Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Controllo LOG Opzioni
skorpios1
Inviato: Monday, December 30, 2013 11:04:50 AM
Rank: Member

Iscritto dal : 4/23/2004
Posts: 5
Buongiorno
ho fatto una scansione con Otl per cercare di eliminare un falso positivo di Java (aggiornamento) e allego i due file.
Se qualche anima pia gli da un occhiata sarei molto riconoscente.
Grazie

OTL logfile created on: 30/12/2013 1.29.32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\User\Documenti\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,99 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 72,58% Memory free
4,84 Gb Paging File | 4,11 Gb Available in Paging File | 84,99% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 288,32 Gb Total Space | 239,86 Gb Free Space | 83,19% Space Free | Partition Type: NTFS

Computer Name: 96F48F9281DE45B | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\User\Documenti\Download\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\User\Impostazioni locali\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Programmi\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programmi\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programmi\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programmi\Google\Update\1.3.22.3\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programmi\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
PRC - C:\Programmi\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
PRC - C:\Programmi\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
PRC - C:\Programmi\File comuni\Java\Java Update\jusched.exe (Oracle Corporation)
PRC - C:\WINDOWS\system32\C2MP\UpdateChecker.exe ()
PRC - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
MOD - C:\Programmi\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\system32\C2MP\UpdateChecker.exe ()
MOD - C:\Programmi\Panda Security\Panda Cloud Antivirus\sqlite3.dll ()


========== Services (SafeList) ==========

SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (JavaQuickStarterService) -- C:\Programmi\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programmi\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (MozillaMaintenance) -- C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (PSUAService) -- C:\Programmi\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
SRV - (NanoServiceMain) -- C:\Programmi\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
SRV - (SkypeUpdate) -- C:\Programmi\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MBAMService) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Skype C2C Service) -- C:\Documents and Settings\All Users\Dati applicazioni\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (NMIndexingService) -- C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
SRV - (ose) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MDM) -- C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (Network WanMiniport First Position) -- C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe ()


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (sbapifs) -- system32\drivers\sbapifs.sys File not found
DRV - (sbaphd) -- system32\drivers\sbaphd.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (gfiark) -- system32\drivers\gfiark.sys File not found
DRV - (FreshIO) -- C:\Programmi\FreshDevices\FreshDiagnose\FreshIO.sys File not found
DRV - (Changer) -- File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (PSINAflt) -- C:\WINDOWS\system32\drivers\PSINAflt.sys (Panda Security, S.L.)
DRV - (PSINReg) -- C:\WINDOWS\system32\drivers\PSINReg.sys (Panda Security, S.L.)
DRV - (PSINProt) -- C:\WINDOWS\system32\drivers\PSINProt.sys (Panda Security, S.L.)
DRV - (PSINProc) -- C:\WINDOWS\system32\drivers\PSINProc.sys (Panda Security, S.L.)
DRV - (PSINKNC) -- C:\WINDOWS\system32\drivers\PSINKNC.sys (Panda Security, S.L.)
DRV - (PSINFile) -- C:\WINDOWS\system32\drivers\PSINFile.sys (Panda Security, S.L.)
DRV - (NNSSTRM) -- C:\WINDOWS\system32\drivers\NNSStrm.sys (Panda Security, S.L.)
DRV - (NNSSMTP) -- C:\WINDOWS\system32\drivers\NNSSmtp.sys (Panda Security, S.L.)
DRV - (NNSTLSC) -- C:\WINDOWS\system32\drivers\NNStlsc.sys (Panda Security, S.L.)
DRV - (NNSPROT) -- C:\WINDOWS\system32\drivers\NNSProt.sys (Panda Security, S.L.)
DRV - (NNSPRV) -- C:\WINDOWS\system32\drivers\NNSPrv.sys (Panda Security, S.L.)
DRV - (NNSPOP3) -- C:\WINDOWS\system32\drivers\NNSPop3.sys (Panda Security, S.L.)
DRV - (NNSIDS) -- C:\WINDOWS\system32\drivers\NNSIds.sys (Panda Security, S.L.)
DRV - (NNSPICC) -- C:\WINDOWS\system32\drivers\NNSpicc.sys (Panda Security, S.L.)
DRV - (NNSPIHS) -- C:\WINDOWS\system32\drivers\NNSpihs.sys (Panda Security, S.L.)
DRV - (NNSHTTP) -- C:\WINDOWS\system32\drivers\NNSHttp.sys (Panda Security, S.L.)
DRV - (NNSHTTPS) -- C:\WINDOWS\system32\drivers\NNSHttps.sys (Panda Security, S.L.)
DRV - (NNSALPC) -- C:\WINDOWS\system32\drivers\NNSAlpc.sys (Panda Security, S.L.)
DRV - (PSKMAD) -- C:\WINDOWS\system32\drivers\PSKMAD.sys (Panda Security, S.L.)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Programmi\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (NETw5x32) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)
DRV - (k57w2k) -- C:\WINDOWS\system32\drivers\k57xp32.sys (Broadcom Corporation)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (ManyCam) -- C:\WINDOWS\system32\drivers\ManyCam.sys (ManyCam LLC.)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (MRENDIS5) -- C:\Programmi\Common Files\Motive\MRENDIS5.sys (Motive, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.corriere.it
IE - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNC_itIT355
IE - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.corriere.it/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Programmi\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Programmi\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programmi\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Programmi\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Programmi\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Programmi\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Programmi\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Programmi\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Dati applicazioni\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\User\Dati applicazioni\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Documents and Settings\User\Dati applicazioni\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\User\Dati applicazioni\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/23 13.02.09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2013/12/12 05.09.30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2013/12/12 11.28.40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/23 13.02.09 | 000,000,000 | ---D | M]

[2013/02/25 09.37.09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Dati applicazioni\Mozilla\Extensions
[2013/01/25 14.50.15 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Documents and Settings\User\Dati applicazioni\Mozilla\Extensions\statuswinks@StatusWinks
[2013/12/11 12.59.50 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2013/12/12 11.28.40 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programmi\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/12/11 12.59.50 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\browser\extensions
[2013/12/12 11.28.40 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programmi\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/12/11 13.00.06 | 000,000,000 | ---D | M] (Default) -- C:\Programmi\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/10/23 15.01.34 | 000,102,400 | ---- | M] (Zylom) -- C:\Programmi\mozilla firefox\plugins\npzylomgamesplayer.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.corriere.it/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = c:\programmi\google\chrome\application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = c:\programmi\google\chrome\application\31.0.1650.63\pdf.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\User\Dati applicazioni\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\User\Dati applicazioni\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Documents and Settings\User\Dati applicazioni\Mozilla\plugins\npo1d.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programmi\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programmi\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Zylom Plugin (Enabled) = C:\Programmi\Mozilla Firefox\plugins\npzylomgamesplayer.dll
CHR - plugin: Microsoft\u00C3\u201A\u00C2\u00AE DRM (Enabled) = C:\Programmi\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programmi\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00C3\u201A\u00C2\u00AE DRM (Enabled) = C:\Programmi\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U13 (Enabled) = C:\Programmi\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Programmi\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Programmi\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00C3\u201A\u00C2\u00AE Photo Gallery (Enabled) = C:\Programmi\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - plugin: Java Deployment Toolkit 7.0.130.20 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Programmi\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Documenti Google = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Ricerca Google = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.12.0.13601_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Documenti Google = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Ricerca Google = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.12.0.13601_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/12/29 22.19.05 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Guida per l'accesso a Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AzMixerSel] C:\Programmi\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PSUAMain] C:\Programmi\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programmi\File comuni\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f File not found
O4 - HKU\.DEFAULT..\RunOnce: [panda2_0dn_XP] reg.exe delete "HKCU\Software\panda2_0dn" /f File not found
O4 - HKU\.DEFAULT..\RunOnce: [panda4_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda4_0dn" /f File not found
O4 - HKU\.DEFAULT..\RunOnce: [panda4_0dn_XP] reg.exe delete "HKCU\Software\panda4_0dn" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [panda2_0dn_XP] reg.exe delete "HKCU\Software\panda2_0dn" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [panda4_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda4_0dn" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [panda4_0dn_XP] reg.exe delete "HKCU\Software\panda4_0dn" /f File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\CodecPackUpdateChecker.lnk = C:\WINDOWS\system32\C2MP\UpdateChecker.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2000478354-879983540-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1343304945109 (MUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5AF00FB4-1416-440D-8F1E-04B0E0CF3B91}: NameServer = 193.70.152.15 212.52.97.15
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA6042B4-DAF4-45F2-8BF0-F48F49433E91}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA6042B4-DAF4-45F2-8BF0-F48F49433E91}: NameServer = 193.70.152.15,193.70.152.25
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\File comuni\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmi\File comuni\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programmi\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\Programmi\MarkAny\ContentSafer\MACSMANAGER.dll (MarkAny Cooperation.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/14 09.42.28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 60 Days ==========

[2013/12/30 00.52.47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dati applicazioni\Nico Mak Computing
[2013/12/29 23.12.35 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/12/29 22.11.33 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/12/29 22.08.39 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/12/29 21.36.30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Max Secure
[2013/12/29 21.28.55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dati applicazioni\GetRightToGo
[2013/12/29 11.44.23 | 000,047,632 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\PSKMAD.sys
[2013/12/27 23.58.34 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\Java
[2013/12/27 23.58.27 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/12/27 23.58.27 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/12/27 23.58.18 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/12/27 23.58.18 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/12/27 23.58.18 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/12/27 23.58.18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Java
[2013/12/27 21.59.42 | 000,000,000 | ---D | C] -- C:\Programmi\Hosts_Anti_Adwares_PUPs
[2013/12/27 21.51.35 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/12/27 21.21.17 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/12/25 12.14.07 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013/12/24 11.24.14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Media Player - Codec Pack
[2013/12/24 11.23.00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\C2MP
[2013/12/14 14.08.20 | 000,030,008 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2013/12/13 11.36.51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\PDFCreator
[2013/12/13 11.36.45 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2013/12/13 11.36.45 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX
[2013/12/13 11.36.45 | 000,054,784 | ---- | C] (pdfforge GbR) -- C:\WINDOWS\System32\pdfcmon.dll
[2013/12/13 11.36.43 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCIT.DLL
[2013/12/13 11.36.43 | 000,122,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6IT.DLL
[2013/12/13 11.36.43 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCC2IT.DLL
[2013/12/13 11.36.43 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMPIDE.DLL
[2013/12/13 11.36.42 | 000,000,000 | ---D | C] -- C:\Programmi\PDFCreator
[2013/12/12 12.13.13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dati applicazioni\uTorrent
[2013/12/12 11.39.08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\QuickTime
[2013/12/12 11.38.23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Apple Computer
[2013/12/12 11.36.10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Google Earth
[2013/12/12 07.38.50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Documenti\File ricevuti
[2013/12/12 05.08.58 | 000,000,000 | ---D | C] -- C:\Programmi\QuickTime
[2013/12/11 12.59.49 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Firefox
[2013/12/10 10.22.49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Doctor Web
[2013/11/28 15.40.29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013/11/28 14.27.58 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidparse.sys
[2013/11/28 14.22.42 | 000,123,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbvideo.sys
[2013/11/28 14.22.42 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2013/11/28 14.22.42 | 000,046,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irbus.sys
[2013/11/28 14.19.45 | 000,032,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2013/11/28 14.19.45 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbd.sys
[2013/11/27 21.47.44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\cache
[2013/11/25 11.41.12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Malwarebytes' Anti-Malware
[2013/11/25 11.40.58 | 000,000,000 | ---D | C] -- C:\Programmi\Malwarebytes' Anti-Malware
[2013/11/25 00.00.40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Dati applicazioni\MarineAquarium3Free_57
[2013/11/23 14.32.43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Iminent(2)
[2013/11/05 21.16.37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Panda Cloud Antivirus
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2013/12/30 01.07.09 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013/12/30 01.02.00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/12/30 00.40.30 | 000,236,466 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2013/12/30 00.40.27 | 000,001,122 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/30 00.40.20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/12/30 00.40.16 | 000,275,760 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/12/30 00.35.00 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/30 00.17.05 | 000,268,945 | ---- | M] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\census.cache
[2013/12/30 00.17.04 | 000,228,922 | ---- | M] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\ars.cache
[2013/12/29 23.40.00 | 000,001,238 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-879983540-1417001333-1003UA.job
[2013/12/29 23.32.05 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/12/29 22.19.05 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/12/29 22.11.42 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013/12/27 23.58.07 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/12/27 23.58.03 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/12/27 23.58.03 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/12/27 23.58.03 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/12/27 23.58.03 | 000,145,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/12/27 09.33.58 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/12/26 18.40.00 | 000,001,186 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-879983540-1417001333-1003Core.job
[2013/12/26 17.47.27 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/12/25 15.08.42 | 000,638,441 | ---- | M] () -- C:\Documents and Settings\User\Documenti\DSC_0631.jpg
[2013/12/24 12.14.34 | 000,001,606 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\CodecPackUpdateChecker.lnk
[2013/12/24 11.39.51 | 000,000,192 | ---- | M] () -- C:\Documents and Settings\User\default.pls
[2013/12/20 15.31.29 | 000,146,146 | ---- | M] () -- C:\Documents and Settings\User\Documenti\1483956_422312534564392_917526880_n.jpg
[2013/12/20 15.31.24 | 000,108,091 | ---- | M] () -- C:\Documents and Settings\User\Documenti\1477843_422312601231052_812081273_n.jpg
[2013/12/20 15.31.17 | 000,129,474 | ---- | M] () -- C:\Documents and Settings\User\Documenti\1470841_422312557897723_919493017_n.jpg
[2013/12/20 15.30.58 | 001,250,150 | ---- | M] () -- C:\Documents and Settings\User\Documenti\DSC_0553.jpg
[2013/12/18 11.03.14 | 000,002,531 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Microsoft Office Word 2003.lnk
[2013/12/17 11.43.50 | 000,000,007 | ---- | M] () -- C:\Documents and Settings\User\ComX
[2013/12/17 09.20.28 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\housecall.guid.cache
[2013/12/16 18.41.20 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/12/16 18.41.20 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/12/13 19.37.19 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/12/13 14.12.04 | 000,002,008 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013/12/13 11.36.51 | 000,000,829 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PDFArchitect.lnk
[2013/12/13 11.36.51 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PDFCreator.lnk
[2013/12/12 12.14.45 | 000,000,834 | ---- | M] () -- C:\Documents and Settings\User\Desktop\µTorrent.lnk
[2013/12/12 05.09.17 | 000,001,588 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2013/12/11 17.01.18 | 000,000,695 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2013/12/11 17.00.00 | 000,032,568 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2013/12/11 16.59.54 | 000,030,008 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2013/12/10 21.39.55 | 000,001,891 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/12/10 10.45.35 | 000,000,771 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Collegamento a drweb-cureit.lnk
[2013/12/06 06.39.38 | 000,001,779 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/11/28 16.15.58 | 000,548,642 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2013/11/28 16.15.58 | 000,477,748 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/28 16.15.58 | 000,100,216 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2013/11/28 16.15.58 | 000,078,206 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/11/28 03.58.21 | 000,000,658 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/11/27 21.46.10 | 000,001,441 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/11/08 09.49.53 | 000,056,312 | ---- | M] () -- C:\Documents and Settings\User\Documenti\IMG-20131107-WA0003.jpg
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/12/29 22.11.42 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013/12/29 22.11.39 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2013/12/25 14.23.34 | 000,638,441 | ---- | C] () -- C:\Documents and Settings\User\Documenti\DSC_0631.jpg
[2013/12/24 11.24.41 | 000,001,606 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\CodecPackUpdateChecker.lnk
[2013/12/17 11.42.01 | 000,000,007 | ---- | C] () -- C:\Documents and Settings\User\ComX
[2013/12/17 09.41.35 | 000,268,945 | ---- | C] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\census.cache
[2013/12/17 09.41.30 | 000,228,922 | ---- | C] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\ars.cache
[2013/12/17 09.20.28 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\housecall.guid.cache
[2013/12/13 11.36.51 | 000,000,829 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PDFArchitect.lnk
[2013/12/13 11.36.51 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PDFCreator.lnk
[2013/12/12 12.14.45 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\User\Desktop\µTorrent.lnk
[2013/12/12 05.09.17 | 000,001,588 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2013/12/10 21.39.55 | 000,001,891 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/12/10 10.45.35 | 000,000,771 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Collegamento a drweb-cureit.lnk
[2013/12/03 11.03.01 | 000,108,091 | ---- | C] () -- C:\Documents and Settings\User\Documenti\1477843_422312601231052_812081273_n.jpg
[2013/12/03 11.02.41 | 000,146,146 | ---- | C] () -- C:\Documents and Settings\User\Documenti\1483956_422312534564392_917526880_n.jpg
[2013/12/03 11.02.30 | 000,129,474 | ---- | C] () -- C:\Documents and Settings\User\Documenti\1470841_422312557897723_919493017_n.jpg
[2013/11/23 13.00.16 | 000,001,441 | ---- | C] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/11/09 14.07.54 | 001,250,150 | ---- | C] () -- C:\Documents and Settings\User\Documenti\DSC_0553.jpg
[2013/11/08 09.49.04 | 000,056,312 | ---- | C] () -- C:\Documents and Settings\User\Documenti\IMG-20131107-WA0003.jpg
[2013/08/30 04.54.26 | 003,915,776 | ---- | C] () -- C:\WINDOWS\System32\ffmpeg.dll
[2013/08/30 04.53.34 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2013/08/30 04.51.58 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2013/08/30 04.51.54 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2013/08/30 04.51.50 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2013/08/30 04.51.48 | 001,525,760 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2013/08/30 04.51.48 | 000,211,968 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2013/08/30 04.51.48 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2013/08/30 04.51.40 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2013/08/30 04.51.40 | 000,136,704 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2013/07/26 14.24.22 | 006,275,760 | ---- | C] () -- C:\WINDOWS\System32\avcodec-lav-55.dll
[2013/07/26 14.24.22 | 001,239,216 | ---- | C] () -- C:\WINDOWS\System32\avformat-lav-55.dll
[2013/07/26 14.24.22 | 000,394,416 | ---- | C] () -- C:\WINDOWS\System32\swscale-lav-2.dll
[2013/07/26 14.24.22 | 000,288,944 | ---- | C] () -- C:\WINDOWS\System32\avutil-lav-52.dll
[2013/07/26 14.24.22 | 000,235,184 | ---- | C] () -- C:\WINDOWS\System32\avfilter-lav-3.dll
[2013/07/26 14.24.22 | 000,190,640 | ---- | C] () -- C:\WINDOWS\System32\libbluray.dll
[2013/07/26 14.24.22 | 000,150,192 | ---- | C] () -- C:\WINDOWS\System32\avresample-lav-1.dll
[2013/06/03 23.45.52 | 000,002,008 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013/04/14 11.00.06 | 000,150,016 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2013/04/14 11.00.02 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2013/04/14 10.59.54 | 000,143,872 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2013/04/14 10.59.48 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2013/04/14 10.59.36 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\dsmux.exe
[2013/04/14 10.59.32 | 000,154,624 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2013/04/14 10.59.28 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2013/04/14 10.59.12 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2013/04/14 10.59.10 | 000,137,728 | ---- | C] () -- C:\WINDOWS\System32\mkv2vfr.exe
[2013/04/14 10.59.06 | 000,357,376 | ---- | C] () -- C:\WINDOWS\System32\gdsmux.exe
[2013/04/14 10.59.06 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2013/04/14 10.58.12 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2013/04/14 10.58.12 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2013/04/05 21.27.16 | 000,203,264 | ---- | C] () -- C:\WINDOWS\System32\spdif_test.exe
[2013/04/05 21.27.12 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\ac3config.exe
[2013/04/05 21.27.10 | 001,021,440 | ---- | C] () -- C:\WINDOWS\System32\ac3filter_intl.dll
[2013/01/27 11.41.01 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/09/29 23.47.28 | 000,000,178 | ---- | C] () -- C:\WINDOWS\System32\Formats.ini
[2012/08/25 17.14.19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\0x0304A000.sfl
[2012/03/27 12.02.12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2009/11/04 20.25.47 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/15 20.23.56 | 000,000,192 | ---- | C] () -- C:\Documents and Settings\User\default.pls

========== ZeroAccess Check ==========

[2012/08/27 15.15.27 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 13.00.00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 11.51.43 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 13.00.00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/09/19 03.53.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\pandasecuritytb
[2010/12/24 18.56.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AQ
[2011/05/18 12.30.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVG Security Toolbar(2)
[2011/05/19 21.52.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVG10
[2011/02/17 23.32.10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Common Files
[2012/06/02 14.06.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Easybits GO
[2013/11/25 11.41.29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Iminent(2)
[2013/12/29 21.39.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Max Secure
[2011/05/19 22.12.40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MFAData
[2013/09/19 11.40.40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Panda Security
[2013/07/15 22.30.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\SpinTop Games
[2012/08/23 19.28.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TuneUp Software
[2010/01/02 16.45.03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Zylom
[2012/08/23 19.27.15 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/07/28 14.21.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dati applicazioni\pandasecuritytb
[2012/08/26 19.29.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dati applicazioni\TuneUp Software
[2013/07/10 09.14.03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dati applicazioni\pandasecuritytb
[2011/02/17 23.32.40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\AVG10
[2009/10/15 21.11.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\DataCast
[2012/06/14 14.08.11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\FreshDiagnose
[2013/12/29 21.30.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\GetRightToGo
[2012/06/02 14.06.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\go
[2012/12/25 16.21.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\ManyCam
[2013/11/25 00.00.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\MarineAquarium3Free_57
[2013/12/30 01.04.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Nico Mak Computing
[2011/05/19 22.21.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Panda Security
[2010/08/28 11.16.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\PhotoScape
[2012/08/26 15.51.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\TuneUp Software
[2013/12/29 01.51.35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\uTorrent
[2012/08/27 15.18.21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Windows Desktop Search
[2012/09/03 19.22.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Dati applicazioni\Windows Search

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 30/12/2013 1.29.32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\User\Documenti\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,99 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 72,58% Memory free
4,84 Gb Paging File | 4,11 Gb Available in Paging File | 84,99% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 288,32 Gb Total Space | 239,86 Gb Free Space | 83,19% Space Free | Partition Type: NTFS

Computer Name: 96F48F9281DE45B | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Programmi\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-2000478354-879983540-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Programmi\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Gestione remota Windows
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programmi\HP\Digital Imaging\bin\hpqste08.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hposid01.exe" = C:\Programmi\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Programmi\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Programmi\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programmi\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programmi\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\HP Software Update\HPWUCli.exe" = C:\Programmi\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Programmi\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Programmi\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Programmi\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home -- (Nero AG)
"C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Server di Microsoft DirectPlay8 -- (Microsoft Corporation)
"C:\WINDOWS\system32\dxdiag.exe" = C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programmi\Mozilla Firefox\firefox.exe" = C:\Programmi\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programmi\HP\Digital Imaging\bin\hpqste08.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hposid01.exe" = C:\Programmi\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Programmi\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
"C:\Programmi\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programmi\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programmi\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\HP Software Update\HPWUCli.exe" = C:\Programmi\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Programmi\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Programmi\Alice ti aiuta\bin\mad.exe" = C:\Programmi\Alice ti aiuta\bin\mad.exe:*:Disabled:Motive Chorus Daemon -- (Motive Communications, Inc.)
"C:\AQ\supdate.exe" = C:\AQ\supdate.exe:*:Enabled:Programma aggiornamento automatico -- (Autosoft Multimedia srl)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Programmi\Panda Security\Panda Security Toolbar\dtuser.exe" = C:\Programmi\Panda Security\Panda Security Toolbar\dtuser.exe:*:Enabled:Panda Security Toolbar DTX Broker -- (Visicom Media Inc.)
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\User\Impostazioni locali\Dati applicazioni\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Documents and Settings\User\Documenti\Download\utorrent.exe" = C:\Documents and Settings\User\Documenti\Download\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
"C:\Programmi\Skype\Phone\Skype.exe" = C:\Programmi\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Programmi\Messenger\msmsgs.exe" = C:\Programmi\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Documents and Settings\User\Dati applicazioni\uTorrent\uTorrent.exe" = C:\Documents and Settings\User\Dati applicazioni\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Strumento di caricamento di Windows Live
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{2A83AD05-56E6-3FBD-8752-B4143162EF59}" = Google Talk Plugin
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{373CDA0D-A5B1-4BCB-8E74-C6337DC4A259}" = Microsoft .NET Framework 2.0 Language Pack - ITA
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{43FFE159-3199-4188-A1CD-629166AD1040}" = Nero 7 Premium
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Supporto applicazioni Apple
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{69833D2A-A3A1-449B-ADF7-5FEBFE48FC55}" = Panda Cloud Antivirus
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D7BDA00-A4DA-49F9-BAE4-7FB71FAA4737}" = Windows Live Essentials
"{6F695BCF-9BDC-48AB-8D46-D57CFAD7A248}" = Assistente per l'accesso a Windows Live
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90110410-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0410-0000-0000000FF1CE}" = Pacchetto di compatibilità per Office System 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B802669-7722-4F83-8054-930832188033}" = Raccolta foto di Windows Live
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9D65D46-3708-4F5B-9117-0199C7098D11}" = WanMiniport1st
"{AC76BA86-7AD7-1040-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Italiano
"{AE141553-8A8C-467D-B2E9-A352F1141508}" = Installazione Guidata Alice
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7DD783E-EE11-4B68-AF39-71AE2C457015}" = Windows Live Sync
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = Samsung Media Studio
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2D2B58B-B2FD-46D1-8319-DCE564079934}" = Microsoft .NET Framework 1.1 Italian Language Pack
"{F905718C-60B8-4714-B8AA-3DB88695C747}" = TuneUp Utilities Language Pack (it-IT)
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"2DA959FE3D6F0F5BC313481E72071D510DD786FB" = Windows Driver Package - Intel (w29n51) net (12/19/2007 9.0.4.39)
"6F2C02404E1D60DD35CBAFA786E3791A8680B96C" = Windows Driver Package - Intel (NETw5x32) net (09/25/2008 12.1.2.1)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AliceRE.MCCInstall" = Alice ti aiuta
"CCleaner" = CCleaner
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"ie8" = Windows Internet Explorer 8
"Lame MP3 Codec (for the ACM)" = Lame ACM MP3 Codec
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.75.0.1300
"Media Player - Codec Pack" = Media Player Codec Pack 4.2.9
"Microsoft .NET Framework 2.0 Language Pack - ITA" = Microsoft .NET Framework 2.0 - Language Pack (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Mozilla Firefox 19.0 (x86 it)" = Mozilla Firefox 19.0 (x86 it)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"Panda Universal Agent Endpoint" = Panda Cloud Antivirus
"SidaByAutosoft" = Sida Millennium 2003 1.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"VLC media player" = VLC media player 2.1.2
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR gestione archivi
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD_is1" = XviD MPEG-4 Video Codec
"Zylom Games Player Plugin" = Zylom Games Player Plugin

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2000478354-879983540-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 26/12/2013 12.52.58 | Computer Name = 96F48F9281DE45B | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore wlxphotogallery.exe, versione
14.0.8081.709, modulo che ha provocato l'errore unknown, versione 0.0.0.0, indirizzo
errore 0x62613cf0.

Error - 26/12/2013 12.53.30 | Computer Name = 96F48F9281DE45B | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore wlxphotogallery.exe, versione
14.0.8081.709, modulo che ha provocato l'errore unknown, versione 0.0.0.0, indirizzo
errore 0x62613cf0.

Error - 29/12/2013 18.32.09 | Computer Name = 96F48F9281DE45B | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore explorer.exe, versione 6.0.2900.5512,
modulo che ha provocato l'errore nemp4splitter.ax, versione 4.9.4.1, indirizzo
errore 0x0002a65b.

Error - 29/12/2013 18.32.14 | Computer Name = 96F48F9281DE45B | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore drwtsn32.exe, versione 5.1.2600.0,
modulo che ha provocato l'errore dbghelp.dll, versione 5.1.2600.5512, indirizzo
errore 0x0001295d.

Error - 29/12/2013 18.33.26 | Computer Name = 96F48F9281DE45B | Source = Application Hang | ID = 1002
Description = Applicazione in stallo explorer.exe, versione 6.0.2900.5512, modulo
in stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.

Error - 29/12/2013 18.34.05 | Computer Name = 96F48F9281DE45B | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore explorer.exe, versione 6.0.2900.5512,
modulo che ha provocato l'errore nemp4splitter.ax, versione 4.9.4.1, indirizzo
errore 0x0002a65b.

Error - 29/12/2013 18.35.20 | Computer Name = 96F48F9281DE45B | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore explorer.exe, versione 6.0.2900.5512,
modulo che ha provocato l'errore nemp4splitter.ax, versione 4.9.4.1, indirizzo
errore 0x0002a65b.

Error - 29/12/2013 18.44.04 | Computer Name = 96F48F9281DE45B | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore explorer.exe, versione 6.0.2900.5512,
modulo che ha provocato l'errore nemp4splitter.ax, versione 4.9.4.1, indirizzo
errore 0x0002a65b.

Error - 29/12/2013 19.35.39 | Computer Name = 96F48F9281DE45B | Source = Application Hang | ID = 1002
Description = Applicazione in stallo AcroRd32.exe, versione 11.0.4.63, modulo in
stallo hungapp, versione 0.0.0.0, indirizzo stallo 0x00000000.

Error - 29/12/2013 19.35.44 | Computer Name = 96F48F9281DE45B | Source = Application Hang | ID = 1001
Description = Bucket -473805052 errato.

[ System Events ]
Error - 29/12/2013 18.48.01 | Computer Name = 96F48F9281DE45B | Source = Service Control Manager | ID = 7026
Description = All'avvio non è stato possibile caricare i seguenti driver: sbaphd

Error - 29/12/2013 18.55.06 | Computer Name = 96F48F9281DE45B | Source = Service Control Manager | ID = 7000
Description = Il servizio sbapifs non è stato avviato per il seguente errore: %%2

Error - 29/12/2013 18.55.10 | Computer Name = 96F48F9281DE45B | Source = Service Control Manager | ID = 7026
Description = All'avvio non è stato possibile caricare i seguenti driver: sbaphd

Error - 29/12/2013 19.02.41 | Computer Name = 96F48F9281DE45B | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio MDM con gli argomenti "" per eseguire il server {0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error - 29/12/2013 19.30.38 | Computer Name = 96F48F9281DE45B | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio MDM con gli argomenti "" per eseguire il server {0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error - 29/12/2013 19.40.51 | Computer Name = 96F48F9281DE45B | Source = Service Control Manager | ID = 7000
Description = Il servizio sbapifs non è stato avviato per il seguente errore: %%2

Error - 29/12/2013 19.40.55 | Computer Name = 96F48F9281DE45B | Source = Service Control Manager | ID = 7026
Description = All'avvio non è stato possibile caricare i seguenti driver: sbaphd

Error - 29/12/2013 19.41.27 | Computer Name = 96F48F9281DE45B | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio MDM con gli argomenti "" per eseguire il server {0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error - 29/12/2013 19.52.25 | Computer Name = 96F48F9281DE45B | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio MDM con gli argomenti "" per eseguire il server {0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error - 29/12/2013 19.53.03 | Computer Name = 96F48F9281DE45B | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio MDM con gli argomenti "" per eseguire il server {0C0A3666-30C9-11D0-8F20-00805F2CD064}


< End of report >
Sponsor
Inviato: Monday, December 30, 2013 11:04:50 AM

 
r16
Inviato: Monday, December 30, 2013 2:21:46 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao.
Segui le indicazioni di questa guida:
http://forum.aiutamici.com/yaf_postst90814_Guida-per-eliminare-le-pagine-pubblicitarie-SOLO-LETTURA.aspx
Posta i log richiesti.
Ovviamente non fare la scansione con OTL visto che l'hai già fatta.

N.B:
Per postare i log segui le indicazioni a fine topic.
skorpios1
Inviato: Monday, December 30, 2013 4:30:08 PM
Rank: Member

Iscritto dal : 4/23/2004
Posts: 5
Ho effettuato la scansione con Malaware byt, e sembra che non abbia trovato niente.In precedenza avevo già fatto tutti i passaggi descritti nella guida, inclusa una scansione con combofix. Credo che il problema sia risolto.
Grazie per la gentile collaborazione.

Flavio
r16
Inviato: Monday, December 30, 2013 4:31:18 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Di niente.
Auguri per l'anno nuovo.
Ciao.
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.