apertura pagine internet a ripetizione

[paroa]

Ciao,
aprendo il browser (chrome) si aprono pagine pubblicitarie a ripetizione. Ho scansionato ed eliminato con adware e spybot ma non ho risolto il problema.
posto il log di hijackthis. Grazie

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 10.26.59, on 03/07/2016
Platform: Windows XP SP3 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\WINDOWS\system32\EscSvc.exe
C:\Programmi\Google\Update\GoogleUpdate.exe
C:\Programmi\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\ssupd\ssupd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\Programmi\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATILFE.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\Dropbox.exe
E:\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre1.8.0_51\bin\jp2ssv.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Programmi\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATILFE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-312 313 315 Series"
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Programmi\File comuni\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1757981266-343818398-1417001333-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-1757981266-343818398-1417001333-1003 Startup: Dropbox.lnk = C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\Dropbox.exe (User '?')
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Programmi\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\WINDOWS\system32\EscSvc.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: LiveUpSC - Unknown owner - C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\SoftwareUpdater\SoftwareUpdService.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Programmi\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Programmi\File comuni\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: Ssupd Service (SsupdService) - SsupdService - C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\ssupd\ssupd.exe

--
End of file - 6889 bytes

[shel]

ciao prova a fare una scansione con adcleaner scaricalo da qui usa in ordine prima l'opzione scansione e poi pulizia, allega il log che rilascia dopo il riavvio, poi esegui una scansione con >>Farbar Recovery Scan Tool mettilo sul desktop
n.b. Devi scaricare la versione(32 o 64 bit compatibile con il tuo sistema)

•Doppio click per avviarlo.
•Quando ti chiede di accettare le condizioni clicca su yes.
•Clicca sul pulsante SCAN
•Quando finito il tool creerà nella stessa directory di dove è posizionato FRST un log chiamato FRST.txt.
•La prima volta che FRST sarà avviato verrà creato un altro log chiamato Addition.txt
•Allega entrambi i log

[paroa]

ciao, adcleaner l'avevo gia' fatto e a rifarlo mi da tutto pulito, allego invece i log di Farbar in due topic (troppi caratteri):

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-07-2016
Ran by Boschetti (administrator) on BORIAN-DE10A491 (04-07-2016 07:05:49)
Running from E:\
Loaded Profiles: Boschetti (Available Profiles: Boschetti)
Platform: Microsoft Windows XP Service Pack 3 (X86) Language: Italiano (Italia)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Programmi\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Seiko Epson Corporation) C:\WINDOWS\system32\escsvc.exe
(Nitro PDF Software) C:\Programmi\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Oracle Corporation) C:\Programmi\File comuni\Java\Java Update\jusched.exe
(AVAST Software) C:\Programmi\AVAST Software\Avast\avastui.exe
(SEIKO EPSON CORPORATION) C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATILFE.EXE
(Dropbox, Inc.) C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\Dropbox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [18702336 2009-08-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Programmi\File comuni\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Programmi\AVAST Software\Avast\AvastUI.exe [7408312 2016-06-27] (AVAST Software)
HKU\S-1-5-21-1757981266-343818398-1417001333-1003\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATILFE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1757981266-343818398-1417001333-1003\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Programmi\File comuni\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1757981266-343818398-1417001333-1003\...\MountPoints2: {0eb9d202-61da-11e4-a606-0018e764309e} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1757981266-343818398-1417001333-1003\...\MountPoints2: {39eabd9b-1982-11e3-a2db-0018e764309e} - E:\iLinker.exe
HKU\S-1-5-21-1757981266-343818398-1417001333-1003\...\MountPoints2: {6aabca32-14ac-11e4-a563-0018e764309e} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1757981266-343818398-1417001333-1003\...\MountPoints2: {aef06c98-f575-11df-9cd4-0018e764309e} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1757981266-343818398-1417001333-1003\...\MountPoints2: {fb32c7fe-eaa8-11df-9cc1-0018e764309e} - E:\LaunchU3.exe -a
ShellExecuteHooks: Hook per l'esecuzione degli URL - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8492032 2012-06-08] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programmi\AVAST Software\Avast\ashShell.dll [2016-06-10] (AVAST Software)
Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Microsoft Office.lnk [2016-07-03]
ShortcutTarget: Microsoft Office.lnk -> C:\Programmi\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\Boschetti\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk [2016-07-03]
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-1757981266-343818398-1417001333-1003\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{14BA00A3-19E7-4EEC-9A67-C0587A5D39E2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B9FC8E55-C581-4A25-87C9-9ACD141E8B1E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.findeer.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.findeer.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.findeer.com
HKU\S-1-5-21-1757981266-343818398-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKU\S-1-5-21-1757981266-343818398-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-1757981266-343818398-1417001333-1003 -> DefaultScope {01D6959E-F7AA-4CFC-B57C-ED238FF4F02A} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b2ie7
SearchScopes: HKU\S-1-5-21-1757981266-343818398-1417001333-1003 -> {01D6959E-F7AA-4CFC-B57C-ED238FF4F02A} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b2ie7
SearchScopes: HKU\S-1-5-21-1757981266-343818398-1417001333-1003 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKU\S-1-5-21-1757981266-343818398-1417001333-1003 -> {1E7F3124-669D-4054-B9A5-A980007834D4} URL = hxxp://ricerca.virgilio.it/ricerca?qs={searchTerms}&f=ie8vs
SearchScopes: HKU\S-1-5-21-1757981266-343818398-1417001333-1003 -> {2052BCF8-95DE-4E12-95D3-6D50A585DF4F} URL = hxxp://it.wikipedia.org/w/index.php?tit ... ca&search={searchTerms}
SearchScopes: HKU\S-1-5-21-1757981266-343818398-1417001333-1003 -> {2ACD218D-7F8A-4DF1-84D9-6AEF9D25C4A5} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}&rlz=1I7ADFA_it
SearchScopes: HKU\S-1-5-21-1757981266-343818398-1417001333-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programmi\Java\jre1.8.0_51\bin\ssv.dll [2015-09-16] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll [2016-06-10] (AVAST Software)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-29] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programmi\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-09-16] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Toolbar: HKU\S-1-5-21-1757981266-343818398-1417001333-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-29] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-08-22] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Programmi\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-09-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Programmi\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-09-16] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Programmi\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nitropdf.com/NitroPDF -> C:\Programmi\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Programmi\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin: @sony.com/ReaderDesktop -> C:\Programmi\Sony\ReaderDesktop\npreaderdetectmoz.dll [2013-11-27] (Sony Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programmi\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programmi\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Programmi\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1757981266-343818398-1417001333-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Facebook\Video\Skype\npFacebookVideoCalling.dll [No File]
FF Extension: 1ClickMovieDownloader - C:\Documents and Settings\Boschetti\Dati applicazioni\Mozilla\Firefox\profiles\extensions\clickmoviedownloader@clickmoviedownloader.com.xpi [2013-01-30] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-08-12] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Programmi\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Programmi\AVAST Software\Avast\WebRep\FF [2016-06-10]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Programmi\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Programmi\AVAST Software\Avast\SafePrice\FF [2016-06-10]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.it/
CHR StartupUrls: Default -> "hxxp://home.sweetim.com/?barid={A91E46F3-9B8E-11E2-A1D0-0018E764309E}&src=10&&st=23&did=10963&ptr=100&UPN2=92544713781928851","hxxp://www.google.it/"
CHR Plugin: (Shockwave Flash) - C:\Programmi\Google\Chrome\Application\49.0.2623.112\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Programmi\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Programmi\Google\Chrome\Application\49.0.2623.112\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Programmi\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Programmi\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programmi\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Programmi\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Programmi\Google\Update\1.3.21.145\npGoogleUpdate3.dll => No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Programmi\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Pando Web Plugin) - C:\Programmi\Pando Networks\Media Booster\npPandoWebPlugin.dll => No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Programmi\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default
CHR Extension: (Documenti Google) - C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Chiamate Skype) - C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2015-11-02]
CHR Extension: (YouTube) - C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google Search) - C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Google Documenti offline) - C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (Skype) - C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-25]
CHR Extension: (Music Search) - C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\mmeljkaonnbjgofmihnbimepcaiblkbi [2016-06-13]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM\...\Chrome\Extension: [dhpigdnmefdjeemeldnnmbckmpogpbji] - C:\Programmi\1clickmoviedownloader.com\clickmoviedownloader10.crx <not found>
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Programmi\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-06-10]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Programmi\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-06-10]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Programmi\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-11-29]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 Apple Mobile Device; C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184 2012-08-11] (Apple Inc.)
R2 avast! Antivirus; C:\Programmi\AVAST Software\Avast\AvastSvc.exe [243296 2016-06-10] (AVAST Software)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [126128 2012-05-17] (Seiko Epson Corporation)
S2 gupdate; C:\Programmi\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.)
S3 gupdatem; C:\Programmi\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.)
R2 NitroReaderDriverReadSpool3; C:\Programmi\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2013-07-26] (Nitro PDF Software)
S4 SkypeUpdate; C:\Programmi\Skype\Updater\Updater.exe [160944 2012-07-03] (Skype Technologies)
S3 Sony SCSI Helper Service; C:\Programmi\File comuni\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-11-26] (Sony Corporation) [File not signed]
S2 SsupdService; C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\ssupd\ssupd.exe [156160 2013-01-24] (SsupdService) [File not signed]
S3 WMPNetworkSvc; C:\Programmi\Windows Media Player\WMPNetwk.exe [918528 2006-11-02] (Microsoft Corporation)
S2 LiveUpSC; "C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\SoftwareUpdater\SoftwareUpdService.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 APL531; C:\WINDOWS\System32\Drivers\ov550i.sys [580992 2006-07-31] (Omnivision Technologies, Inc.) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [32792 2016-06-10] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [35096 2016-06-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [91168 2016-06-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [64272 2016-06-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [58776 2016-06-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [815792 2016-06-10] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [449640 2016-06-10] (AVAST Software)
R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [187208 2016-06-10] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [67216 2016-06-10] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [221368 2016-06-10] (AVAST Software)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 fa120; C:\WINDOWS\System32\DRIVERS\fa120.sys [10496 2002-12-23] (NETGEAR Inc.)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51120 2004-12-15] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2004-12-15] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21744 2004-12-15] (HP)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 PAC207; C:\WINDOWS\System32\DRIVERS\PFC027.SYS [618112 2008-02-13] (PixArt Imaging Inc.)
S3 RTL8187B; C:\WINDOWS\System32\DRIVERS\RTL8187B.sys [342784 2010-03-31] (Realtek Semiconductor Corporation )
U2 CertPropSvc; no ImagePath
S3 cpuz134; \??\C:\DOCUME~1\BOSCHE~1\IMPOST~1\Temp\cpuz134\cpuz134_x32.sys [X]
S4 IntelIde; no ImagePath
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
S3 StarOpen; no ImagePath
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-22 12:28 - 2016-08-22 12:28 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
2016-08-20 19:03 - 2016-08-20 19:03 - 00024400 _____ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2016-07-04 07:05 - 2016-07-04 07:05 - 00000000 ____D C:\FRST
2016-07-03 10:59 - 2016-07-03 10:59 - 00000624 _____ C:\Documents and Settings\All Users\Desktop\eMule.lnk
2016-07-03 10:59 - 2016-07-03 10:59 - 00000000 ____D C:\Programmi\eMule
2016-07-03 10:59 - 2016-07-03 10:59 - 00000000 ____D C:\Documents and Settings\All Users\Menu Avvio\Programmi\eMule
2016-07-03 10:46 - 2016-07-03 10:46 - 00000000 ____D C:\Programmi\File comuni\Designer
2016-07-03 10:44 - 2001-05-31 18:35 - 00000036 _____ C:\Documents and Settings\Boschetti\Desktop\serial.txt
2016-07-03 09:26 - 2016-07-03 09:51 - 00000175 _____ C:\WINDOWS\wininit.ini
2016-07-03 09:03 - 2016-07-03 09:03 - 00000000 ____D C:\Programmi\File comuni\AV
2016-07-03 09:03 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Documents and Settings\All Users\Desktop\Post Win10 Spybot-install.exe
2016-07-03 09:01 - 2016-07-03 09:52 - 00000000 ____D C:\Programmi\Spybot - Search & Destroy 2
2016-07-03 09:01 - 2016-07-03 09:51 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
2016-07-03 09:01 - 2016-07-03 09:29 - 00065536 _____ C:\WINDOWS\system32\config\SpybotSD.evt
2016-07-03 08:06 - 2016-07-03 08:06 - 00000000 ____D C:\Documents and Settings\Boschetti\Menu Avvio\Programmi\Dropbox
2016-06-23 20:44 - 2016-06-23 20:44 - 00000000 ___RD C:\Documents and Settings\Boschetti\Documenti\Immagini
2016-06-23 12:54 - 2016-06-23 12:54 - 00000000 _____ C:\WINDOWS\system32\last.dump
2016-06-10 11:00 - 2016-07-04 06:58 - 00000478 _____ C:\WINDOWS\Tasks\SafeZone scheduled Autoupdate 1465549232.job
2016-06-10 11:00 - 2016-06-10 11:00 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-06-10 10:54 - 2016-06-10 10:54 - 00001653 _____ C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
2016-06-10 10:54 - 2016-06-10 10:54 - 00000000 ____D C:\Documents and Settings\Boschetti\Dati applicazioni\AVAST Software
2016-06-10 10:54 - 2016-06-10 10:54 - 00000000 ____D C:\Documents and Settings\All Users\Menu Avvio\Programmi\AVAST Software
2016-06-10 10:53 - 2016-07-04 07:03 - 00000362 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2016-06-10 10:53 - 2016-06-10 10:53 - 00815792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-06-10 10:53 - 2016-06-10 10:53 - 00449640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-06-10 10:53 - 2016-06-10 10:53 - 00334280 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-06-10 10:53 - 2016-06-10 10:53 - 00221368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-06-10 10:53 - 2016-06-10 10:53 - 00187208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2016-06-10 10:53 - 2016-06-10 10:53 - 00091168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-06-10 10:53 - 2016-06-10 10:53 - 00067216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2016-06-10 10:53 - 2016-06-10 10:53 - 00064272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2016-06-10 10:53 - 2016-06-10 10:53 - 00058776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-06-10 10:53 - 2016-06-10 10:53 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-06-10 10:53 - 2016-06-10 10:53 - 00032792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-06-10 10:50 - 2016-06-10 11:00 - 00000000 ____D C:\Programmi\AVAST Software

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-24 15:51 - 2010-05-20 17:48 - 00000442 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{FBC4A5A9-88F4-4BB4-A6C5-8CF614196E17}.job
2016-08-23 18:15 - 2014-06-23 16:08 - 00000000 ____D C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Paint.NET
2016-08-22 13:42 - 2012-04-13 19:36 - 00796352 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-08-22 13:42 - 2012-03-12 15:42 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-08-22 13:41 - 2016-01-19 20:41 - 09717952 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2016-07-20 11:54 - 2014-10-23 17:34 - 00000000 ____D C:\Documents and Settings\Boschetti\Dati applicazioni\EPSON
2016-07-20 11:54 - 2014-10-23 17:12 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\Epson
2016-07-20 11:42 - 2011-12-22 21:56 - 00000000 ____D C:\WINDOWS\Minidump
2016-07-04 07:06 - 2010-05-20 16:08 - 00000000 ____D C:\Documents and Settings\Boschetti\Impostazioni locali\Temp
2016-07-04 07:03 - 2014-11-15 13:47 - 00000000 ____D C:\AdwCleaner
2016-07-04 07:02 - 2015-06-13 10:51 - 00001216 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1757981266-343818398-1417001333-1003UA.job
2016-07-04 06:59 - 2013-06-24 15:35 - 00000000 ___RD C:\Documents and Settings\Boschetti\Documenti\Dropbox
2016-07-04 06:58 - 2014-03-29 10:25 - 00000230 _____ C:\WINDOWS\Tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Accesso.job
2016-07-04 06:58 - 2010-11-10 21:41 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-04 06:58 - 2004-08-19 14:00 - 00002422 _____ C:\WINDOWS\system32\wpa.dbl
2016-07-04 06:56 - 2010-05-20 17:48 - 00144424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-04 06:56 - 2010-05-20 16:07 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-03 11:26 - 2010-05-20 16:08 - 00000194 ___SH C:\Documents and Settings\Boschetti\ntuser.ini
2016-07-03 11:26 - 2010-05-20 16:07 - 00032508 _____ C:\WINDOWS\SchedLgU.Txt
2016-07-03 11:25 - 2014-10-23 17:25 - 00000917 _____ C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {4DC280AD-3322-4B9E-A687-45D116AFEAF5}.job
2016-07-03 11:25 - 2014-10-23 17:25 - 00000731 _____ C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {4DC280AD-3322-4B9E-A687-45D116AFEAF5}.job
2016-07-03 11:25 - 2013-09-21 09:30 - 00000000 ____D C:\Documents and Settings\Boschetti\Dati applicazioni\Nitro PDF
2016-07-03 11:25 - 2010-05-20 16:08 - 00000000 ____D C:\Documents and Settings\Boschetti
2016-07-03 10:59 - 2010-05-20 17:49 - 00000000 ____D C:\Programmi
2016-07-03 10:59 - 2010-05-20 17:49 - 00000000 ____D C:\Documents and Settings\All Users\Menu Avvio\Programmi
2016-07-03 10:51 - 2015-03-09 16:25 - 00002517 _____ C:\Documents and Settings\Boschetti\Desktop\Microsoft Word.lnk
2016-07-03 10:51 - 2015-03-09 16:25 - 00002489 _____ C:\Documents and Settings\Boschetti\Desktop\Microsoft Excel.lnk
2016-07-03 10:47 - 2015-03-09 16:23 - 00000424 _____ C:\WINDOWS\ODBC.INI
2016-07-03 10:46 - 2015-03-09 16:23 - 00002611 _____ C:\Documents and Settings\All Users\Menu Avvio\Programmi\Microsoft Word.lnk
2016-07-03 10:46 - 2015-03-09 16:23 - 00002609 _____ C:\Documents and Settings\All Users\Menu Avvio\Apri documento Office.lnk
2016-07-03 10:46 - 2015-03-09 16:23 - 00002589 _____ C:\Documents and Settings\All Users\Menu Avvio\Programmi\Microsoft PowerPoint.lnk
2016-07-03 10:46 - 2015-03-09 16:23 - 00002587 _____ C:\Documents and Settings\All Users\Menu Avvio\Programmi\Microsoft Excel.lnk
2016-07-03 10:46 - 2015-03-09 16:23 - 00002577 _____ C:\Documents and Settings\All Users\Menu Avvio\Nuovo documento Office.lnk
2016-07-03 10:46 - 2015-03-09 16:23 - 00000000 ____D C:\Documents and Settings\All Users\Menu Avvio\Programmi\Strumenti di Office
2016-07-03 10:46 - 2015-03-09 16:22 - 00000000 ____D C:\WINDOWS\ShellNew
2016-07-03 10:46 - 2010-05-20 17:49 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica
2016-07-03 10:46 - 2010-05-20 17:49 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Avvio
2016-07-03 10:46 - 2010-05-20 17:49 - 00000000 ____D C:\Programmi\File comuni\Microsoft Shared
2016-07-03 10:46 - 2010-05-20 17:49 - 00000000 ____D C:\Programmi\File comuni
2016-07-03 10:41 - 2012-04-13 19:36 - 00000978 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-07-03 10:30 - 2010-11-10 21:41 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-03 10:11 - 2013-10-20 16:06 - 00001026 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1757981266-343818398-1417001333-1003UA.job
2016-07-03 09:51 - 2011-12-21 12:38 - 00000402 _____ C:\WINDOWS\Tasks\Boschetti NBAgent.job
2016-07-03 09:51 - 2011-12-21 10:38 - 00000628 _____ C:\WINDOWS\Tasks\Boschetti Local Autobackup.job
2016-07-03 09:45 - 2013-02-24 16:16 - 00000000 ____D C:\WINDOWS\pss
2016-07-03 09:45 - 2010-05-20 17:47 - 00000211 ___SH C:\boot.ini
2016-07-03 09:45 - 2004-08-19 14:00 - 00000759 _____ C:\WINDOWS\win.ini
2016-07-03 09:45 - 2004-08-19 14:00 - 00000227 _____ C:\WINDOWS\system.ini
2016-07-03 09:29 - 2012-12-27 18:27 - 00000000 ____D C:\Programmi\Pando Networks
2016-07-03 09:26 - 2010-05-20 16:08 - 00000000 ___HD C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni
2016-07-03 09:01 - 2010-05-20 17:49 - 00000000 __RHD C:\Documents and Settings\All Users\Dati applicazioni
2016-07-03 08:07 - 2010-05-20 16:08 - 00000000 ___RD C:\Documents and Settings\Boschetti\Menu Avvio\Programmi\Esecuzione automatica
2016-07-03 08:06 - 2013-06-24 15:32 - 00000000 ____D C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox
2016-07-03 08:06 - 2010-05-20 16:08 - 00000000 ___RD C:\Documents and Settings\Boschetti\Menu Avvio\Programmi
2016-07-03 07:42 - 2013-02-21 20:42 - 00000000 ____D C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\ServiceManager
2016-07-03 07:42 - 2010-05-20 17:49 - 00000000 ___RD C:\Documents and Settings\All Users\Documenti
2016-06-27 20:02 - 2015-06-13 10:51 - 00001164 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1757981266-343818398-1417001333-1003Core.job
2016-06-27 17:56 - 2010-10-25 20:33 - 00000000 ____D C:\Documents and Settings\Boschetti\Dati applicazioni\U3
2016-06-23 20:44 - 2010-05-20 16:08 - 00000000 ___RD C:\Documents and Settings\Boschetti\Documenti
2016-06-23 20:37 - 2013-06-17 14:29 - 00000000 ____D C:\Documents and Settings\Boschetti\Documenti\Scansioni personali
2016-06-23 20:37 - 2010-05-20 16:08 - 00000000 ___RD C:\Documents and Settings\Boschetti\Documenti\Musica
2016-06-23 20:30 - 2010-10-02 19:46 - 00125952 _____ C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-23 16:11 - 2013-10-20 16:06 - 00001004 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1757981266-343818398-1417001333-1003Core.job
2016-06-23 13:38 - 2010-08-14 17:18 - 00000000 ____D C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\ApplicationHistory
2016-06-15 21:05 - 2010-05-20 17:41 - 139785240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-15 19:15 - 2010-05-20 16:08 - 00000000 __RHD C:\Documents and Settings\Boschetti\Dati applicazioni
2016-06-10 11:00 - 2013-05-26 09:29 - 00000000 ____D C:\Documents and Settings\All Users\Dati applicazioni\AVAST Software
2016-06-10 10:54 - 2010-05-20 17:42 - 00000000 ___HD C:\WINDOWS\inf
2016-06-08 15:00 - 2014-03-29 10:25 - 00000224 _____ C:\WINDOWS\Tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Mensile.job
2016-06-06 09:54 - 2012-12-26 20:00 - 00000276 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

==================== Files in the root of some directories =======

2010-08-12 17:49 - 2013-02-14 18:13 - 0001296 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\mainhst.zgh
2010-10-02 19:46 - 2016-06-23 20:30 - 0125952 _____ () C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-08-14 17:18 - 2010-08-14 17:18 - 0000138 _____ () C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\fusioncache.dat
2010-08-12 21:40 - 2010-08-18 14:29 - 0001298 _____ () C:\Documents and Settings\All Users\Dati applicazioni\hpzinstall.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

[paroa]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-07-2016
Ran by Boschetti (2016-07-04 07:06:29)
Running from E:\
Microsoft Windows XP Service Pack 3 (X86) (2010-05-20 14:05:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1757981266-343818398-1417001333-500 - Administrator - Enabled)
ASPNET (S-1-5-21-1757981266-343818398-1417001333-1004 - Limited - Enabled)
Boschetti (S-1-5-21-1757981266-343818398-1417001333-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Boschetti
Guest (S-1-5-21-1757981266-343818398-1417001333-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1757981266-343818398-1417001333-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1757981266-343818398-1417001333-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

10dita (f:\) #3 (HKLM\...\ST6UNST #3) (Version: - )
10dita (f:\) (HKLM\...\ST6UNST #2) (Version: - )
10dita (HKLM\...\ST6UNST #1) (Version: - )
1500 (Version: 47.0.1.000 - Hewlett-Packard) Hidden
1500_Help (Version: 47.1.14.000 - Hewlett-Packard) Hidden
1500Trb (Version: 47.0.1.000 - Hewlett-Packard) Hidden
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Italiano (HKLM\...\{AC76BA86-7AD7-1040-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2183461) (HKLM\...\KB2183461-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2360131) (HKLM\...\KB2360131-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2416400) (HKLM\...\KB2416400-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2482017) (HKLM\...\KB2482017-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2497640) (HKLM\...\KB2497640-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2530548) (HKLM\...\KB2530548-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2559049) (HKLM\...\KB2559049-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2586448) (HKLM\...\KB2586448-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB971961) (HKLM\...\KB971961-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
Aggiornamento per Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento per Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento per Windows Internet Explorer 8 (KB980302) (HKLM\...\KB980302-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento per Windows Internet Explorer 8 (KB982632) (HKLM\...\KB982632-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento per Windows Internet Explorer 8 (KB982664) (HKLM\...\KB982664-IE8) (Version: 1 - Microsoft Corporation)
AiO_Scan (Version: 47.0.1.000 - Hewlett-Packard) Hidden
AiOSoftware (Version: 47.0.1.000 - Hewlett-Packard) Hidden
Apple Mobile Device Support (HKLM\...\{459699C3-9430-4381-964B-4248D87B49F9}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
aTube Catcher (HKLM\...\aTube Catcher) (Version: 3.8.7955 - DsNET Corp)
AudioLava 1.0 (HKLM\...\AudioLava_is1) (Version: 1.0 - Acon Digital Media GmbH)
Avast Free Antivirus (HKLM\...\Avast) (Version: 11.2.2262 - AVAST Software)
BufferChm (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 2.34 - Piriform)
Copy (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CP_AtenaShokunin1Config (Version: 45.4.131.000 - Hewlett-Packard) Hidden
cp_dwShrek2Albums1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
cp_dwShrek2Cards1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CreativeProjects (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CreativeProjectsTemplates (Version: 45.4.157.000 - Hewlett-Packard) Hidden
CueTour (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 1.21 - Piriform)
Destinations (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Director (Version: 45.4.157.000 - Hewlett-Packard) Hidden
DocProc (Version: 4.5.0.0 - Hewlett-Packard) Hidden
DocumentViewer (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Driver Alice Wi-Fi TG123g (HKLM\...\{32F8658E-DAC6-4C74-84D4-F10FFA696EF4}) (Version: 1.00.0000 - Telecom Italy)
Dropbox (HKU\S-1-5-21-1757981266-343818398-1417001333-1003\...\Dropbox) (Version: 5.4.24 - Dropbox, Inc.)
eMule (HKLM\...\eMule) (Version: - )
Epson Easy Photo Print 2 (HKLM\...\{674E262F-72EA-41C1-AF16-9727311A4553}) (Version: 2.4.1.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-312 313 315 Series Printer Uninstall (HKLM\...\EPSON XP-312 313 315 Series) (Version: - SEIKO EPSON Corporation)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fax (Version: 47.0.1.000 - Hewlett-Packard) Hidden
FileZilla Client 3.5.3 (HKLM\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
FreeOCR v4.2 (HKLM\...\freeocr_is1) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HijackThis 2.0.0 (HKLM\...\HijackThis) (Version: 2.0.0 - TrendMicro)
HP Extended Capabilities 4.7 (HKLM\...\HPExtendedCapabilities) (Version: 4.7 - HP)
HP Image Zone 4.7 (HKLM\...\HP Photo & Imaging) (Version: 4.7 - HP)
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP PSC & OfficeJet 4.7 (HKLM\...\{342C7C88-D335-4bc2-8CF1-281857629CE2}) (Version: - HP)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPSystemDiagnostics (Version: 1.6.0.0 - Your Company Name) Hidden
InstantShare (Version: 45.4.157.000 - Hewlett-Packard) Hidden
InstantShareAlert (Version: 1.00.0000 - HP) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Manuali EPSON (HKLM\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.0.1.0 - SEIKO EPSON CORPORATION)
MarketResearch (Version: 45.4.158.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Italian Language Pack (HKLM\...\{F2D2B58B-B2FD-46D1-8319-DCE564079934}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ITA (HKLM\...\{842F9881-E181-30B3-A152-008D61433274}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ITA (HKLM\...\{86BA3130-5938-3192-BBCF-6B0A2D86FA58}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano) (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - ita) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (HKLM\...\Microsoft .NET Framework 4 Client Profile ITA Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office XP Professional con FrontPage (HKLM\...\{90280410-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyDriveConnect 4.0.7.2442 (HKLM\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
Nero BackItUp (HKLM\...\{0420F95C-11FF-4E02-B967-6CC22B188F9F}) (Version: 5.2.22001 - Nero AG)
Nero BackItUp and Burn (HKLM\...\{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}) (Version: 1.2.0031 - Nero AG)
Nero BurnRights (HKLM\...\{397516AE-7DFE-4F90-84E0-BD616D559434}) (Version: 3.6.26001 - Nero AG)
Nero Express (HKLM\...\{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}) (Version: 9.6.16000 - Nero AG)
Nero RescueAgent (HKLM\...\{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}) (Version: 2.6.26000 - Nero AG)
Nitro Reader 3 (HKLM\...\{31912E61-67A3-48A1-83D8-811DBD732352}) (Version: 3.5.6.5 - Nitro)
NSIS FreePOPs (remove only) (HKLM\...\FreePOPs) (Version: - )
OpenOffice.org 3.2 (HKLM\...\{D61B4347-26FD-40F5-92B7-5D020E574DFE}) (Version: 3.2.9483 - OpenOffice.org)
OVT Scanner X86 (HKLM\...\{6B566EFE-DC1D-471F-93DD-84832663F140}) (Version: 1.00.0000 - OVT)
Pacchetto provider Microsoft servizio crittografia smart card di base (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC)
PanoStandAlone (Version: 45.4.157.000 - Hewlett-Packard) Hidden
PhotoGallery (Version: 45.4.157.000 - Hewlett-Packard) Hidden
ProductContext (Version: 47.1.14.000 - Hewlett-Packard) Hidden
Python 2.7.3 (HKLM\...\{C0C31BCC-56FB-42A7-8766-D29E1BD74C7C}) (Version: 2.7.3150 - Python Software Foundation)
qBittorrent 3.0.5 (HKLM\...\qbittorrent) (Version: - )
QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Reader for PC (HKLM\...\{71FB3127-E6B2-4058-ACEE-99813554FAB6}) (Version: 2.2.00.11270 - Sony Corporation)
Readme (Version: 47.0.1.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5924 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.101 (Version: 1.48.2066.101 - Avast Software) Hidden
Scan (Version: 4.5.0.0 - Hewlett-Packard) Hidden
Scan2PDF 1.6 (HKLM\...\Scan2PDF_is1) (Version: - Koma-Code)
ScannerCopy (Version: 4.5.0.0 - Hewlett-Packard) Hidden
SkinsHP1 (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.8.8855 - Skype Technologies S.A.)
Skype™ 5.10 (HKLM\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.115 - Skype Technologies S.A.)
Software Updater (HKLM\...\{7ACB9D1D-5B26-4CE4-964A-1EB22461E6F6}) (Version: 4.1.0 - SEIKO EPSON CORPORATION)
Supporto applicazioni Apple (HKLM\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
TrayApp (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Trust 100K Series Webcam (HKLM\...\{C679F9B9-C65D-4C65-BD6C-BF90B859E281}) (Version: 1.0.4.15 - Trust)
Uninstall OVT Scanner (HKLM\...\OVT Scanner) (Version: - )
Unload (Version: 4.5.0 - Hewlett-Packard) Hidden
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 1.0.5 (HKLM\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 45.4.157.000 - Hewlett-Packard) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1757981266-343818398-1417001333-1003_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Programmi\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Programmi\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Boschetti Local Autobackup.job => C:\Programmi\Nero\Nero BackItUp & Burn\Nero BackItUp\NBCore.exe C:\Documents and Settings\Boschetti\Dati applicazioni\Nero\Nero BackItUp 5\Files\Boschetti Local Autobackup.nji
Task: C:\WINDOWS\Tasks\Boschetti NBAgent.job => C:\Programmi\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1757981266-343818398-1417001333-1003Core.job => C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1757981266-343818398-1417001333-1003UA.job => C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {4DC280AD-3322-4B9E-A687-45D116AFEAF5}.job => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FTSLFE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {4DC280AD-3322-4B9E-A687-45D116AFEAF5}.job => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FTSLFE.EXE:/EXE:{4DC280AD-3322-4B9E-A687-45D116AFEAF5} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1757981266-343818398-1417001333-1003Core.job => C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1757981266-343818398-1417001333-1003UA.job => C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programmi\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programmi\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Accesso.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Mensile.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\SafeZone scheduled Autoupdate 1465549232.job => C:\Programmi\AVAST Software\SZBrowser\launcher.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{FBC4A5A9-88F4-4BB4-A6C5-8CF614196E17}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Documents and Settings\Boschetti\Risorse di rete\Siti Web personali su MSN\target.lnk -> hxxp://it.msnusers.com (No File)
Shortcut: C:\Documents and Settings\Boschetti\Menu Avvio\Programmi\FreePOPs\Forum.lnk -> hxxp://www.diludovico.org/forum/ (No File)
Shortcut: C:\Documents and Settings\Boschetti\Menu Avvio\Programmi\FreePOPs\Manual (english).lnk -> hxxp://www.freepops.org/it/files/manual.pdf (No File)
Shortcut: C:\Documents and Settings\Boschetti\Menu Avvio\Programmi\FreePOPs\Manuale (italiano).lnk -> hxxp://www.freepops.org/it/files/manual-it.pdf (No File)
Shortcut: C:\Documents and Settings\Boschetti\Menu Avvio\Programmi\FreePOPs\Website.lnk -> hxxp://www.freepops.org/ (No File)

==================== Loaded Modules (Whitelisted) ==============

2016-06-10 10:53 - 2016-06-10 10:53 - 00123344 _____ () C:\Programmi\AVAST Software\Avast\log.dll
2016-06-10 10:53 - 2016-06-10 10:53 - 00135816 _____ () C:\Programmi\AVAST Software\Avast\JsonRpcServer.dll
2016-07-03 07:28 - 2016-07-03 07:28 - 02996736 _____ () C:\Programmi\AVAST Software\Avast\defs\16070201\algo.dll
2016-06-10 10:53 - 2016-06-10 10:53 - 00309912 _____ () C:\Programmi\AVAST Software\Avast\browser_pass.dll
2016-07-04 06:59 - 2016-07-04 06:59 - 02996736 _____ () C:\Programmi\AVAST Software\Avast\defs\16070301\algo.dll
2016-06-10 10:53 - 2016-06-10 10:53 - 00479680 _____ () C:\Programmi\AVAST Software\Avast\ffl2.dll
2012-01-08 15:41 - 2012-01-08 15:41 - 00093696 _____ () C:\Programmi\FileZilla FTP Client\fzshellext.dll
2016-06-10 10:53 - 2016-06-10 10:53 - 40539648 _____ () C:\Programmi\AVAST Software\Avast\libcef.dll
2016-07-03 08:05 - 2016-05-25 19:03 - 00034768 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\_multiprocessing.pyd
2016-07-03 08:05 - 2016-05-25 19:03 - 00134088 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\pyexpat.pyd
2016-07-03 08:05 - 2016-05-25 19:04 - 00019408 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\faulthandler.pyd
2016-07-03 08:05 - 2016-05-25 19:03 - 00116688 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\pywintypes27.dll
2016-07-03 08:05 - 2016-05-25 19:03 - 00093640 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\_ctypes.pyd
2016-07-03 08:05 - 2016-05-25 19:03 - 00018376 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\select.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00019760 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\tornado.speedups.pyd
2016-07-03 08:05 - 2016-05-25 19:05 - 00105928 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32api.pyd
2016-07-03 08:05 - 2016-05-25 19:03 - 00392144 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\pythoncom27.dll
2016-07-03 08:05 - 2016-06-13 22:13 - 00381752 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32com.shell.shell.pyd
2016-07-03 08:05 - 2016-05-25 19:03 - 00692688 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\unicodedata.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00020816 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-07-03 08:05 - 2016-05-25 19:04 - 00123856 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\_cffi_backend.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 01682760 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00020808 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00021840 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00052024 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\psutil._psutil_windows.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00038696 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\fastpath.pyd
2016-07-03 08:05 - 2016-05-25 19:05 - 00020936 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\mmapfile.pyd
2016-07-03 08:05 - 2016-05-25 19:05 - 00024528 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32event.pyd
2016-07-03 08:05 - 2016-05-25 19:05 - 00114640 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32security.pyd
2016-07-03 08:05 - 2016-05-25 19:05 - 00124880 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32file.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00021832 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-07-03 08:05 - 2016-05-25 19:05 - 00024016 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32clipboard.pyd
2016-07-03 08:05 - 2016-05-25 19:05 - 00175560 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32gui.pyd
2016-07-03 08:05 - 2016-05-25 19:05 - 00030160 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32pipe.pyd
2016-07-03 08:05 - 2016-05-25 19:05 - 00043472 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32process.pyd
2016-07-03 08:05 - 2016-05-25 19:05 - 00048592 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32service.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00023872 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00026456 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-07-03 08:05 - 2016-05-25 19:05 - 00057808 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32evtlog.pyd
2016-07-03 08:05 - 2016-05-25 19:05 - 00024016 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32profile.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00246592 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-07-03 08:05 - 2016-05-25 19:05 - 00028616 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32ts.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00020800 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00019776 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00020800 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-07-03 08:05 - 2016-05-25 19:03 - 00134608 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\_elementtree.pyd
2016-07-03 08:05 - 2016-05-25 19:04 - 00240584 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\jpegtran.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00020280 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00023376 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-07-03 08:05 - 2016-05-25 19:05 - 00350152 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\winxpgui.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00022352 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00024392 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-07-03 08:05 - 2016-05-25 19:05 - 00036296 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\librsync.dll
2016-07-03 08:05 - 2016-06-13 22:13 - 00084280 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\dropbox_sqlite_ext.dll
2016-07-03 08:05 - 2016-06-13 22:13 - 01826096 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\PyQt5.QtCore.pyd
2016-07-03 08:05 - 2016-05-25 19:04 - 00083912 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\sip.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 03928880 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 01971504 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\PyQt5.QtGui.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00531248 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00132912 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00223544 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00207672 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-07-03 08:05 - 2016-05-25 19:05 - 00060880 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32print.pyd
2016-07-03 08:05 - 2016-06-13 22:13 - 00024904 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-19 14:00 - 2004-08-19 14:00 - 00000768 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1757981266-343818398-1417001333-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.1.1
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Avvio rapido di HP Image Zone.lnk => C:\WINDOWS\pss\Avvio rapido di HP Image Zone.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^HP Digital Imaging Monitor.lnk => C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^Boschetti^Menu Avvio^Programmi^Esecuzione automatica^Dropbox.lnk => C:\WINDOWS\pss\Dropbox.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^Boschetti^Menu Avvio^Programmi^Esecuzione automatica^OpenOffice.org 3.2.lnk => C:\WINDOWS\pss\OpenOffice.org 3.2.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Dropbox Update => "C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: EEventManager => "C:\Programmi\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: HP Software Update => C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Programmi\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Monitor => C:\WINDOWS\PixArt\PAC207\Monitor.exe
MSCONFIG\startupreg: MyDriveConnect.exe => "C:\Documents and Settings\Boschetti\Documenti\MyDrive Connect\TomTom MyDrive Connect.exe"
MSCONFIG\startupreg: NBAgent => "C:\Programmi\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: PAC207_Monitor => C:\WINDOWS\PixArt\PAC207\Monitor.exe
MSCONFIG\startupreg: Pando Media Booster => C:\Programmi\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: Reader Application Helper => C:\Programmi\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

StandardProfile\AuthorizedApplications: [C:\Programmi\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\AuthorizedApplications: [C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe] => Enabled:WebKit
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\Dropbox.exe] => Enabled:Dropbox
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Boschetti\Desktop\qbittorrent.exe] => Enabled:qBittorrent - A Bittorrent Client
StandardProfile\AuthorizedApplications: [C:\Programmi\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Facebook\Video\Skype\FacebookVideoCalling.exe] => Enabled:Facebook Video Calling Plugin
StandardProfile\AuthorizedApplications: [C:\Programmi\EPSON Software\Event Manager\EEventManager.exe] => Disabled:EEventManager Application
StandardProfile\AuthorizedApplications: [C:\Programmi\AVG\AVG2012\avgmfapx.exe] => Disabled:Installazione di AVG
StandardProfile\AuthorizedApplications: [C:\Programmi\eMule\emule.exe] => Enabled:eMule
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22007
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Disabled:@xpsp2res.dll,-22008

==================== Restore Points =========================

Could not list restore points
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/04/2016 06:58:01 AM) (Source: SsupdService) (EventID: 0) (User: )
Description: Impossibile avviare il servizio. Handle non valido

Error: (07/04/2016 06:57:54 AM) (Source: Userenv) (EventID: 1090) (User: NT AUTHORITY)
Description: Impossibile registrare lo stato della sessione di Gruppo di criteri risultante. Tentativo di connessione a WMI non riuscito. Non verrà più eseguita alcuna registrazione di Gruppo di criteri risultante per questa applicazione di criteri.

Error: (07/04/2016 06:56:30 AM) (Source: SecurityCenter) (EventID: 1802) (User: )
Description: Impossibile creare query degli eventi con WMI per effettuare il monitoraggio di programmi antivirus e firewall di terze parti.

Error: (07/04/2016 06:56:30 AM) (Source: WinMgmt) (EventID: 28) (User: )
Description: Impossibile inizializzare i componenti principali di WinMgmt. È possibile che la versione di WinMgmt non sia stata installata correttamente, che si sia verificato un errore nell'archivio WinMgmt o che lo spazio su disco o la memoria non siano sufficienti.

Error: (07/03/2016 10:49:52 AM) (Source: SsupdService) (EventID: 0) (User: )
Description: Impossibile avviare il servizio. Handle non valido

Error: (07/03/2016 10:48:33 AM) (Source: Userenv) (EventID: 1090) (User: NT AUTHORITY)
Description: Impossibile registrare lo stato della sessione di Gruppo di criteri risultante. Tentativo di connessione a WMI non riuscito. Non verrà più eseguita alcuna registrazione di Gruppo di criteri risultante per questa applicazione di criteri.

Error: (07/03/2016 10:48:22 AM) (Source: SecurityCenter) (EventID: 1802) (User: )
Description: Impossibile creare query degli eventi con WMI per effettuare il monitoraggio di programmi antivirus e firewall di terze parti.

Error: (07/03/2016 10:48:22 AM) (Source: WinMgmt) (EventID: 28) (User: )
Description: Impossibile inizializzare i componenti principali di WinMgmt. È possibile che la versione di WinMgmt non sia stata installata correttamente, che si sia verificato un errore nell'archivio WinMgmt o che lo spazio su disco o la memoria non siano sufficienti.

Error: (07/03/2016 10:27:08 AM) (Source: SsupdService) (EventID: 0) (User: )
Description: Impossibile avviare il servizio. Handle non valido

Error: (07/03/2016 10:27:00 AM) (Source: Userenv) (EventID: 1090) (User: NT AUTHORITY)
Description: Impossibile registrare lo stato della sessione di Gruppo di criteri risultante. Tentativo di connessione a WMI non riuscito. Non verrà più eseguita alcuna registrazione di Gruppo di criteri risultante per questa applicazione di criteri.


System errors:
=============
Error: (07/03/2016 10:02:55 AM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Errore di installazione. Non è stato possibile installare il seguente aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11 (KB2876229).

Error: (07/03/2016 09:58:35 AM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Errore di installazione. Non è stato possibile installare il seguente aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11 (KB2876229).

Error: (07/03/2016 09:55:34 AM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Errore di installazione. Non è stato possibile installare il seguente aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11 (KB2876229).

Error: (07/03/2016 07:29:28 AM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Errore di installazione. Non è stato possibile installare il seguente aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11 (KB2876229).

Error: (07/03/2016 07:27:41 AM) (Source: 0) (EventID: 1) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (06/27/2016 09:14:19 PM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Errore di installazione. Non è stato possibile installare il seguente aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11 (KB2876229).

Error: (06/27/2016 05:27:22 PM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Errore di installazione. Non è stato possibile installare il seguente aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11 (KB2876229).

Error: (06/26/2016 01:35:26 PM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Errore di installazione. Non è stato possibile installare il seguente aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11 (KB2876229).

Error: (06/26/2016 10:34:12 AM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Errore di installazione. Non è stato possibile installare il seguente aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11 (KB2876229).

Error: (06/26/2016 10:11:24 AM) (Source: Windows Update Agent) (EventID: 20) (User: )
Description: Errore di installazione. Non è stato possibile installare il seguente aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11 (KB2876229).


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz
Percentage of memory in use: 29%
Total physical RAM: 2037.11 MB
Available physical RAM: 1432.07 MB
Total Virtual: 3929.89 MB
Available Virtual: 3443.19 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:298.08 GB) (Free:270.47 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive e: () (Removable) (Total:0.96 GB) (Free:0.76 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 5EE65EE6)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 981 MB) (Disk ID: 024E2F76)
Partition 1: (Active) - (Size=981 MB) - (Type=06)

==================== End of Addition.txt ============================

[shel]

metti FRST sul desktop poi salva questo file sempre sul desktop apri FRST e clicca FIX , allega il fixlog.txt che il programma rilascia e controlla se le pagine si aprono ancora

[paroa]

Vediamo se ho fatto giusto...ho messo FRST sul desktop ho salvato sempre sul desktop il file al link, ho aperto FRST e cliccato fix al
la fine il pc si è riavviato e mi ha rilasciato il seguente log (le pagine si aprono ancora anche se non a mitraglia come prima):

Fix result of Farbar Recovery Scan Tool (x86) Version: 02-07-2016
Ran by Boschetti (2016-07-05 06:30:35) Run:1
Running from C:\Documents and Settings\Boschetti\Desktop
Loaded Profiles: Boschetti (Available Profiles: Boschetti)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start
HKU\S-1-5-21-1757981266-343818398-1417001333-1003\...\MountPoints2: {0eb9d202-61da-11e4-a606-0018e764309e} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1757981266-343818398-1417001333-1003\...\MountPoints2: {39eabd9b-1982-11e3-a2db-0018e764309e} - E:\iLinker.exe
HKU\S-1-5-21-1757981266-343818398-1417001333-1003\...\MountPoints2: {6aabca32-14ac-11e4-a563-0018e764309e} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1757981266-343818398-1417001333-1003\...\MountPoints2: {aef06c98-f575-11df-9cd4-0018e764309e} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1757981266-343818398-1417001333-1003\...\MountPoints2: {fb32c7fe-eaa8-11df-9cc1-0018e764309e} - E:\LaunchU3.exe -a
HR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-1757981266-343818398-1417001333-1003\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.findeer.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.findeer.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.findeer.com
CHR StartupUrls: Default -> "hxxp://home.sweetim.com/?barid={A91E46F3-9B8E-11E2-A1D0-0018E764309E}&src=10&&st=23&did=10963&ptr=100&UPN2=92544713781928851","hxxp://www.google.it/"
S2 SsupdService; C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\ssupd\ssupd.exe [156160 2013-01-24] (SsupdService) [File not signed]
S2 LiveUpSC; "C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\SoftwareUpdater\SoftwareUpdService.exe" [X]
2010-08-12 17:49 - 2013-02-14 18:13 - 0001296 _____ () C:\Documents and Settings\Boschetti\Dati applicazioni\mainhst.zgh
2010-10-02 19:46 - 2016-06-23 20:30 - 0125952 _____ () C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
end
EmptyTemp:




*****************

"HKU\S-1-5-21-1757981266-343818398-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0eb9d202-61da-11e4-a606-0018e764309e}" => key removed successfully.
HKCR\CLSID\{0eb9d202-61da-11e4-a606-0018e764309e} => key not found.
"HKU\S-1-5-21-1757981266-343818398-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39eabd9b-1982-11e3-a2db-0018e764309e}" => key removed successfully.
HKCR\CLSID\{39eabd9b-1982-11e3-a2db-0018e764309e} => key not found.
"HKU\S-1-5-21-1757981266-343818398-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6aabca32-14ac-11e4-a563-0018e764309e}" => key removed successfully.
HKCR\CLSID\{6aabca32-14ac-11e4-a563-0018e764309e} => key not found.
"HKU\S-1-5-21-1757981266-343818398-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aef06c98-f575-11df-9cd4-0018e764309e}" => key removed successfully.
HKCR\CLSID\{aef06c98-f575-11df-9cd4-0018e764309e} => key not found.
"HKU\S-1-5-21-1757981266-343818398-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fb32c7fe-eaa8-11df-9cc1-0018e764309e}" => key removed successfully.
HKCR\CLSID\{fb32c7fe-eaa8-11df-9cc1-0018e764309e} => key not found.
HR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-1757981266-343818398-1417001333-1003\SOFTWARE\Policies\Google" => key removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
Chrome StartupUrls => removed successfully.
SsupdService => service removed successfully.
LiveUpSC => service removed successfully.
C:\Documents and Settings\Boschetti\Dati applicazioni\mainhst.zgh => moved successfully
C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 23129 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache => 613609 B
Java, Flash, Steam htmlcache => 24365 B
Windows/system/dllcache/drivers => 43136017 B
Edge => 0 B
Chrome => 114739903 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default User => 66164 B
All Users => 0 B
systemprofile => 731568248 B
LocalService => 20634046 B
NetworkService => 2409716 B
Boschetti => 25396984 B

RecycleBin => 0 B
EmptyTemp: => 895.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 06:30:57 ====

[shel]

ScaricaOTL e salvalo sul desktop

Metti la spunta su SCAN ALL USERS.

Sotto output, metti la spunta su minimal output

Clicca sulla freccettina di File Age e seleziona 60 Days

Metti la spunta a LOP Check e Purity Check.

Clicca su RUN SCAN

Lascia fare la scansione senza interferire.

Al termine della scansione trovi due log sul desktop. OTL.txt ed Extras.txt, salvali e allegali come i precedenti

[paroa]

eccoli:

OTL logfile created on: 06/07/2016 4.58.44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Boschetti\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 71,23% Memory free
3,84 Gb Paging File | 3,38 Gb Available in Paging File | 88,15% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 298,08 Gb Total Space | 271,00 Gb Free Space | 90,92% Space Free | Partition Type: NTFS
Drive E: | 980,72 Mb Total Space | 782,39 Mb Free Space | 79,78% Space Free | Partition Type: FAT

Computer Name: BORIAN-DE10A491 | User Name: Boschetti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Boschetti\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programmi\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programmi\File comuni\Java\Java Update\jusched.exe (Oracle Corporation)
PRC - C:\Programmi\Nitro\Reader 3\NitroPDFReaderDriverService3.exe (Nitro PDF Software)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATILFE.EXE (SEIKO EPSON CORPORATION)
PRC - C:\WINDOWS\system32\escsvc.exe (Seiko Epson Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Programmi\AVAST Software\Avast\defs\16070501\algo.dll ()
MOD - C:\Programmi\AVAST Software\Avast\defs\16070401\algo.dll ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\winffi.wininet._winffi_wininet.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\winffi.winerror._winffi_winerror.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32com.shell.shell.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\tornado.speedups.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\PyQt5.QtWidgets.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\PyQt5.QtWebKit.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\PyQt5.QtGui.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\PyQt5.QtNetwork.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\PyQt5.QtPrintSupport.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\PyQt5.QtCore.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\psutil._psutil_windows.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\dropbox_sqlite_ext.dll ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\fastpath.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\cpuid.compiled._cpuid.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\breakpad.client.windows.handler.pyd ()
MOD - C:\Programmi\AVAST Software\Avast\libcef.dll ()
MOD - C:\Programmi\AVAST Software\Avast\ffl2.dll ()
MOD - C:\Programmi\AVAST Software\Avast\browser_pass.dll ()
MOD - C:\Programmi\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\Programmi\AVAST Software\Avast\log.dll ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\librsync.dll ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\winxpgui.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32security.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32service.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32process.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32ts.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32profile.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32gui.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32file.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32print.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32pipe.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32api.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32evtlog.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32event.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\win32clipboard.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\mmapfile.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\_cffi_backend.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\sip.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\jpegtran.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\faulthandler.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\unicodedata.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\_elementtree.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\_ctypes.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\_multiprocessing.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\pythoncom27.dll ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\pyexpat.pyd ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\pywintypes27.dll ()
MOD - C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\select.pyd ()
MOD - C:\Programmi\WinRAR\RarExt.dll ()
MOD - C:\Programmi\FileZilla FTP Client\fzshellext.dll ()


========== Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (Sony SCSI Helper Service) -- C:\Programmi\File comuni\Sony Shared\Fsk\SonySCSIHelperService.exe (Sony Corporation)
SRV - (NitroReaderDriverReadSpool3) -- C:\Programmi\Nitro\Reader 3\NitroPDFReaderDriverService3.exe (Nitro PDF Software)
SRV - (Apple Mobile Device) -- C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (SkypeUpdate) -- C:\Programmi\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (EpsonScanSvc) -- C:\WINDOWS\system32\escsvc.exe (Seiko Epson Corporation)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (StarOpen) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (cpuz134) -- C:\DOCUME~1\BOSCHE~1\IMPOST~1\Temp\cpuz134\cpuz134_x32.sys File not found
DRV - (Changer) -- File not found
DRV - (aswKbd) -- C:\WINDOWS\system32\drivers\aswKbd.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys (AVAST Software)
DRV - (aswStmXP) -- C:\WINDOWS\system32\drivers\aswStmXP.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys (AVAST Software)
DRV - (aswHwid) -- C:\WINDOWS\system32\drivers\aswHwid.sys (AVAST Software)
DRV - (aswSnx) -- C:\WINDOWS\system32\drivers\aswSnx.sys (AVAST Software)
DRV - (RTL8187B) -- C:\WINDOWS\system32\drivers\RTL8187B.sys (Realtek Semiconductor Corporation )
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (PAC207) -- C:\WINDOWS\system32\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (APL531) -- C:\WINDOWS\system32\drivers\ov550i.sys (Omnivision Technologies, Inc.)
DRV - (USBCCID) -- C:\WINDOWS\system32\drivers\usbccid.sys (Microsoft Corporation)
DRV - (fa120) -- C:\WINDOWS\system32\drivers\fa120.sys (NETGEAR Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1757981266-343818398-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-1757981266-343818398-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1757981266-343818398-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
IE - HKU\S-1-5-21-1757981266-343818398-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1757981266-343818398-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1757981266-343818398-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1757981266-343818398-1417001333-1003\..\SearchScopes,DefaultScope = {01D6959E-F7AA-4CFC-B57C-ED238FF4F02A}
IE - HKU\S-1-5-21-1757981266-343818398-1417001333-1003\..\SearchScopes\{01D6959E-F7AA-4CFC-B57C-ED238FF4F02A}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b2ie7
IE - HKU\S-1-5-21-1757981266-343818398-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1757981266-343818398-1417001333-1003\..\SearchScopes\{1E7F3124-669D-4054-B9A5-A980007834D4}: "URL" = http://ricerca.virgilio.it/ricerca?qs={searchTerms}&f=ie8vs
IE - HKU\S-1-5-21-1757981266-343818398-1417001333-1003\..\SearchScopes\{2052BCF8-95DE-4E12-95D3-6D50A585DF4F}: "URL" = http://it.wikipedia.org/w/index.php?tit ... ca&search={searchTerms}
IE - HKU\S-1-5-21-1757981266-343818398-1417001333-1003\..\SearchScopes\{2ACD218D-7F8A-4DF1-84D9-6AEF9D25C4A5}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}&rlz=1I7ADFA_it
IE - HKU\S-1-5-21-1757981266-343818398-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.51.2: C:\Programmi\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2: C:\Programmi\Java\jre1.8.0_51\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programmi\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Programmi\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Programmi\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@sony.com/ReaderDesktop: C:\Programmi\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Programmi\AVAST Software\Avast\WebRep\FF [2016/06/10 10.53.16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\sp@avast.com: C:\Programmi\AVAST Software\Avast\SafePrice\FF [2016/06/10 10.53.16 | 000,000,000 | ---D | M]

[2016/08/22 13.46.17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Boschetti\Dati applicazioni\Mozilla\Extensions
[2013/02/15 10.57.43 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Documents and Settings\Boschetti\Dati applicazioni\Mozilla\Extensions\SpecialSavings@SpecialSavings.com
[2014/09/17 20.37.25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Boschetti\Dati applicazioni\Mozilla\Firefox\Profiles\extensions
[2013/01/30 20.27.42 | 000,205,094 | ---- | M] () (No name found) -- C:\Documents and Settings\Boschetti\Dati applicazioni\Mozilla\Firefox\Profiles\extensions\clickmoviedownloader@clickmoviedownloader.com.xpi

========== Chrome ==========

CHR - Extension: No name found = C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij\0.0.0.26_0\
CHR - Extension: No name found = C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\8.3.0.9150_0\
CHR - Extension: No name found = C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\mmeljkaonnbjgofmihnbimepcaiblkbi\1.0.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2004/08/19 14.00.00 | 000,000,768 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.8.0_51\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre1.8.0_51\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programmi\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-1757981266-343818398-1417001333-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Programmi\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programmi\File comuni\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKU\S-1-5-21-1757981266-343818398-1417001333-1003..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATILFE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-1757981266-343818398-1417001333-1003..\Run: [SpybotPostWindows10UpgradeReInstall] C:\Programmi\File comuni\AV\Spybot - Search and Destroy\Test.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\Boschetti\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk = C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-343818398-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14BA00A3-19E7-4EEC-9A67-C0587A5D39E2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9FC8E55-C581-4A25-87C9-9ACD141E8B1E}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\File comuni\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/20 16.03.53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 60 Days ==========

[2016/08/22 12.28.30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
[2016/07/06 04.57.46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Boschetti\Desktop\OTL.exe
[2016/07/05 06.26.05 | 001,740,288 | ---- | C] (Farbar) -- C:\Documents and Settings\Boschetti\Desktop\FRST.exe
[2016/07/04 07.05.22 | 000,000,000 | ---D | C] -- C:\FRST
[2016/07/03 10.59.29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\eMule
[2016/07/03 10.59.28 | 000,000,000 | ---D | C] -- C:\Programmi\eMule
[2016/07/03 10.46.29 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\Designer
[2016/07/03 10.12.06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Boschetti\Recent
[2016/07/03 09.03.16 | 000,821,920 | ---- | C] (Safer-Networking Ltd. ) -- C:\Documents and Settings\All Users\Desktop\Post Win10 Spybot-install.exe
[2016/07/03 09.03.16 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\AV
[2016/07/03 09.01.16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Spybot - Search & Destroy
[2016/07/03 09.01.12 | 000,000,000 | ---D | C] -- C:\Programmi\Spybot - Search & Destroy 2
[2016/07/03 08.06.04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Boschetti\Menu Avvio\Programmi\Dropbox
[2016/06/23 20.44.24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Boschetti\Documenti\Immagini
[2016/06/10 11.00.13 | 000,035,096 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2016/06/10 10.54.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Boschetti\Dati applicazioni\AVAST Software
[2016/06/10 10.54.47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\AVAST Software
[2016/06/10 10.53.35 | 000,187,208 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswStmXP.sys
[2016/06/10 10.53.35 | 000,067,216 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2016/06/10 10.53.34 | 000,449,640 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2016/06/10 10.53.34 | 000,221,368 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2016/06/10 10.53.34 | 000,058,776 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2016/06/10 10.53.33 | 000,091,168 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2016/06/10 10.53.33 | 000,032,792 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2016/06/10 10.53.32 | 000,064,272 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2016/06/10 10.53.31 | 000,815,792 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2016/06/10 10.53.17 | 000,334,280 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2016/06/10 10.53.10 | 000,052,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2016/06/10 10.50.40 | 000,000,000 | ---D | C] -- C:\Programmi\AVAST Software
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2016/08/24 15.51.31 | 000,000,442 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{FBC4A5A9-88F4-4BB4-A6C5-8CF614196E17}.job
[2016/08/22 13.42.42 | 000,796,352 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2016/08/22 13.42.42 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2016/08/22 13.41.29 | 009,717,952 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2016/07/06 05.02.53 | 000,001,216 | ---- | M] () -- C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-1757981266-343818398-1417001333-1003UA.job
[2016/07/06 04.55.24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Boschetti\Desktop\OTL.exe
[2016/07/06 04.47.04 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2016/07/06 04.47.04 | 000,000,362 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2016/07/06 04.47.03 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\SafeZone scheduled Autoupdate 1465549232.job
[2016/07/06 04.47.02 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2016/07/06 04.47.02 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Accesso.job
[2016/07/06 04.45.39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016/07/05 06.41.00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016/07/05 06.30.20 | 000,001,130 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2016/07/05 06.25.00 | 000,000,917 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-312 313 315 Series Update {4DC280AD-3322-4B9E-A687-45D116AFEAF5}.job
[2016/07/05 06.25.00 | 000,000,731 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-312 313 315 Series Invitation {4DC280AD-3322-4B9E-A687-45D116AFEAF5}.job
[2016/07/04 07.11.00 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1757981266-343818398-1417001333-1003UA.job
[2016/07/04 06.56.14 | 000,144,424 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2016/07/04 06.56.06 | 001,740,288 | ---- | M] (Farbar) -- C:\Documents and Settings\Boschetti\Desktop\FRST.exe
[2016/07/03 10.59.33 | 000,000,624 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\eMule.lnk
[2016/07/03 10.51.08 | 000,002,517 | ---- | M] () -- C:\Documents and Settings\Boschetti\Desktop\Microsoft Word.lnk
[2016/07/03 10.51.03 | 000,002,489 | ---- | M] () -- C:\Documents and Settings\Boschetti\Desktop\Microsoft Excel.lnk
[2016/07/03 10.47.00 | 000,000,424 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2016/07/03 10.46.46 | 000,001,744 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Microsoft Office.lnk
[2016/07/03 09.51.25 | 000,000,628 | ---- | M] () -- C:\WINDOWS\tasks\Boschetti Local Autobackup.job
[2016/07/03 09.51.25 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\Boschetti NBAgent.job
[2016/07/03 09.51.20 | 000,000,175 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2016/07/03 09.45.27 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2016/07/03 08.07.07 | 000,001,177 | ---- | M] () -- C:\Documents and Settings\Boschetti\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk
[2016/06/27 20.02.00 | 000,001,164 | ---- | M] () -- C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-1757981266-343818398-1417001333-1003Core.job
[2016/06/23 16.11.00 | 000,001,004 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1757981266-343818398-1417001333-1003Core.job
[2016/06/23 12.54.56 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\last.dump
[2016/06/10 11.00.10 | 000,035,096 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2016/06/10 10.54.47 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
[2016/06/10 10.53.15 | 000,449,640 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2016/06/10 10.53.15 | 000,221,368 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2016/06/10 10.53.15 | 000,187,208 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswStmXP.sys
[2016/06/10 10.53.15 | 000,091,168 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2016/06/10 10.53.15 | 000,067,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2016/06/10 10.53.15 | 000,064,272 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2016/06/10 10.53.15 | 000,058,776 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2016/06/10 10.53.15 | 000,032,792 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2016/06/10 10.53.10 | 000,334,280 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2016/06/10 10.53.10 | 000,052,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2016/06/10 10.53.06 | 000,815,792 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2016/06/08 15.00.00 | 000,000,224 | ---- | M] () -- C:\WINDOWS\tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Mensile.job
[2016/06/06 09.54.00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2016/07/03 10.59.33 | 000,000,624 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\eMule.lnk
[2016/07/03 10.46.46 | 000,001,744 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Microsoft Office.lnk
[2016/07/03 09.26.58 | 000,000,175 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2016/07/03 08.07.07 | 000,001,177 | ---- | C] () -- C:\Documents and Settings\Boschetti\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk
[2016/06/23 12.54.56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\last.dump
[2016/06/10 11.00.43 | 000,000,478 | ---- | C] () -- C:\WINDOWS\tasks\SafeZone scheduled Autoupdate 1465549232.job
[2016/06/10 10.54.47 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
[2016/06/10 10.53.40 | 000,000,362 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2015/10/29 10.45.40 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2015/03/09 16.23.34 | 000,000,424 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2015/02/02 21.29.24 | 000,268,744 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
[2014/10/24 09.36.38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2014/09/17 20.40.20 | 000,001,664 | ---- | C] () -- C:\Documents and Settings\Boschetti\${LOGFILE}
[2013/02/21 20.33.09 | 000,126,254 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-S-1-5-21-1757981266-343818398-1417001333-1003-0.dat
[2013/02/21 20.33.08 | 000,126,254 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-System.dat
[2010/08/14 17.18.34 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\fusioncache.dat

========== ZeroAccess Check ==========

[2010/05/20 18.35.31 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/03/10 06.41.31 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12.51.43 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19.13.58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/04/17 19.25.31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2016/06/10 11.00.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVAST Software
[2013/01/21 18.57.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVG January 2013 Campaign
[2010/05/20 18.38.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Canneverbe Limited
[2012/04/06 10.47.06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Common Files
[2015/06/13 10.51.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Dropbox
[2016/07/20 11.54.47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Epson
[2013/09/18 17.37.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\FileOpen
[2013/04/03 22.27.55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\InstallMate
[2014/02/12 13.48.55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\kinoma
[2013/09/18 17.37.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Nitro
[2015/09/16 10.02.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Oracle
[2011/12/02 22.00.10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\OviInstallerCache
[2013/01/09 18.17.17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PopCap Games
[2012/06/24 18.16.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\tmp
[2014/10/23 17.31.23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\UDL
[2015/07/29 14.26.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\AISoftware
[2016/06/10 10.54.54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\AVAST Software
[2010/05/20 18.38.24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\Canneverbe Limited
[2013/09/18 17.36.44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\Downloaded Installations
[2016/07/03 08.06.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox
[2014/08/26 16.25.17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\EncryptStick
[2016/07/20 11.54.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\EPSON
[2013/09/18 17.37.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\FileOpen
[2016/05/29 22.50.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\FileZilla
[2012/12/29 21.07.37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\LolClient
[2016/01/19 22.30.20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\Nitro
[2016/07/05 06.25.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\Nitro PDF
[2010/05/20 18.37.30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\OpenOffice.org
[2015/10/20 21.10.45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\Oracle
[2014/09/14 19.06.27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\qBittorrent
[2013/02/14 18.02.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\Scan2PDF
[2013/02/14 17.51.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\SumatraPDF
[2013/06/14 13.32.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\TeamViewer
[2013/03/29 17.14.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\TuneUp Software
[2014/01/01 15.34.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Boschetti\Dati applicazioni\uTorrent
[2013/01/31 14.30.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dati applicazioni\TuneUp Software

========== Purity Check ==========



< End of report >

[paroa]

OTL Extras logfile created on: 06/07/2016 4.58.44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Boschetti\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 71,23% Memory free
3,84 Gb Paging File | 3,38 Gb Available in Paging File | 88,15% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 298,08 Gb Total Space | 271,00 Gb Free Space | 90,92% Space Free | Partition Type: NTFS
Drive E: | 980,72 Mb Total Space | 782,39 Mb Free Space | 79,78% Space Free | Partition Type: FAT

Computer Name: BORIAN-DE10A491 | User Name: Boschetti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1757981266-343818398-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programmi\Skype\Phone\Skype.exe" = C:\Programmi\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Boschetti\Dati applicazioni\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Documents and Settings\Boschetti\Desktop\qbittorrent.exe" = C:\Documents and Settings\Boschetti\Desktop\qbittorrent.exe:*:Enabled:qBittorrent - A Bittorrent Client -- ()
"C:\Programmi\Google\Chrome\Application\chrome.exe" = C:\Programmi\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Boschetti\Impostazioni locali\Dati applicazioni\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin
"C:\Programmi\EPSON Software\Event Manager\EEventManager.exe" = C:\Programmi\EPSON Software\Event Manager\EEventManager.exe:*:Disabled:EEventManager Application -- (SEIKO EPSON CORPORATION)
"C:\Programmi\AVG\AVG2012\avgmfapx.exe" = C:\Programmi\AVG\AVG2012\avgmfapx.exe:*:Disabled:Installazione di AVG
"C:\Programmi\eMule\emule.exe" = C:\Programmi\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp
"{069730C2-755A-485B-A205-27A1AAFA836A}" = InstantShareAlert
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{10144CFE-D76C-4CFA-81A1-37A1642349A3}" = Epson Event Manager
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{26A24AE4-039D-4CA4-87B4-2F83218051F0}" = Java 8 Update 51
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{31912E61-67A3-48A1-83D8-811DBD732352}" = Nitro Reader 3
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{32F8658E-DAC6-4C74-84D4-F10FFA696EF4}" = Driver Alice Wi-Fi TG123g
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{397516AE-7DFE-4F90-84E0-BD616D559434}" = Nero BurnRights
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D0E8F20-748C-4dac-9A5F-9CAC86F0E848}" = 1500
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51D43E6D-9B84-4b69-AA14-27113796A94D}" = 1500_Help
"{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}" = Nero RescueAgent
"{55CA4086-0D2C-30E3-A7B5-C76BA737CECE}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ita
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{674E262F-72EA-41C1-AF16-9727311A4553}" = Epson Easy Photo Print 2
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B566EFE-DC1D-471F-93DD-84832663F140}" = OVT Scanner X86
"{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}" = Nero Express
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71FB3127-E6B2-4058-ACEE-99813554FAB6}" = Reader for PC
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{72EF03F5-0507-4861-9A44-D99FD4C41417}" = Paint.NET v3.5.11
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7ACB9D1D-5B26-4CE4-964A-1EB22461E6F6}" = Software Updater
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{817750FA-EC6A-485D-9901-0683AE6FFDF1}" = Google Earth
"{842F9881-E181-30B3-A152-008D61433274}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ITA
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}" = Manuali EPSON
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{86BA3130-5938-3192-BBCF-6B0A2D86FA58}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ITA
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{90280410-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional con FrontPage
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1040-7B44-AB0000000001}" = Adobe Reader XI (11.0.08) - Italiano
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BD29EBAC-AD7D-4b27-B727-4CC6AC52D36B}" = MarketResearch
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0C31BCC-56FB-42A7-8766-D29E1BD74C7C}" = Python 2.7.3
"{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = Trust 100K Series Webcam
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Supporto applicazioni Apple
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D61B4347-26FD-40F5-92B7-5D020E574DFE}" = OpenOffice.org 3.2
"{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn
"{E6F6231A-4FA3-47fe-A0DB-B113160C8DD3}" = 1500Trb
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2D2B58B-B2FD-46D1-8319-DCE564079934}" = Microsoft .NET Framework 1.1 Italian Language Pack
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"Adobe Flash Player ActiveX" = Adobe Flash Player 22 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 22 NPAPI
"aTube Catcher" = aTube Catcher
"AudioLava_is1" = AudioLava 1.0
"Avast" = Avast Free Antivirus
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"eMule" = eMule
"EPSON Scanner" = EPSON Scan
"EPSON XP-312 313 315 Series" = EPSON XP-312 313 315 Series Printer Uninstall
"FileZilla Client" = FileZilla Client 3.5.3
"freeocr_is1" = FreeOCR v4.2
"FreePOPs" = NSIS FreePOPs (remove only)
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.0
"HP Photo & Imaging" = HP Image Zone 4.7
"HPExtendedCapabilities" = HP Extended Capabilities 4.7
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - ita" = Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyDriveConnect" = MyDriveConnect 4.0.7.2442
"OVT Scanner" = Uninstall OVT Scanner
"qbittorrent" = qBittorrent 3.0.5
"SafeZone 1.48.2066.101" = SafeZone Stable 1.48.2066.101
"Scan2PDF_is1" = Scan2PDF 1.6
"ST6UNST #1" = 10dita
"ST6UNST #2" = 10dita (f:\)
"ST6UNST #3" = 10dita (f:\) #3
"VLC media player" = VLC media player 1.0.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1757981266-343818398-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 04/07/2016 0.58.01 | Computer Name = BORIAN-DE10A491 | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido

Error - 04/07/2016 23.54.01 | Computer Name = BORIAN-DE10A491 | Source = WinMgmt | ID = 28
Description = Impossibile inizializzare i componenti principali di WinMgmt. È possibile
che la versione di WinMgmt non sia stata installata correttamente, che si sia verificato
un errore nell'archivio WinMgmt o che lo spazio su disco o la memoria non siano
sufficienti.

Error - 04/07/2016 23.54.01 | Computer Name = BORIAN-DE10A491 | Source = SecurityCenter | ID = 1802
Description = Impossibile creare query degli eventi con WMI per effettuare il monitoraggio
di programmi antivirus e firewall di terze parti.

Error - 04/07/2016 23.54.18 | Computer Name = BORIAN-DE10A491 | Source = Userenv | ID = 1090
Description = Impossibile registrare lo stato della sessione di Gruppo di criteri
risultante. Tentativo di connessione a WMI non riuscito. Non verrà più eseguita
alcuna registrazione di Gruppo di criteri risultante per questa applicazione di
criteri.

Error - 04/07/2016 23.55.33 | Computer Name = BORIAN-DE10A491 | Source = SsupdService | ID = 0
Description = Impossibile avviare il servizio. Handle non valido

Error - 05/07/2016 0.32.13 | Computer Name = BORIAN-DE10A491 | Source = WinMgmt | ID = 28
Description = Impossibile inizializzare i componenti principali di WinMgmt. È possibile
che la versione di WinMgmt non sia stata installata correttamente, che si sia verificato
un errore nell'archivio WinMgmt o che lo spazio su disco o la memoria non siano
sufficienti.

Error - 05/07/2016 0.32.13 | Computer Name = BORIAN-DE10A491 | Source = SecurityCenter | ID = 1802
Description = Impossibile creare query degli eventi con WMI per effettuare il monitoraggio
di programmi antivirus e firewall di terze parti.

Error - 05/07/2016 0.32.16 | Computer Name = BORIAN-DE10A491 | Source = Userenv | ID = 1090
Description = Impossibile registrare lo stato della sessione di Gruppo di criteri
risultante. Tentativo di connessione a WMI non riuscito. Non verrà più eseguita
alcuna registrazione di Gruppo di criteri risultante per questa applicazione di
criteri.

Error - 05/07/2016 22.45.53 | Computer Name = BORIAN-DE10A491 | Source = WinMgmt | ID = 28
Description = Impossibile inizializzare i componenti principali di WinMgmt. È possibile
che la versione di WinMgmt non sia stata installata correttamente, che si sia verificato
un errore nell'archivio WinMgmt o che lo spazio su disco o la memoria non siano
sufficienti.

Error - 05/07/2016 22.45.53 | Computer Name = BORIAN-DE10A491 | Source = SecurityCenter | ID = 1802
Description = Impossibile creare query degli eventi con WMI per effettuare il monitoraggio
di programmi antivirus e firewall di terze parti.

[ System Events ]
Error - 26/06/2016 4.11.24 | Computer Name = BORIAN-DE10A491 | Source = Windows Update Agent | ID = 20
Description = Errore di installazione. Non è stato possibile installare il seguente
aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11
(KB2876229).

Error - 26/06/2016 4.34.12 | Computer Name = BORIAN-DE10A491 | Source = Windows Update Agent | ID = 20
Description = Errore di installazione. Non è stato possibile installare il seguente
aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11
(KB2876229).

Error - 26/06/2016 7.35.26 | Computer Name = BORIAN-DE10A491 | Source = Windows Update Agent | ID = 20
Description = Errore di installazione. Non è stato possibile installare il seguente
aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11
(KB2876229).

Error - 27/06/2016 11.27.22 | Computer Name = BORIAN-DE10A491 | Source = Windows Update Agent | ID = 20
Description = Errore di installazione. Non è stato possibile installare il seguente
aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11
(KB2876229).

Error - 27/06/2016 15.14.19 | Computer Name = BORIAN-DE10A491 | Source = Windows Update Agent | ID = 20
Description = Errore di installazione. Non è stato possibile installare il seguente
aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11
(KB2876229).

Error - 03/07/2016 1.27.41 | Computer Name = BORIAN-DE10A491 | Source = sr | ID = 1
Description = Errore imprevisto '0xC0000001' durante l'elaborazione del file ''
sul volume 'HarddiskVolume1'. Il monitoraggio del volume è stato interrotto.

Error - 03/07/2016 1.29.28 | Computer Name = BORIAN-DE10A491 | Source = Windows Update Agent | ID = 20
Description = Errore di installazione. Non è stato possibile installare il seguente
aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11
(KB2876229).

Error - 03/07/2016 3.55.34 | Computer Name = BORIAN-DE10A491 | Source = Windows Update Agent | ID = 20
Description = Errore di installazione. Non è stato possibile installare il seguente
aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11
(KB2876229).

Error - 03/07/2016 3.58.35 | Computer Name = BORIAN-DE10A491 | Source = Windows Update Agent | ID = 20
Description = Errore di installazione. Non è stato possibile installare il seguente
aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11
(KB2876229).

Error - 03/07/2016 4.02.55 | Computer Name = BORIAN-DE10A491 | Source = Windows Update Agent | ID = 20
Description = Errore di installazione. Non è stato possibile installare il seguente
aggiornamento. Errore 0x80070643: Aggiornamento di Skype per Windows desktop 6.11
(KB2876229).


< End of report >

[shel]

prova a rimuovere chrome dopo aver salvato i preferiti, fai pulizia con ccleaner e reinstalli chrome da qui