Moderatori: m.paolo, kadosh, Luke57
:OTL
CHR - Extension: No name found = \Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = \Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = \Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = \Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = \Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\
CHR - Extension: No name found = \Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = \Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O4 - HKU\.DEFAULT..\Run: [SpybotPostWindows10UpgradeReInstall] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-18..\Run: [SpybotPostWindows10UpgradeReInstall] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Windows\System32\config\RegBack\DEFAULT ()
O4 - Startup: C:\Windows\System32\config\RegBack\DEFAULT.LOG1 ()
O4 - Startup: C:\Windows\System32\config\RegBack\DEFAULT.LOG2 ()
O4 - Startup: C:\Windows\System32\config\RegBack\SAM ()
O4 - Startup: C:\Windows\System32\config\RegBack\SAM.LOG1 ()
O4 - Startup: C:\Windows\System32\config\RegBack\SAM.LOG2 ()
O4 - Startup: C:\Windows\System32\config\RegBack\SECURITY ()
O4 - Startup: C:\Windows\System32\config\RegBack\SECURITY.LOG1 ()
O4 - Startup: C:\Windows\System32\config\RegBack\SECURITY.LOG2 ()
O4 - Startup: C:\Windows\System32\config\RegBack\SOFTWARE ()
O4 - Startup: C:\Windows\System32\config\RegBack\SOFTWARE.LOG1 ()
O4 - Startup: C:\Windows\System32\config\RegBack\SOFTWARE.LOG2 ()
O4 - Startup: C:\Windows\System32\config\RegBack\SYSTEM ()
O4 - Startup: C:\Windows\System32\config\RegBack\SYSTEM.LOG1 ()
O4 - Startup: C:\Windows\System32\config\RegBack\SYSTEM.LOG2 ()
O4 - Startup: C:\Windows\System32\config\systemprofile\AppData [2009/07/14 06:36:39 | 000,000,000 | --SD | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\Application Data [2015/07/14 11:09:42 | 000,000,000 | ---D | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\Contacts [2014/02/27 17:39:05 | 000,000,000 | R--D | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\Dati applicazioni [2010/09/01 14:25:50 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\Desktop [2015/08/06 17:53:04 | 000,000,000 | R--D | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\Documents [2015/08/06 14:51:43 | 000,000,000 | R--D | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\Downloads [2015/08/07 07:58:07 | 000,000,000 | R--D | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\Favorites [2015/07/13 09:25:36 | 000,000,000 | R--D | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\Impostazioni locali [2010/09/01 14:25:50 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\Links [2014/02/27 17:39:05 | 000,000,000 | R--D | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\Music [2015/07/13 09:25:36 | 000,000,000 | R--D | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\ntuser.dat ()
O4 - Startup: C:\Windows\System32\config\systemprofile\ntuser.dat.LOG ()
O4 - Startup: C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1 ()
O4 - Startup: C:\Windows\System32\config\systemprofile\ntuser.dat.LOG2 ()
O4 - Startup: C:\Windows\System32\config\systemprofile\ntuser.dat{3d77e7b0-b5c1-11df-a542-806e6f6e6963}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\systemprofile\ntuser.dat{3d77e7b0-b5c1-11df-a542-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\systemprofile\ntuser.dat{3d77e7b0-b5c1-11df-a542-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\systemprofile\Pictures [2015/07/13 09:25:36 | 000,000,000 | R--D | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\Saved Games [2014/02/27 17:39:05 | 000,000,000 | R--D | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\Searches [2015/07/28 07:43:16 | 000,000,000 | R--D | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\SendTo [2014/02/27 17:39:05 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\Videos [2015/07/13 09:25:36 | 000,000,000 | R--D | M]
O4 - Startup: C:\Windows\System32\config\TxR\{458e6b2c-2998-11e3-a354-b8ac6fbcc744}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{458e6b2c-2998-11e3-a354-b8ac6fbcc744}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{458e6b2c-2998-11e3-a354-b8ac6fbcc744}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{458e6b2c-2998-11e3-a354-b8ac6fbcc744}.TxR.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{458e6b2d-2998-11e3-a354-b8ac6fbcc744}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{458e6b2d-2998-11e3-a354-b8ac6fbcc744}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{458e6b2d-2998-11e3-a354-b8ac6fbcc744}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{58818784-4b63-11e3-b454-b8ac6fbcc744}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{58818784-4b63-11e3-b454-b8ac6fbcc744}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{58818784-4b63-11e3-b454-b8ac6fbcc744}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{58818784-4b63-11e3-b454-b8ac6fbcc744}.TxR.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{58818785-4b63-11e3-b454-b8ac6fbcc744}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{58818785-4b63-11e3-b454-b8ac6fbcc744}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{58818785-4b63-11e3-b454-b8ac6fbcc744}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{5af7df25-113e-11e1-bbbf-806e6f6e6963}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{5af7df25-113e-11e1-bbbf-806e6f6e6963}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{5af7df25-113e-11e1-bbbf-806e6f6e6963}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{5af7df25-113e-11e1-bbbf-806e6f6e6963}.TxR.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{5af7df26-113e-11e1-bbbf-806e6f6e6963}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{5af7df26-113e-11e1-bbbf-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{5af7df26-113e-11e1-bbbf-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{6cced300-6e01-11de-8bed-001e0bcd1824}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{6cced300-6e01-11de-8bed-001e0bcd1824}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{6cced300-6e01-11de-8bed-001e0bcd1824}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{6cced300-6e01-11de-8bed-001e0bcd1824}.TxR.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{6cced301-6e01-11de-8bed-001e0bcd1824}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{6cced301-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{6cced301-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{969017e4-1bbf-11e3-9ae6-806e6f6e6963}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{969017e4-1bbf-11e3-9ae6-806e6f6e6963}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{969017e4-1bbf-11e3-9ae6-806e6f6e6963}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{969017e4-1bbf-11e3-9ae6-806e6f6e6963}.TxR.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{969017e5-1bbf-11e3-9ae6-806e6f6e6963}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{969017e5-1bbf-11e3-9ae6-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{969017e5-1bbf-11e3-9ae6-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{baf1064e-46ce-11e3-96ef-b8ac6fbcc744}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{baf1064e-46ce-11e3-96ef-b8ac6fbcc744}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{baf1064e-46ce-11e3-96ef-b8ac6fbcc744}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{baf1064e-46ce-11e3-96ef-b8ac6fbcc744}.TxR.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{baf1064f-46ce-11e3-96ef-b8ac6fbcc744}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{baf1064f-46ce-11e3-96ef-b8ac6fbcc744}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{baf1064f-46ce-11e3-96ef-b8ac6fbcc744}.TMContainer00000000000000000002.regtrans-ms ()
[2015/07/13 13:33:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\%LOCALAPPDATA%
:Files
ipconfig /flushdns /c
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[RESETHOSTS]
[CLEARALLRESTOREPOINTS]
[Reboot]
Visitano il forum: Nessuno e 20 ospiti