Condividi:        

Presntazione e Richiesta aiuto

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

Presntazione e Richiesta aiuto

Postdi sergiopcfacile » 11/02/13 22:47

Sto avendo da un po' un problema che non sono riuscito ancora a risolvere.
Malauguratamente ho scaricato iminent, per sbaglio, non so neanche come...
leggo sui forum cos'è, come rimuoverlo. Vado in pannello di controllo e elimino.
Niente.
Poi Cerco la cartella e la elimino. Niente
Vado nei componenti aggiuntivi, trovo alcune estensioni. LE elimino. Ma non il problema.
Dopo poche ore il mio pc è lentissimo e non riesco a scaricare nulla, nessuno download, dal più pesante al più leggero.
Mi rassegno a rivolgermi a qualche tecnico. Io non sono un mago del pc chiaramente.
Il giorno dopo accendo il pc e per miracolo va un po' meglio, nel senso che riesco a scaricare qualcosa. Scarico revo e un anti malware così come avevo letto, e dopo un po' riesco a trovare, attraverso revo alcuni file di iminent che attraverso le ricerche classiche non trovavo. Elimino tutto. E il pc riprende a camminare bene.
Passa una settimana e si apre da sola una finestre di emoticon e la pagina iniziale con iminent!!!!! :evil: :evil: :evil: :evil:
Per ora il pc va, non ho problemi, ma è evidente che c'è qualcosa che non va. Ho notato poi che dopo aver utilizzato revo e l'antimalware si aprono da sole delle pagine pubblicitarie...
mi metto alla ricerca e trovo questo forum....
ho scaricato sia combofix sia Hijackthis. Ho letto i topic preliminari prima di aprire questo, ma adesso vorrei un aiuto da voi.

Questo è il mio report dopo Hijack this:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22.32.08, on 11/02/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programmi\Samsung\Kies\KiesTrayAgent.exe
C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programmi\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Samsung\Kies\Kies.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Nero\Update\NASvc.exe
C:\Programmi\CDBurnerXP\NMSAccessU.exe
C:\Programmi\File comuni\Umbrella\umbrella.exe
C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Utente\Documenti\Download\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.iminent.com/?appId=F894143 ... EB044CD50B
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Programmi\Iminent\Iminent.WebBooster.InternetExplorer.dll (file missing)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Programmi\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmi\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [MSC] "c:\Programmi\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SsroService] C:\Documents and Settings\All Users\Documenti\Application\CurrentFile\ssadl.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Programmi\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Programmi\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Programmi\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Programmi\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FILECO~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpSC - SoftwareUpdService - C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\SoftwareUpdater\SoftwareUpdService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Programmi\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Programmi\Nero\Update\NASvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programmi\CDBurnerXP\NMSAccessU.exe
O23 - Service: ServiceLayer - Unknown owner - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Dati applicazioni\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programmi\Skype\Updater\Updater.exe
O23 - Service: SProtection - Iminent - C:\Programmi\File comuni\Umbrella\umbrella.exe
O23 - Service: Ssro Service (SsroService) - SsroService - C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\ServiceManager\ssro.exe
O23 - Service: Ssupd Service (SsupdService) - SsupdService - C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\ssupd\ssupd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 9289 bytes


Cosa c'è?
Cosa devo fare?
Grazie
sergiopcfacile
Utente Junior
 
Post: 13
Iscritto il: 11/02/13 22:20

Sponsor
 

Re: Presntazione e Richiesta aiuto

Postdi sergiopcfacile » 11/02/13 22:49

Vedo che proprio in R0 c'è un file riconducibile a Iminent...
sergiopcfacile
Utente Junior
 
Post: 13
Iscritto il: 11/02/13 22:20

Re: Presntazione e Richiesta aiuto

Postdi shel » 11/02/13 22:58

ciao fai subito queste scansioni cosi' come te le imposto

scarica adwcleaner usa solo l'opzione delete (elimina) e post ail log

scarica OTL
Metti la spunta su SCAN ALL USERS.
Sotto output spunta minimal output
Clicca sulla freccettina di File Age e seleziona 60 Days
Metti la spunta a LOP Check and Purity Check.
A fine scansione OTL produrrà due file di log (OTL.txt ed Extras.txt)

Posta i log
shel
Utente Senior
 
Post: 1326
Iscritto il: 29/08/08 21:56

Re: Presntazione e Richiesta aiuto

Postdi sergiopcfacile » 11/02/13 23:27

post ail log che vuole dire?
sergiopcfacile
Utente Junior
 
Post: 13
Iscritto il: 11/02/13 22:20

Re: Presntazione e Richiesta aiuto

Postdi sergiopcfacile » 11/02/13 23:29

Posto i log!!! Dopo ho capito




Codice: Seleziona tutto
# AdwCleaner v2.112 - Logfile creato il 11/02/2013 alle 23:21:26
# Aggiornamento 10/02/2013 by Xplode
# Sistema Operativo : Microsoft Windows XP Service Pack 3 (32 bits)
# Utente : Utente - PC
# Modalità Avvio : Modalità Normale
# Eseguito da : C:\Documents and Settings\Utente\Documenti\Download\adwcleaner.exe
# Opzioni [Elimina]


***** [Servizi] *****


***** [File / Cartelle] *****

Cartella Eliminato : C:\Documents and Settings\All Users\Dati applicazioni\Tarma Installer
Cartella Eliminato : C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\Conduit
Cartella Eliminato : C:\Programmi\Conduit
Cartella Eliminato : C:\Programmi\File comuni\Umbrella

***** [Registro] *****

Chiave Eliminata : HKCU\Software\1ClickDownload
Chiave Eliminata : HKCU\Software\Iminent
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Chiave Eliminata : HKCU\Software\Softonic
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Iminent
Chiave Eliminata : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
Chiave Eliminata : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Chiave Eliminata : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Chiave Eliminata : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
Chiave Eliminata : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Chiave Eliminata : HKLM\Software\Conduit
Chiave Eliminata : HKLM\Software\Iminent
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0702826FCAC36EE52AC0441EEEEE2170
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1198E28F40C3E185E9958608554D4253
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15A073601B9AEC3549BE4A9314794615
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F7C80F9CE5CDF44E9AADDC99402534C
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2310FC151CD4F185798FA0996B3524D7
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\28572D2E2DE533256AC6B560EA573C22
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ABB56EABB920EB59B04BDDD26A62083
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2DABA02DFED47E352A2FA2EBDD6F6187
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\311567B4A9A002050BB9423FD73FB880
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\373FCED70D7F84E5FB5F3F7B76BEE024
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3BE992C130B235E53A2937391FDCA35B
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3DA5F64B3483DE549947A9164ACBAD21
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3ED93605BB9B6635E9D0D86615AF31F1
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4759B017032BA185F9BA6F7DBC95A2D4
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A78ABCBB54E46E5482A3EE0AD66C39E
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4F9E947B6B895EB5A86757FC5D3DB862
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4FEEA83BF72B97E43A2DF0EE4BE4F261
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\509EC7EFB89B7D942997574AB14037A4
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50A730A9A3A61BF5BA70CA8A3B7C133B
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51A95A1D4CDE4F958A9451FBB39BF54A
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\536133807DE80465BA6CD0A9742B7DE5
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E25036E68895D45B95E72D1C3C58C74
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60FD8CD5BE007315CA3B5C7E41F24017
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\618E7D05458C4F257909ED9C8CDC0D66
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\621C21014D3C152529E2460FA6304EE3
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6241FF6F317CABD4EBBEE0DE9076BD94
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\636B9C23C79154B57AB561F39A139BFD
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65AAF0F0CB7F0B45F900FDF19CEAAF2B
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6879A5E348601C45986308CA84958E94
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6A6F3B7A9805E1F5492A1020EEDF2341
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B1F5D204E4EEB342A5AD1D7E60D61BF
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7005A2A4DCF9DD7548137AB17E3A3AF3
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\712EAF07EE73CC65C822CC3BAE3B2483
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7947B301B2446E752A3FE06EAD7D26B5
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7987CE52D13E16258B0E1E3DB1BB0974
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BEED197C514FDA53901AE8DD8EF0891
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DFDCF03D46C34159BDE29FBDBF1ACF5
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\890F436B85B790A55A582B7307DA12CE
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C13DA6755F685B529615C8E92B3CA39
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D07CD9CB3E6BE652872BF06A1CCA782
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90841B1FC98200349925C88999866F17
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94194FDD4DF523E53A888D65722A135D
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95266D07D008D2E4E9B6F8E0DD15432A
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A72F23B1D745C27508518132197BC982
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A89E2B6FB14D8275DA63D075171DA184
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A9C43CD4001E9E4518B274AF9A0EFDA9
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AABA081CF7F19915FBB80B3BAF47CE63
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC2A0FFD0A1686D53A4E24D6E96949E4
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AE5BDB2750259915D8442D4591A7717B
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1A79C71D5DC1C150B76B6ED11195DFC
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6D497DB33974935488761F7C4C3D755
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B752EF3300008394886C402CC27B474F
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B8C8BCC1206978D51A8B9EECBF806C53
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAD3576CEA646895B962F94754612791
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB4091512C8F4295E99CE2D061ED2020
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE6BBC9A31531F598794A62120B51C7
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C19162788CA4D235E829F88E2F771567
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C71F07DA356B66B5484A8E7F2ADEB7DC
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C96AD15EE8E887B56BAF2136A9088503
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9E6B66ECC49D155888399C51D05C49E
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA360F24F0B214744BE40657FDA0B727
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE85F265816AE2D4E9B73C3E207E679C
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5389AEEA4A1E20428D045E86BCF643B
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5B62BB7BC607FB539585E2B7B6AFD16
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB027F01D4D53765C8E4FBE7DB77E07E
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DC2EB492393411F5ABE8ED13C59FBF20
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDCA763D4C48A105086B4CCCEE78043F
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEF7558C7CD27EF46AF802AFBE402675
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E09F4A6B9D2A08B599AE9E38BFC93CD6
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E27B6535D0D94A24E91047C7D86F27BC
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E45D171E075A5425CBACF6631A45FA39
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E513C2076D90AD04F888BD762143F191
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8F4C985459564F5B8DCFF2B3C7EBD27
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E96E33222BAC06B57A1FA9D72951C945
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EAA46CE9007F70A5CAFA5F26E5DDEBE5
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE43FF091A8714A599F33EF2533FB59A
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE790015CF30DAA569960905FF1651A0
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EEB44C47185BD304D80FDF5A4BBE8F54
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F214EB834D2EC474CA76C1CDE306CF3A
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F25491036D0FA5D5FA6742F5742F151A
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F4D1BA8B482D9734E943EE260A7ADEF2
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F71371A90E93D605C8B0A71F163F625C
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7507D4D4C310125E9A22BD909A41FB6
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F79C21D785419125595AC59458A6142D
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA15C90F092A60F53A4E0F88CED02968
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA1CF130B3D58B553833ACB6BE8AFAD4
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB0F1A18E4F0DBD509A42F4D4C05C02A
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FD17ED194F1C2B457B4F6EF4AE8DEAF3
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{118D6CE9-5F18-42F9-958A-14676A629FDE}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chiave Eliminata : HKLM\Software\Umbrella
Valore Eliminata : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]

***** [Browser Internet] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registro Pulito.

-\\ Mozilla Firefox v18.0.2 (it)

File : C:\Documents and Settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\ixt2al24.default\prefs.js

C:\Documents and Settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\ixt2al24.default\user.js ... Eliminato !

Eliminata : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Eliminata : user_pref("ct3220468.UserID", "UN19851803208036425");
Eliminata : user_pref("smartbar.machineId", "GM++ZCBNAOI/RPYCBPUHD6RDBDZ/KTPEID6VTL33NLRDNOAPCCUEQNBIR+CVBD1UJTB[...]

*************************

AdwCleaner[R1].txt - [17408 octets] - [11/02/2013 23:19:52]
AdwCleaner[S1].txt - [403 octets] - [11/02/2013 23:21:09]
AdwCleaner[S2].txt - [17456 octets] - [11/02/2013 23:21:26]

########## EOF - C:\AdwCleaner[S2].txt - [17517 octets] ##########
sergiopcfacile
Utente Junior
 
Post: 13
Iscritto il: 11/02/13 22:20

Re: Presntazione e Richiesta aiuto

Postdi sergiopcfacile » 11/02/13 23:36

Codice: Seleziona tutto
OTL logfile created on: 11/02/2013 23.30.13 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Utente\Documenti\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
 
1015,23 Mb Total Physical Memory | 357,83 Mb Available Physical Memory | 35,25% Memory free
2,39 Gb Paging File | 1,85 Gb Available in Paging File | 77,44% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 232,88 Gb Total Space | 143,36 Gb Free Space | 61,56% Space Free | Partition Type: NTFS
Drive E: | 2,53 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: PC | User Name: Utente | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Documents and Settings\Utente\Documenti\Download\OTL.exe (OldTimer Tools)
PRC - C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\All Users\Documenti\Application\CurrentFile\ssadp.exe (ssadp)
PRC - C:\Programmi\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
PRC - C:\Programmi\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programmi\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Documents and Settings\All Users\Dati applicazioni\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Programmi\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programmi\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Programmi\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - C:\Programmi\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programmi\Samsung\Kies\Theme\Kies.Theme.dll ()
MOD - C:\Programmi\Samsung\Kies\Common\Kies.UI.dll ()
MOD - C:\Programmi\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll ()
MOD - C:\Programmi\Samsung\Kies\MVVM\Kies.MVVM.dll ()
MOD - C:\Programmi\Samsung\Kies\External\MediaModules\ASF_cSharpAPI.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0a440e96732b77ca47ff93717755932f\PresentationFramework.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\71b29c73d743a7b139b02b392329a6c5\PresentationCore.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\3cfaa253656ac602c3e57aeb90681ea1\WindowsBase.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\935b855860088a86bb65d37a19f059cc\Microsoft.VisualBasic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\50130ef751b98a4a11bd4ab73af7cab5\System.Data.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\e98726349766935ec0e9b980f19a046a\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_it_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll ()
MOD - C:\Programmi\CDBurnerXP\NMSAccessU.exe ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - (ServiceLayer) -- C:\Programmi\PC Connectivity Solution\ServiceLayer.exe File not found
SRV - (MozillaMaintenance) -- C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (LiveUpSC) -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\SoftwareUpdater\SoftwareUpdService.exe (SoftwareUpdService)
SRV - (SsupdService) -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\ssupd\ssupd.exe (SsupdService)
SRV - (SsroService) -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\ServiceManager\ssro.exe (SsroService)
SRV - (Skype C2C Service) -- C:\Documents and Settings\All Users\Dati applicazioni\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (SkypeUpdate) -- C:\Programmi\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (odserv) -- C:\Programmi\File comuni\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programmi\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (Apple Mobile Device) -- C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (NAUpdate) -- C:\Programmi\Nero\Update\NASvc.exe (Nero AG)
SRV - (NMSAccessU) -- C:\Programmi\CDBurnerXP\NMSAccessU.exe ()
SRV - (StarWindServiceAE) -- C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (ose) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (WDICA) --  File not found
DRV - (plmsf) -- System32\drivers\mhkfq.sys File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (catchme) -- C:\DOCUME~1\Utente\IMPOST~1\Temp\catchme.sys File not found
DRV - (aoucwj1i) --  File not found
DRV - (ssudobex) -- C:\WINDOWS\system32\drivers\ssudobex.sys (DEVGURU Co., LTD.(http://www.devguru.co.kr))
DRV - (ssudmdm) -- C:\WINDOWS\system32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(http://www.devguru.co.kr))
DRV - (dg_ssudbus) -- C:\WINDOWS\system32\drivers\ssudbus.sys (DEVGURU Co., LTD.(http://www.devguru.co.kr))
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys ()
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (Revoflt) -- C:\WINDOWS\system32\drivers\revoflt.sys (VS Revo Group)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)
DRV - (AR5211) -- C:\WINDOWS\system32\drivers\ar5211.sys (Atheros Communications, Inc.)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-343818398-1004336348-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-343818398-1004336348-1417001333-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-343818398-1004336348-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-343818398-1004336348-1417001333-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-343818398-1004336348-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.selectedEngine: "StartWeb"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: yesscript@userstyles.org:1.9
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1374
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programmi\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programmi\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programmi\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.633: C:\Programmi\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.633: C:\Programmi\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.633: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.633: C:\Programmi\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/02/13 10.51.22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2013/02/06 09.47.18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2013/02/06 09.47.09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Programmi\Mozilla Thunderbird\components [2013/01/10 09.39.02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Programmi\Mozilla Thunderbird\plugins
 
[2010/04/18 23.10.16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Utente\Dati applicazioni\Mozilla\Extensions
[2010/04/17 10.45.43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Utente\Dati applicazioni\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013/02/02 20.06.41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\ixt2al24.default\extensions
[2010/09/18 12.47.00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\ixt2al24.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/02/06 09.47.06 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2013/02/06 09.47.06 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programmi\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/02/06 09.47.18 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Programmi\mozilla firefox\components\browsercomps.dll
[2010/11/14 18.05.47 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\mozilla firefox\plugins\npdeployJava1.dll
[2012/12/05 16.15.04 | 000,001,606 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\amazon-it.xml
[2012/08/29 23.24.02 | 000,002,465 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\bing.xml
[2012/12/05 16.15.04 | 000,000,957 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\eBay-it.xml
[2012/12/05 16.15.04 | 000,001,030 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\hoepli.xml
[2013/01/10 14.08.36 | 000,002,147 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\StartWeb.xml
[2012/12/05 16.15.04 | 000,001,395 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\wikipedia-it.xml
[2012/12/05 16.15.04 | 000,001,166 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\yahoo-it.xml
 
O1 HOSTS File: ([2013/02/11 22.11.07 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Guida per l'accesso a Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programmi\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [MSC] c:\Programmi\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SsroService] C:\Documents and Settings\All Users\Documenti\Application\CurrentFile\ssadl.exe (ssadl)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Programmi\File comuni\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Programmi\File comuni\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-343818398-1004336348-1417001333-1003..\Run: [] C:\Programmi\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-343818398-1004336348-1417001333-1003..\Run: [AlcoholAutomount] C:\Programmi\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-343818398-1004336348-1417001333-1003..\Run: [KiesAirMessage] C:\Programmi\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-343818398-1004336348-1417001333-1003..\Run: [KiesPDLR] C:\Programmi\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-343818398-1004336348-1417001333-1003..\Run: [KiesPreload] C:\Programmi\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-343818398-1004336348-1417001333-1003..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-343818398-1004336348-1417001333-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-343818398-1004336348-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-343818398-1004336348-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-343818398-1004336348-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D6DC023-8D5C-424D-B18E-5248FC8E8356}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2A6C604B-2FAF-4F5D-8E6A-941383E3497C}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) -  File not found
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/10 19.54.38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/08/16 13.57.50 | 000,000,154 | R--- | M] () - E:\autorun.cfg -- [ UDF ]
O32 - AutoRun File - [2010/10/05 15.53.16 | 000,214,344 | R--- | M] (Sports Interactive) - E:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2006/09/11 14.26.42 | 000,000,027 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]
 
[2013/02/11 22.05.28 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/02/11 22.00.34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/02/11 22.00.34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/02/11 22.00.34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/02/11 22.00.34 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/02/11 22.00.21 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/02/11 21.59.54 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/02/06 09.47.05 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Firefox
[2013/02/05 09.35.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\VS Revo Group
[2013/02/05 09.35.38 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys
[2013/02/05 09.35.38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Revo Uninstaller Pro
[2013/02/05 09.35.36 | 000,000,000 | ---D | C] -- C:\Programmi\VS Revo Group
[2013/02/05 08.37.56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utente\Dati applicazioni\Malwarebytes
[2013/02/05 08.37.44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Malwarebytes' Anti-Malware
[2013/02/05 08.37.44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
[2013/02/05 08.37.43 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/02/05 08.37.42 | 000,000,000 | ---D | C] -- C:\Programmi\Malwarebytes' Anti-Malware
[2013/02/04 20.18.12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Utente\Recent
[2013/02/04 18.12.06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Utente\Menu Avvio\Programmi\Strumenti di amministrazione
[2013/02/02 19.35.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\sshelper
[2013/02/02 19.35.53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\ssupd
[2013/02/02 19.35.53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\ServiceManager
[2013/02/02 19.35.53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documenti\Application
[2013/02/02 12.46.11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\SoftwareUpdater
[2013/02/02 12.45.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\CRE
[2013/01/10 09.39.01 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Thunderbird
[2013/01/07 10.45.06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documenti\CrashDump
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]
 
[2013/02/11 23.28.00 | 000,001,130 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/11 23.28.00 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/11 23.23.19 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-343818398-1004336348-1417001333-1003.job
[2013/02/11 23.23.09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/11 22.11.07 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/02/11 22.05.33 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013/02/10 02.07.40 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2013/02/04 22.47.35 | 000,269,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/02 14.03.49 | 000,522,524 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2013/02/02 14.03.49 | 000,475,798 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/02 14.03.49 | 000,090,088 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2013/02/02 14.03.49 | 000,076,832 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/01/29 19.48.01 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-343818398-1004336348-1417001333-1003.job
[2013/01/29 08.49.59 | 000,002,284 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/01/07 10.41.48 | 000,001,607 | ---- | M] () -- C:\Documents and Settings\Utente\Desktop\Samsung Kies (Lite).lnk
[2012/12/23 15.00.07 | 000,000,934 | ---- | M] () -- C:\Documents and Settings\Utente\Documenti\Cartelle condivise.lnk
[2012/12/17 21.45.09 | 000,008,319 | ---- | M] () -- C:\Documents and Settings\Utente\Desktop\116_GIORDANO_01.pdf
[2012/12/15 18.03.42 | 000,127,024 | ---- | M] () -- C:\Documents and Settings\Utente\Desktop\Contatti001.spb
[2012/12/15 15.23.01 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/12/14 16.49.28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/02/11 22.05.33 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013/02/11 22.05.31 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2013/02/11 22.00.34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/02/11 22.00.34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/02/11 22.00.34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/02/11 22.00.34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/02/11 22.00.34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/02/04 22.47.35 | 000,269,392 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/01/07 13.28.18 | 001,062,520 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
[2013/01/07 10.41.47 | 000,001,607 | ---- | C] () -- C:\Documents and Settings\Utente\Desktop\Samsung Kies (Lite).lnk
[2012/12/17 21.45.09 | 000,008,319 | ---- | C] () -- C:\Documents and Settings\Utente\Desktop\116_GIORDANO_01.pdf
[2012/12/15 18.03.41 | 000,127,024 | ---- | C] () -- C:\Documents and Settings\Utente\Desktop\Contatti001.spb
[2012/05/06 10.52.51 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/31 00.15.44 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2012/01/31 00.15.42 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012/01/31 00.15.42 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012/01/31 00.15.42 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012/01/31 00.15.42 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2010/09/26 17.44.40 | 003,909,743 | ---- | C] () -- C:\Documents and Settings\Utente\Dati applicazioni\Bruno Mars - Just the Way You Are 2010.zip
[2010/06/06 19.44.49 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2010/04/13 21.23.00 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 18.13.52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 11.51.43 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 18.13.58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/04/17 11.01.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Acronis
[2012/05/06 10.53.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVG10
[2011/05/06 16.18.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\avg9
[2010/04/20 23.27.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Canneverbe Limited
[2011/03/15 19.55.54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Common Files
[2010/05/24 10.38.39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Installations
[2012/05/06 10.52.21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MFAData
[2010/05/24 11.18.21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Nokia
[2010/05/24 10.16.04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PC Suite
[2012/04/01 08.20.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Samsung
[2010/11/23 12.40.27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Sports Interactive
[2010/05/22 09.33.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/02/12 17.50.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\Burraconline
[2010/04/20 23.27.37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\Canneverbe_Limited
[2010/05/24 10.29.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\Nokia
[2010/05/24 10.16.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\PC Suite
[2012/09/03 10.57.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\Samsung
[2010/11/23 12.39.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\Sports Interactive
[2012/06/24 13.30.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\Temp
[2010/04/17 10.23.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utente\Dati applicazioni\Thunderbird
 
[color=#E56717]========== Purity Check =========[/color]
 
 

< End of report >
sergiopcfacile
Utente Junior
 
Post: 13
Iscritto il: 11/02/13 22:20

Re: Presntazione e Richiesta aiuto

Postdi sergiopcfacile » 11/02/13 23:37

Codice: Seleziona tutto
OTL Extras logfile created on: 11/02/2013 23.30.13 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Utente\Documenti\Download
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
 
1015,23 Mb Total Physical Memory | 357,83 Mb Available Physical Memory | 35,25% Memory free
2,39 Gb Paging File | 1,85 Gb Available in Paging File | 77,44% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 232,88 Gb Total Space | 143,36 Gb Free Space | 61,56% Space Free | Partition Type: NTFS
Drive E: | 2,53 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: PC | User Name: Utente | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-343818398-1004336348-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programmi\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programmi\Windows Live\Messenger\msnmsgr.exe" = C:\Programmi\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programmi\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programmi\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programmi\Microsoft Office\Office12\GROOVE.EXE" = C:\Programmi\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Programmi\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programmi\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Programmi\Windows Live\Messenger\msnmsgr.exe" = C:\Programmi\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Programmi\Sports Interactive\Football Manager 2011\fm.exe" = C:\Programmi\Sports Interactive\Football Manager 2011\fm.exe:*:Enabled:Football Manager 2011 -- (Sports Interactive)
"C:\Programmi\iTunes\iTunes.exe" = C:\Programmi\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programmi\Skype\Phone\Skype.exe" = C:\Programmi\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{082EA2B7-C14C-4D48-8527-EF8375E99EBE}" = Burraconline CLIENT
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Strumento di caricamento di Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2ACE4349-FEF2-44DA-BE12-325D44F32FA8}_is1" = PowerOffer 3.0
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{373CDA0D-A5B1-4BCB-8E74-C6337DC4A259}" = Microsoft .NET Framework 2.0 Language Pack - ITA
"{39AE27EE-A148-48A3-B98D-35498C4D9719}" = Windows Live Messenger
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client IT-IT Language Pack
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.9
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F695BCF-9BDC-48AB-8D46-D57CFAD7A248}" = Assistente per l'accesso a Windows Live
"{700E7401-08F3-4764-B30D-C84073632054}" = Application Suite
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7462E859-C453-4E08-BE0D-7D5E13E4CD1F}" = Microsoft Antimalware Service IT-IT Language Pack
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90120000-0010-0410-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (Italian) 12
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2007
"{90120000-0044-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_ENTERPRISE_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2007
"{90120000-00BA-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CEB017E-CC16-4C89-B9E4-AAB5A1DD12F9}" = Windows Live Essentials
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1040-7B44-A95000000001}" = Adobe Reader 9.5.1 - Italiano
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C3C640B8-95B6-40AE-A058-BE4896CD3010}" = Windows Live Call
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DCD22647-6D31-479D-8F97-16D0AA934D9E}" = PC Connectivity Solution
"{E31A24A7-CF73-42B7-8FA1-26644296C9E3}" = Windows Live Mail
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"504244733D18C8F63FF584AEB290E3904E791693" = Pacchetto driver Windows - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Football Manager 2011" = Football Manager 2011
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.70.0.1100
"Microsoft .NET Framework 2.0 Language Pack - ITA" = Microsoft .NET Framework 2.0 - Language Pack (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 18.0.2 (x86 it)" = Mozilla Firefox 18.0.2 (x86 it)
"Mozilla Thunderbird 17.0.2 (x86 it)" = Mozilla Thunderbird 17.0.2 (x86 it)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"RealPlayer 12.0" = RealPlayer
"VLC media player" = VLC media player 1.1.4
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR gestione archivi
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-343818398-1004336348-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 07/02/2013 2.44.40 | Computer Name = PC | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido
 
Error - 07/02/2013 18.11.15 | Computer Name = PC | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido
 
Error - 08/02/2013 8.19.10 | Computer Name = PC | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido
 
Error - 09/02/2013 3.44.31 | Computer Name = PC | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido
 
Error - 09/02/2013 15.23.06 | Computer Name = PC | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido
 
Error - 10/02/2013 5.02.05 | Computer Name = PC | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido
 
Error - 10/02/2013 14.36.50 | Computer Name = PC | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido
 
Error - 11/02/2013 4.08.10 | Computer Name = PC | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido
 
Error - 11/02/2013 14.30.03 | Computer Name = PC | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido
 
Error - 11/02/2013 18.25.39 | Computer Name = PC | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido
 
[ System Events ]
Error - 11/02/2013 4.08.15 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Servizio Microsoft Antimalware Service terminato con l'errore:   %%2147949456
 
Error - 11/02/2013 14.29.55 | Computer Name = PC | Source = Service Control Manager | ID = 7022
Description = Servizio Ssro Service bloccato in partenza.
 
Error - 11/02/2013 14.29.55 | Computer Name = PC | Source = Service Control Manager | ID = 7022
Description = Servizio Ssupd Service bloccato in partenza.
 
Error - 11/02/2013 14.30.05 | Computer Name = PC | Source = Microsoft Antimalware | ID = 5101
Description = Il periodo di prova di %%860 è scaduto. Protezione da virus, spyware
 e altro software potenzialmente indesiderato disabilitata.     Motivo della scadenza:
 %%873     Data di scadenza (UTC): 06/06/2012 18.38.39     Codice dell'errore: 0x80071b90     Descrizione
 dell'errore: Licenza del sistema scaduta. Richiesta di accesso negata.
 
Error - 11/02/2013 14.30.07 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Servizio Microsoft Antimalware Service terminato con l'errore:   %%2147949456
 
Error - 11/02/2013 17.00.11 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio Skype C2C Service. Questo evento
 si è già verificato 1 volta(e).
 
Error - 11/02/2013 18.25.32 | Computer Name = PC | Source = Service Control Manager | ID = 7022
Description = Servizio Ssro Service bloccato in partenza.
 
Error - 11/02/2013 18.25.32 | Computer Name = PC | Source = Service Control Manager | ID = 7022
Description = Servizio Ssupd Service bloccato in partenza.
 
Error - 11/02/2013 18.25.42 | Computer Name = PC | Source = Microsoft Antimalware | ID = 5101
Description = Il periodo di prova di %%860 è scaduto. Protezione da virus, spyware
 e altro software potenzialmente indesiderato disabilitata.     Motivo della scadenza:
 %%873     Data di scadenza (UTC): 06/06/2012 18.38.39     Codice dell'errore: 0x80071b90     Descrizione
 dell'errore: Licenza del sistema scaduta. Richiesta di accesso negata.
 
Error - 11/02/2013 18.25.45 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = Servizio Microsoft Antimalware Service terminato con l'errore:   %%2147949456
 
 
< End of report >
sergiopcfacile
Utente Junior
 
Post: 13
Iscritto il: 11/02/13 22:20

Re: Presntazione e Richiesta aiuto

Postdi sergiopcfacile » 11/02/13 23:37

Fatto....verdetto?
Il mio pc è da buttare?
sergiopcfacile
Utente Junior
 
Post: 13
Iscritto il: 11/02/13 22:20

Re: Presntazione e Richiesta aiuto

Postdi sergiopcfacile » 11/02/13 23:46

Adw cleaner ha trovato e eliminato altri file iminent!!! Ma cos'è????
sergiopcfacile
Utente Junior
 
Post: 13
Iscritto il: 11/02/13 22:20

Re: Presntazione e Richiesta aiuto

Postdi sergiopcfacile » 12/02/13 09:45

Nessun aiuto?
:(
sergiopcfacile
Utente Junior
 
Post: 13
Iscritto il: 11/02/13 22:20

Re: Presntazione e Richiesta aiuto

Postdi sergiopcfacile » 12/02/13 20:36

Chi valuta i miei "risultati"?
Grazie
sergiopcfacile
Utente Junior
 
Post: 13
Iscritto il: 11/02/13 22:20

Re: Presntazione e Richiesta aiuto

Postdi Luke57 » 13/02/13 09:33

Apri otl.exe, copia e incolla il seguente script in neretto sul box bianco del programma:

:OTL
SRV - (MozillaMaintenance) -- C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (LiveUpSC) -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\SoftwareUpdater\SoftwareUpdService.exe (SoftwareUpdService)
SRV - (SsupdService) -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\ssupd\ssupd.exe (SsupdService)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - No CLSID value found.
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found
[2013/02/02 19.35.53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\ssupd
[2013/02/02 19.35.53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\ServiceManager
[2013/02/02 12.46.11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\SoftwareUpdater
[2010/05/22 09.33.28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

:Commands
empytemp


premi runfix e riavvia il computer. Posta il report delle eliminazioni.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Re: Presntazione e Richiesta aiuto

Postdi sergiopcfacile » 13/02/13 20:17

Ho copiato e premuto run fix. Ho riavviato ma purtroppo non ho salvato il risultato...come recuperarlo?
sergiopcfacile
Utente Junior
 
Post: 13
Iscritto il: 11/02/13 22:20

Re: Presntazione e Richiesta aiuto

Postdi Luke57 » 14/02/13 00:09

Dovresti trovarlo sul desktop, dove hai messo il programma.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Re: Presntazione e Richiesta aiuto

Postdi sergiopcfacile » 14/02/13 08:22

Dovrebbe essere questo...

Service MozillaMaintenance stopped successfully!
Service MozillaMaintenance deleted successfully!
C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe moved successfully.
Service LiveUpSC stopped successfully!
Service LiveUpSC deleted successfully!
C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\SoftwareUpdater\SoftwareUpdService.exe moved successfully.
Service SsupdService stopped successfully!
Service SsupdService deleted successfully!
C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\ssupd\ssupd.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\ deleted successfully.
C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\ssupd\settings folder moved successfully.
C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\ssupd folder moved successfully.
C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\ServiceManager\settings folder moved successfully.
C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\ServiceManager folder moved successfully.
C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\SoftwareUpdater\settings folder moved successfully.
C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\SoftwareUpdater folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86 folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86 folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\{429CAD59-35B1-4DBC-BB6D-1DB246563521} folder moved successfully.
========== COMMANDS ==========
Error: Unable to interpret <empytemp> in the current context!

OTL by OldTimer - Version 3.2.69.0 log created on 02132013_200838
sergiopcfacile
Utente Junior
 
Post: 13
Iscritto il: 11/02/13 22:20

Re: Presntazione e Richiesta aiuto

Postdi Luke57 » 14/02/13 09:38

Pk, hai sempre i problemi evidenziati precedentemente?
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10

Re: Presntazione e Richiesta aiuto

Postdi sergiopcfacile » 14/02/13 13:31

Per ora Iminent non lo vedo, ma anche dieci giorni fa, dopo aver utilizzato revo e un antimalware sono stato tranquillo per una settimana. Le pagine pubblicitarie invece si aprono, con una media sopportabile (una al giorno), come prima cmq.
E mi sembra che l'apertura sia abbastanza random, nel senso si aprono senza aprire nessun sito in particolare.

Devo fare altro?
Grazie!!!
sergiopcfacile
Utente Junior
 
Post: 13
Iscritto il: 11/02/13 22:20

Re: Presntazione e Richiesta aiuto

Postdi Luke57 » 14/02/13 17:53

Ciao, allora per adesso va bene così; in caso di problemi facci sapere.
Luke57
Moderatore
 
Post: 6415
Iscritto il: 11/08/05 19:10


Torna a Sicurezza e Privacy


Topic correlati a "Presntazione e Richiesta aiuto":

aiuto windows 10
Autore: mod360
Forum: Software Windows
Risposte: 1
aiuto installazione
Autore: mod360
Forum: Software Windows
Risposte: 3
aiuto x mobili
Autore: MarioLombardi
Forum: Forum off-topic
Risposte: 8

Chi c’è in linea

Visitano il forum: Nessuno e 84 ospiti