Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

finestre explorer 8

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: kadosh, Luke57

finestre explorer 8

Postdi paroa » 23/12/13 06:23

explorer 8 su windows xp apriva continuamente delle finestre pubblicitarie da solo rendendo impossibile la navigazione. Dopo essermi informato in rete ho parzialmente risolto il problema utilizzando adwcleaner, tdsskiller, mbam e togliendo dai programmi Poweroffer. Ora va molto meglio ma ogni volta che apro explorer o mozilla si apre, anche se una sola, una finestra pubblicitaria su explorer. Allego quindi il log di HIJACKTHIS nella speranza di poter essere aiutato. grazie

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 6.07.36, on 23/12/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programmi\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe
C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\PDF Complete\pdfsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Protexis\License Service\PsiService_2.exe
c:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SMINST\Scheduler.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\Programmi\CardOS API\bin\cardoscp.exe
C:\Programmi\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programmi\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\pgcchelper\pgcchelper.exe
C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\Administrator\Dati applicazioni\Dropbox\bin\Dropbox.exe
C:\Programmi\HP\Digital Imaging\bin\hpqgalry.exe
C:\Programmi\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programmi\HP\Digital Imaging\bin\hpqbam08.exe
C:\Programmi\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
F:\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.it/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: eSnipBHO - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - (no file)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SetRefresh] C:\Programmi\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [CardOS API] C:\Programmi\CardOS API\bin\cardoscp.exe
O4 - HKLM\..\Run: [avast] "C:\Programmi\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [20131121] C:\Programmi\AVAST Software\Avast\setup\emupdate\59066158-c481-4dd4-9b55-0c9021c02f62.exe /check
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/it.special-uninstall ... U4tWjlLSDQ"&"inst=NzctNTQyNDAxNTgxLUZMKzktUUlYMSs0LVgyMDEwKzItTElDKzEtU1AxKzEtU1VQKzQtRkwxMCsxLVNQMVM0KzEtRERUKzcwMDYtTFNEKzItRjEwTTEyRU4rMS1UQk4rMS1MMTBNSisxLUYxME0xMkpUKzEtVEJDVisxLUMxMFUrMTExMi1GMTBVMTMrMy1GMTBVMTNWKzEtRjEwVTEzUys3"&"prod=90"&"ver=10.0.1432
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [] C:\Programmi\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [pgcchelper] C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\pgcchelper\pgcchelper.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Administrator\Dati applicazioni\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Avvio rapido di HP Image Zone.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Visualizza o nasconde HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programmi\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6369902312
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {057aafb6-680c-42a8-97de-d962357a3a83} - (no file)
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: McAfee Application Installer Cleanup (0296401252136737) (0296401252136737mcinstcleanup) - Unknown owner - C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\029640~1.EXE (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmi\Canon\CAL\CALMAIN.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LiveUpSC - Unknown owner - C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\SoftwareUpdater\SoftwareUpdService.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Programmi\PDF Complete\pdfsvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Programmi\File comuni\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programmi\Skype\Updater\Updater.exe
O23 - Service: Ssupd Service (SsupdService) - SsupdService - C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\ssupd\ssupd.exe

--
End of file - 10379 bytes
paroa
Utente Senior
 
Post: 287
Iscritto il: 25/10/04 14:24
Località: Trento

Sponsor
 

Re: finestre explorer 8

Postdi paroa » 23/12/13 06:25

ecco anche i log di OTL
OTL logfile created on: 23/12/2013 6.14.04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,99 Gb Total Physical Memory | 2,19 Gb Available Physical Memory | 73,16% Memory free
4,83 Gb Paging File | 4,17 Gb Available in Paging File | 86,26% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 449,74 Gb Total Space | 200,16 Gb Free Space | 44,51% Space Free | Partition Type: NTFS
Drive D: | 16,00 Gb Total Space | 11,73 Gb Free Space | 73,29% Space Free | Partition Type: NTFS
Drive F: | 980,72 Mb Total Space | 157,36 Mb Free Space | 16,05% Space Free | Partition Type: FAT

Computer Name: HP18485308981 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - [2013/12/23 05.46.18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2013/12/22 17.00.10 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Programmi\Mozilla Firefox\firefox.exe
PRC - [2013/08/21 07.37.12 | 000,465,920 | ---- | M] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\pgcchelper\pgcchelper.exe
PRC - [2013/05/25 01.47.30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Administrator\Dati applicazioni\Dropbox\bin\Dropbox.exe
PRC - [2013/05/09 09.58.30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Programmi\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 09.58.30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Programmi\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/04/04 14.50.32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/12 11.45.22 | 001,104,824 | ---- | M] (Samsung) -- C:\Programmi\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/08/22 11.47.14 | 000,196,608 | ---- | M] (Atos IT Solutions and Services GmbH) -- C:\Programmi\CardOS API\bin\cardoscp.exe
PRC - [2009/09/08 16.25.52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Programmi\Canon\CAL\CALMAIN.exe
PRC - [2009/07/09 11.22.18 | 000,144,712 | ---- | M] (Apple Inc.) -- C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/08/06 06.58.08 | 001,308,216 | ---- | M] (Trend Micro Inc.) -- F:\HiJackThis_v2.exe
PRC - [2008/04/14 03.14.07 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/07 06.10.52 | 000,576,024 | ---- | M] (PDF Complete Inc) -- C:\Programmi\PDF Complete\pdfsvc.exe
PRC - [2008/01/16 10.41.32 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/07/24 10.15.14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Programmi\File comuni\Protexis\License Service\PsiService_2.exe
PRC - [2007/01/04 18.48.50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/07/10 09.53.08 | 000,872,448 | ---- | M] () -- C:\WINDOWS\SMINST\Scheduler.exe


========== Modules (No Company Name) ==========

MOD - [2013/12/22 17.59.47 | 002,246,144 | ---- | M] () -- C:\Programmi\AVAST Software\Avast\defs\13122201\algo.dll
MOD - [2013/12/22 17.00.09 | 003,559,024 | ---- | M] () -- C:\Programmi\Mozilla Firefox\mozjs.dll
MOD - [2013/08/21 07.37.12 | 000,465,920 | ---- | M] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\pgcchelper\pgcchelper.exe
MOD - [2013/07/13 09.11.49 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_5ba9f37f\mscorlib.dll
MOD - [2013/07/13 09.11.43 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_442ff6e1\system.drawing.dll
MOD - [2013/07/13 09.11.36 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_ea7f6506\system.xml.dll
MOD - [2013/07/13 09.11.27 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_f0c6ebd7\system.windows.forms.dll
MOD - [2013/07/13 09.11.15 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_683468b2\system.dll
MOD - [2013/07/13 09.10.59 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2013/07/13 09.10.56 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2013/07/13 09.10.54 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2013/03/13 21.48.52 | 024,978,944 | ---- | M] () -- C:\Documents and Settings\Administrator\Dati applicazioni\Dropbox\bin\libcef.dll
MOD - [2012/11/14 00.32.50 | 003,558,400 | ---- | M] () -- C:\Documents and Settings\Administrator\Dati applicazioni\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2011/01/08 22.37.44 | 000,032,768 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2011/01/08 22.37.44 | 000,006,144 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_it_a53cf5803f4c3827\hpqcprsc.resources.dll
MOD - [2011/01/08 22.37.42 | 000,614,400 | ---- | M] () -- c:\windows\assembly\gac\hpqietpz\3.0.0.0__a53cf5803f4c3827\hpqietpz.dll
MOD - [2011/01/08 22.37.42 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqietpz.resources\3.0.0.0_it_a53cf5803f4c3827\hpqietpz.resources.dll
MOD - [2011/01/08 22.36.46 | 000,032,768 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2011/01/08 22.36.46 | 000,015,360 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_it_a53cf5803f4c3827\hpqisrtb.resources.dll
MOD - [2011/01/08 22.36.09 | 000,368,640 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\3.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2011/01/08 22.36.09 | 000,241,664 | ---- | M] () -- c:\windows\assembly\gac\hpqtray.resources\3.0.0.0_it_a53cf5803f4c3827\hpqtray.resources.dll
MOD - [2011/01/08 22.36.09 | 000,045,056 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2011/01/08 22.36.08 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\3.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2011/01/08 22.36.08 | 000,151,552 | ---- | M] () -- c:\windows\assembly\gac\hpqgldlg\3.0.0.0__a53cf5803f4c3827\hpqgldlg.dll
MOD - [2011/01/08 22.36.08 | 000,028,672 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\3.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2011/01/08 22.36.08 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\3.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2011/01/08 22.36.08 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\3.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2011/01/08 22.36.08 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc.resources\3.0.0.0_it_a53cf5803f4c3827\hpqfmrsc.resources.dll
MOD - [2011/01/08 22.33.18 | 000,557,056 | ---- | M] () -- c:\windows\assembly\gac\hpqcmctl\3.0.0.0__a53cf5803f4c3827\hpqcmctl.dll
MOD - [2011/01/08 22.33.18 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqccrsc\3.0.0.0__a53cf5803f4c3827\hpqccrsc.dll
MOD - [2011/01/08 22.33.18 | 000,151,552 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\3.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2011/01/08 22.33.18 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\hpqgskin\3.0.0.0__a53cf5803f4c3827\hpqgskin.dll
MOD - [2011/01/08 22.33.18 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqptfnd\3.0.0.0__a53cf5803f4c3827\hpqptfnd.dll
MOD - [2009/09/05 18.19.03 | 000,610,304 | ---- | M] () -- c:\windows\assembly\gac\hpodmres\3.0.0.0__a53cf5803f4c3827\hpodmres.dll
MOD - [2009/09/05 18.19.03 | 000,005,120 | ---- | M] () -- c:\windows\assembly\gac\hpodmres.resources\3.0.0.0_it_a53cf5803f4c3827\hpodmres.resources.dll
MOD - [2009/09/05 18.16.41 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.66__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2009/09/05 18.16.41 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.66__9cf889f53ea9b907\lead.dll
MOD - [2009/09/05 18.16.41 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.66__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2009/09/05 18.16.40 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.66__9cf889f53ea9b907\lead.drawing.dll
MOD - [2009/09/05 18.16.39 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2009/09/05 18.16.39 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\1.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2009/07/16 14.40.03 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2009/07/16 14.38.47 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2006/07/10 09.53.08 | 000,872,448 | ---- | M] () -- C:\WINDOWS\SMINST\Scheduler.exe


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\SoftwareUpdater\SoftwareUpdService.exe -- (LiveUpSC)
SRV - File not found [Auto | Stopped] -- C:\DOCUME~1\ADMINI~1\IMPOST~1\Temp\029640~1.EXE C:\PROGRA~1\FILECO~1\McAfee\INSTAL~1\cleanup.ini -- (0296401252136737mcinstcleanup)
SRV - [2013/12/22 18.16.40 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/22 17.00.09 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/21 08.53.36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programmi\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/09 09.58.30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programmi\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/04/04 14.50.32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14.50.32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/01/24 15.46.02 | 000,156,160 | ---- | M] (SsupdService) [Auto | Stopped] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\ssupd\ssupd.exe -- (SsupdService)
SRV - [2009/09/08 16.25.52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Programmi\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2009/07/09 11.22.18 | 000,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programmi\File comuni\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/11/04 01.06.28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\File comuni\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/04/07 06.10.52 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Programmi\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2008/01/16 10.41.32 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programmi\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/07/24 10.15.14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Programmi\File comuni\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/01/04 18.48.50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Programmi\File comuni\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/10/26 12.03.08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/08/11 19.08.17 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/08/11 19.08.17 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/08/11 19.08.17 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/09 09.59.10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 09.59.10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 09.59.09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 09.59.09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/05/09 09.59.08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/04/04 14.50.32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/06/27 09.37.56 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2012/06/27 09.37.56 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2012/06/27 09.37.56 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2012/06/27 09.37.56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2009/12/15 23.37.14 | 000,038,016 | ---- | M] (Advanced Card Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a38ccid.sys -- (A38CCID)
DRV - [2009/09/05 18.16.13 | 000,043,488 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2007/12/12 19.55.36 | 004,635,648 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007/08/07 17.40.38 | 000,098,944 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007/04/17 19.09.28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi)
DRV - [2006/07/24 15.05.00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2004/08/03 18.29.50 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wVchNTxx.sys -- (iAimFP4)
DRV - [2004/08/03 18.29.48 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wSiINTxx.sys -- (iAimFP3)
DRV - [2004/08/03 18.29.46 | 000,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV10nt.sys -- (iAimTV5)
DRV - [2004/08/03 18.29.46 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004/08/03 18.29.46 | 000,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV06nt.sys -- (iAimTV6)
DRV - [2004/08/03 18.29.44 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV04nt.sys -- (iAimTV3)
DRV - [2004/08/03 18.29.44 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV02NT.sys -- (iAimTV1)
DRV - [2004/08/03 18.29.42 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wATV01nt.sys -- (iAimTV0)
DRV - [2004/08/03 18.29.42 | 000,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV09NT.sys -- (iAimFP7)
DRV - [2004/08/03 18.29.40 | 000,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV07nt.sys -- (iAimFP5)
DRV - [2004/08/03 18.29.40 | 000,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV08NT.sys -- (iAimFP6)
DRV - [2004/08/03 18.29.38 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 18.29.38 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV01nt.sys -- (iAimFP0)
DRV - [2004/08/03 18.29.38 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV02NT.sys -- (iAimFP1)
DRV - [2004/08/03 18.29.38 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wADV05NT.sys -- (iAimFP2)
DRV - [2002/10/01 08.22.32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002/04/04 06.32.06 | 000,028,416 | R--- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\symmpi.sys -- (Symmpi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.it/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKCU\..\SearchScopes,DefaultScope = {8C6940D9-BD92-418B-9663-90919CEFA3CC}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8C6940D9-BD92-418B-9663-90919CEFA3CC}: "URL" = http://search.softonic.com/MOY00010/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=6bfbb977000000000000002421adcfa2&r=359
IE - HKCU\..\SearchScopes\{93EA94D6-7461-4058-969A-7E64AB081608}: "URL" = http://search.avg.com/route/?d=4be27823 ... =chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://www.google.it/"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programmi\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Programmi\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programmi\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Programmi\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/06 20.32.33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programmi\AVAST Software\Avast\WebRep\FF [2013/08/11 19.07.44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Programmi\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programmi\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/06 20.32.33 | 000,000,000 | ---D | M]

[2013/09/10 15.44.09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dati applicazioni\Mozilla\Extensions
[2013/09/10 15.44.09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dati applicazioni\Mozilla\Extensions\rmastri@liceomalpighi.bo.it
[2013/12/20 06.12.11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\0zt7ul4g.default\extensions
[2013/12/22 16.59.52 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2013/12/22 16.59.51 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\browser\extensions
[2013/12/22 17.00.12 | 000,000,000 | ---D | M] (Default) -- C:\Programmi\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/08/11 19.07.44 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAMMI\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - Extension: Primo utente = C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\

O1 HOSTS File: ([2006/03/02 03.00.00 | 000,000,768 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Guida per l'accesso a Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {147D6308-0614-4112-89B1-31402F9B82C4} - No CLSID value found.
O4 - HKLM..\Run: [20131121] C:\Programmi\AVAST Software\Avast\setup\emupdate\59066158-c481-4dd4-9b55-0c9021c02f62.exe (AVAST Software)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Programmi\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CardOS API] C:\Programmi\CardOS API\bin\cardoscp.exe (Atos IT Solutions and Services GmbH)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\WINDOWS\CREATOR\Remind_XP.exe ()
O4 - HKLM..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe ()
O4 - HKLM..\Run: [SetRefresh] C:\Programmi\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [] C:\Programmi\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [Facebook Update] C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [pgcchelper] C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\pgcchelper\pgcchelper.exe ()
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Administrator\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk = C:\Documents and Settings\Administrator\Dati applicazioni\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Avvio rapido di HP Image Zone.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programmi\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 6369902312 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDAEF28C-13F2-4C99-9079-1366AE6B4B9C}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\File comuni\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmi\File comuni\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 16.01.00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{7941f6f4-d9b0-11de-a477-002421adcfa2}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{7941f6f4-d9b0-11de-a477-002421adcfa2}\Shell\Open(0)\command - "" = Recycled\ctfmon.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 60 Days ==========

[2013/12/23 05.46.12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013/12/22 20.44.46 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2013/12/22 18.14.28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Mozilla
[2013/12/22 18.14.27 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Maintenance Service
[2013/12/22 17.47.11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\Malwarebytes
[2013/12/22 17.46.59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
[2013/12/22 17.46.58 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/12/22 17.46.58 | 000,000,000 | ---D | C] -- C:\Programmi\Malwarebytes' Anti-Malware
[2013/12/22 17.07.22 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/12/22 16.59.50 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Firefox
[2013/12/20 07.21.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\LavasoftStatistics
[2013/12/20 07.05.23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Lavasoft
[2013/12/20 07.05.06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Documenti\Download
[2013/12/20 06.30.36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/12/20 06.05.52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Mozilla
[2013/11/14 23.18.04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dati applicazioni\PhotoScape
[2013/11/14 23.17.56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\PhotoScape
[2013/11/14 23.17.41 | 000,000,000 | ---D | C] -- C:\Programmi\PhotoScape
[2013/11/14 23.16.05 | 021,331,096 | ---- | C] (Mooii) -- C:\Documents and Settings\Administrator\Desktop\PhotoScape_V3-6-5.exe
[2013/11/14 23.16.05 | 003,683,336 | ---- | C] (Systweak Inc ) -- C:\Documents and Settings\Administrator\Desktop\rcpsetup_softonic_sd_global.exe
[2013/11/13 21.34.08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\cache
[2013/11/13 21.34.07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Mobogenie
[2013/11/13 21.34.07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Documenti\Mobogenie
[2013/11/13 21.31.27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\pgcchelper
[2013/11/01 19.28.06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documenti\CrashDump
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\Administrator\Documenti\*.tmp files -> C:\Documents and Settings\Administrator\Documenti\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2013/12/23 05.46.18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013/12/23 05.44.15 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/12/23 05.44.00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2013/12/23 05.29.18 | 000,000,370 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/12/23 05.28.12 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/12/23 05.26.39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/12/22 19.22.10 | 000,001,042 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1927467988-3924483407-3894107164-500UA.job
[2013/12/22 18.16.39 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/12/22 18.16.39 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/12/22 17.47.01 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/12/20 06.05.47 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/12/18 23.49.44 | 000,243,712 | ---- | M] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/12/18 22.53.03 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI
[2013/12/18 22.37.27 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/12/18 22.22.05 | 000,001,020 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1927467988-3924483407-3894107164-500Core.job
[2013/12/15 10.20.00 | 000,002,517 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
[2013/12/12 11.53.17 | 000,364,912 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/12/04 19.51.49 | 000,007,405 | ---- | M] () -- C:\Documents and Settings\Administrator\Documenti\Nuovo OpenDocument - Testo.odt
[2013/12/04 15.15.47 | 000,587,274 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2013/12/04 15.15.47 | 000,546,676 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/12/04 15.15.47 | 000,116,096 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2013/12/04 15.15.47 | 000,104,556 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/11/14 23.23.42 | 004,809,768 | ---- | M] (Thutjuomfh) -- C:\Documents and Settings\Administrator\Desktop\plus-hd-2-6.exe
[2013/11/14 23.17.57 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\PhotoScape.lnk
[2013/11/14 23.16.46 | 003,683,336 | ---- | M] (Systweak Inc ) -- C:\Documents and Settings\Administrator\Desktop\rcpsetup_softonic_sd_global.exe
[2013/11/14 23.16.36 | 021,331,096 | ---- | M] (Mooii) -- C:\Documents and Settings\Administrator\Desktop\PhotoScape_V3-6-5.exe
[2013/11/13 03.59.31 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imagehlp.dll
[2013/11/07 06.38.51 | 000,591,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2013/11/01 19.28.58 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dati applicazioni\LauncherAccess.dt
[2013/10/30 03.52.03 | 001,879,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2013/10/30 03.52.03 | 001,879,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2013/10/29 08.57.02 | 006,020,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013/10/29 08.57.02 | 001,216,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2013/10/29 08.57.02 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2013/10/29 08.57.02 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013/10/29 08.57.02 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2013/10/29 08.57.02 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013/10/29 08.57.02 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2013/10/29 08.57.02 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2013/10/29 08.57.02 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2013/10/29 08.57.02 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2013/10/29 08.57.02 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013/10/29 08.57.02 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2013/10/29 08.57.02 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2013/10/29 08.57.02 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013/10/29 08.57.01 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013/10/29 08.57.01 | 002,006,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013/10/29 08.57.01 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2013/10/29 08.57.01 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013/10/29 08.57.01 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/10/29 08.57.01 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/10/29 08.57.01 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2013/10/29 08.57.01 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013/10/29 08.57.01 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2013/10/29 08.57.01 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2013/10/29 08.57.01 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2013/10/29 08.57.01 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2013/10/29 08.57.01 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2013/10/29 08.57.01 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2013/10/29 08.57.01 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2013/10/29 08.57.01 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2013/10/29 06.15.36 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2013/10/29 06.15.36 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2013/10/29 01.45.18 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2013/10/28 23.37.16 | 000,000,646 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Kobo.lnk
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\Administrator\Documenti\*.tmp files -> C:\Documents and Settings\Administrator\Documenti\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/12/22 17.47.01 | 000,000,756 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/12/20 06.05.47 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Mozilla Firefox.lnk
[2013/12/20 06.05.47 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/12/19 15.44.02 | 000,000,030 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dati applicazioni\WB.CFG
[2013/12/04 19.51.49 | 000,007,405 | ---- | C] () -- C:\Documents and Settings\Administrator\Documenti\Nuovo OpenDocument - Testo.odt
[2013/11/14 23.17.57 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\PhotoScape.lnk
[2013/11/13 21.44.08 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2013/11/02 00.23.05 | 000,193,280 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
[2013/08/11 19.08.17 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013/08/11 19.08.17 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013/08/11 19.08.17 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013/08/11 19.08.09 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/08/11 19.08.08 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/01/14 20.46.22 | 000,298,898 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-System.dat
[2012/10/29 12.09.28 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012/10/29 12.09.28 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012/10/29 12.09.28 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012/10/29 12.09.28 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2012/10/29 12.09.28 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2012/05/16 21.26.47 | 000,000,590 | ---- | C] () -- C:\WINDOWS\CDPlayer.ini
[2012/04/24 20.08.00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dati applicazioni\LauncherAccess.dt
[2012/04/24 20.06.32 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2012/02/15 09.34.28 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/30 07.12.44 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\cardoscp.dll
[2012/01/06 20.24.21 | 000,179,252 | ---- | C] () -- C:\WINDOWS\hpoins51.dat
[2012/01/06 20.24.20 | 000,000,572 | ---- | C] () -- C:\WINDOWS\hpomdl51.dat
[2010/11/08 11.33.00 | 015,116,598 | ---- | C] () -- C:\Documents and Settings\Administrator\Dati applicazioni\ZBWallpaper.bmp
[2009/09/05 21.09.22 | 000,243,712 | ---- | C] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/16 14.39.41 | 000,000,142 | ---- | C] () -- C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\fusioncache.dat

========== ZeroAccess Check ==========

[2009/07/16 14.38.50 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/07/18 17.03.04 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11.51.43 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 03.13.56 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/01/14 19.08.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\calibre
[2012/04/14 15.13.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\canon
[2012/04/24 20.09.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\ConvertTemp
[2013/06/07 21.34.56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\DirectDrawEx
[2013/12/23 05.31.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\Dropbox
[2013/06/03 20.08.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\LibreOffice
[2010/03/15 20.18.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\Logia
[2013/11/14 23.41.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\PhotoScape
[2011/10/15 11.02.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\Qymiib
[2009/09/05 17.33.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\SampleView
[2012/12/17 14.48.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\Samsung
[2012/04/24 20.17.27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\Temporary
[2012/04/24 20.21.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\TransRender
[2013/08/11 09.17.45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\TuneUp Software
[2013/03/26 20.42.20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\uTorrent
[2013/09/10 15.44.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\www.rmastri.it
[2011/10/14 20.40.45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dati applicazioni\Ykebmy
[2013/08/11 19.07.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVAST Software
[2013/01/23 19.56.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVG January 2013 Campaign
[2010/11/26 16.47.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\avg9
[2010/11/26 17.39.35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Common Files
[2012/11/25 21.02.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Samsung
[2009/09/05 17.33.47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2009/09/05 18.05.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Administrator\Desktop\plus-hd-2-6.exe:SummaryInformation

< End of report >
paroa
Utente Senior
 
Post: 287
Iscritto il: 25/10/04 14:24
Località: Trento

Re: finestre explorer 8

Postdi paroa » 23/12/13 06:27

e infine EXTRAS OTL

OTL Extras logfile created on: 23/12/2013 6.14.04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,99 Gb Total Physical Memory | 2,19 Gb Available Physical Memory | 73,16% Memory free
4,83 Gb Paging File | 4,17 Gb Available in Paging File | 86,26% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 449,74 Gb Total Space | 200,16 Gb Free Space | 44,51% Space Free | Partition Type: NTFS
Drive D: | 16,00 Gb Total Space | 11,73 Gb Free Space | 73,29% Space Free | Partition Type: NTFS
Drive F: | 980,72 Mb Total Space | 157,36 Mb Free Space | 16,05% Space Free | Partition Type: FAT

Computer Name: HP18485308981 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"5159:TCP" = 5159:TCP:*:Enabled:Remote Assistance Local
"6605:TCP" = 6605:TCP:*:Enabled:Remote Assistance Remote

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programmi\McAfee\Managed VirusScan\Agent\myAgtSvc.exe" = C:\Programmi\McAfee\Managed VirusScan\Agent\myAgtSvc.exe:*:Enabled:Managed Services Agent
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programmi\Windows Live\Messenger\msnmsgr.exe" = C:\Programmi\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqste08.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hposid01.exe" = C:\Programmi\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Programmi\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programmi\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programmi\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Programmi\HP\Digital Imaging\bin\hpqpse.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Programmi\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\HP Software Update\hpwucli.exe" = C:\Programmi\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Programmi\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\SMINST\Scheduler.exe" = C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler -- ()
"C:\Programmi\Bonjour\mDNSResponder.exe" = C:\Programmi\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Programmi\iTunes\iTunes.exe" = C:\Programmi\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programmi\eMule\emule.exe" = C:\Programmi\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\WINDOWS\system32\mshta.exe" = C:\WINDOWS\system32\mshta.exe:*:Disabled:Microsoft (R) HTML Application host -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programmi\Messenger\msmsgs.exe" = C:\Programmi\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Programmi\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programmi\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Dati applicazioni\Windows Internet Name Service\wins.exe" = C:\WINDOWS\system32\config\systemprofile\Impostazioni locali\Dati applicazioni\Windows Internet Name Service\wins.exe:*:Enabled:Windows Internet Name Service
"C:\Programmi\HP\Digital Imaging\bin\Hpqdirec.exe" = C:\Programmi\HP\Digital Imaging\bin\Hpqdirec.exe:*:Enabled:HP Director -- (Hewlett-Packard Company)
"C:\Programmi\HP\Diagnostic Assistant\bin\hprbevwr.exe" = C:\Programmi\HP\Diagnostic Assistant\bin\hprbevwr.exe:*:Enabled:HP Diagnostic Assistant -- (Hewlett-Packard)
"C:\WINDOWS\SMINST\ConfigScheduler.exe" = C:\WINDOWS\SMINST\ConfigScheduler.exe:*:Enabled:HP Schedulazione dei backup -- (SoftThinks)
"C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe:*:Enabled:Image Zone -- (Hewlett-Packard Co.)
"C:\Programmi\Windows Live\Messenger\msnmsgr.exe" = C:\Programmi\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqste08.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hposid01.exe" = C:\Programmi\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Programmi\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programmi\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programmi\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Programmi\HP\Digital Imaging\bin\hpqpse.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Programmi\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Programmi\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
"C:\Programmi\HP\HP Software Update\HPWUCli.exe" = C:\Programmi\HP\HP Software Update\HPWUCli.exe:*:Enabled:Aggiornamento del software HP -- (Hewlett-Packard)
"C:\Programmi\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Programmi\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
"C:\Documents and Settings\Administrator\Dati applicazioni\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Administrator\Dati applicazioni\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"C:\Programmi\Skype\Phone\Skype.exe" = C:\Programmi\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0830C2E8-01B9-4CD1-B218-12B0107D5BED}" = calibre
"{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}" = Canon PhotoRecord
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{1859BB19-EF0A-4196-9F48-569499FE7420}" = Raccolta foto di Windows Live
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Strumento di caricamento di Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26BDE7D8-93F0-4A07-AD47-1707DB417941}" = Camera Support Core Library
"{289678F6-FF27-441c-B795-CB77192C8B78}" = CameraUserGuides
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29B3C64A-0F93-47CD-9C54-72C0C5578487}" = Samsung PC Studio
"{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects
"{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{373CDA0D-A5B1-4BCB-8E74-C6337DC4A259}" = Microsoft .NET Framework 2.0 Language Pack - ITA
"{39AE27EE-A148-48A3-B98D-35498C4D9719}" = Windows Live Messenger
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = HP Backup and Recovery Manager
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{450A707B-DDB7-40BF-87A2-1D876849B882}" = Status
"{452622B2-CFF1-4373-B773-141FC10A2AB6}" = hpicamDrvQFolder
"{4ceda886-a089-4f97-a408-27ae660d7760}" = Business Contact Manager per Outlook 2007 SP2
"{4D2D9016-70A9-4D91-9AA7-686ACAF056D9}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{505522F8-9BAF-4CB4-8767-EE074BB0ECE1}" = PS_AIO_07_B010_SW_Min
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{55D2E060-9CCB-47B7-BBC2-FE71A1604B65}" = Microsoft SQL Server Native Client
"{563B0284-EAB1-459e-93E0-6BAEBC9AB74C}_is1" = Expert System Point&Go Platform
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{6379FD0A-8964-4A50-80A6-B20B65117905}" = File di supporto dell'installazione di Microsoft SQL Server (Italiano)
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196}" = RAW Image Task 1.1
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F695BCF-9BDC-48AB-8D46-D57CFAD7A248}" = Assistente per l'accesso a Windows Live
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}" = overland
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8E814717-DE49-4A4A-BD12-39102F9C9FD0}" = CardOS API
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0010-0410-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Italian) 12
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0410-0000-0000000FF1CE}" = Pacchetto di compatibilità per Office System 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90280410-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional con FrontPage
"{90A40410-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 - Componenti Web
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1
"{98DC1DDF-1263-4F12-9BE1-E3286CBF2B02}" = HP Photosmart B010 All-In-One Driver Software 14.0 Rel. 7
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects
"{9CEB017E-CC16-4C89-B9E4-AAB5A1DD12F9}" = Windows Live Essentials
"{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Componenti di connettività di Microsoft Office Small Business
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1040-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Italiano
"{AD13BFB0-FDD2-4AFA-A8AF-9F4A950D56B7}" = ArcSoft Camera Suite 1.3
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B32C75F2-7495-4D01-9431-C11E97D66F8C}" = DocProc
"{B3C7F047-E139-42a8-8A27-F76CB72B445E}" = HP Fotocamere Photosmart 9.0
"{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates
"{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D}" = DocumentViewer
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC339BFD-F550-471a-8D26-4D08126C62F7}" = SkinsHP2
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support
"{C3C640B8-95B6-40AE-A058-BE4896CD3010}" = Windows Live Call
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{C6D950F6-14D4-4F6B-A298-33BA1C50758C}" = B010
"{C89F2092-B9E4-46FD-83BB-C6F2D7838CED}" = Windows Live Sync
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}" = RemoteCapture Task 1.0.3
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D35F2948-56D5-43C2-8524-8893AED0469C}_is1" = WEBpatente 4.0
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D867B4B4-D6D7-40BC-AE63-742C9EC03023}" = Microsoft SQL Server VSS Writer
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{E31A24A7-CF73-42B7-8FA1-26644296C9E3}" = Windows Live Mail
"{E93525C8-AB72-40ad-845F-34393FA2F9FE}" = CameraDrivers
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2D2B58B-B2FD-46D1-8319-DCE564079934}" = Microsoft .NET Framework 1.1 Italian Language Pack
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F77ED0CD-2E5E-4FC7-82E0-BB7D461E739F}" = LibreOffice 4.0.3.3
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FF102450-55AA-4AE1-ACE4-E271E2470C83}" = hpmdtab
"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"Bit4Id - miniLector" = Bit4Id - miniLector
"Business Contact Manager" = Business Contact Manager per Outlook 2007 SP2
"CAL" = Canon Camera Access Library
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowLauncher" = Canon Utilities CameraWindow Launcher
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CCleaner" = CCleaner (remove only)
"CDex" = CDex extraction audio
"DVD Decrypter" = DVD Decrypter (Remove Only)
"eMule" = eMule
"FormatFactory" = FormatFactory 2.70
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.0
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo & Imaging" = HP Image Zone 4.2
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{26BDE7D8-93F0-4A07-AD47-1707DB417941}" = Canon Camera Support Core Library
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"InstallShield_{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196}" = Canon RAW Image Task for ZoomBrowser EX
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}" = Canon RemoteCapture Task for ZoomBrowser EX
"Kobo" = Kobo
"LHTTSITI" = L&H TTS3000 Italiano
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - ITA" = Microsoft .NET Framework 2.0 - Language Pack (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 26.0 (x86 it)" = Mozilla Firefox 26.0 (x86 it)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyCamera" = Canon Utilities MyCamera
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"Nero - Burning Rom!UninstallKey" = Nero 6
"PDF Complete" = PDF Complete
"PhotoScape" = PhotoScape
"PhotoStitch" = Canon Utilities PhotoStitch
"PROHYBRIDR" = 2007 Microsoft Office system
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"Shop for HP Supplies" = Shop for HP Supplies
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR gestione archivi
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"pgcchelper" = pgcchelper

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 22/12/2013 10.56.58 | Computer Name = HP18485308981 | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido

Error - 22/12/2013 11.15.10 | Computer Name = HP18485308981 | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore iexplore.exe, versione 8.0.6001.18702,
modulo che ha provocato l'errore mshtml.dll, versione 8.0.6001.23543, indirizzo
errore 0x001b2ee0.

Error - 22/12/2013 11.15.22 | Computer Name = HP18485308981 | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore iexplore.exe, versione 8.0.6001.18702,
modulo che ha provocato l'errore mshtml.dll, versione 8.0.6001.23543, indirizzo
errore 0x001b2ee0.

Error - 22/12/2013 11.15.30 | Computer Name = HP18485308981 | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore iexplore.exe, versione 8.0.6001.18702,
modulo che ha provocato l'errore mshtml.dll, versione 8.0.6001.23543, indirizzo
errore 0x001b2ee0.

Error - 22/12/2013 12.06.03 | Computer Name = HP18485308981 | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore iexplore.exe, versione 8.0.6001.18702,
modulo che ha provocato l'errore mshtml.dll, versione 8.0.6001.23543, indirizzo
errore 0x001b2ee0.

Error - 22/12/2013 12.06.29 | Computer Name = HP18485308981 | Source = Application Error | ID = 1000
Description = Applicazione che ha provocato l'errore iexplore.exe, versione 8.0.6001.18702,
modulo che ha provocato l'errore mshtml.dll, versione 8.0.6001.23543, indirizzo
errore 0x001b2ee0.

Error - 22/12/2013 12.15.22 | Computer Name = HP18485308981 | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido

Error - 22/12/2013 13.10.48 | Computer Name = HP18485308981 | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido

Error - 22/12/2013 15.38.44 | Computer Name = HP18485308981 | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido

Error - 23/12/2013 0.28.44 | Computer Name = HP18485308981 | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido

[ System Events ]
Error - 22/12/2013 13.08.59 | Computer Name = HP18485308981 | Source = Service Control Manager | ID = 7000
Description = Il servizio LiveUpSC non è stato avviato per il seguente errore: %%3

Error - 22/12/2013 13.10.20 | Computer Name = HP18485308981 | Source = Service Control Manager | ID = 7022
Description = Servizio Ssupd Service bloccato in partenza.

Error - 22/12/2013 13.44.00 | Computer Name = HP18485308981 | Source = Schedule | ID = 7901
Description = Avvio del comando At1.job non riuscito a causa del seguente errore:
%%2147942403

Error - 22/12/2013 14.44.01 | Computer Name = HP18485308981 | Source = Schedule | ID = 7901
Description = Avvio del comando At1.job non riuscito a causa del seguente errore:
%%2147942403

Error - 22/12/2013 15.36.42 | Computer Name = HP18485308981 | Source = Service Control Manager | ID = 7000
Description = Il servizio LiveUpSC non è stato avviato per il seguente errore: %%3

Error - 22/12/2013 15.38.09 | Computer Name = HP18485308981 | Source = Service Control Manager | ID = 7022
Description = Servizio Ssupd Service bloccato in partenza.

Error - 22/12/2013 15.44.00 | Computer Name = HP18485308981 | Source = Schedule | ID = 7901
Description = Avvio del comando At1.job non riuscito a causa del seguente errore:
%%2147942403

Error - 23/12/2013 0.26.55 | Computer Name = HP18485308981 | Source = Service Control Manager | ID = 7000
Description = Il servizio LiveUpSC non è stato avviato per il seguente errore: %%3

Error - 23/12/2013 0.28.18 | Computer Name = HP18485308981 | Source = Service Control Manager | ID = 7022
Description = Servizio Ssupd Service bloccato in partenza.

Error - 23/12/2013 0.44.00 | Computer Name = HP18485308981 | Source = Schedule | ID = 7901
Description = Avvio del comando At1.job non riuscito a causa del seguente errore:
%%2147942403


< End of report >
paroa
Utente Senior
 
Post: 287
Iscritto il: 25/10/04 14:24
Località: Trento

Re: finestre explorer 8

Postdi FDACCC » 23/12/13 12:46

Codice: Seleziona tutto
Dopo essermi informato in rete ho parzialmente risolto il problema utilizzando adwcleaner, tdsskiller, mbam


Era meglio prima chiedere sul forum, invece di agire subito.


Diciamo che il tuo PC è pieno come un uovo; di rimasugli, di robaccia..

Avvia HiJackThis e:
● clicca sul pulsante Do a system scan only/Scan
● a sinistra, metti la spunta accanto ad ogni singola voce che ti indicherò sotto (non spuntare tutte le voce , solo quelle riportate sotto, mi raccomando)
● spuntate le voci, termina tutti i programmi attivi, comprese le pagine Internet
● clicca, in basso a sinistra, sul pulsante Fix checked; potrebbe comparire un'ulteriore finestra durante il fix delle voci: clicca su
Queste sono le voci da fixare:

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: eSnipBHO - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SetRefresh] C:\Programmi\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [CardOS API] C:\Programmi\CardOS API\bin\cardoscp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/it.special-uninstall ... U4tWjlLSDQ"&"inst=NzctNTQyNDAxNTgxLUZMKzktUUlYMSs0LVgyMDEwKzItTElDKzEtU1AxKzEtU1VQKzQtRkwxMCsxLVNQMVM0KzEtRERUKzcwMDYtTFNEKzItRjEwTTEyRU4rMS1UQk4rMS1MMTBNSisxLUYxME0xMkpUKzEtVEJDVisxLUMxMFUrMTExMi1GMTBVMTMrMy1GMTBVMTNWKzEtRjEwVTEzUys3"&"prod=90"&"ver=10.0.1432
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [] C:\Programmi\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [pgcchelper] C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\pgcchelper\pgcchelper.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Administrator\Dati applicazioni\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Avvio rapido di HP Image Zone.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmi\HP\Digital Imaging\bin\hpqtra08.exe
O18 - Filter hijack: text/html - {057aafb6-680c-42a8-97de-d962357a3a83} - (no file)

● se riscontrassi problemi (impossibilità di leggere il file Hosts, finestra di Notepad vuota), recati al percorso:
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe (per Sistemi Operativi a 32 Bit)
C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe (per Sistemi Operativi a 64 Bit)
e clicca con il tasto destro del mouse sul file in questione, scegliendo la voce Esegui come amministratore

Poi;

● clicca sul pulsante Start
● clicca su Esegui
● nello spazio bianco, digita cmd, si aprirà il Prompt dei comandi
● copia ed incolla questa riga:
sc delete 0296401252136737
● clicca sul pulsante Invio

La stessa cosa, con i comandi;
0296401252136737mcinstcleanup
LiveUpSC

Al riavvio, elimina la cartella;
C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\SoftwareUpdater

Se presenti, elimina anche queste cartelle;
C:\Documents and Settings\Diego\Impostazioni locali\Dati applicazioni\PosService
C:\Documents and Settings\Diego\Impostazioni locali\Dati applicazioni\ServUpdater
C:\Documents and Settings\Diego\Impostazioni locali\Dati applicazioni\PowerOffer

Quindi;
Scarica AdwCleaner: http://www.bleepingcomputer.com/download/adwcleaner/
● termina tutti i programmi aperti
● clicca sul pulsante Cerca
● attendi pazientemente il termine della scansione
● clicca sul pulsante Elimina e conferma cliccando OK
● prosegui cliccando OK per altre due volte: il sistema si riavvia automaticamente
allega il log che compare al riavvio

Di MalwareBytes hai la versione Premium o gratuita?

Ciao e buon lavoro.
FDACCC
Utente Senior
 
Post: 170
Iscritto il: 20/12/13 10:16

Re: finestre explorer 8

Postdi paroa » 23/12/13 15:15

ho la versione gratuita, però su tutte le voci che mi dici di fixare ce ne sono alcune reletive a programmi che uso tipo HP, cardOS, samsung, dropbox, siamo sicuri???
paroa
Utente Senior
 
Post: 287
Iscritto il: 25/10/04 14:24
Località: Trento

Re: finestre explorer 8

Postdi FDACCC » 23/12/13 15:40

Se vuoi anche velocizzare l'avvio di Windows, fixa le voci indicate. (Non elimina i programmi ma non li carica in memoria all'avvio, il che vuol dire una maggiore velocità del PC in fase di caricamento.

La voce incriminata comunque è questa;
O4 - HKCU\..\Run: [pgcchelper] C:\Documents and Settings\Administrator\Impostazioni locali\Dati applicazioni\pgcchelper\pgcchelper.exe

Dopodichè segui le istruzioni successive.
FDACCC
Utente Senior
 
Post: 170
Iscritto il: 20/12/13 10:16


Torna a Sicurezza e Privacy


Topic correlati a "finestre explorer 8":


Chi c’è in linea

Visitano il forum: Nessuno e 6 ospiti