Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

MonsterMarketplace

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

MonsterMarketplace

Postdi boba74 » 14/10/13 20:49

Mi si è installato questo virus (almeno credo che lo sia) che trasforma alcune parole e frasi a caso delle pagine web in link a siti di spam o commerciali. Andando con il puntatore sulle parole incriminate (che sono sottolineate in rosso) mi si apre un pop up che mi rimanda a una sorta di motore di ricerca commerciale chiamato appunto MonsterMarketplace il cui oggetto è propio la parola o la frase stessa.
Ovviamente non ho mai lanciato la ricerca, ma è comunque una cosa fastidiosa.
Cercando su google leggo che si tratterebbe di un virus spam, ma ogni sito in cui se ne parla mi propone di scaricare un'applicazione per rimuoverlo, ma poi non sono sicuro che tali applicazioni non siano a loro volta altre trovate commerciali......
Esiste un metodo per eliminarlo manualmente o devo scaricare un programmino apposito? E se sì, quale è affidabile?
Premetto che ho Google Crome come browser. Sistema operativo WIndows 7.
Grazie

P.S.
Una cosa analoga mi succede con il sito qvo6.com, che mi si è inserito come pagina predefinita e non riesco a toglierlo: anche in questo caso i cosiddetti "consigli" per rimuovere la pagina predefinita si sono rivelati inefficaci o quanto meno incomprensibili e inapplicabili....
L'evoluzione c'entra sempre.
Avatar utente
boba74
Utente Senior
 
Post: 173
Iscritto il: 07/08/07 13:57

Sponsor
 

Re: MonsterMarketplace

Postdi kyiv » 15/10/13 12:38

scarica Adwcleaner ; http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/2-adwcleaner
clicca su SCAN,
controlla nelle schede eventuali riferimenti al tuo antivirus o programmi di tuo interesse e
nel caso DEselezionale,
poi clicca su CLEAN.

scansiona anche con JRT ; http://thisisudax.org

..scansione COMPLETA con Malwarebytes(aggiornato): http://it.malwarebytes.org/products/malwarebytes_free
kyiv
Utente Junior
 
Post: 87
Iscritto il: 24/01/13 10:51

Re: MonsterMarketplace

Postdi boba74 » 15/10/13 21:41

Grazie 1000!
L'evoluzione c'entra sempre.
Avatar utente
boba74
Utente Senior
 
Post: 173
Iscritto il: 07/08/07 13:57

Re: MonsterMarketplace

Postdi boba74 » 20/10/13 09:03

Ho fatto un po' di pulizia grazie ai consigli di kyiv, ora va molto meglio!!! 8)
Grazie.
L'evoluzione c'entra sempre.
Avatar utente
boba74
Utente Senior
 
Post: 173
Iscritto il: 07/08/07 13:57

Re: MonsterMarketplace

Postdi boba74 » 01/11/13 19:55

Ehm, non so come dire... ma il problema si è ripresentato... e ho riprovato a lanciare le 3 applicazioni, ma non funziona....
L'evoluzione c'entra sempre.
Avatar utente
boba74
Utente Senior
 
Post: 173
Iscritto il: 07/08/07 13:57

Re: MonsterMarketplace

Postdi shel » 01/11/13 21:04

ciao boba74 prova a afre questa scansione

Scarica OTL sul desktop:
http://oldtimer.geekstogo.com/OTL.exe
Esegui il file OTL.exe

Metti la spunta su SCAN ALL USERS.

Clicca su Run Scan
Lascia che il programma, venga eseguito, senza interruzioni.
Finita la scansione, OTL produrrà due file di log (OTL.txt ed Extras.txt), sul desktop.
Postali qui.
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: MonsterMarketplace

Postdi boba74 » 04/11/13 07:36

Ecco i files che mi ha prodotto:

OTL.txt

OTL logfile created on: 03/11/2013 22:00:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Federica\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3,94 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 61,27% Memory free
7,87 Gb Paging File | 5,46 Gb Available in Paging File | 69,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 274,15 Gb Total Space | 45,08 Gb Free Space | 16,44% Space Free | Partition Type: NTFS
Drive D: | 23,65 Gb Total Space | 3,42 Gb Free Space | 14,45% Space Free | Partition Type: NTFS
Drive F: | 99,34 Mb Total Space | 91,47 Mb Free Space | 92,08% Space Free | Partition Type: FAT32

Computer Name: FEDERICA-HP | User Name: Federica | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/03 21:51:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Federica\Desktop\OTL.exe
PRC - [2013/10/09 01:02:45 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/07/19 20:52:13 | 001,230,336 | ---- | M] (Easybits) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
PRC - [2013/06/17 08:28:30 | 017,558,328 | ---- | M] (Namirial Spa) -- C:\Program Files (x86)\Common Files\Namirial\Tools\Upgrade\NAMUpgrade.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/27 20:12:44 | 000,479,840 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
PRC - [2012/11/27 20:08:28 | 000,739,936 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
PRC - [2012/08/31 15:02:02 | 002,754,984 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/04 10:28:14 | 000,220,992 | ---- | M] (Software602) -- C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
PRC - [2011/06/09 12:06:06 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/05/21 16:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/07/23 08:45:26 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Chiavetta Internet Olicard 200\BackgroundService\ModemListener.exe
PRC - [2010/07/23 08:45:26 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Chiavetta Internet Olicard 200\BackgroundService\ServiceManager.exe
PRC - [2010/06/29 18:00:08 | 000,027,192 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/06/29 17:58:04 | 000,602,168 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/06/24 21:32:50 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2010/04/23 11:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/15 17:45:42 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/04/15 17:44:48 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/04/14 10:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2010/03/03 19:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 19:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/11 20:36:31 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2013/10/11 20:36:02 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/11 20:35:44 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2013/10/11 20:35:19 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013/10/11 20:35:14 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/10/09 01:02:43 | 000,415,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013/10/09 01:02:42 | 013,584,336 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
MOD - [2013/10/09 01:02:41 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013/10/09 01:01:50 | 000,698,832 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
MOD - [2013/10/09 01:01:49 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll
MOD - [2013/10/09 01:01:47 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013/08/18 18:22:25 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/08/18 18:22:23 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\0149e914e4cfbde7da65d4558af19ce0\IAStorUtil.ni.dll
MOD - [2013/08/16 17:15:24 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\dd8f4efb7e81c75fe444a180f6f1aacf\System.Runtime.Remoting.ni.dll
MOD - [2013/08/16 17:15:14 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll
MOD - [2013/08/16 17:14:12 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/16 17:13:32 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/16 17:13:22 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/14 15:18:09 | 000,226,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5de32c4f69c7141f68b383915ab87ff4\PresentationFramework.Classic.ni.dll
MOD - [2013/07/14 15:16:01 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2010/11/13 01:58:31 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/05 02:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/07/23 08:45:26 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Chiavetta Internet Olicard 200\BackgroundService\ModemListener.exe
MOD - [2010/07/22 18:27:54 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_it_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010/02/09 17:58:30 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2010/02/09 17:58:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2010/02/09 17:58:24 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2010/02/09 17:58:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2010/02/09 17:58:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2010/02/09 17:58:22 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2010/02/09 17:58:18 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2010/02/09 17:58:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll


========== Services (SafeList) ==========

SRV:64bit: - [2010/06/22 06:57:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/08 11:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV - [2013/10/08 21:28:07 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/12 13:11:04 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Programmi\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/08/12 13:11:04 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programmi\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/01/24 14:46:02 | 000,156,160 | ---- | M] (SsupdService) [Auto | Stopped] -- C:\Users\Federica\AppData\Local\ssupd\ssupd.exe -- (SsupdService)
SRV - [2012/11/27 20:12:44 | 000,479,840 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2012/08/31 15:02:02 | 002,754,984 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/17 14:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011/12/23 23:14:17 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Programmi\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV - [2011/05/21 16:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/07/23 08:45:26 | 000,045,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Chiavetta Internet Olicard 200\BackgroundService\ServiceManager.exe -- (Olivetti Silverstone Modem Device Helper)
SRV - [2010/06/29 18:00:08 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/06/18 15:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programmi\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV - [2010/06/18 06:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programmi\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [2010/04/15 17:45:42 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/04/15 17:44:48 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/04/14 10:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 19:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programmi\IDT\WDM\AESTSr64.exe -- (AESTFilters)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/06/18 20:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/04/04 13:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/20 10:14:42 | 000,656,936 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2012/08/20 10:14:42 | 000,624,680 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2012/08/20 10:14:42 | 000,038,696 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emAudio64.sys -- (emAudio)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 14:16:48 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 14:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/08/16 12:19:48 | 000,138,240 | ---- | M] (Olivetti) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Olicard200Usbnet.sys -- (Olicard200net)
DRV:64bit: - [2010/08/16 12:19:48 | 000,119,680 | ---- | M] (Olivetti) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jrdusbser.sys -- (jrdusbser)
DRV:64bit: - [2010/06/24 21:32:52 | 000,032,880 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/06/22 08:17:52 | 006,856,704 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/06/22 06:24:12 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/06/18 06:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/05/28 00:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/05/06 14:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/03/05 06:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/03 18:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/02 15:45:24 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/11/11 12:09:32 | 000,020,056 | -H-- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dvmio.sys -- (DVMIO)
DRV:64bit: - [2009/09/17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/08 11:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 11:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{544B1362-A7D0-4CDA-A297-EF3C8AA6D734}: "URL" = http://it.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{7F52E183-5DF5-4444-8686-FB274F71A31C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{EA1C9981-A8FC-4213-B889-ACE87DFE0DD9}: "URL" = http://it.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{544B1362-A7D0-4CDA-A297-EF3C8AA6D734}: "URL" = http://it.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{7F52E183-5DF5-4444-8686-FB274F71A31C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1161268631-716512634-670973712-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-1161268631-716512634-670973712-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
IE - HKU\S-1-5-21-1161268631-716512634-670973712-1000\..\SearchScopes,DefaultScope = {6FB05DC3-465A-4539-8CE3-FF3D47ADB247}
IE - HKU\S-1-5-21-1161268631-716512634-670973712-1000\..\SearchScopes\{6FB05DC3-465A-4539-8CE3-FF3D47ADB247}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}
IE - HKU\S-1-5-21-1161268631-716512634-670973712-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)


[2012/09/01 20:48:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Federica\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2012/09/01 20:48:03 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Federica\AppData\Roaming\mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com
[2013/05/18 14:39:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: SearchGol (Enabled)
CHR - default_search_provider: search_url = http://isearch.babylon.com/web/{searchTerms}?babsrc=browsersearch
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Federica\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Ricerca Google = C:\Users\Federica\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: TubeSaver-1 = C:\Users\Federica\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenjjinakdkeiddddjnjpfcopdohlfem\1.25.35_0\crossrider
CHR - Extension: TubeSaver-1 = C:\Users\Federica\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenjjinakdkeiddddjnjpfcopdohlfem\1.25.35_0\
CHR - Extension: Video Downloader = C:\Users\Federica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.4.5_0\
CHR - Extension: Gmail = C:\Users\Federica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [CDAServer] C:\Programmi\Common Files\Common Desktop Agent\CDASrv.exe ()
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programmi\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Magic Desktop for HP notification] C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe (Easybits)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [Print2PDF Print Monitor] C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe (Software602)
O4 - HKLM..\Run: [Sepang Olivetti ModemListener] C:\Program Files (x86)\Chiavetta Internet Olicard 200\BackgroundService\ModemListener.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1161268631-716512634-670973712-1000..\Run: [Device Detection] C:\Program Files (x86)\FUJIFILM\MyFinePix Studio\dd.exe File not found
O4 - HKU\S-1-5-21-1161268631-716512634-670973712-1000..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
O4 - HKU\S-1-5-21-1161268631-716512634-670973712-1000..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-1161268631-716512634-670973712-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-1161268631-716512634-670973712-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: Cerca nel web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: Cerca nel web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {28B66320-9687-4B13-8757-36F901887AB5} http://30000286.miofotografo.it/ips-opd ... vasx64.cab (CanvasX Class)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B275EFFD-C562-4A58-9B98-C8B7A631A44B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B275EFFD-C562-4A58-9B98-C8B7A631A44B}: NameServer = 94.198.96.34,46.4.70.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3230552-EBBF-48D3-B4C6-C807EB594810}: NameServer = 62.94.0.2,62.94.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/12/23 22:46:35 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/03 21:50:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Federica\Desktop\OTL.exe
[2013/10/31 22:22:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/10/31 22:19:46 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/10/15 22:30:39 | 000,000,000 | ---D | C] -- C:\Users\Federica\AppData\Roaming\Malwarebytes
[2013/10/15 22:30:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/10/15 22:30:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/10/15 22:29:54 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/10/15 22:29:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/10/15 21:54:12 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/10/15 21:41:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/10 21:04:16 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/10/10 21:04:15 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/10/10 21:04:13 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/10/10 21:04:13 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/10/10 21:04:13 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/10/10 21:04:13 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/10/10 21:04:12 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/10/10 21:04:12 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/10/10 21:04:12 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/10/10 21:04:12 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/10/10 21:04:12 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/10/10 21:04:07 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/10/10 21:04:06 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/10/10 21:04:06 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/10/10 21:04:04 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/10/09 22:22:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter
[2013/10/09 22:22:01 | 000,000,000 | ---D | C] -- C:\Users\Federica\AppData\Roaming\FreeVideoConverter
[2013/10/09 22:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013/10/09 22:19:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013/10/09 22:18:58 | 000,000,000 | ---D | C] -- C:\Users\Federica\AppData\Roaming\DVDVideoSoft
[2013/10/09 22:18:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013/10/09 21:48:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Video-Audio Converter
[2013/10/09 21:47:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVN Products
[2013/10/09 21:43:53 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/10/09 21:43:52 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/10/09 21:43:19 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013/10/09 21:43:15 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/10/09 21:43:15 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/10/09 21:43:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2013/10/09 21:43:14 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013/10/09 21:43:14 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013/10/09 21:43:14 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2013/10/09 21:43:13 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/10/09 21:43:13 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/10/09 21:43:12 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013/10/09 21:43:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013/10/09 21:43:08 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2013/10/09 21:43:07 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2013/10/06 14:42:19 | 000,000,000 | ---D | C] -- C:\Users\Federica\AppData\Local\avgchrome
[1 C:\Users\Federica\*.tmp files -> C:\Users\Federica\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/03 21:51:57 | 001,541,618 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/03 21:51:57 | 000,698,804 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2013/11/03 21:51:57 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/03 21:51:57 | 000,127,998 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2013/11/03 21:51:57 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/03 21:51:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Federica\Desktop\OTL.exe
[2013/11/03 21:48:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/03 21:43:57 | 000,001,150 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/03 21:43:53 | 000,001,154 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/03 21:43:53 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/01 11:48:51 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/01 11:48:51 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/01 11:40:06 | 3169,210,368 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/01 09:28:34 | 000,000,601 | ---- | M] () -- C:\Users\Federica\Desktop\Search.lnk
[2013/10/31 22:30:03 | 000,584,392 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/10/29 17:53:33 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForFederica.job
[2013/10/21 21:59:06 | 000,000,218 | ---- | M] () -- C:\Users\Federica\.recently-used.xbel
[2013/10/18 05:53:36 | 000,002,182 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/10/15 22:30:21 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/10 20:51:49 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/10/10 20:47:05 | 000,000,209 | ---- | M] () -- C:\Users\Federica\AppData\Local\mv_Photo.xml
[2013/10/10 20:47:05 | 000,000,200 | ---- | M] () -- C:\Users\Federica\AppData\Local\mv_music.xml
[2013/10/09 22:54:06 | 000,000,383 | ---- | M] () -- C:\Users\Federica\ProIMP.MEM
[2013/10/09 22:22:10 | 000,001,140 | ---- | M] () -- C:\Users\Federica\Desktop\Free Video Converter.lnk
[2013/10/09 22:20:28 | 000,001,507 | ---- | M] () -- C:\Users\Public\Desktop\Free Video to MP3 Converter.lnk
[2013/10/09 22:20:25 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\DVDVideoSoft.lnk
[2013/10/09 21:48:38 | 000,001,146 | ---- | M] () -- C:\Users\Federica\Desktop\Fast Video-Audio Converter.lnk
[2013/10/08 21:28:05 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/10/08 21:28:05 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/10/06 20:34:25 | 000,000,317 | ---- | M] () -- C:\Users\Federica\ProTRV.MEM
[2013/10/06 20:32:55 | 000,000,195 | ---- | M] () -- C:\Users\Federica\ProPil2.MEM
[1 C:\Users\Federica\*.tmp files -> C:\Users\Federica\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/10/21 21:59:06 | 000,000,218 | ---- | C] () -- C:\Users\Federica\.recently-used.xbel
[2013/10/15 22:30:21 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/09 22:23:23 | 000,001,198 | ---- | C] () -- C:\Users\Federica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Video Converter.lnk
[2013/10/09 22:22:10 | 000,001,140 | ---- | C] () -- C:\Users\Federica\Desktop\Free Video Converter.lnk
[2013/10/09 22:20:28 | 000,001,507 | ---- | C] () -- C:\Users\Public\Desktop\Free Video to MP3 Converter.lnk
[2013/10/09 22:20:25 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\DVDVideoSoft.lnk
[2013/10/09 21:48:38 | 000,001,146 | ---- | C] () -- C:\Users\Federica\Desktop\Fast Video-Audio Converter.lnk
[2013/10/09 21:43:11 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/05/30 20:31:24 | 000,549,385 | ---- | C] () -- C:\Users\Federica\image_3.jpeg
[2013/05/30 20:31:22 | 000,506,444 | ---- | C] () -- C:\Users\Federica\image_2.jpeg
[2013/05/30 20:31:20 | 000,565,666 | ---- | C] () -- C:\Users\Federica\image.jpeg
[2013/05/30 20:31:20 | 000,521,520 | ---- | C] () -- C:\Users\Federica\image_1.jpeg
[2013/05/18 14:38:43 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/12/30 21:19:31 | 000,150,944 | ---- | C] () -- C:\Windows\Wiainst64.exe
[2012/12/30 21:18:33 | 001,554,336 | ---- | C] () -- C:\Windows\TotalUninstaller.exe
[2012/03/26 22:13:43 | 000,000,460 | ---- | C] () -- C:\Users\Federica\Pro_Pil.INI
[2012/03/05 17:01:34 | 000,000,383 | ---- | C] () -- C:\Users\Federica\ProIMP.MEM
[2011/12/17 18:46:34 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\CNMVS0Q.DLL
[2011/12/17 18:46:29 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\CNMCP0Q.EXE
[2011/12/16 08:53:32 | 000,000,317 | ---- | C] () -- C:\Users\Federica\ProTRV.MEM
[2011/12/15 12:30:40 | 000,634,943 | ---- | C] () -- C:\Windows\SysWow64\OpenGLCtrl.dll
[2011/12/15 12:30:36 | 000,036,352 | ---- | C] () -- C:\Windows\SysWow64\Sx32w.dll
[2011/12/15 12:30:36 | 000,018,944 | ---- | C] ( ) -- C:\Windows\SysWow64\Implode.dll
[2011/12/13 22:35:02 | 000,000,195 | ---- | C] () -- C:\Users\Federica\ProPil2.MEM
[2011/12/13 22:24:02 | 000,000,492 | ---- | C] () -- C:\Users\Federica\impost001.trp
[2011/12/13 22:24:02 | 000,000,071 | ---- | C] () -- C:\Users\Federica\ProTRV.INI
[2011/11/29 22:13:32 | 000,121,704 | ---- | C] () -- C:\Users\Federica\backup.psp
[2011/10/26 22:41:00 | 000,000,209 | ---- | C] () -- C:\Users\Federica\AppData\Local\mv_Photo.xml
[2011/10/26 22:41:00 | 000,000,200 | ---- | C] () -- C:\Users\Federica\AppData\Local\mv_music.xml

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
L'evoluzione c'entra sempre.
Avatar utente
boba74
Utente Senior
 
Post: 173
Iscritto il: 07/08/07 13:57

Re: MonsterMarketplace

Postdi boba74 » 04/11/13 07:37

Extras.txt

OTL Extras logfile created on: 03/11/2013 22:00:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Federica\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3,94 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 61,27% Memory free
7,87 Gb Paging File | 5,46 Gb Available in Paging File | 69,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 274,15 Gb Total Space | 45,08 Gb Free Space | 16,44% Space Free | Partition Type: NTFS
Drive D: | 23,65 Gb Total Space | 3,42 Gb Free Space | 14,45% Space Free | Partition Type: NTFS
Drive F: | 99,34 Mb Total Space | 91,47 Mb Free Space | 92,08% Space Free | Partition Type: FAT32

Computer Name: FEDERICA-HP | User Name: Federica | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1161268631-716512634-670973712-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0010ACED-3D25-4B1E-A85A-3FAA95AE85D4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{07EEC901-3CA5-42A0-8076-978CA0E1D47D}" = rport=2869 | protocol=6 | dir=out | app=system |
"{08BFF5BA-43C3-4814-9BB4-5018F3C9E7D2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0BAA1396-873E-4676-8005-00796CCFFCD1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1FBE6843-29DE-46AB-A6A4-4B8641137DB5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{21278DD6-7035-4A73-8411-2D5E96B4F798}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{28A1A324-9960-4BE8-921A-C2439557BF53}" = lport=2869 | protocol=6 | dir=in | app=system |
"{29184638-A520-4AFA-A86D-C9B80A54EFE2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3CD9D6A3-EDE2-49AB-8E09-A33E8AAD95B8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4764FB79-29A1-4DBE-98DF-AB8D020E0472}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4A95D2C6-379C-4624-9CE8-09ED4402CC1F}" = rport=445 | protocol=6 | dir=out | app=system |
"{4FC489BC-491C-418C-AC6D-D33E4F4E3FED}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4FD9D952-5C8B-4EDD-B26A-7E36877FE185}" = lport=138 | protocol=17 | dir=in | app=system |
"{5655BF7D-0870-4744-987C-FC2D8B64C12C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{61538696-18D7-4595-B2D2-08B1BCCDAD71}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{630DE039-4657-408E-ADC8-20C7D950833C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{6854A8E7-CC7A-490D-852F-78FF5FE4F09D}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6A6603E4-72DC-40B7-BFED-265E8E3A4D91}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6C72DCF1-B5DB-4FE7-AA87-25F23BCBAEF2}" = lport=137 | protocol=17 | dir=in | app=system |
"{6D1D16D4-A198-4662-BCD1-910E1DFE19A1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6EED1654-33E4-41ED-A9CF-5A74B1D8690A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{724E984F-BFF2-48C0-B690-B1838AC7F403}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{72861AAB-9E26-4A59-99A2-E320437EC1C8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{769AF45D-B427-476E-A239-A17455485BFF}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{77CB81E2-CC59-47E1-9EB0-16991FFAC327}" = rport=138 | protocol=17 | dir=out | app=system |
"{8B116C9E-570A-4B61-AA8C-72618916BD0E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9623808B-E658-453A-BBEA-46C13513C748}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A073A12E-CBCB-44B1-BE36-06E30D218F9F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AD81753F-782F-4B54-AE4B-78176B623124}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ADC5C269-809F-499F-9093-512E71147049}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B33E5299-AFE3-407A-BC48-24092D6D5F7C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{B3D80A56-7FAE-4043-BCE8-C293E0D0C1CA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B45D67A1-729E-4C66-96D0-8F629ACDDBEC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B79277B1-6BBC-4304-8DEC-3AD6F804DAD1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B7A6CB3C-7784-4A94-A731-4967CBD4CA6B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BCE2391D-EB57-472B-B1CC-B44B6F4EAA6D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D2D53367-E2BB-4799-863E-EB617680F613}" = rport=137 | protocol=17 | dir=out | app=system |
"{D30E1DB7-2A04-4D5C-AF71-90B320B87116}" = lport=139 | protocol=6 | dir=in | app=system |
"{D66BDAEA-E042-4532-81E5-5482C126D6A7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D6D5AF64-BADD-4D08-9F8A-D8B4B9807A10}" = lport=445 | protocol=6 | dir=in | app=system |
"{D7EDFA16-3121-4FEB-9DA3-222CCBBAE18C}" = rport=139 | protocol=6 | dir=out | app=system |
"{EE73B77C-60D9-487C-999C-A9C6158699E4}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F2DB809F-AF91-4DBF-BA3B-C5EF4456D791}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F3BF0B18-F0DB-4855-B3E6-23A564186427}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{048D209B-A50D-4C53-9C2E-0FF37D0B4864}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{090BCDD8-6815-4A8B-8F31-0CDD9A9E3069}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{0D4FC866-B54E-4EE5-92A8-9878FEB8F128}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0E64FE96-6CEF-45AF-8F8B-945B46DB19D1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0F6C851A-C889-4363-8B3A-CDF3D0684682}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{10AFDA1B-13E5-452D-ABAC-8A0E438E1FA0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{12AE1E39-58FB-4A3E-8F16-66013BC446A8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{14935077-5DD7-4E57-85B4-7CEC0674AC9B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{159B8011-2DE6-4181-A395-FAAB1DCB3F6B}" = protocol=6 | dir=out | app=system |
"{19C37349-BF68-4A50-B267-C2F68FB88304}" = protocol=17 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe |
"{24D394BF-77F1-4A03-AA03-5903DC6BCF44}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\photo\hpmediasmartphoto.exe |
"{293EA5BB-C53C-4A13-B133-1AEFE229DDDA}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{2C1FCF2C-BEE8-42D3-B395-8199736D4519}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{35845BAB-7FA6-4BB7-8EED-8652AB66C4FC}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{375D36D4-4D30-4975-B3C2-61FD1DDBD612}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\idsalert.exe |
"{3B4FE308-A411-4410-ADBF-5FBD793DE4FB}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{4C8CDA08-2E4A-4004-BA14-64D90E309455}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ordersupplies.exe |
"{4D8BFA78-1059-4B8A-9635-0D3753FD1F77}" = protocol=6 | dir=in | app=c:\program files\common files\common desktop agent\cdasrv.exe |
"{51E9C6DF-09FA-4F0E-AC84-69C717A1E8AF}" = protocol=6 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe |
"{52D68CC0-1573-404A-AC44-6711B4E93594}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe |
"{53FDD7BC-C237-4520-9422-16DEE6086928}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{62EFDCDD-13FD-4B24-A0F9-03207B018F48}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6795AD20-1DDF-4978-95ED-D9FBA3C60156}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{693B2141-30A6-40CD-8468-4D0FFBED9F62}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{6BCCFE06-76EB-4F27-BFBB-A341C3FF0C7B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{712ADC70-F6AA-4003-9BDF-9CD65D628236}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ids.application.exe |
"{746BAA33-E959-4616-98BC-53CD5F6B36FD}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{7887A304-4751-4A1B-9DB2-C190F7D3D85C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{79A9F907-140E-481A-A082-BCD6B5654B38}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7C0DCE0A-D047-4BC3-A557-4B97D3155EC5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7C5BF7A0-833A-4C53-BFF0-3C9CA5A1C179}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8EFDA089-9CEA-41F5-BEE7-CE4CDCF59D79}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{8F02D6C2-26D4-4C5C-81CE-E41B3BE4430A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{96103EB0-02E6-4E60-B735-633EE6ECF6BB}" = protocol=6 | dir=in | app=c:\program files (x86)\penwes\penwes.exe |
"{964EAD99-13AE-480F-87D4-ADA0441D5E8D}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{9856CFB5-B7E7-4D01-A870-DC3FCCDCB9DF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A057D90D-A54A-448D-8B02-78EE36709CFB}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\idsalert.exe |
"{A0B7271A-9074-4654-8E3A-DAE391B0FDA9}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\cdas2pc.exe |
"{A4EF8641-9C1F-40E3-97B7-0F9781A1512D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A6B9B14D-7011-41D0-A141-6961D74BED41}" = protocol=6 | dir=in | app=c:\program files (x86)\penwes\setuppenwes.exe |
"{A7644D41-388A-4647-B3BA-00A30723C453}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy document creator\usdagent.exe |
"{AAFE2ED5-291F-4E55-8950-9910BFA62016}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B7FD1E08-D6D3-41CF-B163-8A11C7A7E808}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BA7CB328-B59B-4E54-8DDE-D48662588783}" = protocol=17 | dir=in | app=c:\program files (x86)\penwes\penwes.exe |
"{BE9FA324-A783-42FC-AE13-DF24C00EB7F6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BF801737-9BF4-43A9-B0A5-FFBA8F8E5B87}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\clx3300\scnsearch\usdagent.exe |
"{C46A3C20-18D7-44ED-8CCE-BD62FF183B00}" = protocol=17 | dir=in | app=c:\program files\common files\common desktop agent\cdasrv.exe |
"{C7E60D81-735C-42D2-BBF7-3137C3659A1B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{CA5075EB-6951-4671-893E-5818C7EF4AAA}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ordersupplies.exe |
"{CE4EB68A-C456-4248-8B0D-3277BFD5E145}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ids.application.exe |
"{D1873B43-DA63-4CD8-8F3C-C2F86B738001}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{D4CA3D7C-E28A-4AA2-85FB-ACB9CDBCAC88}" = protocol=17 | dir=in | app=c:\program files (x86)\penwes\setuppenwes.exe |
"{E21F4156-9962-480D-9A99-74F6F5A65CB4}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\clx3300\scnsearch\usdagent.exe |
"{E7D229AD-4B5A-4F26-B3CA-43F1981B7995}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E9A9FCCD-3156-4872-933F-2637D5CC255E}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy document creator\usdagent.exe |
"{E9D7FFCF-4A99-4B9D-B99B-8610C07377CA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EB1305F4-47CA-4270-9BF6-1D29E6245736}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{EE17C829-2153-4F15-A97C-D3D1C4D945D8}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{EEFB00D2-A036-4935-8298-9BD988F60C3C}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\cdas2pc.exe |
"{FB4F078E-61A9-4E72-A727-8A3B81CECB3F}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\video\hpmediasmartvideo.exe |
"TCP Query User{5D606683-6DB6-4FAE-8536-AD12202CBE19}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{7953A346-75D8-48F9-B0D5-8590789AEEF0}C:\users\federica\appdata\local\temp\carestream\tmp.1\mp\mp.exe" = protocol=6 | dir=in | app=c:\users\federica\appdata\local\temp\carestream\tmp.1\mp\mp.exe |
"UDP Query User{0D9FEEFE-3965-4266-B3F8-8DA085A7A899}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{261D50A8-A75F-4571-AE93-D6EA53CA0C3D}C:\users\federica\appdata\local\temp\carestream\tmp.1\mp\mp.exe" = protocol=17 | dir=in | app=c:\users\federica\appdata\local\temp\carestream\tmp.1\mp\mp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{031A0E14-0413-4C97-9772-2639B782F46F}" = Common Desktop Agent
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1795BAA8-65EC-66D0-9DA4-D4B1FBE7700E}" = ATI Catalyst Install Manager
"{25B473DB-CC8D-384A-ACE7-7CFB119B7E03}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{2FA06473-23F0-4372-8DD5-1EAE42503D93}" = MAGIX Video easy TERRATEC Edition
"{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}" = HP MediaSmart Movies and TV
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5783F2D7-9009-0410-0102-0060B0CE6BBA}" = AutoCAD LT 2011 - Italiano
"{5783F2D7-9009-0410-1102-0060B0CE6BBA}" = AutoCAD LT 2011 Language Pack - Italiano
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}" = HP MediaSmart SmartMenu
"{7462E859-C453-4E08-BE0D-7D5E13E4CD1F}" = Microsoft Antimalware Service IT-IT Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D26D58C-3464-4C03-BB61-5695F984EFEF}" = Microsoft Security Client
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B601929F-3A47-4F37-8D1E-EAD1481BE5EA}" = ccc-utility64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client IT-IT Language Pack
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"{F8C434E8-6DD0-496A-8B4C-22714B1DC6C1}" = HP Wireless Assistant
"{FFD65E82-A6FC-4144-92C2-DEA011249F9C}" = HP 3D DriveGuard
"0812DA72EAD4FBFA883430ED6EC04AC1F88DBBAD" = Pacchetto driver Windows - TERRATEC (emAudio) Media (03/16/2010 5.09.1202.00)
"22B1739EAEA711117281C678C9005F17A0D9D420" = Pacchetto driver Windows - TERRATEC (USB28xxBGA) Media (03/16/2010 5.09.1202.00)
"AutoCAD LT 2011 - Italiano" = AutoCAD LT 2011 - Italiano
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{02FC8489-58FB-2628-768A-2CE172A37D7D}" = Catalyst Control Center Graphics Previews Common
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{06D437D4-838A-46C2-B365-8CA357FA670E}_is1" = Fast Video-Audio Converter 4.0
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08F1513E-2113-06C5-583A-FB1DE0E64AE6}" = CCC Help Chinese Standard
"{0AB910A1-042A-D781-3779-2A4DC383BF0F}" = CCC Help Czech
"{0D2F1E68-5AB5-4AB3-8476-08E7A0472B35}" = HP Documentation
"{0D619D56-854C-F5D1-A134-4EB72974E09E}" = CCC Help Thai
"{144AAC2E-410C-6F23-5EC4-CB96049DD1D4}" = CCC Help Finnish
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19AFD9A4-B584-41C8-91EA-38EB2FC1BD50}" = Windows Live Messenger
"{1AF5A6D6-266D-9A24-D13A-5A50B2182645}" = CCC Help Norwegian
"{1E5C7043-09C5-4974-A69F-A5271FD82BBC}" = PlayMemories Home
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 29
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A54B824-C32C-A931-17CB-A74B54E28AAE}" = CCC Help Spanish
"{2BED1172-6F40-1090-C681-26FEEF383E14}" = ccc-core-static
"{2F1E1F4D-B5CC-CA5D-2035-3A464BB053C3}" = CCC Help English
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3234355B-963B-99FE-EECA-8A034781AF15}" = CCC Help Polish
"{32C74893-0243-4235-A6F3-201F0E5D2C03}" = Software602 Print2PDF
"{33C7BB7A-4C65-4605-A0CD-76C38F59B0A3}" = Alcor Micro USB Card Reader
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{394FA67A-FF0A-4356-BB77-D85E5A300BDE}" = HP QuickWeb Installer
"{3C302D80-4540-BA36-7167-8B59EC0BB9F4}" = CCC Help Korean
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{41136F4A-3C71-7F9F-7ECA-4E2C2D6C216F}" = CCC Help Dutch
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AF53C99-315D-4536-873F-029D2D274AE2}" = Photo Common
"{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}" = HP Power Manager
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D66BBCA-8E0A-5FF3-4206-3BEA432FB1E9}" = CCC Help Turkish
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{543F949F-2B95-448F-9F2E-56F0C5FF8E2C}" = Catalyst Control Center - Branding
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66E2396F-1392-BECA-37D7-6C4AECED9668}" = CCC Help Russian
"{6899C238-3E4A-4A04-B251-A0C9EDC7EDBC}_is1" = Pazera Free Audio Extractor 1.4
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6C6B492A-011A-4A23-8A49-4D8357BF9FD3}_is1" = DOCET v.2.09.11.02
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{701FE1BC-834A-4857-AF62-6EBA50CFBC78}" = Movie Maker
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{794D971F-7EC1-4F71-A51C-773074CAB8DA}" = Windows Live Writer
"{7E918D75-2600-0674-ADC2-4722D7F37018}" = CCC Help Italian
"{85C1BFE7-EEB5-47A8-8B8E-950C33ACEAD2}_is1" = PRO_SAP PROfessional SAP RY2013(b) (Versine 11.5.0)
"{87425773-10F4-4858-8CBF-465093FA43DE}" = Windows Live Mail
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROPLUS_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROPLUS_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROPLUS_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROPLUS_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROPLUS_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROPLUS_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0410-1000-0000000FF1CE}_PROPLUS_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2007
"{90120000-0044-0410-0000-0000000FF1CE}_PROPLUS_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROPLUS_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90CA4931-4A1F-4D30-A60B-C2BBFD53D30F}" = Grabby Driver Installation (64 Bit)
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C632E6D-C984-75B8-DE46-8E495E179314}" = CCC Help Portuguese
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5
"{A1A5DA17-C6A6-897E-2EBB-8BACE074FA10}" = CCC Help Swedish
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5EFB5BD-5B8C-813B-711E-4C068721281F}" = CCC Help Danish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Italiano
"{B096A0E4-26A1-4E9F-8548-577964B9434B}" = Windows Live Essentials
"{B0B3A2CE-C337-E33B-F24E-A8BDCA644D03}" = Catalyst Control Center Localization All
"{B635B0A0-8C8B-4492-E54A-85CA5DC5CAC2}" = CCC Help Japanese
"{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}" = SNS Upload for Easy Document Creator
"{B91EE358-6E8B-4DD3-B7B8-DD42AE0E0398}" = HP Software Framework
"{BAB3C6F6-8C54-BFE0-A570-1E471ACE00B5}" = Catalyst Control Center Graphics Previews Vista
"{BB9344E4-C629-7E36-6248-EAF3F7AFCB95}" = CCC Help Chinese Traditional
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C89F2092-B9E4-46FD-83BB-C6F2D7838CED}" = Windows Live Sync
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BA}" = WinZip 14.0
"{CE542E0D-E056-4426-9F98-084C13E18641}" = Windows Live UX Platform Language Pack
"{D04EBB49-C985-4A38-8695-62000861293A}" = Raccolta foto
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D45DB0E4-E813-1584-9670-ADF85214596E}" = CCC Help French
"{D4F81AC1-0AA5-41AA-AC03-E49437FA9556}" = MyBonsai v2.0
"{DB15EA7D-B263-1B9B-0C3E-25BE7D15C551}" = PX Profile Update
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}" = HP Quick Launch
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E6B43401-E818-4961-AFED-118DD8E87642}" = RAF
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE07C46F-278A-412C-4687-54963CBC5862}" = CCC Help Hungarian
"{EFD35B3A-0296-864F-C78F-910CD41B1C32}" = CCC Help Greek
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F54A07A9-9716-4094-9E79-F5E929679FFF}" = Windows Live Writer Resources
"{F8504F00-2C61-0FA1-8E17-AADA786A164F}" = CCC Help German
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FE363238-928A-113D-0318-4F7CEBB88715}" = Catalyst Control Center InstallProxy
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"3Muri" = 3Muri
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Audacity_is1" = Audacity 2.0.3
"AviSynth" = AviSynth 2.5
"Chiavetta Internet Olicard 200_is1" = Chiavetta Internet Olicard 200
"EasyBits Magic Desktop" = Magic Desktop
"Free Video Converter_is1" = Free Video Converter V 3.2
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.29.925
"Google Chrome" = Google Chrome
"gretl_is1" = gretl version 1.9.7
"iDRS(tm) OCR Software by I.R.I.S" = iDRS(tm) OCR Software by I.R.I.S
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{33C7BB7A-4C65-4605-A0CD-76C38F59B0A3}" = Alcor Micro USB Card Reader
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.1.0 (Basic)
"MAGIX_{2FA06473-23F0-4372-8DD5-1EAE42503D93}" = MAGIX Video easy TERRATEC Edition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.75.0.1300
"Namirial.Termo.2_is1" = Namirial Termo 2.5
"PROPLUS" = Microsoft Office Professional Plus 2007
"Samsung CLX-3300 Series" = Samsung CLX-3300 Series
"Samsung Easy Document Creator" = Samsung Easy Document Creator
"Samsung Easy Printer Manager" = Samsung Easy Printer Manager
"Samsung Printer Live Update" = Samsung Printer Live Update
"Samsung Scan Process Machine" = Samsung Scan Process Machine
"SAP2000 NonLinear" = SAP2000 NonLinear
"ST6UNST #1" = VcaSlu
"TeamViewer 7" = TeamViewer 7
"TECNARIA SOLAI MISTI_is1" = Tecnaria 3.06 - Progetto di solai misti legno calcestruzzo con
"Totalcmd" = Total Commander (Remove or Repair)
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WT087361" = FATE
"WT087380" = John Deere Drive Green
"WT087394" = Penguins!
"WT087396" = Polar Bowler
"WT087420" = Agatha Christie - Death on the Nile
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087480" = Insaniquarium Deluxe
"WT087485" = Jewel Quest II
"WT087490" = Jewel Quest Solitaire
"WT087501" = Plants vs. Zombies
"WT087510" = Slingo Deluxe
"WT087513" = Virtual Villagers - The Secret City
"WT087519" = Wedding Dash
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
"XnView_is1" = XnView 1.98.5

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1161268631-716512634-670973712-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Parco Naturale Adamello Brenta" = Parco Naturale Adamello Brenta

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 29/10/2013 15:48:45 | Computer Name = Federica-HP | Source = Application Error | ID = 1000
Description = Nome dell'applicazione che ha generato l'errore: printfilterpipelinesvc.exe,
versione: 6.1.7600.16385, timestamp: 0x4a5bd419 Nome del modulo che ha generato
l'errore: ole32.dll, versione: 6.1.7601.17514, timestamp: 0x4ce7c92c Codice eccezione:
0xc0000005 Offset errore 0x000000000001022a ID processo che ha generato l'errore:
0x1b00 Ora di avvio dell'applicazione che ha generato l'errore: 0x01ced4df9faf9076
Percorso
dell'applicazione che ha generato l'errore: C:\Windows\system32\printfilterpipelinesvc.exe
Percorso
del modulo che ha generato l'errore: C:\Windows\system32\ole32.dll ID segnalazione:
1e9c9913-40d3-11e3-a403-aa41bb427611

Error - 29/10/2013 15:51:03 | Computer Name = Federica-HP | Source = Application Error | ID = 1000
Description = Nome dell'applicazione che ha generato l'errore: printfilterpipelinesvc.exe,
versione: 6.1.7600.16385, timestamp: 0x4a5bd419 Nome del modulo che ha generato
l'errore: ole32.dll, versione: 6.1.7601.17514, timestamp: 0x4ce7c92c Codice eccezione:
0xc0000005 Offset errore 0x0000000000028a29 ID processo che ha generato l'errore:
0xe34 Ora di avvio dell'applicazione che ha generato l'errore: 0x01ced4dfe360fecc
Percorso
dell'applicazione che ha generato l'errore: C:\Windows\system32\printfilterpipelinesvc.exe
Percorso
del modulo che ha generato l'errore: C:\Windows\system32\ole32.dll ID segnalazione:
70b79bfb-40d3-11e3-a403-aa41bb427611

Error - 31/10/2013 17:26:01 | Computer Name = Federica-HP | Source = MsiInstaller | ID = 11719
Description =

Error - 31/10/2013 17:30:20 | Computer Name = Federica-HP | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido

Error - 01/11/2013 04:30:38 | Computer Name = Federica-HP | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido

Error - 01/11/2013 06:41:22 | Computer Name = Federica-HP | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido

Error - 01/11/2013 15:04:15 | Computer Name = Federica-HP | Source = Application Hang | ID = 1002
Description = Il programma mbam.exe versione 1.75.0.1 non interagisce più con Windows
ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema,
verificare la cronologia del problema in Centro operativo nel Pannello di controllo.

ID
processo: 66c Ora di avvio: 01ced72a1806047e Ora di chiusura: 30 Percorso applicazione:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe ID segnalazione: 64058f3f-4328-11e3-9bdd-9938f60f726d


Error - 02/11/2013 10:18:05 | Computer Name = Federica-HP | Source = SideBySide | ID = 16842815
Description = Generazione del contesto di attivazione non riuscita per "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Errore nel file
manifesto o dei criteri "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll", riga 3. Il valore "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
dell'attributo "version" nell'elemento "assemblyIdentity" non è valido.

Error - 02/11/2013 10:49:31 | Computer Name = Federica-HP | Source = SideBySide | ID = 16842815
Description = Generazione del contesto di attivazione non riuscita per "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Errore nel file
manifesto o dei criteri "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll", riga 3. Il valore "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
dell'attributo "version" nell'elemento "assemblyIdentity" non è valido.

Error - 03/11/2013 16:58:45 | Computer Name = Federica-HP | Source = Application Hang | ID = 1002
Description = Il programma OTL.exe versione 3.2.69.0 non interagisce più con Windows
ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema,
verificare la cronologia del problema in Centro operativo nel Pannello di controllo.

ID
processo: 2e9c Ora di avvio: 01ced8d67bf0c282 Ora di chiusura: 4 Percorso applicazione:
C:\Users\Federica\Desktop\OTL.exe ID segnalazione:

[ HP Wireless Assistant Events ]
Error - 26/10/2011 17:39:42 | Computer Name = Federica-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Server RPC non disponibile.
(Eccezione da HRESULT: 0x800706BA) in System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) in System.Management.ManagementScope.InitializeGuts(Object
o) in System.Management.ManagementScope.Initialize() in System.Management.ManagementObject.Initialize(Boolean
getObject) in System.Management.ManagementBaseObject.get_Properties() in System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) in HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 26/10/2011 17:40:42 | Computer Name = Federica-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Server RPC non disponibile.
(Eccezione da HRESULT: 0x800706BA) in System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) in System.Management.ManagementScope.InitializeGuts(Object
o) in System.Management.ManagementScope.Initialize() in System.Management.ManagementObject.Initialize(Boolean
getObject) in System.Management.ManagementBaseObject.get_Properties() in System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) in HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 26/10/2011 17:41:42 | Computer Name = Federica-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Server RPC non disponibile.
(Eccezione da HRESULT: 0x800706BA) in System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) in System.Management.ManagementScope.InitializeGuts(Object
o) in System.Management.ManagementScope.Initialize() in System.Management.ManagementObject.Initialize(Boolean
getObject) in System.Management.ManagementBaseObject.get_Properties() in System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) in HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 26/10/2011 17:42:42 | Computer Name = Federica-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Server RPC non disponibile.
(Eccezione da HRESULT: 0x800706BA) in System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) in System.Management.ManagementScope.InitializeGuts(Object
o) in System.Management.ManagementScope.Initialize() in System.Management.ManagementObject.Initialize(Boolean
getObject) in System.Management.ManagementBaseObject.get_Properties() in System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) in HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 26/10/2011 17:43:42 | Computer Name = Federica-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Server RPC non disponibile.
(Eccezione da HRESULT: 0x800706BA) in System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) in System.Management.ManagementScope.InitializeGuts(Object
o) in System.Management.ManagementScope.Initialize() in System.Management.ManagementObject.Initialize(Boolean
getObject) in System.Management.ManagementBaseObject.get_Properties() in System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) in HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 26/10/2011 17:44:42 | Computer Name = Federica-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Server RPC non disponibile.
(Eccezione da HRESULT: 0x800706BA) in System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) in System.Management.ManagementScope.InitializeGuts(Object
o) in System.Management.ManagementScope.Initialize() in System.Management.ManagementObject.Initialize(Boolean
getObject) in System.Management.ManagementBaseObject.get_Properties() in System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) in HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 26/10/2011 17:45:42 | Computer Name = Federica-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Server RPC non disponibile.
(Eccezione da HRESULT: 0x800706BA) in System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) in System.Management.ManagementScope.InitializeGuts(Object
o) in System.Management.ManagementScope.Initialize() in System.Management.ManagementObject.Initialize(Boolean
getObject) in System.Management.ManagementBaseObject.get_Properties() in System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) in HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 26/10/2011 17:46:42 | Computer Name = Federica-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Server RPC non disponibile.
(Eccezione da HRESULT: 0x800706BA) in System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) in System.Management.ManagementScope.InitializeGuts(Object
o) in System.Management.ManagementScope.Initialize() in System.Management.ManagementObject.Initialize(Boolean
getObject) in System.Management.ManagementBaseObject.get_Properties() in System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) in HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 29/03/2013 17:37:41 | Computer Name = Federica-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException in System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) in System.Management.ManagementObject.Initialize(Boolean
getObject) in System.Management.ManagementBaseObject.get_Properties() in System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) in HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 21/09/2013 04:06:28 | Computer Name = Federica-HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 in HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) in HPPA_Service.CurrentConfiguration.ReloadRadioList()

[ OSession Events ]
Error - 05/10/2013 08:57:57 | Computer Name = Federica-HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 21944
seconds with 1080 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 29/10/2013 09:46:36 | Computer Name = Federica-HP | Source = Schannel | ID = 36888
Description = Generato avviso di errore irreversibile: 10. Lo stato dell'errore
interno è 10.

Error - 29/10/2013 09:47:08 | Computer Name = Federica-HP | Source = Schannel | ID = 36888
Description = Generato avviso di errore irreversibile: 10. Lo stato dell'errore
interno è 10.

Error - 29/10/2013 09:47:09 | Computer Name = Federica-HP | Source = Schannel | ID = 36888
Description = Generato avviso di errore irreversibile: 10. Lo stato dell'errore
interno è 10.

Error - 29/10/2013 09:47:23 | Computer Name = Federica-HP | Source = Schannel | ID = 36888
Description = Generato avviso di errore irreversibile: 10. Lo stato dell'errore
interno è 10.

Error - 31/10/2013 17:30:08 | Computer Name = Federica-HP | Source = Service Control Manager | ID = 7000
Description = Il servizio LiveUpSC non è stato avviato per il seguente errore: %%2

Error - 01/11/2013 04:30:03 | Computer Name = Federica-HP | Source = Service Control Manager | ID = 7000
Description = Il servizio LiveUpSC non è stato avviato per il seguente errore: %%2

Error - 01/11/2013 05:29:16 | Computer Name = Federica-HP | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 millisecondi) durante l'attesa della risposta alla
transazione dal servizio iphlpsvc.

Error - 01/11/2013 06:40:17 | Computer Name = Federica-HP | Source = EventLog | ID = 6008
Description = Precedente arresto del sistema inatteso a 11:14:09 su ?01/?11/?2013.

Error - 01/11/2013 06:40:45 | Computer Name = Federica-HP | Source = Service Control Manager | ID = 7000
Description = Il servizio LiveUpSC non è stato avviato per il seguente errore: %%2

Error - 01/11/2013 06:41:29 | Computer Name = Federica-HP | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 millisecondi) durante l'attesa della risposta alla
transazione dal servizio HPWMISVC.


< End of report >
L'evoluzione c'entra sempre.
Avatar utente
boba74
Utente Senior
 
Post: 173
Iscritto il: 07/08/07 13:57

Re: MonsterMarketplace

Postdi shel » 04/11/13 12:15

apri otl e copia nel box bianco questo testo

Codice: Seleziona tutto
:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
CHR - default_search_provider: search_url = http://isearch.babylon.com/web/{searchTerms}?babsrc=browsersearch

:Files
ipconfig /flushdns /c

:commands
[purity]
[Reboot]


premi run fix e allega il log che trovi in questo percorso

C:\_OTL\MovedFiles\ ggMMaaaa_hhmmss.log
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: MonsterMarketplace

Postdi boba74 » 05/11/13 22:28

Ecco fatto:

========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Use Chrome's Settings page to remove the default_search_provider items.
========== FILES ==========
< ipconfig /flushdns /c >
Configurazione IP di Windows
Cache del resolver DNS svuotata.
C:\Users\Federica\Desktop\cmd.bat deleted successfully.
C:\Users\Federica\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 11052013_221918
L'evoluzione c'entra sempre.
Avatar utente
boba74
Utente Senior
 
Post: 173
Iscritto il: 07/08/07 13:57

Re: MonsterMarketplace

Postdi shel » 06/11/13 00:33

il problema persiste?
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: MonsterMarketplace

Postdi boba74 » 06/11/13 21:47

Sì.
Anzi adesso ogni tanto mi compare anche una finestra aperta sul seguente link:

http://stt.streamjs.net/sd/cpops-1.2.0. ... =TubeSaver

che mi propone un "system player update".....
L'evoluzione c'entra sempre.
Avatar utente
boba74
Utente Senior
 
Post: 173
Iscritto il: 07/08/07 13:57

Re: MonsterMarketplace

Postdi boba74 » 06/11/13 21:48

inoltre, nel vari forum (tra cui questo) mi compaiono banner pubblicitari tra un post e l'altro....
L'evoluzione c'entra sempre.
Avatar utente
boba74
Utente Senior
 
Post: 173
Iscritto il: 07/08/07 13:57

Re: MonsterMarketplace

Postdi shel » 06/11/13 22:21

inserisci questo testo nel box di otl, come prima, poi premi run fix e allega il risultato ottenuto


Codice: Seleziona tutto
:OTL
SRV - [2013/01/24 14:46:02 | 000,156,160 | ---- | M] (SsupdService) [Auto | Stopped] -- C:\Users\Federica\AppData\Local\ssupd\ssupd.exe -- (SsupdService)
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{7F52E183-5DF5-4444-8686-FB274F71A31C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox


riavvia il pc e riesegui adwcleaner

clicca su scan e poi su ''clean'' conferma con OK le varie finestre che ti compariranno.

alla fine clicca su Report e allega il contenuto
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: MonsterMarketplace

Postdi boba74 » 06/11/13 22:39

# AdwCleaner v3.011 - Report created 06/11/2013 at 22:34:58
# Updated 03/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Federica - FEDERICA-HP
# Running from : C:\Users\Federica\Downloads\adwcleaner (2).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Federica\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [38076 octets] - [15/10/2013 21:41:33]
AdwCleaner[R1].txt - [1698 octets] - [01/11/2013 09:27:18]
AdwCleaner[R2].txt - [1046 octets] - [06/11/2013 22:31:55]
AdwCleaner[S0].txt - [36623 octets] - [15/10/2013 21:45:17]
AdwCleaner[S1].txt - [1665 octets] - [01/11/2013 09:28:33]
AdwCleaner[S2].txt - [969 octets] - [06/11/2013 22:34:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1028 octets] ##########
L'evoluzione c'entra sempre.
Avatar utente
boba74
Utente Senior
 
Post: 173
Iscritto il: 07/08/07 13:57

Re: MonsterMarketplace

Postdi shel » 06/11/13 22:45

posta anche il risultato dell'ultima scansione di otl, quella di questa sera
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: MonsterMarketplace

Postdi boba74 » 06/11/13 22:53

========== OTL ==========
Service SsupdService stopped successfully!
Service SsupdService deleted successfully!
C:\Users\Federica\AppData\Local\ssupd\ssupd.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F52E183-5DF5-4444-8686-FB274F71A31C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7F52E183-5DF5-4444-8686-FB274F71A31C}\ not found.

OTL by OldTimer - Version 3.2.69.0 log created on 11062013_222613
L'evoluzione c'entra sempre.
Avatar utente
boba74
Utente Senior
 
Post: 173
Iscritto il: 07/08/07 13:57

Re: MonsterMarketplace

Postdi shel » 06/11/13 23:02

che problemi riscontri al momento? descrivili con precisione
shel
Utente Senior
 
Post: 1292
Iscritto il: 29/08/08 21:56

Re: MonsterMarketplace

Postdi boba74 » 07/11/13 20:54

allora, attualmente alcune parole a caso delle pagine web mi si trasformano in link rossi o blu, passandoci sopra con il mouse compaiono delle finestrelle tipo questa:

Immagine
L'evoluzione c'entra sempre.
Avatar utente
boba74
Utente Senior
 
Post: 173
Iscritto il: 07/08/07 13:57

Re: MonsterMarketplace

Postdi boba74 » 09/11/13 10:19

QUando navigo le pagine di google chrome mi si riempiono di banner pubblicitari, inoltre a volte quando apro un link mi si apre oltre alla pagina voluta anche altre finestre aggiuntive contenenti spam....
Le situazione sembra peggiorare....
L'evoluzione c'entra sempre.
Avatar utente
boba74
Utente Senior
 
Post: 173
Iscritto il: 07/08/07 13:57

Prossimo

Torna a Sicurezza e Privacy

Chi c’è in linea

Visitano il forum: Nessuno e 3 ospiti