC - c:\Programmi\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programmi\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Programmi\Google\Update\1.3.21.165\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programmi\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe (Adobe Systems Incorporated)
PRC - C:\Programmi\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe ()
PRC - C:\Programmi\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Programmi\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Programmi\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programmi\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Programmi\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Programmi\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
PRC - C:\Programmi\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
PRC - C:\Programmi\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programmi\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe (Adobe Systems Incorporated)
PRC - C:\Programmi\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programmi\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programmi\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Programmi\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
PRC - C:\Programmi\Tor\tor.exe ()
PRC - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programmi\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programmi\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
PRC - C:\Programmi\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Programmi\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programmi\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
PRC - C:\Programmi\ScanSoft\OmniPageSE4.0\OpWareSE4.exe (ScanSoft, Inc.)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()
PRC - C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe ()
========== Modules (No Company Name) ========== MOD - C:\Programmi\Adobe\Adobe Creative Cloud\HEX\libcef.dll ()
MOD - C:\Programmi\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe ()
MOD - C:\Programmi\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll ()
MOD - C:\Programmi\Common Files\Apple\Internet Services\zlib1.dll ()
MOD - C:\Programmi\Common Files\Apple\Internet Services\libxml2.dll ()
MOD - C:\Programmi\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Programmi\Common Files\Adobe\CEPServiceManager4\zlib1.dll ()
MOD - C:\Programmi\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programmi\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programmi\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll ()
MOD - C:\Programmi\Logitech\LWS\Webcam Software\QTGui4.dll ()
MOD - C:\Programmi\Logitech\LWS\Webcam Software\QTXml4.dll ()
MOD - C:\Programmi\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll ()
MOD - C:\Programmi\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll ()
MOD - C:\Programmi\Logitech\LWS\Webcam Software\QTCore4.dll ()
MOD - C:\Programmi\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
MOD - C:\Programmi\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Programmi\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Programmi\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()
MOD - C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe ()
========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NisSrv) -- c:\Programmi\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programmi\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (Stereo Service) -- C:\Programmi\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (SkypeUpdate) -- C:\Programmi\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (NvStreamSvc) -- C:\Programmi\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV - (nvUpdatusService) -- C:\Programmi\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (WinDefend) -- C:\Programmi\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Programmi\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (FLEXnet Licensing Service) -- C:\Programmi\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Programmi\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (MBAMService) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (HPSLPSVC) -- C:\Users\Luciano\AppData\Local\Temp\7zS4183\hpslpsvc32.dll (Hewlett-Packard Co.)
SRV - (ose) -- C:\Programmi\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (tor) -- C:\Programmi\Tor\tor.exe ()
SRV - (wlidsvc) -- C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (WMPNetworkSvc) -- C:\Programmi\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Programmi\Nero\Update\NASvc.exe (Nero AG)
SRV - (SwitchBoard) -- C:\Programmi\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (TeamViewer5) -- C:\Programmi\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (osppsvc) -- C:\Programmi\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programmi\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
========== Driver Services (SafeList) ========== DRV - (flacyyfx) -- System32\drivers\aucfudoe.sys File not found
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (nvvad_WaveExtensible) -- C:\Windows\System32\drivers\nvvad32v.sys (NVIDIA Corporation)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (emAudio) -- C:\Windows\System32\drivers\emAudio.sys (Pinnacle Systems GmbH)
DRV - (DCamUSBEMPIA) -- C:\Windows\System32\drivers\emDevice.sys (eMPIA Technology, Inc.)
DRV - (FiltUSBEMPIA) -- C:\Windows\System32\drivers\emFilter.sys (eMPIA Technology, Inc.)
DRV - (ScanUSBEMPIA) -- C:\Windows\System32\drivers\emScan.sys (eMPIA Technology, Inc.)
DRV - (MarvinBus) -- C:\Windows\System32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://do-search.com/web/?type=ds&ts=1385569809&from=ild&uid=WDCXWD10EARS-00MVWB0_WD-WCAZA098628786287&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://do-search.com/web/?type=ds&ts=1385569809&from=ild&uid=WDCXWD10EARS-00MVWB0_WD-WCAZA098628786287&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{201EBA1A-107F-4D11-8DE1-9324774EDDCF}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3461215093-3171702158-3098542607-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3461215093-3171702158-3098542607-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://downloads.phpnuke.org/it/index.php?rvs=googleIE - HKU\S-1-5-21-3461215093-3171702158-3098542607-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
https://www.google.it/IE - HKU\S-1-5-21-3461215093-3171702158-3098542607-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3461215093-3171702158-3098542607-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-3461215093-3171702158-3098542607-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3461215093-3171702158-3098542607-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-3461215093-3171702158-3098542607-1003\..\SearchScopes,DefaultScope =
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/05/05 11:54:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/05/05 11:54:28 | 000,000,000 | ---D | M]
[2013/05/05 09:06:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
========== Chrome ========== CHR - homepage:
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
http://do-search.com/?type=hp&ts=1385569809&from=ild&uid=WDCXWD10EARS-00MVWB0_WD-WCAZA098628786287CHR - Extension: No name found = C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Luciano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programmi\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Programmi\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.dll (Pinnacle Systems)
O4 - HKLM..\Run: [USBToolTip] C:\Programmi\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKU\S-1-5-21-3461215093-3171702158-3098542607-1001..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3461215093-3171702158-3098542607-1001..\Run: [iCloudServices] C:\Programmi\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-3461215093-3171702158-3098542607-1001..\Run: [uTorrent] C:\Users\Luciano\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3461215093-3171702158-3098542607-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-3461215093-3171702158-3098542607-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programmi\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {CCA0B877-CB5E-4ADC-AD30-457C379512DD}
http://79.137.127.58/xplugLite.cab (Gif89 Lite Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1CD1303B-9993-4166-99DF-B5C936387B87}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programmi\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 60 Days ========== [2013/12/01 10:51:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Luciano\Desktop\OTL.exe
[2013/12/01 10:32:18 | 001,034,531 | ---- | C] (Thisisu) -- C:\Users\Luciano\Desktop\JRT.exe
[2013/12/01 10:22:27 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/12/01 09:22:40 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Luciano\Desktop\HijackThis.exe
[2013/11/29 16:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/11/29 16:01:56 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/11/29 16:00:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2013/11/29 15:58:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013/11/29 15:57:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/11/28 08:58:12 | 000,000,000 | ---D | C] -- C:\Users\Luciano\AppData\Local\Microsoft Toolkit
[2013/11/27 17:33:10 | 000,000,000 | ---D | C] -- C:\Users\Luciano\AppData\Local\SaveSenseLive
[2013/11/27 17:33:10 | 000,000,000 | ---D | C] -- C:\ProgramData\SaveSenseLive
[2013/11/27 17:33:10 | 000,000,000 | ---D | C] -- C:\Program Files\SaveSenseLive
[2013/11/27 17:32:57 | 000,000,000 | ---D | C] -- C:\Users\Luciano\AppData\Roaming\SaveSense
[2013/11/27 17:29:24 | 000,000,000 | ---D | C] -- C:\Program Files\SecretSauce
[2013/11/27 10:39:12 | 000,000,000 | ---D | C] -- C:\Users\Luciano\Desktop\verbale s.caterina 2013
[2013/11/27 09:34:32 | 000,000,000 | ---D | C] -- C:\Users\Luciano\Desktop\donwload scaricati utorrent
[2013/11/20 09:37:06 | 000,000,000 | -HSD | C] -- C:\found.001
[2013/11/19 09:28:45 | 000,000,000 | ---D | C] -- C:\Users\Luciano\.android
[2013/11/19 09:28:43 | 000,000,000 | ---D | C] -- C:\Users\Luciano\AppData\Local\cache
[2013/11/19 09:28:39 | 000,000,000 | ---D | C] -- C:\Users\Luciano\Documents\Mobogenie
[2013/11/19 09:28:39 | 000,000,000 | ---D | C] -- C:\Users\Luciano\AppData\Local\Mobogenie
[2013/11/14 09:19:48 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/11/14 09:19:47 | 002,877,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/11/14 09:19:46 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/11/14 09:19:45 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/11/14 09:19:44 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/11/14 09:19:43 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/11/14 09:19:43 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/11/14 09:19:43 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/11/14 09:19:42 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/11/14 09:19:42 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/11/14 08:27:37 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013/11/14 08:27:37 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2013/11/14 08:27:23 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013/11/14 08:27:23 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2013/11/14 08:27:05 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2013/11/14 08:27:04 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2013/11/13 17:10:29 | 000,000,000 | ---D | C] -- C:\Users\Luciano\AppData\Local\IZ0ROQ
[2013/11/13 17:09:39 | 000,517,076 | ---- | C] (IZ0ROQ ) -- C:\Users\Luciano\Desktop\setup eQslShow.exe
[2013/11/13 16:46:25 | 000,000,000 | ---D | C] -- C:\Program Files\Borland
[2013/11/12 08:27:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/11/12 08:25:24 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/11/12 08:25:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/11/12 08:25:23 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/11/09 15:43:20 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013/11/09 15:43:20 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013/11/08 19:03:25 | 000,000,000 | ---D | C] -- C:\Users\Luciano\Desktop\Nuova cartella
[2013/10/31 16:52:14 | 000,000,000 | ---D | C] -- C:\Users\Luciano\AppData\Roaming\iw1qlh
[2013/10/31 16:52:14 | 000,000,000 | ---D | C] -- C:\Users\Luciano\AppData\Local\iw1qlh
[2013/10/31 16:52:08 | 000,000,000 | ---D | C] -- C:\Program Files\IW1QLH
[2013/10/28 22:00:58 | 022,933,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2013/10/28 22:00:58 | 010,378,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2013/10/28 22:00:58 | 009,516,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2013/10/28 22:00:58 | 009,472,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2013/10/28 22:00:58 | 002,946,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2013/10/28 22:00:58 | 002,747,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2013/10/28 22:00:58 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvFBC.dll
[2013/10/28 22:00:58 | 000,560,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvIFR.dll
[2013/10/28 22:00:56 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2013/10/22 06:52:02 | 000,893,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco3233158.dll
[2013/10/22 06:52:01 | 001,049,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3233158.dll
[2013/10/15 16:54:06 | 000,589,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe
[2013/10/12 15:50:43 | 000,000,000 | ---D | C] -- C:\Users\Luciano\Desktop\PinnacleStudio
[2013/10/11 16:15:12 | 000,000,000 | ---D | C] -- C:\Program Files\JustCloud
[2013/10/11 15:52:05 | 000,000,000 | ---D | C] -- C:\Program Files\GreenTree Applications
[2013/10/11 10:58:18 | 000,000,000 | ---D | C] -- C:\download utorrent
[2013/10/11 10:41:32 | 001,141,328 | ---- | C] (BitTorrent Inc.) -- C:\Users\Luciano\Desktop\utorrent.exe
[2013/10/10 10:54:52 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/10 07:20:33 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2013/10/10 07:20:33 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2013/10/10 07:20:24 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/10/10 07:20:22 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/10/10 07:20:22 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2013/10/10 07:20:16 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2013/10/10 07:20:12 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013/10/10 07:20:11 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2013/10/10 07:20:11 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013/10/10 07:20:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2013/10/10 07:20:06 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2013/10/10 07:20:04 | 002,348,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/10/04 14:21:23 | 000,000,000 | ---D | C] -- C:\Users\Luciano\Desktop\Nuova cartella (3)
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 60 Days ========== [2013/12/01 10:51:57 | 000,022,592 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/01 10:51:57 | 000,022,592 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/01 10:51:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Luciano\Desktop\OTL.exe
[2013/12/01 10:51:03 | 000,001,140 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/01 10:44:53 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/01 10:44:51 | 000,001,288 | ---- | M] () -- C:\Windows\tasks\Torntv V6.0-updater.job
[2013/12/01 10:44:51 | 000,001,180 | ---- | M] () -- C:\Windows\tasks\Torntv V6.0-codedownloader.job
[2013/12/01 10:44:51 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\Torntv V6.0-enabler.job
[2013/12/01 10:44:43 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013/12/01 10:44:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/01 10:44:20 | 2616,057,856 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/01 10:32:19 | 001,034,531 | ---- | M] (Thisisu) -- C:\Users\Luciano\Desktop\JRT.exe
[2013/12/01 10:32:00 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\SaveSense.job
[2013/12/01 10:08:00 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/12/01 09:22:40 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Luciano\Desktop\HijackThis.exe
[2013/11/29 18:38:35 | 003,936,952 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/11/29 09:56:38 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/11/28 18:18:31 | 000,739,004 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2013/11/28 18:18:31 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/11/28 18:18:31 | 000,146,076 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2013/11/28 18:18:31 | 000,120,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/11/27 17:30:22 | 000,002,325 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/11/19 17:27:21 | 000,002,604 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog
[2013/11/19 17:03:07 | 000,001,044 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
[2013/11/19 11:45:24 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/11/19 11:21:30 | 000,230,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013/11/14 11:05:49 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/11/14 11:05:49 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/11/12 08:27:05 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/11/08 23:09:36 | 000,517,076 | ---- | M] (IZ0ROQ ) -- C:\Users\Luciano\Desktop\setup eQslShow.exe
[2013/10/16 01:41:34 | 022,933,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2013/10/16 01:41:34 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2013/10/16 01:41:34 | 015,858,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2013/10/16 01:41:34 | 015,244,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2013/10/16 01:41:34 | 010,378,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2013/10/16 01:41:34 | 009,516,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2013/10/16 01:41:34 | 009,472,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2013/10/16 01:41:34 | 002,946,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2013/10/16 01:41:34 | 002,747,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2013/10/16 01:41:34 | 002,694,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2013/10/16 01:41:34 | 001,049,888 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3233158.dll
[2013/10/16 01:41:34 | 000,893,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco3233158.dll
[2013/10/16 01:41:34 | 000,599,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\NvFBC.dll
[2013/10/16 01:41:34 | 000,560,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\NvIFR.dll
[2013/10/16 01:41:34 | 000,053,024 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2013/10/16 01:41:34 | 000,018,174 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2013/10/15 22:57:24 | 004,314,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2013/10/15 22:57:24 | 003,036,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2013/10/15 22:57:21 | 002,555,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2013/10/15 22:57:21 | 000,062,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2013/10/15 22:57:20 | 000,209,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2013/10/15 16:54:06 | 000,589,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe
[2013/10/12 08:04:08 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/10/12 08:02:48 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/10/12 08:02:33 | 002,877,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/10/12 08:02:33 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/10/12 08:02:29 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/10/12 08:02:29 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/10/12 08:02:29 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/10/12 08:02:29 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/10/12 07:08:58 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/10/12 06:15:39 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/10/12 03:03:08 | 000,656,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2013/10/12 03:01:25 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2013/10/11 16:15:51 | 029,705,109 | ---- | M] () -- C:\Users\Luciano\Documents\riparare un' antenna a 540m - un lavoro come tanti...mp4
[2013/10/11 16:14:54 | 000,001,251 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2013/10/11 15:59:33 | 014,914,304 | ---- | M] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 9.flv
[2013/10/11 15:59:18 | 023,435,931 | ---- | M] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 5 e 6.flv
[2013/10/11 15:59:02 | 007,606,023 | ---- | M] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 10.mp4
[2013/10/11 15:58:51 | 008,113,523 | ---- | M] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 8.mp4
[2013/10/11 15:58:39 | 014,420,858 | ---- | M] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 7.flv
[2013/10/11 15:58:31 | 023,154,846 | ---- | M] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 3.flv
[2013/10/11 15:57:51 | 007,943,164 | ---- | M] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 2.flv
[2013/10/11 15:57:44 | 009,897,096 | ---- | M] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 4.flv
[2013/10/11 15:57:11 | 006,212,570 | ---- | M] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 1.mp4
[2013/10/11 11:20:37 | 1965,543,841 | R--- | M] () -- C:\Users\Luciano\Desktop\PinnacleStudio16_Trial_Setup.exe
[2013/10/11 10:41:38 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\Users\Luciano\Desktop\utorrent.exe
[2013/10/04 02:58:50 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2013/10/04 02:56:00 | 001,796,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/11/27 17:32:57 | 000,000,300 | ---- | C] () -- C:\Windows\tasks\SaveSense.job
[2013/11/27 17:28:50 | 000,001,288 | ---- | C] () -- C:\Windows\tasks\Torntv V6.0-updater.job
[2013/11/27 17:28:44 | 000,001,090 | ---- | C] () -- C:\Windows\tasks\Torntv V6.0-enabler.job
[2013/11/27 17:28:36 | 000,001,180 | ---- | C] () -- C:\Windows\tasks\Torntv V6.0-codedownloader.job
[2013/11/19 17:03:07 | 000,001,056 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
[2013/11/19 17:03:07 | 000,001,044 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
[2013/11/13 16:46:24 | 000,165,376 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2013/11/12 08:27:05 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/10/22 06:52:03 | 000,018,174 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2013/10/11 16:15:25 | 029,705,109 | ---- | C] () -- C:\Users\Luciano\Documents\riparare un' antenna a 540m - un lavoro come tanti...mp4
[2013/10/11 15:58:51 | 007,606,023 | ---- | C] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 10.mp4
[2013/10/11 15:58:40 | 014,914,304 | ---- | C] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 9.flv
[2013/10/11 15:58:32 | 008,113,523 | ---- | C] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 8.mp4
[2013/10/11 15:57:52 | 014,420,858 | ---- | C] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 7.flv
[2013/10/11 15:57:45 | 023,435,931 | ---- | C] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 5 e 6.flv
[2013/10/11 15:57:12 | 009,897,096 | ---- | C] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 4.flv
[2013/10/11 15:56:58 | 006,212,570 | ---- | C] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 1.mp4
[2013/10/11 15:56:57 | 023,154,846 | ---- | C] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 3.flv
[2013/10/11 15:56:57 | 007,943,164 | ---- | C] () -- C:\Users\Luciano\Documents\HRD v.5 - parte 2.flv
[2013/10/11 15:52:11 | 000,001,251 | ---- | C] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2013/10/11 11:12:23 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/10/11 10:49:09 | 1965,543,841 | R--- | C] () -- C:\Users\Luciano\Desktop\PinnacleStudio16_Trial_Setup.exe
[2013/09/11 08:36:15 | 000,003,355 | ---- | C] () -- C:\Users\Luciano\AppData\Local\recently-used.xbel
[2013/06/27 15:01:33 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2013/06/27 15:00:06 | 000,006,621 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2013/05/21 08:42:43 | 000,000,054 | ---- | C] () -- C:\Users\Luciano\verypdf
[2013/05/21 07:36:06 | 000,002,247 | ---- | C] () -- C:\Windows\DigiPan.INI
[2013/05/07 16:55:19 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2013/05/07 16:55:19 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2013/05/07 16:55:19 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2013/05/07 16:55:19 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2013/05/07 16:55:19 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2013/05/07 16:55:19 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2013/05/07 16:55:19 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2013/05/07 16:55:19 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2013/05/07 16:55:19 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2013/05/07 16:55:19 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2013/05/07 16:55:19 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2013/05/07 16:55:19 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2013/05/07 16:55:19 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2013/05/07 16:55:19 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2013/05/07 16:55:19 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2013/05/07 16:55:19 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2013/05/07 16:55:19 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2013/05/07 16:55:19 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2013/05/07 16:55:19 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2013/05/05 14:21:27 | 000,000,182 | ---- | C] () -- C:\Windows\System32\EBPPORT4.DAT
[2013/05/05 14:20:22 | 000,000,025 | ---- | C] () -- C:\Windows\CDER300Euro.ini
[2013/05/05 11:46:10 | 000,220,585 | ---- | C] () -- C:\Windows\hpoins21.dat
[2013/05/05 11:46:10 | 000,005,474 | ---- | C] () -- C:\Windows\hpomdl21.dat
[2013/05/05 10:02:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IPPCPUID.DLL
[2013/05/05 10:00:07 | 000,011,776 | ---- | C] () -- C:\Windows\System32\pmsbfn32.dll
[2013/05/05 09:56:27 | 000,000,416 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2013/05/05 08:45:42 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012/09/21 19:48:30 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
========== ZeroAccess Check ========== [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2013/05/08 13:56:24 | 000,000,000 | ---D | M] -- C:\Users\Luciano\AppData\Roaming\Canon
[2013/06/11 12:41:57 | 000,000,000 | ---D | M] -- C:\Users\Luciano\AppData\Roaming\Epson
[2013/05/07 14:17:21 | 000,000,000 | ---D | M] -- C:\Users\Luciano\AppData\Roaming\ImgBurn
[2013/10/31 16:52:14 | 000,000,000 | ---D | M] -- C:\Users\Luciano\AppData\Roaming\iw1qlh
[2013/05/05 14:41:40 | 000,000,000 | ---D | M] -- C:\Users\Luciano\AppData\Roaming\Leadertech
[2013/06/27 15:20:22 | 000,000,000 | ---D | M] -- C:\Users\Luciano\AppData\Roaming\MAGIX
[2013/07/03 12:19:23 | 000,000,000 | ---D | M] -- C:\Users\Luciano\AppData\Roaming\Nokia
[2013/07/03 11:13:40 | 000,000,000 | ---D | M] -- C:\Users\Luciano\AppData\Roaming\PC Suite
[2013/11/27 17:52:44 | 000,000,000 | ---D | M] -- C:\Users\Luciano\AppData\Roaming\SaveSense
[2013/05/05 09:55:41 | 000,000,000 | ---D | M] -- C:\Users\Luciano\AppData\Roaming\ScanSoft
[2013/06/14 08:07:28 | 000,000,000 | ---D | M] -- C:\Users\Luciano\AppData\Roaming\TeamViewer
[2013/12/01 11:00:41 | 000,000,000 | ---D | M] -- C:\Users\Luciano\AppData\Roaming\uTorrent
[2013/05/18 23:31:53 | 000,000,000 | ---D | M] -- C:\Users\Luciano\AppData\Roaming\YCanPDF
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:B755D674
< End of report >
