
sweet page

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

sweet page

Postdi maci » 31/01/14 19:53

Ciao a tutti nei gg scorsi mi siete stati molto utili per eliminare il problema delle pagine pubblicitarie che si aprono dasole adesso ho un altro problema quando apro IE mi si apre la pagine sweet page con il suo browser non rieso ad eliminarla annsche in opzioni internet cambio la home page con ma non si applica qualcuno puo aiutarmi tenendo presente che non sono un fenomeno e che le cose dovete chiarirle il meglio possibile, grazie PACE E BENE.
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00


Re: sweet page

Postdi shel » 31/01/14 19:56

ciao maci fai queste scansioni

Scarica Adwcleaner sul desktop: ... adwcleaner
Chiudi tutti i browser (è importante che siano chiusi: IE,Firefox, Chrome ecc...)
Clicca sul pulsante "Scan".
Finita la scansione clicca su "Clean"
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Postalo qui.

scarica OTL
Metti la spunta su SCAN ALL USERS.
Sotto output spunta minimal output
Clicca sulla freccettina di File Age e seleziona 60 Days
Metti la spunta a LOP Check and Purity Check.
A fine scansione OTL produrrà due file di log (OTL.txt ed Extras.txt)
Allegali qui nel forum
Utente Senior
Post: 1326
Iscritto il: 29/08/08 21:56

Re: sweet page

Postdi maci » 31/01/14 20:27

Scusa shel ma cliccando sul primo link general................. non mi si apre nulla continua a cercare ma niente come faccio? grazie
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00

Re: sweet page

Postdi maci » 31/01/14 20:53

# AdwCleaner v3.014 - Report created 31/01/2014 at 20:45:32
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : colors - ALFA
# Running from : C:\Users\colors\AppData\Local\Temp\nsb15B4.tmp\adwcleaner 3.014.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : CltMngSvc
Service Deleted : SProtection

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\BasicServe
Folder Deleted : C:\ProgramData\Iminent
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\SpeedUpMyPC
Folder Deleted : C:\Program Files\BasicServe
Folder Deleted : C:\Program Files\Iminent
Folder Deleted : C:\Program Files\IminentToolbar
Folder Deleted : C:\Program Files\Searchprotect
Folder Deleted : C:\Program Files\SimilarSites
Folder Deleted : C:\Program Files\Uniblue\SpeedUpMyPC
Folder Deleted : C:\Program Files\Common Files\Umbrella
Folder Deleted : C:\Users\colors\AppData\Local\Searchprotect
Folder Deleted : C:\Users\colors\AppData\Local\Temp\Iminent
Folder Deleted : C:\Users\colors\AppData\LocalLow\IminentToolbar
Folder Deleted : C:\Users\colors\AppData\Roaming\Iminent
Folder Deleted : C:\Users\colors\AppData\Roaming\IminentToolbar
Folder Deleted : C:\Users\colors\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\colors\AppData\Roaming\Uniblue\SpeedUpMyPC
Folder Deleted : C:\Users\colors\AppData\Roaming\Mozilla\Firefox\Profiles\954j3pqg.default\Extensions\
Folder Deleted : C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb
File Deleted : C:\Users\colors\AppData\Roaming\Mozilla\Firefox\Profiles\954j3pqg.default\Extensions\
File Deleted : C:\Users\colors\AppData\Roaming\Mozilla\Firefox\Profiles\954j3pqg.default\searchplugins\iminent.xml
File Deleted : C:\Users\colors\AppData\Roaming\Mozilla\Firefox\Profiles\954j3pqg.default\user.js

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\colors\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\colors\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Shortcut Disinfected : C:\Users\colors\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\colors\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\colors\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk
Shortcut Disinfected : C:\Users\colors\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\colors\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer (2).lnk
Shortcut Disinfected : C:\Users\colors\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pkhojieggfgllhllcegoffdcnmdeojgb
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Key Deleted : HKLM\SOFTWARE\Classes\esrv.iminentESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.iminentESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\I
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentappCore
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentdskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentHlpr
Key Deleted : HKLM\SOFTWARE\Classes\iminent.iminentHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99E71BF1-5F51-4AF9-830B-67015D59640D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2CC3C46-143B-4142-9D5A-B8543F0A6F55}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1FAFD711-ABF9-4F6A-8130-5166C7371427}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKLM\Software\BasicServe
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Umbrella
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v

[ File : C:\Users\colors\AppData\Roaming\Mozilla\Firefox\Profiles\954j3pqg.default\prefs.js ]

Line Deleted : user_pref("CT3309350.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://");

-\\ Google Chrome v

[ File : C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\preferences ]


AdwCleaner[R0].txt - [30337 octets] - [16/01/2014 13:31:28]
AdwCleaner[R1].txt - [1325 octets] - [16/01/2014 13:40:09]
AdwCleaner[R2].txt - [1196 octets] - [16/01/2014 13:49:51]
AdwCleaner[R3].txt - [1376 octets] - [17/01/2014 20:23:14]
AdwCleaner[R4].txt - [23280 octets] - [31/01/2014 20:43:12]
AdwCleaner[S0].txt - [31011 octets] - [16/01/2014 13:32:48]
AdwCleaner[S1].txt - [1390 octets] - [16/01/2014 13:43:23]
AdwCleaner[S2].txt - [1392 octets] - [17/01/2014 20:24:20]
AdwCleaner[S3].txt - [22809 octets] - [31/01/2014 20:45:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [22870 octets] ##########
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00

Re: sweet page

Postdi maci » 31/01/14 21:06

OTL logfile created on: 31/01/2014 20:56:18 - Run 1
OTL by OldTimer - Version Folder = C:\Users\colors\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

1,96 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,17% Memory free
3,92 Gb Paging File | 2,51 Gb Available in Paging File | 63,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,88 Gb Total Space | 98,42 Gb Free Space | 65,67% Space Free | Partition Type: NTFS
Drive D: | 70,00 Gb Total Space | 69,91 Gb Free Space | 99,87% Space Free | Partition Type: NTFS

Computer Name: ALFA | User Name: colors | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Users\colors\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\escsvc.exe (Seiko Epson Corporation)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wlrmdr.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
SRV - (EpsonCustomerResearchParticipation) -- C:\Program Files\epson\EpsonCustomerResearchParticipation\EPCP.exe (SEIKO EPSON CORPORATION)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe (
SRV - (EpsonScanSvc) -- C:\Windows\System32\escsvc.exe (Seiko Epson Corporation)
SRV - (VmbService) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys ( and
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS ( and
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (vodafone_K3805-z_cdc_ecm) -- C:\Windows\System32\drivers\vodafone_K3805-z_cdc_ecm.sys (Vodafone)
DRV - (vodafone_K3805-z_cdc_acm) -- C:\Windows\System32\drivers\vodafone_K3805-z_cdc_acm.sys (Vodafone)
DRV - (vodafone_K3805-z_dc_enum) -- C:\Windows\System32\drivers\vodafone_K3805-z_dc_enum.sys (Vodafone)
DRV - (vodafone_K3805-z_cpo) -- C:\Windows\System32\drivers\vodafone_K3805-z_cpo.sys (Vodafone)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {462be121-2b54-4218-bf00-b9bf8135b23f} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" ={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" ={searchTerms}&{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>;
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>;
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

IE - HKU\S-1-5-21-4105648700-3277945650-2585042511-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-4105648700-3277945650-2585042511-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-4105648700-3277945650-2585042511-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-4105648700-3277945650-2585042511-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKU\S-1-5-21-4105648700-3277945650-2585042511-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it-IT
IE - HKU\S-1-5-21-4105648700-3277945650-2585042511-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-21-4105648700-3277945650-2585042511-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-21-4105648700-3277945650-2585042511-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4105648700-3277945650-2585042511-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" ={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-4105648700-3277945650-2585042511-1000\..\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}: "URL" = ... BE36486&q={searchTerms}&SSPV=
IE - HKU\S-1-5-21-4105648700-3277945650-2585042511-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - "StartWeb"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\ C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\ disabled File not found
FF - HKLM\Software\MozillaPlugins\,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\ Update;version=3: C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ Update;version=9: C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\,version=1.0: C:\Users\colors\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2013/11/24 10:20:30 | 000,000,000 | ---D | M]

[2013/12/20 16:26:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\colors\AppData\Roaming\mozilla\Extensions
[2013/12/20 16:26:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\colors\AppData\Roaming\mozilla\Extensions\
[2014/01/31 20:45:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\colors\AppData\Roaming\mozilla\Firefox\Profiles\954j3pqg.default\extensions
[2014/01/31 16:07:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\colors\AppData\Roaming\mozilla\Firefox\Profiles\954j3pqg.default\extensions\staged
[2014/01/31 16:07:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\colors\AppData\Roaming\mozilla\Firefox\Profiles954j3pqg.default\extensions
[2014/01/31 16:07:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\colors\AppData\Roaming\mozilla\Firefox\Profiles954j3pqg.default\extensions\staged
[2012/10/11 12:56:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - Extension: Music Box Toolbar = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaiihjniipljfegaknmbkneamnoajd\29.1_0\
CHR - Extension: Documenti Google = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0\
CHR - Extension: Ricerca Google = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\\
CHR - Extension: AdBlock Premium = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj\\
CHR - Extension: Google Wallet = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\\
CHR - Extension: Gmail = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Music Box Toolbar = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaiihjniipljfegaknmbkneamnoajd\29.1_0\
CHR - Extension: Documenti Google = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0\
CHR - Extension: Ricerca Google = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\\
CHR - Extension: AdBlock Premium = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj\\
CHR - Extension: Google Wallet = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\\
CHR - Extension: Gmail = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe" File not found
O4 - HKLM..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s File not found
O4 - HKLM..\Run: [LXCTCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16 File not found
O4 - HKLM..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe" File not found
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-4105648700-3277945650-2585042511-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE0F13AD-31AC-4B99-8E47-4555654FCCCD}: DhcpNameServer =
O20 - AppInit_DLLs: (C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{60dab53a-1258-11e2-8a64-001377bff108}\Shell - "" = AutoRun
O33 - MountPoints2\{60dab53a-1258-11e2-8a64-001377bff108}\Shell\AutoRun\command - "" = G:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{60dab5fc-1258-11e2-8a64-001377bff108}\Shell - "" = AutoRun
O33 - MountPoints2\{60dab5fc-1258-11e2-8a64-001377bff108}\Shell\AutoRun\command - "" = G:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{60dab6cb-1258-11e2-8a64-001377bff108}\Shell - "" = AutoRun
O33 - MountPoints2\{60dab6cb-1258-11e2-8a64-001377bff108}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{cbe841a4-3d2f-11e3-bf41-001377bff108}\Shell - "" = AutoRun
O33 - MountPoints2\{cbe841a4-3d2f-11e3-bf41-001377bff108}\Shell\AutoRun\command - "" = F:\CMADownloader.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\ [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 60 Days ==========

[2014/01/31 20:43:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2014/01/31 20:42:54 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\Uniblue
[2014/01/31 20:42:54 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2014/01/31 20:42:38 | 000,000,000 | ---D | C] -- C:\Users\colors\Documents\Mobogenie
[2014/01/31 20:42:38 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\Mobogenie
[2014/01/31 20:41:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mobogenie
[2014/01/31 20:41:08 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
[2014/01/31 16:08:19 | 000,000,000 | ---D | C] -- C:\Program Files\SupTab
[2014/01/31 16:08:19 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginService
[2014/01/31 16:08:14 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM
[2014/01/31 15:55:21 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2014/01/24 21:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\BearShare Applications
[2014/01/20 13:36:08 | 000,000,000 | ---D | C] -- C:\Users\colors\Desktop\matrimonio maci roby
[2014/01/17 20:29:45 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/01/17 13:06:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014/01/17 13:05:54 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014/01/17 13:05:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/01/17 13:05:43 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014/01/17 13:05:43 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014/01/17 13:05:43 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014/01/17 13:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014/01/17 12:41:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014/01/17 12:34:19 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/01/17 12:34:19 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/01/17 12:25:27 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2014/01/16 13:31:21 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/16 12:40:38 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/01/15 07:31:15 | 002,349,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014/01/15 07:31:14 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2014/01/15 07:31:14 | 000,240,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014/01/15 07:31:14 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2014/01/12 17:21:05 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2014/01/12 17:21:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2014/01/12 17:21:05 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2014/01/12 17:21:05 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2014/01/12 17:21:04 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2014/01/12 17:21:03 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2014/01/12 17:21:03 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2014/01/12 17:21:03 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2014/01/12 17:21:03 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll
[2014/01/12 17:21:03 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2014/01/12 17:21:03 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll
[2014/01/12 17:21:03 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2014/01/12 17:21:03 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2014/01/12 17:21:03 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll
[2014/01/12 17:21:02 | 002,739,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2014/01/12 17:20:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/01/12 17:15:47 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/01/12 17:13:45 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2014/01/12 17:13:44 | 000,000,000 | ---D | C] -- C:\Intel
[2014/01/12 17:11:43 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2014/01/11 11:39:24 | 000,000,000 | ---D | C] -- C:\hijackthis
[2014/01/09 13:57:00 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\AVG
[2014/01/09 13:56:03 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2014/01/09 13:56:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2014/01/03 21:55:18 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\Mozilla
[2014/01/03 21:55:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/01/02 10:51:42 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\VirtualStore
[2013/12/24 22:43:39 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\driver
[2013/12/24 22:37:56 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\Carambis
[2013/12/20 12:31:50 | 000,000,000 | ---D | C] -- C:\Users\colors\.android
[2013/12/20 12:31:48 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\cache
[2013/12/17 13:26:50 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\AVAST Software
[2013/12/17 13:06:58 | 000,000,000 | ---D | C] -- C:\Program Files\Amazon
[2013/12/15 13:00:58 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/12/15 13:00:58 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/12/15 13:00:57 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/12/15 13:00:56 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013/12/15 13:00:56 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/12/15 13:00:56 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/12/15 13:00:56 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/12/15 13:00:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2013/12/15 13:00:55 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2013/12/15 13:00:55 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/12/15 13:00:55 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2013/12/15 13:00:54 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2013/12/15 13:00:52 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/12/15 13:00:50 | 004,243,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/12/14 13:02:06 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013/12/14 13:02:06 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013/12/14 13:02:05 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll
[2013/12/14 13:02:05 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013/12/14 13:02:05 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013/12/14 13:02:05 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/12/14 13:02:05 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2013/12/14 13:02:04 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013/12/14 13:02:04 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013/12/14 13:02:04 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/12/14 13:02:04 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013/12/14 13:02:04 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013/12/14 13:02:04 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013/12/14 13:02:04 | 000,238,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013/12/14 13:02:04 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/12/14 13:02:04 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013/12/14 13:02:04 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013/12/14 13:02:04 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013/12/14 13:02:04 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013/12/14 13:02:04 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013/12/14 13:02:03 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013/12/14 13:02:03 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013/12/14 13:02:03 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/12/14 13:02:03 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013/12/14 13:02:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2013/12/14 13:02:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013/12/14 13:02:03 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013/12/14 13:02:03 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013/12/14 13:02:03 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013/12/12 18:18:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/12/11 13:01:55 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2013/12/11 07:30:09 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2013/12/11 07:30:08 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2013/12/11 07:30:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013/12/11 07:29:56 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2013/12/11 07:29:56 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2013/12/10 11:57:07 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\Google

========== Files - Modified Within 60 Days ==========

[2014/01/31 21:00:00 | 000,000,268 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC Maintenance.job
[2014/01/31 20:56:20 | 000,010,832 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/31 20:56:20 | 000,010,832 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/31 20:51:00 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/31 20:48:58 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/31 20:48:45 | 000,000,262 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC Startup.job
[2014/01/31 20:48:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/31 20:48:16 | 1579,634,688 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/31 20:41:24 | 000,002,348 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog
[2014/01/31 20:21:07 | 000,000,936 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/01/31 20:15:00 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/31 18:41:07 | 000,741,518 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2014/01/31 18:41:07 | 000,654,346 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/31 18:41:07 | 000,147,540 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2014/01/31 18:41:07 | 000,122,218 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/31 17:08:02 | 000,000,028 | ---- | M] () -- C:\Users\colors\AppData\Roaming\mbam.context.scan
[2014/01/31 16:30:37 | 000,298,216 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/01/31 08:53:31 | 000,000,625 | ---- | M] () -- C:\Users\colors\Desktop\Gmail l'email di
[2014/01/31 07:39:15 | 000,000,506 | ---- | M] () -- C:\Users\colors\Desktop\Virgilio
[2014/01/24 14:14:58 | 000,034,133 | ---- | M] () -- C:\Users\colors\GLORIA DNA.odt
[2014/01/22 11:07:32 | 000,755,713 | ---- | M] () -- C:\Users\colors\certificato.png
[2014/01/17 17:19:19 | 000,001,882 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2014/01/17 13:05:34 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014/01/17 13:05:33 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014/01/17 13:05:33 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014/01/17 13:05:33 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014/01/17 12:41:56 | 000,001,956 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/01/17 12:34:19 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/01/17 12:34:19 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/01/11 20:04:21 | 000,023,335 | ---- | M] () -- C:\Users\colors\AppData\Roaming\UserTile.png
[2014/01/01 11:50:37 | 000,000,627 | ---- | M] () -- C:\Users\colors\Desktop\curriculum (2).lnk
[2013/12/21 11:15:07 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013/12/21 11:15:07 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013/12/21 11:15:07 | 000,069,240 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avnetflt.sys
[2013/12/21 11:15:07 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013/12/14 13:02:06 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013/12/14 13:02:06 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013/12/14 13:02:05 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsIntl.dll
[2013/12/14 13:02:05 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013/12/14 13:02:05 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013/12/14 13:02:05 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/12/14 13:02:05 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2013/12/14 13:02:04 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013/12/14 13:02:04 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013/12/14 13:02:04 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/12/14 13:02:04 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013/12/14 13:02:04 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013/12/14 13:02:04 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013/12/14 13:02:04 | 000,238,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013/12/14 13:02:04 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/12/14 13:02:04 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013/12/14 13:02:04 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013/12/14 13:02:04 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013/12/14 13:02:04 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013/12/14 13:02:04 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013/12/14 13:02:04 | 000,016,284 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013/12/14 13:02:03 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013/12/14 13:02:03 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013/12/14 13:02:03 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/12/14 13:02:03 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013/12/14 13:02:03 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2013/12/14 13:02:03 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013/12/14 13:02:03 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013/12/14 13:02:03 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013/12/14 13:02:03 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013/12/12 18:18:20 | 000,002,137 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

========== Files Created - No Company Name ==========

[2014/01/31 20:43:46 | 000,000,268 | ---- | C] () -- C:\Windows\tasks\SpeedUpMyPC Maintenance.job
[2014/01/31 20:43:45 | 000,000,262 | ---- | C] () -- C:\Windows\tasks\SpeedUpMyPC Startup.job
[2014/01/24 14:14:55 | 000,034,133 | ---- | C] () -- C:\Users\colors\GLORIA DNA.odt
[2014/01/22 11:07:31 | 000,755,713 | ---- | C] () -- C:\Users\colors\certificato.png
[2014/01/20 18:27:19 | 000,000,506 | ---- | C] () -- C:\Users\colors\Desktop\Virgilio
[2014/01/17 20:29:46 | 000,000,936 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/01/17 12:41:56 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/01/17 12:41:56 | 000,001,956 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/01/17 12:34:20 | 000,000,978 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/11 20:04:21 | 000,023,335 | ---- | C] () -- C:\Users\colors\AppData\Roaming\UserTile.png
[2014/01/01 11:50:37 | 000,000,627 | ---- | C] () -- C:\Users\colors\Desktop\curriculum (2).lnk
[2013/12/14 13:02:04 | 000,016,284 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013/12/12 18:18:20 | 000,002,137 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/10/04 18:08:47 | 000,001,664 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin
[2013/07/20 16:51:34 | 000,000,093 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2013/03/15 21:22:23 | 000,280,227 | ---- | C] () -- C:\Users\colors\PR.odp
[2013/03/05 11:01:50 | 000,131,447 | ---- | C] () -- C:\Users\colors\cud 2013.xps
[2013/02/27 12:57:50 | 000,000,028 | ---- | C] () -- C:\Users\colors\AppData\Roaming\mbam.context.scan
[2013/02/25 17:32:57 | 000,000,270 | RHS- | C] () -- C:\Users\colors\ntuser.pol
[2013/01/22 11:51:38 | 000,020,405 | ---- | C] () -- C:\Users\colors\ISCRIZIONE SCUOLA NIK.xps
[2012/12/03 10:00:20 | 000,017,136 | ---- | C] () -- C:\Windows\System32\sasnative32.exe
[2012/10/11 13:57:32 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXCTFXPU.DLL
[2012/10/11 12:27:13 | 000,000,048 | ---- | C] () -- C:\Windows\WinInit.Ini
[2012/10/11 08:38:08 | 000,045,056 | ---- | C] () -- C:\Windows\System32\lxctpmon.dll
[2011/04/18 14:39:56 | 000,226,364 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini



"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/10/11 13:59:51 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\5400 Series
[2012/12/08 12:16:11 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\APP_NAME_NON_STRING
[2013/12/17 13:26:50 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\AVAST Software
[2014/01/09 13:57:00 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\AVG
[2013/12/20 16:26:45 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\Canneverbe Limited
[2013/12/24 22:37:56 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\Carambis
[2013/12/24 22:43:39 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\driver
[2013/12/20 16:26:45 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\Epson
[2014/01/31 20:41:08 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
[2012/12/19 16:14:10 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\MusicNet
[2013/12/20 16:24:50 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\
[2012/12/08 12:20:19 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\PDF Architect
[2014/01/08 09:42:45 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\TFP
[2012/12/08 12:16:40 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\TuneUp Software
[2014/01/31 20:45:41 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\Uniblue
[2014/01/17 20:34:16 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\uTorrent
[2013/12/20 16:24:56 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\Vodafone
[2012/10/11 14:12:40 | 000,000,000 | ---D | M] -- C:\Users\SYSTEM\AppData\Roaming\5400 Series
[2012/10/11 13:58:06 | 000,000,000 | ---D | M] -- C:\Users\SYSTEM\AppData\Roaming\Coverpgs

========== Purity Check ==========

< End of report >
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00

Re: sweet page

Postdi maci » 31/01/14 21:07

OTL Extras logfile created on: 31/01/2014 20:56:18 - Run 1
OTL by OldTimer - Version Folder = C:\Users\colors\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

1,96 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,17% Memory free
3,92 Gb Paging File | 2,51 Gb Available in Paging File | 63,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,88 Gb Total Space | 98,42 Gb Free Space | 65,67% Space Free | Partition Type: NTFS
Drive D: | 70,00 Gb Total Space | 69,91 Gb Free Space | 99,87% Space Free | Partition Type: NTFS

Computer Name: ALFA | User Name: colors | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Advanced System Protector\filetypehelper.exe -scanunknown "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

"DisableNotifications" = 0
"EnableFirewall" = 1

"DisableNotifications" = 0
"EnableFirewall" = 1

"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

"{06A4310A-85EB-4884-BB9F-B719B46BE838}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0A8CBA59-F9C8-4476-BE20-60FE5CDD5F69}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0D92F662-6C0F-4122-A38B-61E667C1FE8E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0E894936-26D0-4C99-8C7E-748B91B3E1B9}" = lport=139 | protocol=6 | dir=in | app=system |
"{202E0FAD-3422-4B2B-AD6B-521A30FD9338}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{25C146C1-48CE-436B-964B-50F73534605A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{26D72A2A-CA33-49EB-9764-D33832B7BC2B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3235F47F-2E2A-4C9B-8AF8-1411527CD368}" = rport=139 | protocol=6 | dir=out | app=system |
"{361CDDC0-77A9-45D3-97D1-A2AB44AAE4C1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3CE8FD48-16E3-457D-9F14-D5DE95FEDA41}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4894E068-1D45-493E-9F87-8D0843D47AD3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5D8F337C-D310-4560-8AA6-029F1EA4DBA7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5FD5441B-50AF-47F3-86D4-474C7B8B466B}" = rport=138 | protocol=17 | dir=out | app=system |
"{6D4440E7-1EE9-4B99-B1B0-33DC7C3FAC70}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{762E8E5A-DB32-4AB7-8FAC-67036A13550B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C485907-6F53-46F7-96CA-5B3136F998BF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8D2ECE3F-B9C6-4F1A-9EAF-418300C6210D}" = rport=137 | protocol=17 | dir=out | app=system |
"{9D48F834-24D3-4910-B354-D532E1A35783}" = lport=138 | protocol=17 | dir=in | app=system |
"{C3C821AF-45EC-458D-B7F7-FAE5B087A30B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C53629A5-0BE7-4EF2-9D13-802336184B45}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CB40F47A-22B3-40D7-A292-919886107967}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{CD106467-E7B4-4F02-AB6F-EC39D0CABA41}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D23DF190-C26B-4FA2-B6B8-B69156FEDD3D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D38E7361-D79C-4B46-B5D2-FD5947CEEA59}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D8AB7E2C-534A-4B3C-92AF-9B8F54076C3C}" = rport=445 | protocol=6 | dir=out | app=system |
"{DEDA3B02-2CE2-449B-8D3F-29A74CF93248}" = lport=137 | protocol=17 | dir=in | app=system |
"{E2039497-1014-4F71-B3A2-FA440A08C53D}" = lport=445 | protocol=6 | dir=in | app=system |
"{E55C02FB-4709-402E-9698-9A3AAE816127}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E5D2DD5A-FF57-4F79-B71C-E4ED6B4F155F}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E7263D1E-A503-4EAF-B6DC-E80222395FA1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E91B0F14-B2CB-439E-8B79-AD9ADDFACDAE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

"{04B2845E-B092-4953-BF31-0D736A47C022}" = protocol=6 | dir=in | app=c:\program files\music toolbar\datamngr\srtool~1\ie\dtuser.exe |
"{078BB905-5043-4122-AD37-AA3F39AC1CE4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0904AA60-5BF3-4516-A4D0-4E237EBDCCA1}" = dir=in | app=c:\program files\iminent\iminent.messengers.exe |
"{0A6A90D9-811C-4436-AFAD-7A69E4E4BF0B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0D48CA1B-412C-4431-9BBE-F7F83FE05E6B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{120CF523-D923-4A9A-9B85-97AAE40D28FE}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{1D84061A-45D9-44DE-90D5-8DE8B821D14C}" = dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{1E642EF4-348E-4682-8477-FE4153D54021}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2475264A-73FE-434A-9839-5FB145364D40}" = dir=in | app=c:\program files\iminent\iminent.exe |
"{2488FEE1-4A5A-4969-91EB-E79986D9E75F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2F0995D1-ABB3-4507-9239-8A9F242896BB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4873971F-FBBF-483C-903C-EDCE115E69CA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4C32101A-290F-4AF2-8EDE-7AD21788197B}" = protocol=6 | dir=out | app=system |
"{59116F43-2BC5-452A-8CE2-61B1D2B5B0ED}" = protocol=17 | dir=in | app=c:\program files\music toolbar\datamngr\srtool~1\ie\dtuser.exe |
"{6461E942-9D96-49DA-BFE5-1ECCB42266E5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{74EFED57-38FB-42F5-96BB-19BDD4D7917C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7DF31BA4-5F5E-48E5-94E2-5B064FFE7B31}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{83EDF0FC-4BEC-4E4B-A405-D3413B1710DF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{93A6F829-BAE9-4E0A-B3D9-6F500D44A1E9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B69D3825-DB22-4C8B-988A-B5CBD85C598A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CE45729E-620D-4544-B25C-9FE3676782AF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D3B0D2EC-E4D3-4767-9C8A-114DE491C054}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D5516D0A-83A7-4FC7-BAA9-25ED7FA4FD90}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{F008A3DF-A97C-458B-8BF9-35F16029BCC3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{1CEEB652-474F-4130-B352-646FC69C040E}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{1E494BE6-7866-4AA0-A858-E19C20D0C0E0}C:\users\colors\appdata\roaming\utorrent\updates\3.3.1_29938.exe" = protocol=6 | dir=in | app=c:\users\colors\appdata\roaming\utorrent\updates\3.3.1_29938.exe |
"TCP Query User{68B58C14-C018-4759-A01A-619CC9EE2FED}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{F1F62C19-9A98-491F-896F-92B7A610F901}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{25C87688-C689-4483-8ADE-B1477A62F530}C:\users\colors\appdata\roaming\utorrent\updates\3.3.1_29938.exe" = protocol=17 | dir=in | app=c:\users\colors\appdata\roaming\utorrent\updates\3.3.1_29938.exe |
"UDP Query User{8A8FCCC2-4B2A-45D2-89DD-013F7EA01B26}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{9FB97708-9ACA-4FD3-9B95-776A5F4E36CA}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{D45F9EBA-3BB1-4BC6-9BC1-E25422194E8C}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

"{02A312B5-1542-47B6-BFE9-F51358C39E86}" = Epson Easy Photo Print 2
"{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}" = EpsonNet Config V4
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{2DC469DE-10BD-4032-AEB0-6E5D5B8225FD}_is1" = Emoticoons 1.0
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{520C1D80-935C-42B9-9340-E883849D804F}_is1" = DriverTuner
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{635E8116-E451-4E27-BF28-AD11C489D28E}_is1" = MyPcCleaner versione 1.0
"{695C8469-7822-4B31-A673-5ED84815B649}" = Epson E-Web Print
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite
"{6CE6E035-DC98-4330-906B-20D92DE1629F}" = Iminent
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F01524C-0676-4CC1-B4AE-64753C723391}" = Epson Event Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3B308B9-BE96-4334-816F-3D82B19A7DE2}" = Software Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1040-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Italiano
"{B26449A6-6007-4460-B4FE-C4776115BCEA}" = Epson Customer Research Participation
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B737A0D5-C4EC-4C2B-82B6-6DFE64ADF8B6}" = Snap.Do
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F91CF0E6-7B98-45DB-AE57-B6E09C40B364}" = 3.4
"{FE1FC5C3-6A09-4D3F-B084-6A5288AFE8F9}" = QuickEngine
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Avira AntiVir Desktop" = Avira Free Antivirus
"BearShare" = BearShare
"Bejeweled 2 Deluxe" = Bejeweled 2 Deluxe
"CCleaner" = CCleaner
"Epson Connect Guide" = Guida di Epson Connect
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"EPSON WF-2520 Series" = EPSON WF-2520 Series Printer Uninstall
"GeoGebra" = GeoGebra
"GeoGebra 4.2" = GeoGebra 4.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"QuickEngine 1.0.1" = QuickEngine
"WF-2520 Series Netg" = Epson Guida di rete WF-2520 Series
"WF-2520 Series Useg" = Epson Guida utente WF-2520 Series

========== HKEY_USERS Uninstall List ==========

"BearShare" = BearShare
"Occhio alle parole" = Erickson - Occhio alle parole
"Recupero in ortografia" = Erickson - Recupero in ortografia
"Sviluppare le abilità di letto-scrittura 2" = Erickson - Sviluppare le abilità di letto-scrittura 2

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 31/01/2014 12:02:08 | Computer Name = ALFA | Source = Windows Search Service | ID = 3029
Description =

Error - 31/01/2014 12:02:09 | Computer Name = ALFA | Source = Windows Search Service | ID = 3029
Description =

Error - 31/01/2014 12:02:09 | Computer Name = ALFA | Source = Windows Search Service | ID = 3028
Description =

Error - 31/01/2014 12:02:09 | Computer Name = ALFA | Source = Windows Search Service | ID = 3058
Description =

Error - 31/01/2014 12:02:09 | Computer Name = ALFA | Source = Windows Search Service | ID = 7010
Description =

Error - 31/01/2014 13:36:27 | Computer Name = ALFA | Source = VmbService | ID = 0
Description = conflictManagerTypeValue

Error - 31/01/2014 14:02:57 | Computer Name = ALFA | Source = VmbService | ID = 0
Description = conflictManagerTypeValue

Error - 31/01/2014 15:42:25 | Computer Name = ALFA | Source = VSS | ID = 8194
Description =

Error - 31/01/2014 15:43:04 | Computer Name = ALFA | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Servizi di crittografia: impossibile elaborare la chiamata OnIdentity()
nell'oggetto writer del sistema. Details: AddWin32ServiceFiles: Unable to back up
image of service Search Protect by Conduit Service since QueryServiceConfig API
failed System Error: Impossibile trovare il file specificato. .

Error - 31/01/2014 15:48:33 | Computer Name = ALFA | Source = VmbService | ID = 0
Description = conflictManagerTypeValue

[ System Events ]
Error - 31/01/2014 12:02:16 | Computer Name = ALFA | Source = DCOM | ID = 10005
Description =

Error - 31/01/2014 12:02:16 | Computer Name = ALFA | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 millisecondi) durante l'attesa della connessione del
servizio Windows Search.

Error - 31/01/2014 12:02:16 | Computer Name = ALFA | Source = Service Control Manager | ID = 7000
Description = Il servizio Windows Search non è stato avviato per il seguente errore:

Error - 31/01/2014 12:14:11 | Computer Name = ALFA | Source = DCOM | ID = 10000
Description =

Error - 31/01/2014 13:37:48 | Computer Name = ALFA | Source = DCOM | ID = 10000
Description =

Error - 31/01/2014 14:12:01 | Computer Name = ALFA | Source = DCOM | ID = 10000
Description =

Error - 31/01/2014 15:41:04 | Computer Name = ALFA | Source = Service Control Manager | ID = 7030
Description = Il servizio SProtection è contrassegnato come interattivo. Il sistema
non è configurato per consentire servizi interattivi. Questo servizio potrà non
funzionare correttamente.

Error - 31/01/2014 15:41:08 | Computer Name = ALFA | Source = Service Control Manager | ID = 7034
Description = Arresto imprevista del servizio Search Protect by Conduit Service.
Questo evento si è già verificato 1 volta(e).

Error - 31/01/2014 15:42:29 | Computer Name = ALFA | Source = Service Control Manager | ID = 7030
Description = Il servizio MgAssist Service è contrassegnato come interattivo. Il
sistema non è configurato per consentire servizi interattivi. Questo servizio potrà
non funzionare correttamente.

Error - 31/01/2014 15:52:24 | Computer Name = ALFA | Source = DCOM | ID = 10000
Description =

< End of report >
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00

Re: sweet page

Postdi maci » 31/01/14 21:11

Gia al primo passaggio mi si e' risolto il problema cmq ho fatto tutti e due le cose mi sembra che sia tutto ok ti ringrazio molto ancora una volta per la pazienza e per l'aiuto.PACE E BENE.
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00

Re: sweet page

Postdi shel » 31/01/14 21:46

fai anche questo

apri otl e copia questo poi premi run fix e posta il log che trovi C:\_OTL\MovedFiles

Codice: Seleziona tutto
IE - HKU\S-1-5-21-4105648700-3277945650-2585042511-1000\..\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}: "URL" = ... BE36486&q={searchTerms}&SSPV=
CHR - Extension: Music Box Toolbar = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaiihjniipljfegaknmbkneamnoajd\29.1_0\
O4 - HKLM..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe" File not found
O4 - HKLM..\Run: [LXCTCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16 File not found
O4 - HKLM..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe" File not found
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - File not found
[2014/01/31 20:42:38 | 000,000,000 | ---D | C] -- C:\Users\colors\Documents\Mobogenie
[2014/01/31 20:42:38 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\Mobogenie
[2014/01/31 20:41:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mobogenie
[2014/01/31 20:41:08 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
[2014/01/17 12:25:27 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2014/01/31 20:41:08 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl

ipconfig /flushdns /c


Utente Senior
Post: 1326
Iscritto il: 29/08/08 21:56

Torna a Sicurezza e Privacy

Topic correlati a "sweet page":

Chi c’è in linea

Visitano il forum: Nessuno e 28 ospiti