LoG

[rino86]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Win (2015-11-09 01:19:26)
Running from C:\Users\Win\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2015-07-02 17:32:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2593317539-1677974928-403903050-500 - Administrator - Disabled)
Guest (S-1-5-21-2593317539-1677974928-403903050-501 - Limited - Disabled)
Win (S-1-5-21-2593317539-1677974928-403903050-1000 - Administrator - Enabled) => C:\Users\Win

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2593317539-1677974928-403903050-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.4.0 - IObit)
Bit Che (HKLM-x32\...\{D9DA5C41-964F-455F-B5E7-3664519440E8}_is1) (Version: 2.0 RC 4 (Build 35) - Convivea, Inc.)
BlueStacks App Player (HKLM-x32\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 0.10.7.5601 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Freemake Audio Converter versione 1.1.4 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.4 - Ellora Assets Corporation)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.12.1498 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.3.0.5 - IObit)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware versione 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678) (HKLM-x32\...\{90120000-0016-0410-0000-0000000FF1CE}_PROPLUS_{9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}) (Version: - Microsoft)
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677) (HKLM-x32\...\{90120000-001A-0410-0000-0000000FF1CE}_PROPLUS_{2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}) (Version: - Microsoft)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0410-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669) (HKLM-x32\...\{90120000-0018-0410-0000-0000000FF1CE}_PROPLUS_{C76C02F1-B07F-4974-876A-A18DEC9887C8}) (Version: - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 Help - Aggiornamento (KB963665) (HKLM-x32\...\{90120000-001B-0410-0000-0000000FF1CE}_PROPLUS_{E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}) (Version: - Microsoft)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 it) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 it)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{1CA7ACD6-B21B-4240-AA05-4FC55F6E1040}) (Version: 8.3.465 - Nero AG)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Simple File Lister (HKLM-x32\...\Simple File Lister_is1) (Version: 1.0 - WittSoft)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.2 - IObit)
SpyHunter (HKLM-x32\...\{820C0EEB-9B12-4AD5-B39D-D15ED1DBDD06}) (Version: 4.5.11.3608 - Enigma Software Group USA, LLC)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

03-11-2015 15:47:03 AVG PC TuneUp 2015 rimosso
03-11-2015 15:47:56 AVG PC TuneUp 2015 (it-IT) rimosso
04-11-2015 21:49:47 Windows Update
06-11-2015 01:20:00 Microsoft Antimalware Checkpoint
07-11-2015 01:44:13 Installed Microsoft Fix it 50202
08-11-2015 12:02:20 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-11-09 01:10 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {041DD666-67DF-4704-BA61-AFE7F1CF48F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-29] (Adobe Systems Incorporated)
Task: {074F6AD6-D4AC-40B3-97D9-0438FA189E5E} - System32\Tasks\SpyHunter4Startup => C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {093338C8-3ED2-45AF-B91E-DB6CC72F66FD} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe [2015-07-20] (IObit)
Task: {205AE699-6A31-4421-ACC4-FD93E9FA6712} - \ProPCCleaner_Popup -> No File <==== ATTENTION
Task: {29B11BC2-4876-4153-B3BB-F330B6ABDEAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {46567140-C0D7-49C0-B8C7-290888DC13BD} - System32\Tasks\ASC8_SkipUac_Win => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-08-13] (IObit)
Task: {47AF7188-D85D-495D-80E3-09ACC816572D} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-03-03] (IObit)
Task: {5ED77E85-90A8-41F6-BA81-CDFB8242BDCC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {61305B95-2245-4894-8E40-AEB96E1DE1E4} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-08-12] (IObit)
Task: {6315EFD8-BE58-4665-AAD1-B53503A0D27A} - System32\Tasks\Driver Booster SkipUAC (Win) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {87BC300D-96EE-4E7A-A4A6-325F4794B674} - System32\Tasks\{A421A266-D278-40C0-AE4F-1BD37893342C} => pcalua.exe -a C:\Users\Win\Downloads\revouninstaller\revouninstaller-portable\Revouninstaller.exe -d C:\Users\Win\Downloads\revouninstaller\revouninstaller-portable
Task: {A80B9121-57A4-4EA8-8D23-C7F85BE3E66C} - \uhy3013 -> No File <==== ATTENTION
Task: {C4B35702-A294-42D1-82D8-F09E28E177FC} - \ProPCCleaner_Start -> No File <==== ATTENTION
Task: {CC6F930D-32F0-4B74-8A25-501C7995998A} - System32\Tasks\Uninstaller_SkipUac_Win => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-05-20] (IObit)
Task: {E8BB97A0-BC1B-4964-BD76-7E845D669586} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {F4B15699-A83F-42D2-956F-55E6CA8452D1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-04 20:25 - 2015-05-04 20:25 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-08-24 19:28 - 2015-08-24 19:28 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1040.dll
2015-11-03 15:38 - 2015-10-02 10:59 - 00074752 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2015-10-06 21:55 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Smart Defrag 4\webres.dll
2015-11-05 20:17 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2015-11-05 20:17 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-11-05 20:17 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-11-05 20:17 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-07-03 09:04 - 2012-05-10 14:03 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-10-29 14:47 - 2015-10-29 14:47 - 17599688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2593317539-1677974928-403903050-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Win\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HandyAndy.lnk => C:\Windows\pss\HandyAndy.lnk.CommonStartup
MSCONFIG\startupreg: Advanced SystemCare 8 => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0E657E2E-9A0A-4028-B031-217D3AD425F7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{DA08CC32-E7F9-4A05-BE55-36E8415A48D5}] => (Allow) LPort=2869
FirewallRules: [{19992BD9-2008-4B1C-AE64-6EDB29B502A9}] => (Allow) LPort=1900
FirewallRules: [{B93DA0AF-CEE5-46FC-BB83-E7616062D589}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{8AB91A10-B875-4771-8A81-2A8A8E245BBF}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{431C3B30-3326-4E44-AE67-9C127F3D52A1}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [TCP Query User{CC65D897-6591-49A2-981F-16D4C6F387BE}C:\users\win\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\win\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{DD2D363D-5896-4796-B164-D3C22292EA11}C:\users\win\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\win\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{789AD06E-1EA6-47A1-A435-200CEF19BFD9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AA6EEBBA-A669-44F1-A540-530510E71512}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5C6FA18E-5291-443F-A528-365B218031F6}] => (Allow) C:\Users\Win\AppData\Roaming\Andy\Setup.exe
FirewallRules: [{AF3EFC4A-86FC-4641-846B-7D2B6B8038AD}] => (Allow) C:\Users\Win\AppData\Roaming\Andy\Setup.exe
FirewallRules: [{4EA434F5-967D-4B3C-A2F8-6B78C295ED3D}] => (Allow) C:\Users\Win\Downloads\107t50_00_d2k_eng-64786775.exe
FirewallRules: [{03C4729A-9CD8-4103-8EEB-338D13783BE2}] => (Allow) C:\Users\Win\Downloads\107t50_00_d2k_eng-64786775.exe
FirewallRules: [{FB60C378-25DA-4A4F-8052-C4C7B6657849}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A364798B-519D-4A83-871D-1434499A071A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/09/2015 01:02:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2015 12:43:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/08/2015 08:33:36 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Handle non valido

Error: (11/08/2015 08:33:35 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Handle non valido

Error: (11/08/2015 11:51:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2015 08:57:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3016) (User: NT AUTHORITY)
Description: Impossibile aggiornare il valore Object List della chiave SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance. Il primo valore DWORD nella sezione Data contiene il codice di errore e il secondo valore DWORD contiene il valore aggiornato.

Error: (11/07/2015 08:57:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3016) (User: NT AUTHORITY)
Description: Impossibile aggiornare il valore First Help della chiave SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance. Il primo valore DWORD nella sezione Data contiene il codice di errore e il secondo valore DWORD contiene il valore aggiornato.

Error: (11/07/2015 08:57:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3016) (User: NT AUTHORITY)
Description: Impossibile aggiornare il valore First Counter della chiave SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance. Il primo valore DWORD nella sezione Data contiene il codice di errore e il secondo valore DWORD contiene il valore aggiornato.

Error: (11/07/2015 08:57:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3016) (User: NT AUTHORITY)
Description: Impossibile aggiornare il valore Last Help della chiave SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance. Il primo valore DWORD nella sezione Data contiene il codice di errore e il secondo valore DWORD contiene il valore aggiornato.

Error: (11/07/2015 08:57:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3016) (User: NT AUTHORITY)
Description: Impossibile aggiornare il valore Last Counter della chiave SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance. Il primo valore DWORD nella sezione Data contiene il codice di errore e il secondo valore DWORD contiene il valore aggiornato.


System errors:
=============
Error: (11/09/2015 01:10:10 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Il servizio PEVSystemStart è contrassegnato come interattivo. Il sistema non è configurato per consentire servizi interattivi. Questo servizio potrà non funzionare correttamente.

Error: (11/09/2015 01:09:50 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Caricamento del driver \??\C:\ComboFix\catchme.sys bloccato a causa di incompatibilità con il sistema in uso. Rivolgersi al fornitore del software per richiedere una versione compatibile del driver.

Error: (11/09/2015 01:08:08 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Il servizio PEVSystemStart è contrassegnato come interattivo. Il sistema non è configurato per consentire servizi interattivi. Questo servizio potrà non funzionare correttamente.

Error: (11/09/2015 01:04:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Freemake Improver. Questo evento si è già verificato 1 volta(e).

Error: (11/09/2015 01:00:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio Windows Live ID Sign-in Assistant non è stato avviato per il seguente errore:
%%109

Error: (11/09/2015 12:59:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Intel(R) Management and Security Application User Notification Service. Questo evento si è già verificato 1 volta(e).

Error: (11/09/2015 12:59:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Windows Search è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 30000 millisecondi: Riavvia il servizio.

Error: (11/09/2015 12:59:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Windows Live ID Sign-in Assistant è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 10000 millisecondi: Riavvia il servizio.

Error: (11/09/2015 12:59:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio PLFlash DeviceIoControl Service. Questo evento si è già verificato 1 volta(e).

Error: (11/09/2015 12:59:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Nero BackItUp Scheduler 3. Questo evento si è già verificato 1 volta(e).


CodeIntegrity:
===================================
Date: 2015-11-09 01:09:50.167
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.

Date: 2015-11-09 01:09:50.152
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.

Date: 2015-11-03 15:42:52.927
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

Date: 2015-11-03 15:42:52.835
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

Date: 2015-11-03 15:42:52.818
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

Date: 2015-11-03 15:42:52.772
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

Date: 2015-11-03 15:42:52.752
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

Date: 2015-11-03 15:42:52.705
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

Date: 2015-11-03 15:42:52.606
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

Date: 2015-11-03 15:42:52.593
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Percentage of memory in use: 49%
Total physical RAM: 3800.88 MB
Available physical RAM: 1909.19 MB
Total Virtual: 7599.97 MB
Available Virtual: 5712.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:411.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 465.8 GB) (Disk ID: 3B31E7DD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


Vorrei sapere se c'è qualche problema, e cosa devo fare..Grazie

[shel]

ciao hai postato il log diFarbar Recovery senza specificare niente, dai qualche notizia sul perche' hai aperto questa discussione
dovresti allegare anche il log FRST.txt

hai installato due programmi nocivi

ProPCCleaner

SpyHunter

fai anche una scansione con malwarebytes (scegli la versione free)
la scansione deve essere completa , alla fine seleziona tutto e clicca su rimuovi
ricorda di aggiornare il programma prima di effettuare la scansione e allega i due report

[Luke57]

@rino86
Per piacere, non iniziare una nuova discussione ogni volta. Se ha i problemi al pc, prosegui in questa discussione seguendo le indicazioni di Shel.

[rino86]

Ok, scusatemi..

[rino86]

Mi potete aiutare? ho fatto la seguente scansione:

ComboFix 15-12-07.01 - Win 09/12/2015 14:46:37.4.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.3801.2218 [GMT 1:00]
Eseguito da: c:\users\Win\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Win\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbyybes.dll
.
.
((((((((((((((((((((((((( Files Creati Da 2015-11-09 al 2015-12-09 )))))))))))))))))))))))))))))))))))
.
.
2015-12-09 13:51 . 2015-12-09 13:51 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-12-09 13:51 . 2015-12-09 13:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-12-09 13:16 . 2015-10-29 09:28 11138400 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CEE49C25-F904-4734-9C53-30901DE296C4}\mpengine.dll
2015-12-09 00:51 . 2015-12-09 13:30 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-09 00:51 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-12-09 00:51 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-12-09 00:51 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-12-09 00:51 . 2015-12-09 00:51 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-12-08 11:12 . 2015-12-08 11:12 -------- d-----w- c:\program files (x86)\Minecraft PC Gamer Demo
2015-12-08 11:11 . 2015-10-29 09:28 11138400 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-12-03 22:44 . 2015-12-07 16:28 -------- d-----w- c:\program files (x86)\Opera
2015-11-29 02:11 . 2015-11-29 23:04 -------- d-----w- c:\users\Win\AppData\Roaming\ProductData
2015-11-28 13:34 . 2015-11-28 19:40 -------- d-----w- c:\windows\system32\log
2015-11-27 23:17 . 2015-11-28 19:40 -------- d-----w- C:\searchplugins
2015-11-27 23:16 . 2015-11-29 01:24 -------- d-----w- c:\users\Win\AppData\Local\Lavasoft
2015-11-27 23:16 . 2015-11-29 02:04 -------- d-----w- c:\users\Win\AppData\Roaming\Lavasoft
2015-11-27 23:16 . 2015-11-27 23:16 425744 ----a-w- c:\windows\system32\LavasoftTcpService64.dll
2015-11-27 23:16 . 2015-11-27 23:16 345360 ----a-w- c:\windows\SysWow64\LavasoftTcpService.dll
2015-11-27 23:16 . 2015-11-27 23:16 -------- d-----w- c:\program files (x86)\Lavasoft
2015-11-27 23:09 . 2015-11-28 00:31 -------- d-----w- c:\programdata\Lavasoft
2015-11-23 14:13 . 2015-12-08 20:44 -------- d-----w- C:\AdwCleaner
2015-11-18 17:28 . 2015-11-19 18:24 -------- d-----w- c:\users\Win\AppData\Local\Microsoft Games
2015-11-17 16:43 . 2015-12-09 13:43 -------- d-----r- c:\users\Win\Dropbox
2015-11-17 16:40 . 2015-11-17 16:40 -------- d-----w- c:\users\Win\AppData\Roaming\Dropbox
2015-11-17 16:39 . 2015-11-17 16:41 -------- d-----w- c:\program files (x86)\Dropbox
2015-11-17 16:39 . 2015-12-09 13:43 -------- d-----w- c:\users\Win\AppData\Local\Dropbox
2015-11-17 16:39 . 2015-11-17 16:39 -------- d-----w- c:\programdata\Dropbox
2015-11-14 00:06 . 2015-11-14 00:06 -------- d-----w- c:\program files\Common Files\AV
2015-11-14 00:02 . 2015-11-26 15:36 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2015-11-14 00:02 . 2015-11-26 15:37 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2015-11-12 22:26 . 2015-11-29 23:04 -------- d-----w- c:\programdata\UltraZip
2015-11-12 22:19 . 2015-12-01 13:22 -------- d-----w- c:\program files (x86)\UltraZip
2015-11-12 22:18 . 2015-11-12 22:19 -------- d-----w- c:\users\Win\AppData\Roaming\ImgBurn
2015-11-12 22:14 . 2015-11-12 22:15 -------- d-----w- c:\program files (x86)\ImgBurn
2015-11-12 22:08 . 2015-11-12 22:08 -------- d-----w- c:\program files\Unknown Device Identifier
2015-11-11 17:14 . 2015-11-11 17:14 -------- d-----w- c:\program files (x86)\Smart PC Solutions
2015-11-11 13:47 . 2015-11-11 13:47 -------- d-----w- c:\users\Win\AppData\Local\Apple Computer
2015-11-11 13:46 . 2015-11-11 13:46 -------- d-----w- c:\program files\iPod
2015-11-11 13:46 . 2015-11-11 13:46 -------- d-----w- c:\program files (x86)\iTunes
2015-11-11 13:46 . 2015-11-11 13:47 -------- d-----w- c:\program files\iTunes
2015-11-11 13:46 . 2015-11-11 13:46 -------- d-----w- c:\programdata\Apple Computer
2015-11-11 13:45 . 2015-11-11 13:45 -------- d-----w- c:\users\Win\AppData\Local\Apple
2015-11-11 13:45 . 2015-11-11 13:45 -------- d-----w- c:\program files (x86)\Apple Software Update
2015-11-11 13:44 . 2015-11-12 17:19 -------- d-----w- c:\program files (x86)\Bonjour
2015-11-11 13:44 . 2015-11-11 13:44 -------- d-----w- c:\program files\Bonjour
2015-11-11 13:44 . 2015-11-11 13:46 -------- d-----w- c:\program files\Common Files\Apple
2015-11-11 13:44 . 2015-11-11 13:45 -------- d-----w- c:\program files (x86)\Common Files\Apple
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-09 13:53 . 2015-12-09 13:53 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CEE49C25-F904-4734-9C53-30901DE296C4}\offreg.960.dll
2015-12-09 03:39 . 2010-11-21 03:27 301728 ------w- c:\windows\system32\MpSigStub.exe
2015-12-08 18:52 . 2015-10-29 13:47 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-12-08 18:52 . 2015-10-29 13:47 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-11-29 02:17 . 2015-08-28 13:31 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-11-02 14:11 . 2015-11-02 14:11 110080 ----a-r- c:\users\Win\AppData\Roaming\Microsoft\Installer\{820C0EEB-9B12-4AD5-B39D-D15ED1DBDD06}\IconCF33A0CE.exe
2015-11-02 14:11 . 2015-11-02 14:11 110080 ----a-r- c:\users\Win\AppData\Roaming\Microsoft\Installer\{820C0EEB-9B12-4AD5-B39D-D15ED1DBDD06}\IconF7A21AF7.exe
2015-11-02 14:11 . 2015-11-02 14:11 110080 ----a-r- c:\users\Win\AppData\Roaming\Microsoft\Installer\{820C0EEB-9B12-4AD5-B39D-D15ED1DBDD06}\IconD7F16134.exe
2015-10-28 14:56 . 2015-10-28 14:56 14800 ----a-w- c:\windows\WiseHDInfo64.dll
2015-10-27 17:43 . 2015-07-03 07:26 145617392 ----a-w- c:\windows\system32\MRT.exe
2015-10-26 06:53 . 2015-11-02 22:30 28960 ----a-w- c:\windows\system32\RegBootDefrag.exe
2015-10-24 22:05 . 2015-10-24 22:05 986368 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2015-10-24 22:05 . 2015-10-24 22:05 100000 ----a-w- c:\windows\system32\RtNicProp64.dll
2015-10-24 22:05 . 2015-07-03 08:14 133760 ----a-w- c:\windows\system32\RTNUninst64.dll
2015-10-06 20:55 . 2015-10-06 20:55 26528 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2015-09-15 08:52 . 2015-09-15 08:52 113880 ----a-w- c:\windows\system32\drivers\6A786962.sys
2015-09-14 11:40 . 2015-09-14 11:40 113880 ----a-w- c:\windows\system32\drivers\17531C47.sys
2015-09-13 08:30 . 2015-09-13 08:30 113880 ----a-w- c:\windows\system32\drivers\64A53C51.sys
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46 198464 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46 198464 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46 198464 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46 198464 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46 198464 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46 198464 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46 198464 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46 198464 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotPostWindows10UpgradeReInstall"="c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [2015-07-28 1011200]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-12-12 1840424]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-10-19 8551848]
"BingSvc"="c:\users\Win\AppData\Local\Microsoft\BingSvc\BingSvc.exe" [2015-11-12 144008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ProductUpdater"="c:\program files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe" [2015-10-02 74752]
"NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-12-02 2221352]
"Dropbox"="c:\program files (x86)\Dropbox\Client\Dropbox.exe" [2015-11-04 36713096]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2015-10-08 917112]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-11-09 596528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0?????????????
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R0 hitmanpro37duringboot;hitmanpro37duringboot;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dbupdate;Servizio Aggiornamento Dropbox (dbupdate);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 uzupd;UltraZip Updater;c:\program files (x86)\UltraZip\uzupd.exe;c:\program files (x86)\UltraZip\uzupd.exe [x]
R3 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 dbupdatem;Servizio Aggiornamento Dropbox (dbupdatem);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 esgiguard;esgiguard;c:\program files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WiseHDInfo;WiseHDInfo;c:\windows\WiseHDInfo64.dll;c:\windows\WiseHDInfo64.dll [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LavasoftTcpService;LavasoftTcpService;c:\program files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe;c:\program files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 SearchProtectionService;IE Search Set;c:\program files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe;c:\program files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 uzsvc;UltraZip Service;c:\program files (x86)\UltraZip\uzsvc.exe;c:\program files (x86)\UltraZip\uzsvc.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-12-04 19:34 1000264 ----a-w- c:\program files (x86)\Google\Chrome\Application\47.0.2526.73\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2015-11-18 16:22 286904 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Contenuto della cartella 'Scheduled Tasks'
.
2015-12-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-29 18:52]
.
2015-12-09 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-17 16:39]
.
2015-12-09 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-17 16:39]
.
2015-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-11-13 15:42]
.
2015-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-11-13 15:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46 236352 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46 236352 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46 236352 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46 236352 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46 236352 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46 236352 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46 236352 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46 236352 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2015-11-11 8712960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-07-03 440640]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-10-16 170256]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-07-03 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-07-03 398656]
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Win\AppData\Roaming\Mozilla\Firefox\Profiles\smyf9prf.default\
FF - prefs.js: browser.search.selectedEngine - Bing®
FF - prefs.js: browser.startup.homepage - google.it
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\SysWOW64\IoctlSvc.exe
c:\program files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Ora fine scansione: 2015-12-09 14:56:34 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2015-12-09 13:56
ComboFix2.txt 2015-11-29 02:02
ComboFix3.txt 2015-09-29 18:10
.
Pre-Run: 437.042.499.584 byte disponibili
Post-Run: 436.729.937.920 byte disponibili
.
- - End Of File - - C7A6F3F2D25CC8F5260625674FA3FD80
A36C5E4F47E84449FF07ED3517B43A31

[davide72]

qual' è il problema?

[rino86]

Ho fatto una scansione con Malwarebytes, mi ha rilevato i seguenti virus:

Malwarebytes Anti-Malware
www.malwarebytes.org

Data scansione: 09/12/2015
Ora scansione: 17:39
File di log: LOG.txt
Amministratore: Sì

Versione: 2.2.0.1024
Database malware: v2015.12.09.04
Database rootkit: v2015.12.07.01
Licenza: Gratuito
Protezione da malware: Disattivata
Protezione da siti web nocivi: Disattivata
Auto-protezione: Disattivata

SO: Windows 7 Service Pack 1
CPU: x64
File system: NTFS
Utente: Win

Tipo di scansione: Ricerca elementi nocivi
Risultati: Completata
Elementi analizzati: 359070
Tempo impiegato: 9 min, 17 sec

Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Disattivata
Euristiche: Disattivata
PUP: Avviso
PUM: Attivata

Processi: 0
(Nessun elemento nocivo rilevato)

Moduli: 0
(Nessun elemento nocivo rilevato)

Chiavi di registro: 0
(Nessun elemento nocivo rilevato)

Valori di registro: 0
(Nessun elemento nocivo rilevato)

Dati di registro: 0
(Nessun elemento nocivo rilevato)

Cartelle: 3
PUP.Optional.ArcadeCandy.PrxySvrRST, C:\Users\Win\AppData\Local\Google\Chrome\User Data\Default\Extensions\lebmkjafnodbnhbahbgdollaaabcmpbh, In quarantena, [cc3cc4df08833df943c2495491719b65],
PUP.Optional.ArcadeCandy.PrxySvrRST, C:\Users\Win\AppData\Local\Google\Chrome\User Data\Default\Extensions\lebmkjafnodbnhbahbgdollaaabcmpbh\1.0.201_0, In quarantena, [cc3cc4df08833df943c2495491719b65],
PUP.Optional.ArcadeCandy.PrxySvrRST, C:\Users\Win\AppData\Local\Google\Chrome\User Data\Default\Extensions\lebmkjafnodbnhbahbgdollaaabcmpbh\1.0.201_0\_metadata, In quarantena, [cc3cc4df08833df943c2495491719b65],

File: 2
PUP.Optional.ArcadeCandy.PrxySvrRST, C:\Users\Win\AppData\Local\Google\Chrome\User Data\Default\Extensions\lebmkjafnodbnhbahbgdollaaabcmpbh\1.0.201_0\_metadata\computed_hashes.json, In quarantena, [cc3cc4df08833df943c2495491719b65],
PUP.Optional.ArcadeCandy.PrxySvrRST, C:\Users\Win\AppData\Local\Google\Chrome\User Data\Default\Extensions\lebmkjafnodbnhbahbgdollaaabcmpbh\1.0.201_0\_metadata\verified_contents.json, In quarantena, [cc3cc4df08833df943c2495491719b65],

Settori fisici: 0
(Nessun elemento nocivo rilevato)


(end)

[davide72]

rimuovi dalla quarantena quelle voci, poi impostazioni >rilevamento e protezione , metti la spunta su analisi euristica
poi in protezione da "non malware PUP e PUM" seleziona dalla tendina "gestisci i rilevamenti come malware" quindi chiudi e riavvia il pc il modalità provvisoria , riesegui malwarebyte e clicca scansione personalizzata >configura scansione , seleziona il disco C , spunta rootkit , gestisci i rilevamenti come malware e avvia scansione, al termine riavvia il pc e posta il nuovo report

[rino86]

Malwarebytes Anti-Malware
www.malwarebytes.org

Data scansione: 09/12/2015
Ora scansione: 23:24
File di log: xxxxxx.txt
Amministratore: Sì

Versione: 2.2.0.1024
Database malware: v2015.12.09.06
Database rootkit: v2015.12.07.01
Licenza: Gratuito
Protezione da malware: Disattivata
Protezione da siti web nocivi: Disattivata
Auto-protezione: Disattivata

SO: Windows 7 Service Pack 1
CPU: x64
File system: NTFS
Utente: Win

Tipo di scansione: Scansione personalizzata
Risultati: Completata
Elementi analizzati: 490467
Tempo impiegato: 58 min, 38 sec

Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Euristiche: Attivata
PUP: Attivata
PUM: Attivata

Processi: 0
(Nessun elemento nocivo rilevato)

Moduli: 0
(Nessun elemento nocivo rilevato)

Chiavi di registro: 0
(Nessun elemento nocivo rilevato)

Valori di registro: 0
(Nessun elemento nocivo rilevato)

Dati di registro: 0
(Nessun elemento nocivo rilevato)

Cartelle: 0
(Nessun elemento nocivo rilevato)

File: 0
(Nessun elemento nocivo rilevato)

Settori fisici: 0
(Nessun elemento nocivo rilevato)


(end)

[davide72]

ottimo

[rino86]

Grazie