ecco i log:
# AdwCleaner v3.021 - Report created 10/03/2014 at 22:27:14
# Updated 10/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : utente - UTENTE-PC
# Running from : C:\Users\utente\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Mysearchdial.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16518
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v25.0 (it)
[ File : C:\Users\utente\AppData\Roaming\Mozilla\Firefox\Profiles\7wom5x2e.default\prefs.js ]
[ File : C:\Users\utente\AppData\Roaming\Mozilla\Firefox\Profiles\awc6d29j.default-1386534437449\prefs.js ]
[ File : C:\Users\utente\AppData\Roaming\Mozilla\Firefox\Profiles\gayiwbzm.default-1394110358529\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");
Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
-\\ Google Chrome v33.0.1750.146
[ File : C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [5637 octets] - [10/03/2014 16:05:05]
AdwCleaner[R1].txt - [2004 octets] - [10/03/2014 18:13:25]
AdwCleaner[R2].txt - [2069 octets] - [10/03/2014 18:22:45]
AdwCleaner[R3].txt - [460 octets] - [10/03/2014 22:20:51]
AdwCleaner[R4].txt - [2248 octets] - [10/03/2014 22:24:53]
AdwCleaner[S0].txt - [4473 octets] - [10/03/2014 16:08:06]
AdwCleaner[S1].txt - [1697 octets] - [10/03/2014 18:15:18]
AdwCleaner[S2].txt - [1756 octets] - [10/03/2014 18:26:07]
AdwCleaner[S3].txt - [1795 octets] - [10/03/2014 22:27:14]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1855 octets] ##########OTL Extras logfile created on: 10/03/2014 22:34:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\utente\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
3,45 Gb Total Physical Memory | 1,67 Gb Available Physical Memory | 48,38% Memory free
6,90 Gb Paging File | 4,61 Gb Available in Paging File | 66,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 382,33 Gb Free Space | 82,09% Space Free | Partition Type: NTFS
Computer Name: UTENTE-PC | User Name: utente | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2092714899-3851518989-292589236-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{194988B6-4FB5-41EB-9DB9-3D89C1C3CBBB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1C6B32D5-C0E2-41B9-B85F-58BD8A047524}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{22E3E58C-2DB3-4356-A824-147F3EA2F152}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{251D72ED-C47D-4433-91E3-A856AFA6EAC8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{316BE389-5C61-463D-AC4E-794E6A546041}" = lport=445 | protocol=6 | dir=in | app=system |
"{33DD9465-D8CD-44B4-9C94-EF070B87FAF9}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3CF4C764-643E-497D-8F2B-AF088223FABB}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{426EC6EA-0851-424B-B51F-DD55CEE5B8A2}" = lport=138 | protocol=17 | dir=in | app=system |
"{428FDCE6-D984-4EED-864C-5AD9134A070A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{45EAEBA8-82D2-4AFA-8360-E6792C8CB0ED}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{476047E5-6A87-4ACE-BBFA-6390CF7B49AF}" = lport=139 | protocol=6 | dir=in | app=system |
"{4DF0AAF7-3B01-41FB-985A-E09FCFA973DB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{53BE81DB-DCE9-45BC-9B45-9E09122EDA82}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5E25063E-2808-4DD8-95CA-1B2CEDF79E93}" = rport=10243 | protocol=6 | dir=out | app=system |
"{60B10E4A-1F43-4B2B-AE05-5B747AD00036}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{60B5EC09-43C9-428D-A961-50CF0059B0BE}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7D3FC8B6-0F32-40DC-8D80-53B4DF7CBDBB}" = lport=137 | protocol=17 | dir=in | app=system |
"{7FB40D84-2C31-46D7-99DE-23CFF3FF1DFC}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{822CF183-9B79-4673-A01B-71D0C4DB2C7F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8B01C4F8-5AEC-4AAF-BA48-7E33CE12722D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{982F90FC-DB2A-4067-8ACE-99BC9D353BF3}" = rport=138 | protocol=17 | dir=out | app=system |
"{99A9BD3A-E69B-41DC-ADDD-6D67DF6F5E70}" = rport=139 | protocol=6 | dir=out | app=system |
"{AE93AE62-FE68-4916-A610-81874C06EE15}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B8C24EED-511B-4389-80F9-F043A909128F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B8E16AA0-CCA0-4D76-A26E-C52198385A80}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B9E8DCE0-E25D-4F8D-93C8-E9289BBEA63B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BE5D551A-281C-4AAA-8DA2-D7C17C6D69D1}" = rport=137 | protocol=17 | dir=out | app=system |
"{BE79BDB1-0131-4257-B4A8-38BF2634B7DD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C2B15F6A-9FA5-4DF5-9826-1D083856E04C}" = rport=445 | protocol=6 | dir=out | app=system |
"{C2C8DB26-325F-4471-BC07-5E7C17E17E3E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D3C70679-FB13-490F-8451-726CC95F1919}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D896A6E7-D544-43A7-A4EB-C0CF563E8717}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F2D65E6E-4423-4F41-AF08-2FC03F0F79F0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F456EDBF-3B5E-4C1B-A550-131A28F28A27}" = lport=1900 | protocol=17 | dir=in | app=%programfiles%\zune\zune.exe |
"{F467FE56-1890-47A9-B4E6-C6B241D30C1B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{F8C27712-68E4-4343-8509-E87897992C7F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F8C7EC93-EE74-478E-AEED-7C0A8C5DA5D2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{053D4B7A-0B02-4626-9811-09294C8DA303}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0F3A42DA-0BCA-4E08-B7B1-931DC9B18C14}" = protocol=17 | dir=in | app=c:\program files (x86)\emule\emule.exe |
"{18D86ABC-3852-41EC-AD4D-D6D0A567666C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1C7531CC-629A-4CBA-AEF9-F6A2056B38F4}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2DA5E029-F8A1-47E2-ACC6-AC0D2201278B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{30CD4C09-456D-4CF8-9BB7-9B55B21ED5DE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{362337F8-985D-4572-BA44-3C935E05C834}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{375D9DC3-4026-4520-878D-D04B9A048940}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3908E9DF-4A1D-4E6E-B6FC-8E3CE5E6E3BC}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3A849EEA-565C-4C20-9CBE-548FCBB54E1C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{3B3C8C21-3D92-4793-8A47-6D475253BA52}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{430AAAA7-E0D8-4B58-A2A5-684E6502F77B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{45530021-427A-4BEF-ABA9-BB03478B1A65}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{4D05F259-AA13-41D4-8C18-60913AFD4646}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{4E906508-FF2D-4A58-A76C-2990EAC3487A}" = dir=in | app=c:\users\utente\appdata\local\microsoft\skydrive\skydrive.exe |
"{52B10CCB-951D-4B19-9774-C3E07C490D59}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5A55B72F-847A-4E78-93A3-2546997B4C8E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{612C894D-7C8B-43C1-BDB2-500D9C917AC9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6A8437C7-D55A-4E95-AE0A-ACC87F63F5FC}" = protocol=6 | dir=in | app=c:\program files (x86)\emule\emule.exe |
"{6DA5D16F-C776-4325-95A2-5960F290E185}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{768390B4-7A95-4A66-8B72-20D532318720}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{788F4714-DC74-415D-92C4-AC47FF285CA0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7A8F49D1-3557-4181-89E0-D85B3DE8F273}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7AAF21C9-CAD1-40B9-AE20-C8243C5C1544}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{86AA0CA6-0BC2-489A-8B08-8D3A9F976B3B}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{89039824-D045-4B67-8DDE-858736592A67}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9DE502EB-D491-4807-8426-2082A7FA2A7E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AA63FCF3-6DEB-4E1D-9BCF-5A9B4DFDAEFB}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{B4981F84-24C6-47E6-BEAF-9BFAF9B9E53C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B868BFD0-1512-4E3F-A207-91285A48BFA6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BAD5FBDC-A909-4DB9-A498-01964E53920D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BB180DE1-06A0-4F32-AF16-6A48F690BA36}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{BE1CB6C2-86F1-430A-9426-47477E5ABE30}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BE6BA1EB-1BA7-4E62-B9D9-42251BD15061}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C03BD867-AE6E-4332-B2B4-5D543E514410}" = protocol=6 | dir=out | app=system |
"{C75E29CC-E26A-41BF-8B07-47CC30B46059}" = protocol=6 | dir=out | app=system |
"{CE1DA4FD-329B-4A0C-A8E6-EC67FE7C61CF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E1BDC036-FDA1-438E-9A8D-D0E8A0634873}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{E342C009-3276-4EF8-A7FB-FD3A1A541A21}" = protocol=6 | dir=out | app=system |
"{EAFDC08A-41B7-4CE4-A6E4-E4B9A6AEF31F}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{EEAFF6F6-8D40-4838-852F-9973A52C3A1A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{F752BBAD-095B-4B51-BC02-8D6DACA6C844}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FAAE55AA-C620-40A8-8A50-6128D31AA343}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{FC91C37D-E38F-4FF1-8DCC-993F24638EB5}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{13AD5E97-F15C-46C7-92D9-6CE42AB6E73E}" = calibre 64bit
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2BC6E83B-1E02-A5C2-2831-5FAE4EDCF7B3}" = ccc-utility64
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{377C9C44-398B-6CBD-9138-F6B4AB951839}" = AMD Catalyst Install Manager
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5E94829C-D2B9-3779-BA6C-1ACCDED3800E}" = Microsoft .NET Framework 4.5.1 (ITA)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6B4C51EF-39CB-99D4-6026-2EA9FDDAC70D}" = AMD Accelerated Video Transcoding
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2010
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040" = Microsoft .NET Framework 4.5.1 (Italiano)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B8BA155B-1E75-405F-9CB4-8A99615D09DC}" = iTunes
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Pacchetto driver Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"CCleaner" = CCleaner
"FindRight" = FindRight
"Zune" = Zune
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02D4DB7C-7C02-AB4A-F528-0EFCA3752F47}" = CCC Help Turkish
"{17A878D4-A67D-2F80-66BE-5CF1E0BB3A25}" = CCC Help Russian
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver
"{29ACA902-C281-2B88-C859-74DF19511683}" = CCC Help English
"{2BC4D180-783E-8BF4-24B9-2E7FAF93F89F}" = CCC Help German
"{2FF3DA60-9ECD-A9A7-99C7-DD6ACB17260A}" = CCC Help Korean
"{36ABA598-A28F-46C9-AEB6-DD58A02A4AB9}" = ASUS Manager Suite
"{37747352-1773-E60D-1931-7730124399AF}" = CCC Help Chinese Standard
"{3847DD27-6264-3855-05B0-15555C39FE4E}" = CCC Help Chinese Traditional
"{42D43B17-A83F-9E89-DF57-DB9D77463BAC}" = CCC Help Norwegian
"{43002AE2-4093-49E0-A03D-990EE184C568}" = Lyrics Plugin for Windows Media Player
"{4592BAE7-B99A-47A5-9B6B-3BC236B9D3E9}" = Alcor Micro USB Card Reader
"{45AAACE4-28CF-EC62-9D86-E8F1DD04C837}" = CCC Help Italian
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E05D48E-B0C5-E2A6-D753-E213654FE414}" = CCC Help Greek
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{6376DF8F-5CA6-9243-E5F7-3E83C0EEEF9F}" = CCC Help Polish
"{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{72E91E14-B005-B624-E923-5C3D292F38F0}" = CCC Help Thai
"{73EB6E5C-82CA-3A74-99AD-BE2126A424A6}" = Catalyst Control Center Localization All
"{74F06137-EF36-3920-D71E-479FBB5A9A52}" = Catalyst Control Center InstallProxy
"{769E695A-F93F-803E-3763-9A00A0E38786}" = OEM Application Profile
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 6.3.2
"{84CFDE23-26E6-5D52-4D4D-C0CB1CBB4D7D}" = CCC Help Hungarian
"{85F4ACB1-E7DC-C3C6-F4FD-BB936DF2695E}" = Windows PE x86 x64 wims
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A1946C0-6412-B62C-0844-FCA473822171}" = CCC Help French
"{8C8A4195-1A52-7530-1A93-85ACFD26767F}" = CCC Help Portuguese
"{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010
"{90140000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2010
"{90140000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2010
"{90140000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2010
"{90140000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2010
"{90140000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2010
"{90140000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2010
"{90140000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2010
"{95140000-007A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{A40927B9-AB53-08B5-5CEA-3ADE7321C22D}" = CCC Help Japanese
"{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Supporto applicazioni Apple
"{AC76BA86-7AD7-1040-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Italiano
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B1A3850F-B94C-45C4-AAC2-3B266D6535F4}" = Catalyst Control Center - Branding
"{B69B9506-0714-4FE9-ACA3-F36075263166}" = CCC Help Finnish
"{B9B6DE71-CE2A-2247-A545-4E5B3AD10A78}" = CCC Help Swedish
"{BD9524B5-D045-DBE1-7346-4C9464C8B85B}" = CCC Help Danish
"{BFC9778E-9765-C94C-C082-C2514F8DEB9B}" = Windows Deployment Tools
"{C351C886-67B3-2B90-514A-FC9E6833F77E}" = AMD VISION Engine Control Center
"{C377F4CD-9F13-7F45-759D-1C333DCA1F9B}" = CCC Help Dutch
"{C5DA1F9C-3421-CEC7-6A30-A3B1A239EA79}" = CCC Help Czech
"{CB392DD5-C1F4-9A9B-EBFE-E982BE184FD0}" = HydraVision
"{CE875FDB-7030-BA8A-47D5-948F5451F6BF}" = CCC Help Spanish
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics DiskDefrag
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1" = Wise Care 365 version 2.44
"{EDB188F5-D8E8-42EE-89E0-F212DA48CB81}" = Nokia Suite
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F89D69CA-6EE1-E037-DD3B-08CDDE1BED1C}" = Windows PE x86 x64
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Advanced SystemCare 7_is1" = Advanced SystemCare 7
"AmUStor" = Alcor Micro USB Card Reader
"Avast" = avast! Pro Antivirus
"BurnAware Free_is1" = BurnAware Free 6.8
"Driver Booster_is1" = Driver Booster
"eMule" = eMule
"FastStone Photo Resizer" = FastStone Photo Resizer 3.2
"Google Chrome" = Google Chrome
"IObit Malware Fighter_is1" = IObit Malware Fighter
"IObit Surfing Protection_is1" = Surfing Protection
"IObitUninstall" = IObit Uninstaller
"ManageMyMobile_is1" = ManageMyMobile
"Mozilla Firefox 27.0.1 (x86 it)" = Mozilla Firefox 27.0.1 (x86 it)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"Office14.STANDARD" = Microsoft Office Standard 2010
"Picasa 3" = Picasa 3
"Revo Uninstaller" = Revo Uninstaller 1.95
"Smart Defrag 3 Pro_is1" = Smart Defrag 3
"TeamViewer 8" = TeamViewer 8
"Wise Care 365_is1" = Wise Care 365 2.95
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2092714899-3851518989-292589236-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 10/03/2014 15:48:03 | Computer Name = utente-PC | Source = Application Hang | ID = 1002
Description = Il programma mbam.exe versione 1.75.0.1 non interagisce più con Windows
ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema,
verificare la cronologia del problema in Centro operativo nel Pannello di controllo.
ID
processo: f074 Ora di avvio: 01cf3c95494f060e Ora di chiusura: 19 Percorso applicazione:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe ID segnalazione: d45169a3-a88c-11e3-85f5-ac220b53e422
Error - 10/03/2014 17:29:31 | Computer Name = utente-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 10/03/2014 17:30:19 | Computer Name = utente-PC | Source = Service Control Manager | ID = 7034
Description = Arresto imprevista del servizio LiveUpdate. Questo evento si è già
verificato 1 volta(e).
< End of report >
OTL logfile created on: 10/03/2014 22:34:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\utente\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
3,45 Gb Total Physical Memory | 1,67 Gb Available Physical Memory | 48,38% Memory free
6,90 Gb Paging File | 4,61 Gb Available in Paging File | 66,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 382,33 Gb Free Space | 82,09% Space Free | Partition Type: NTFS
Computer Name: UTENTE-PC | User Name: utente | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ==========
PRC - C:\Users\utente\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe (IObit)
PRC - C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe (IObit)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
PRC - C:\Programmi\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (IObit)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
PRC - C:\Program Files (x86)\ASUS\ASUS Manager Suite\AsEjectHelper.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS Manager Suite\ASUSManager.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS Manager Suite\AsShellApplication.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS Manager Suite\EMMessageParser.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\Message Controller\AsMessageController.exe (ASUSTeK Computer Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll ()
MOD - C:\Programmi\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraIta.dll ()
MOD - C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl ()
MOD - C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl ()
MOD - C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl ()
MOD - C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll ()
MOD - C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll ()
MOD - C:\Program Files (x86)\ASUS\Message Controller\AsKeyboardHooker.dll ()
MOD - C:\Program Files (x86)\ASUS\Message Controller\AsRemoteControlHooker.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Manager Suite\ImageMgr.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Manager Suite\MessageParser\AsMultiLang.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Manager Suite\AsMultiLang.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (IMFservice) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SRV - (avast! Antivirus) -- C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (WiseBootAssistant) -- C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe (WiseCleaner.com)
SRV - (AdvancedSystemCareService7) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe (IObit)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (LiveUpdateSvc) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
SRV - (!SASCORE) -- C:\Programmi\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (ZuneWlanCfgSvc) -- C:\Programmi\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV - (WMZuneComm) -- C:\Programmi\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc) -- C:\Programmi\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programmi\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswsp.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswstm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\drivers\amdhub30.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\drivers\amdxhc.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (RegFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys (IObit.com)
DRV - (UrlFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys (IObit.com)
DRV - (FileMonitor) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys (IObit)
DRV - (SASDIFSV) -- C:\Programmi\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Programmi\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASInsHelp) -- C:\Windows\SysWOW64\drivers\AsInsHelp64.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0ByDtA0EyEtBtB0D0EtAtCtN0D0Tzu0SyBzyyEtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu1L1C1H1B1QtDtBtDtB1O1OtN1L1G1B1V1N2Y1L1Qzu2StCtA0Bzy0C0AzyzztGzz0F0ByCtGyCtC0FyCtGzz0AtByBtGtA0A0B0AtAtBzy0EyCtCyCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtB0AyEyByByB0DtG0AyDyB0DtGtAyCzzyDtGtD0EyByEtGtDzytDzyyD0D0BtAtCyCtAyC2Q&cr=96305639&ir=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2092714899-3851518989-292589236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2092714899-3851518989-292589236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=irmsd0202ff&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0ByDtA0EyEtBtB0D0EtAtCtN0D0Tzu0SyBzyyEtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu1L1C1H1B1QtDtBtDtB1O1OtN1L1G1B1V1N2Y1L1Qzu2StCtA0Bzy0C0AzyzztGzz0F0ByCtGyCtC0FyCtGzz0AtByBtGtA0A0B0AtAtBzy0EyCtCyCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtB0AyEyByByB0DtG0AyDyB0DtGtAyCzzyDtGtD0EyByEtGtDzytDzyyD0D0BtAtCyCtAyC2Q&cr=96305639&ir=
IE - HKU\S-1-5-21-2092714899-3851518989-292589236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKU\S-1-5-21-2092714899-3851518989-292589236-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9C 5F FE DE F0 CF CE 01 [binary data]
IE - HKU\S-1-5-21-2092714899-3851518989-292589236-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2092714899-3851518989-292589236-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2092714899-3851518989-292589236-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2092714899-3851518989-292589236-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKU\S-1-5-21-2092714899-3851518989-292589236-1000\..\SearchScopes\{66652786-525A-4766-A653-3ACDEAE5091F}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-2092714899-3851518989-292589236-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKU\S-1-5-21-2092714899-3851518989-292589236-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2092714899-3851518989-292589236-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.virgilio.it/"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2013.75
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - prefs.js..keyword.URL: ""
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/02/07 13:02:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013/10/23 18:03:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\utente\AppData\Roaming\mozilla\Extensions
[2014/03/04 22:17:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\utente\AppData\Roaming\mozilla\Firefox\Profiles\7wom5x2e.default\extensions
[2014/03/04 22:17:06 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\utente\AppData\Roaming\mozilla\Firefox\Profiles\7wom5x2e.default\extensions\ascsurfingprotection@iobit.com
[2014/03/04 18:29:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\utente\AppData\Roaming\mozilla\Firefox\Profiles\7wom5x2e.default\extensions\staged
[2014/03/04 22:17:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\utente\AppData\Roaming\mozilla\Firefox\Profiles\awc6d29j.default-1386534437449\extensions
[2014/03/04 22:17:06 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\utente\AppData\Roaming\mozilla\Firefox\Profiles\awc6d29j.default-1386534437449\extensions\ascsurfingprotection@iobit.com
[2014/03/04 18:29:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\utente\AppData\Roaming\mozilla\Firefox\Profiles\awc6d29j.default-1386534437449\extensions\staged
[2014/03/08 14:09:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\utente\AppData\Roaming\mozilla\Firefox\Profiles\gayiwbzm.default-1394110358529\extensions
[2014/02/26 06:19:14 | 000,008,049 | ---- | M] () (No name found) -- C:\Users\utente\AppData\Roaming\mozilla\firefox\profiles\7wom5x2e.default\extensions\{42e50651-9669-456e-9081-d5a836274274}.xpi
[2014/03/04 19:34:36 | 000,008,049 | ---- | M] () (No name found) -- C:\Users\utente\AppData\Roaming\mozilla\firefox\profiles\awc6d29j.default-1386534437449\extensions\{42e50651-9669-456e-9081-d5a836274274}.xpi
[2014/03/08 14:09:26 | 001,393,079 | ---- | M] () (No name found) -- C:\Users\utente\AppData\Roaming\mozilla\firefox\profiles\gayiwbzm.default-1394110358529\extensions\firefox@ghostery.com.xpi
[2014/03/06 13:57:53 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\utente\AppData\Roaming\mozilla\firefox\profiles\gayiwbzm.default-1394110358529\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/03/10 22:04:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014/03/10 22:05:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/03/10 22:04:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions
[2014/03/10 22:04:56 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.virgilio.it/
CHR - plugin: Error reading preferences file
CHR - Extension: Documenti Google = C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\
CHR - Extension: YouTube = C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Ricerca Google = C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: qo - Quotidiani Online = C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjgihlgkabklkgdfebkjacffgcflmbp\1.0_0\
CHR - Extension: Ads Removal = C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen\1.0.0_0\
CHR - Extension: avast! Online Security = C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_1\
CHR - Extension: Ghostery = C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.1.2_0\
CHR - Extension: Google Wallet = C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Adsl Speed Test = C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\okkdlbmekgbpbhjjlcmobhamfheimjai\1.4.2_0\
CHR - Extension: Gmail = C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2014/02/25 14:06:45 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmi\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programmi\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmi\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Programmi\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AsShellApplication] C:\Program Files (x86)\ASUS\ASUS Manager Suite\AsShellApplication.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-2092714899-3851518989-292589236-1000..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-2092714899-3851518989-292589236-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-2092714899-3851518989-292589236-1000..\Run: [SUPERAntiSpyware] C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4 - Startup: C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google Chrome.lnk = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2092714899-3851518989-292589236-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2092714899-3851518989-292589236-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2092714899-3851518989-292589236-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-2092714899-3851518989-292589236-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programmi\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2092714899-3851518989-292589236-1000\..Trusted Domains: samsungsetup.com ([www] http in Siti attendibili)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51CB80BA-3087-4ECF-9212-98984A37B774}: DhcpNameServer = 192.168.1.100
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/03/10 12:17:50 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 60 Days ==========
[2014/03/10 22:04:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/03/10 21:25:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\utente\Desktop\OTL.exe
[2014/03/10 21:03:23 | 000,000,000 | ---D | C] -- C:\Users\utente\AppData\Roaming\SUPERAntiSpyware.com
[2014/03/10 21:02:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2014/03/10 21:02:28 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/03/10 21:02:28 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014/03/10 18:38:57 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/03/10 18:36:36 | 001,037,734 | ---- | C] (Thisisu) -- C:\Users\utente\Desktop\JRT.exe
[2014/03/10 16:05:03 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/03/10 12:16:45 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014/03/10 12:15:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014/03/10 11:19:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/03/09 08:36:04 | 006,574,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/03/09 08:36:04 | 005,694,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/03/08 13:31:26 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2014/03/08 13:31:14 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2014/03/08 13:31:14 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2014/03/08 13:31:14 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2014/03/08 13:31:08 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/03/08 13:31:08 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/03/08 13:31:07 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014/03/08 13:31:07 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2014/03/08 13:31:07 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2014/03/08 13:31:07 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2014/03/08 13:31:07 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2014/03/08 13:31:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2014/03/08 13:31:07 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2014/03/08 13:31:06 | 001,147,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014/03/08 13:31:04 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2014/03/08 13:31:04 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2014/03/08 13:30:23 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014/03/08 13:30:22 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014/03/07 10:52:08 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/03/07 10:51:50 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/03/06 15:55:57 | 000,000,000 | R--D | C] -- C:\Users\utente\Desktop\730 2013
[2014/03/06 11:59:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2014/03/05 17:01:20 | 000,000,000 | R--D | C] -- C:\Users\utente\Desktop\Guardalavaca marzo 2014
[2014/03/05 10:07:56 | 000,000,000 | ---D | C] -- C:\Users\utente\Desktop\FAX
[2014/03/04 22:16:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2014/03/04 22:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
[2014/03/04 18:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/03/04 13:39:31 | 000,000,000 | ---D | C] -- C:\Users\utente\Desktop\2014 Scontrini Farmacia
[2014/03/03 18:26:41 | 000,000,000 | ---D | C] -- C:\Users\utente\Desktop\Rate Cond BORIO
[2014/03/03 13:33:01 | 000,888,536 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2014/03/03 13:33:01 | 000,073,800 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2014/03/03 13:31:16 | 002,782,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2014/03/03 13:31:13 | 043,720,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2014/03/03 13:31:13 | 000,154,840 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2014/03/03 13:19:59 | 000,110,080 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\DelayAPO.dll
[2014/03/03 13:19:59 | 000,096,256 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\AtihdW76.sys
[2014/03/02 18:35:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/03/02 18:34:41 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/02/26 15:48:11 | 000,000,000 | ---D | C] -- C:\Users\utente\Desktop\Dati precedenti di Firefox
[2014/02/26 10:19:45 | 000,000,000 | ---D | C] -- C:\Users\utente\AppData\Local\PDF24
[2014/02/26 10:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
[2014/02/26 10:19:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF24
[2014/02/25 21:56:00 | 000,000,000 | ---D | C] -- C:\Windows\tasks\ImCleanDisabled
[2014/02/25 21:27:55 | 000,000,000 | ---D | C] -- C:\Users\utente\AppData\Roaming\Wise Care 365
[2014/02/25 21:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
[2014/02/25 21:17:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise
[2014/02/25 13:52:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/02/25 13:52:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/02/25 13:52:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/02/25 13:48:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/02/25 13:47:57 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/02/25 13:44:26 | 000,000,000 | ---D | C] -- C:\Users\utente\AppData\Roaming\Malwarebytes
[2014/02/25 13:44:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/02/25 12:21:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2014/02/22 10:14:28 | 000,000,000 | ---D | C] -- C:\Users\utente\AppData\Roaming\TeamViewer
[2014/02/21 20:16:05 | 000,000,000 | ---D | C] -- C:\Users\utente\AppData\Roaming\FastStone
[2014/02/21 20:16:05 | 000,000,000 | ---D | C] -- C:\Users\utente\AppData\Local\FastStone
[2014/02/21 20:15:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Photo Resizer
[2014/02/21 20:15:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FastStone Photo Resizer
[2014/02/21 08:47:32 | 000,034,080 | ---- | C] (IObit) -- C:\Windows\SysNative\SmartDefragBootTime.exe
[2014/02/21 08:47:16 | 000,128,320 | ---- | C] (IObit) -- C:\Windows\SysNative\IObitSmartDefragExtension.dll
[2014/02/21 08:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
[2014/02/17 07:22:46 | 001,958,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2014/02/12 18:29:34 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/02/12 18:28:04 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/12 18:28:04 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/12 18:28:02 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/12 18:28:02 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/12 18:28:00 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/12 18:28:00 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/12 18:28:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/12 18:27:58 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/12 18:27:57 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/12 18:27:57 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/12 18:27:57 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/12 18:27:57 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/12 18:27:57 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/12 18:27:56 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/12 18:27:56 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/12 18:27:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/12 18:27:54 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/12 18:27:54 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/12 18:27:54 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/12 18:27:53 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/12 18:27:47 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/12 18:27:46 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/12 18:27:38 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/12 18:26:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/02/12 18:26:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/02/12 18:26:22 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/02/12 18:26:22 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/02/12 18:26:21 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/02/12 18:26:21 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/02/12 18:26:21 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/02/12 18:26:21 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/02/12 18:26:21 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/02/12 18:26:20 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/02/12 18:26:20 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/02/12 18:26:20 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/02/12 18:26:20 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/02/12 18:26:20 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/02/12 18:26:19 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/02/12 18:26:19 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/02/12 18:26:19 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/02/12 18:26:19 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/02/12 18:26:19 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/02/12 18:26:08 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/02/12 18:26:07 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/02/09 17:32:27 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2014/02/08 20:30:19 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/02/08 20:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/02/08 20:30:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/02/08 20:29:08 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014/02/08 20:29:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2014/02/07 19:33:53 | 000,000,000 | ---D | C] -- C:\Users\utente\Documents\iTools
[2014/02/07 18:42:54 | 000,000,000 | ---D | C] -- C:\Users\utente\AppData\Local\iMobie_Inc
[2014/02/07 18:42:52 | 000,000,000 | ---D | C] -- C:\Users\utente\AppData\Roaming\iMobie
[2014/02/07 18:42:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iMobie
[2014/02/03 14:25:34 | 000,000,000 | R--D | C] -- C:\Users\utente\Desktop\I Pad Mini Retina
[2014/01/19 08:29:06 | 000,108,128 | ---- | C] (Advanced Micro Devices, INC.) -- C:\Windows\SysNative\drivers\amdhub30.sys
[2014/01/19 08:29:02 | 000,000,000 | ---D | C] -- C:\DrvInstall
[2014/01/16 21:50:28 | 000,000,000 | ---D | C] -- C:\Users\utente\AppData\Roaming\WinZip
[2014/01/16 17:49:45 | 002,103,040 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2014/01/16 17:49:43 | 002,810,072 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2014/01/16 17:49:40 | 001,286,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2014/01/16 17:49:40 | 000,618,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2014/01/16 17:49:33 | 014,153,984 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2014/01/16 17:49:33 | 002,036,992 | ---- | C] (Waves Audio Ltd.) -- C:\Windo---- | C] (Microsoft Corporation[2014/01/16 17:49:33 | 001,922,304 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2014/01/16 17:49:32 | 001,013,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2014/01/16 09:25:07 | 000,000,000 | ---D | C] -- C:\Users\utente\Desktop\ABBONAMENTO TV
[2014/01/15 07:18:29 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/01/15 07:18:28 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/01/15 07:18:08 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 60 Days ==========
[2014/03/10 22:36:47 | 000,021,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/10 22:36:47 | 000,021,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/10 22:29:16 | 000,001,146 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/10 22:29:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/10 22:28:56 | 2778,488,832 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/10 21:58:00 | 000,001,150 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/10 21:52:00 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/10 21:26:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\utente\Desktop\OTL.exe
[2014/03/10 21:15:34 | 000,000,762 | ---- | M] () -- C:\Users\utente\Documents\cc_20140310_211530.reg
[2014/03/10 21:02:35 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/03/10 18:36:55 | 001,037,734 | ---- | M] (Thisisu) -- C:\Users\utente\Desktop\JRT.exe
[2014/03/10 17:23:01 | 000,001,529 | ---- | M] () -- C:\Users\utente\Desktop\iexplore - collegamento.lnk
[2014/03/10 17:20:21 | 000,002,037 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/03/10 16:04:20 | 001,949,184 | ---- | M] () -- C:\Users\utente\Desktop\AdwCleaner.exe
[2014/03/10 13:25:14 | 000,000,448 | ---- | M] () -- C:\Users\utente\Documents\cc_20140310_132510.reg
[2014/03/10 12:17:50 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014/03/10 08:01:43 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\spu_storage.bin
[2014/03/04 21:00:03 | 000,000,404 | ---- | M] () -- C:\Windows\tasks\Wise Turbo Checker.job
[2014/03/04 18:18:53 | 000,002,450 | ---- | M] () -- C:\Users\utente\Documents\cc_20140304_181849.reg
[2014/03/04 16:15:27 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
[2014/03/04 08:04:51 | 000,002,216 | ---- | M] () -- C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google Chrome.lnk
[2014/03/03 13:33:02 | 000,107,552 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2014/03/03 13:33:02 | 000,073,800 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2014/03/03 13:33:01 | 000,888,536 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2014/03/03 13:32:42 | 000,001,294 | --name>) -- C:\Windows\SysNative\Dsktop\AudioWizard.lnk
[2014/03/03 13:32:33 | 000,171,199 | ---- | M] () -- C:\Windows\SysNative\drivers\RTWAVES40.dat
[2014/03/03 13:31:17 | 002,782,936 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2014/03/03 13:31:14 | 043,720,192 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2014/03/03 13:31:14 | 000,704,269 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014/03/03 13:31:13 | 000,154,840 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2014/03/03 13:19:59 | 000,110,080 | ---- | M] (TODO: <Company name>) -- C:\Windows\SysNative\DelayAPO.dll
[2014/03/03 13:19:59 | 000,096,256 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\AtihdW76.sys
[2014/03/02 18:35:24 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/02/27 17:07:56 | 000,000,868 | ---- | M] () -- C:\Users\utente\Documents\cc_20140227_170752.reg
[2014/02/26 10:19:34 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\PDF24 Creator.lnk
[2014/02/25 18:08:32 | 000,002,697 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/02/25 14:06:45 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/02/22 07:41:56 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2014/02/21 20:15:47 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\FastStone Photo Resizer.lnk
[2014/02/21 16:53:05 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/02/21 16:53:05 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/02/19 15:44:14 | 000,128,320 | ---- | M] (IObit) -- C:\Windows\SysNative\IObitSmartDefragExtension.dll
[2014/02/17 07:22:46 | 001,958,616 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2014/02/15 18:19:14 | 001,635,066 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/15 18:19:14 | 000,741,386 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2014/02/15 18:19:14 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/15 18:19:14 | 000,147,440 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2014/02/15 18:19:14 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/15 18:19:05 | 001,635,066 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/06 12:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/06 12:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/06 12:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/06 11:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/06 11:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/06 11:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/06 11:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/06 11:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/06 11:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/06 11:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/06 11:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/06 11:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/06 11:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/06 10:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/06 10:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/06 10:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/06 10:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/06 10:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/06 10:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/06 10:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/06 10:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/06 09:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/06 09:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/03 19:01:54 | 290,235,986 | ---- | M] () -- C:\Users\utente\Desktop\IMG_0002.MOV
[2014/01/23 10:00:07 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/01/23 10:00:07 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/01/23 10:00:07 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/01/23 10:00:07 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/01/23 10:00:06 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/01/23 10:00:05 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/19 08:29:06 | 000,108,128 | ---- | M] (Advanced Micro Devices, INC.) -- C:\Windows\SysNative\drivers\amdhub30.sys
[2014/01/16 17:49:45 | 002,103,040 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2014/01/16 17:49:43 | 002,810,072 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2014/01/16 17:49:41 | 000,618,200 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2014/01/16 17:49:40 | 001,286,872 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2014/01/16 17:49:34 | 014,153,984 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2014/01/16 17:49:33 | 002,036,992 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2014/01/16 17:49:33 | 001,922,304 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2014/01/16 17:49:32 | 001,013,504 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2014/01/16 17:38:02 | 000,039,138 | ---- | M] () -- C:\Users\utente\Desktop\password.PNG
[2014/01/15 18:25:50 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\eMule.lnk
[2014/01/15 18:14:10 | 000,417,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/03/10 21:15:33 | 000,000,762 | ---- | C] () -- C:\Users\utente\Documents\cc_20140310_211530.reg
[2014/03/10 21:02:35 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/03/10 17:23:01 | 000,001,529 | ---- | C] () -- C:\Users\utente\Desktop\iexplore - collegamento.lnk
[2014/03/10 16:18:45 | 001,949,184 | ---- | C] () -- C:\Users\utente\Desktop\AdwCleaner.exe
[2014/03/10 13:25:13 | 000,000,448 | ---- | C] () -- C:\Users\utente\Documents\cc_20140310_132510.reg
[2014/03/10 12:17:50 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014/03/10 11:19:24 | 000,002,037 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/03/10 11:19:24 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/03/08 21:00:58 | 000,002,216 | ---- | C] () -- C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google Chrome.lnk
[2014/03/04 18:18:52 | 000,002,450 | ---- | C] () -- C:\Users\utente\Documents\cc_20140304_181849.reg
[2014/03/03 13:31:14 | 000,704,269 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014/03/02 18:35:24 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/02/27 17:07:54 | 000,000,868 | ---- | C] () -- C:\Users\utente\Documents\cc_20140227_170752.reg
[2014/02/26 10:19:34 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\PDF24 Creator.lnk
[2014/02/25 21:52:53 | 000,000,404 | ---- | C] () -- C:\Windows\tasks\Wise Turbo Checker.job
[2014/02/25 13:52:17 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/02/25 13:52:17 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/02/25 13:52:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/02/25 13:52:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/02/25 13:52:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/02/21 20:15:47 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\FastStone Photo Resizer.lnk
[2014/02/03 19:13:35 | 290,235,986 | ---- | C] () -- C:\Users\utente\Desktop\IMG_0002.MOV
[2014/01/16 17:51:31 | 000,001,306 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
[2014/01/16 17:51:31 | 000,001,294 | ---- | C] () -- C:\Users\Public\Desktop\AudioWizard.lnk
[2013/11/29 10:01:15 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/11/26 13:14:50 | 000,000,452 | ---- | C] () -- C:\Users\utente\AppData\Roaming\burnaware.ini
[2013/10/23 18:28:32 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013/10/23 18:27:42 | 000,015,335 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2013/10/23 14:03:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/10/23 12:55:43 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/10/23 12:55:43 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/10/23 12:55:42 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/10/23 12:55:42 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/10/23 12:55:42 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013/10/23 12:47:13 | 001,635,066 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/10/23 12:39:22 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2013/10/23 12:39:04 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2013/10/23 12:39:04 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012/11/27 00:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
========== ZeroAccess Check ==========
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/11/30 10:24:18 | 000,000,000 | ---D | M] -- C:\Users\utente\AppData\Roaming\Auslogics
[2013/10/23 16:22:14 | 000,000,000 | ---D | M] -- C:\Users\utente\AppData\Roaming\AVAST Software
[2013/12/08 18:06:24 | 000,000,000 | ---D | M] -- C:\Users\utente\AppData\Roaming\calibre
[2014/02/07 18:42:52 | 000,000,000 | ---D | M] -- C:\Users\utente\AppData\Roaming\iMobie
[2014/03/04 22:15:11 | 000,000,000 | ---D | M] -- C:\Users\utente\AppData\Roaming\IObit
[2013/11/19 12:19:05 | 000,000,000 | ---D | M] -- C:\Users\utente\AppData\Roaming\Nokia
[2013/11/19 12:18:40 | 000,000,000 | ---D | M] -- C:\Users\utente\AppData\Roaming\PC Suite
[2014/02/22 10:14:28 | 000,000,000 | ---D | M] -- C:\Users\utente\AppData\Roaming\TeamViewer
[2013/11/13 20:29:26 | 000,000,000 | ---D | M] -- C:\Users\utente\AppData\Roaming\Windows Live Writer
[2014/01/16 21:50:28 | 000,000,000 | ---D | M] -- C:\Users\utente\AppData\Roaming\WinZip
[2014/03/10 22:30:33 | 000,000,000 | ---D | M] -- C:\Users\utente\AppData\Roaming\Wise Care 365
========== Purity Check ==========
< End of report >
mi scuso ma non so come postare i log e ho dovuto fare copia incolla
grazie
PS:
non ho fatto cleanup alla fine del programma OTL. dovevo farlo?
