Buongiorno, sia chrome che firefox aprono pagine indesiderate.
Ho provato con superantispyware e spyhunter 4, e adware.
allego il report di OTL.
E' una vera sfida!
Grazie per l'aiuto
OTL logfile created on: 29/09/2014 08:58:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Carlo\Downloads\setups
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17089)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
2,99 Gb Total Physical Memory | 1,16 Gb Available Physical Memory | 38,69% Memory free
5,98 Gb Paging File | 3,47 Gb Available in Paging File | 58,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,21 Gb Total Space | 32,23 Gb Free Space | 27,74% Space Free | Partition Type: NTFS
Drive D: | 116,28 Gb Total Space | 71,66 Gb Free Space | 61,63% Space Free | Partition Type: NTFS
Computer Name: TOSHIBA1 | User Name: Carlo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/09/29 08:57:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Carlo\Downloads\setups\OTL.exe
PRC - [2014/09/25 17:47:46 | 001,141,848 | ---- | M] (RealNetworks, Inc.) -- c:\Programmi\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
PRC - [2014/09/25 17:47:46 | 000,822,880 | ---- | M] (RealNetworks, Inc.) -- C:\Programmi\Real\RealPlayer\RPDS\Bin\rpsystray.exe
PRC - [2014/09/25 17:47:40 | 000,296,520 | ---- | M] (RealNetworks, Inc.) -- C:\Programmi\Real\RealPlayer\Update\realsched.exe
PRC - [2014/09/24 07:08:51 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Programmi\Mozilla Firefox\firefox.exe
PRC - [2014/09/23 06:07:06 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Programmi\Google\Chrome\Application\chrome.exe
PRC - [2014/09/21 22:59:08 | 001,245,752 | ---- | M] (Spotify Ltd) -- C:\Users\Carlo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/09/17 17:47:54 | 000,142,648 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programmi\SUPERAntiSpyware\SASCORE.EXE
PRC - [2014/09/12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Programmi\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/09/10 20:01:25 | 001,870,000 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
PRC - [2014/09/08 18:45:19 | 000,427,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programmi\Avira\AntiVir Desktop\avshadow.exe
PRC - [2014/08/15 10:30:05 | 000,804,944 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programmi\Avira\AntiVir Desktop\avmailc7.exe
PRC - [2014/08/08 10:34:04 | 022,734,160 | ---- | M] (Google) -- C:\Programmi\Google\Drive\googledrivesync.exe
PRC - [2014/08/07 16:15:27 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programmi\Avira\AntiVir Desktop\sched.exe
PRC - [2014/08/07 16:15:08 | 001,021,520 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programmi\Avira\AntiVir Desktop\avwebg7.exe
PRC - [2014/08/07 16:15:04 | 000,751,184 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014/08/07 16:15:04 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programmi\Avira\AntiVir Desktop\avguard.exe
PRC - [2014/07/30 05:04:26 | 000,023,552 | ---- | M] () -- C:\Programmi\Real\UpdateService\RealPlayerUpdateSvc.exe
PRC - [2014/07/30 02:17:08 | 000,039,568 | ---- | M] () -- C:\Programmi\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2014/02/22 12:21:46 | 000,428,032 | ---- | M] (MS) -- C:\Programmi\LSM\lsm.exe
PRC - [2014/02/22 10:40:44 | 000,287,744 | ---- | M] (MS) -- C:\Programmi\LSM\aus.exe
PRC - [2013/10/18 18:45:38 | 000,770,432 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Programmi\Enigma Software Group\SpyHunter\SH4Service.exe
PRC - [2013/08/30 01:08:51 | 000,916,768 | ---- | M] (NVIDIA Corporation) -- C:\Programmi\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013/08/02 02:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/11/23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/03/22 19:43:16 | 000,024,256 | ---- | M] (Cambridge Silicon Radio Limited) -- C:\Programmi\CSR\CSR Harmony Wireless Software Stack\vksts.exe
PRC - [2012/03/22 19:43:08 | 000,499,408 | ---- | M] (Cambridge Silicon Radio Limited) -- C:\Programmi\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
PRC - [2012/03/22 19:42:50 | 000,034,520 | ---- | M] (Cambridge Silicon Radio Limited) -- C:\Programmi\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
PRC - [2012/03/22 19:42:44 | 000,202,448 | ---- | M] () -- C:\Programmi\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
PRC - [2012/03/22 19:42:36 | 000,330,960 | ---- | M] (Cambridge Silicon Radio Limited) -- C:\Programmi\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
PRC - [2012/03/22 19:42:34 | 000,146,656 | ---- | M] (Cambridge Silicon Radio Limited) -- C:\Programmi\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe
PRC - [2012/03/22 19:42:16 | 000,614,088 | ---- | M] (Cambridge Silicon Radio Limited) -- C:\Programmi\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
PRC - [2012/03/22 19:42:06 | 000,432,336 | ---- | M] (Cambridge Silicon Radio Limited) -- C:\Programmi\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
PRC - [2012/03/22 19:41:54 | 000,938,712 | ---- | M] (Cambridge Silicon Radio Limited) -- C:\Programmi\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
PRC - [2012/03/22 19:41:50 | 000,480,464 | ---- | M] (Cambridge Silicon Radio Limited) -- C:\Programmi\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
PRC - [2012/03/22 19:41:46 | 000,042,712 | ---- | M] (Cambridge Silicon Radio Limited) -- C:\Programmi\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
PRC - [2011/03/28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011/03/28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 14:17:46 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
PRC - [2009/09/03 21:08:40 | 000,185,712 | ---- | M] (TOSHIBA Corporation) -- C:\Programmi\TOSHIBA\TECO\TecoService.exe
PRC - [2009/09/03 20:30:06 | 001,324,384 | ---- | M] (TOSHIBA Corporation) -- C:\Programmi\TOSHIBA\TECO\Teco.exe
PRC - [2009/08/29 08:04:04 | 002,446,648 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programmi\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2009/08/27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Programmi\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009/08/21 10:29:40 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Programmi\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2009/08/21 10:29:20 | 000,476,512 | ---- | M] (TOSHIBA Corporation) -- C:\Programmi\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2009/08/05 15:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Programmi\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2009/08/03 15:03:08 | 000,832,856 | ---- | M] (TOSHIBA Corporation.) -- C:\Programmi\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
PRC - [2009/07/29 17:42:06 | 000,705,880 | ---- | M] (TOSHIBA Corporation.) -- C:\Programmi\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe
========== Modules (No Company Name) ==========
MOD - [2014/09/28 23:10:29 | 000,027,136 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\_multiprocessing.pyd
MOD - [2014/09/28 23:10:29 | 000,007,168 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\hashobjs_ext.pyd
MOD - [2014/09/28 23:10:28 | 001,160,704 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\_ssl.pyd
MOD - [2014/09/28 23:10:28 | 000,811,008 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\wx._windows_.pyd
MOD - [2014/09/28 23:10:28 | 000,805,888 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\wx._gdi_.pyd
MOD - [2014/09/28 23:10:28 | 000,713,216 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\_hashlib.pyd
MOD - [2014/09/28 23:10:28 | 000,110,080 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\pywintypes27.dll
MOD - [2014/09/28 23:10:28 | 000,070,656 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\wx._html2.pyd
MOD - [2014/09/28 23:10:28 | 000,025,600 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\win32pdh.pyd
MOD - [2014/09/28 23:10:28 | 000,024,064 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\win32pipe.pyd
MOD - [2014/09/28 23:10:27 | 001,175,040 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\wx._core_.pyd
MOD - [2014/09/28 23:10:27 | 001,062,400 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\wx._controls_.pyd
MOD - [2014/09/28 23:10:27 | 000,735,232 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\wx._misc_.pyd
MOD - [2014/09/28 23:10:27 | 000,686,080 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\unicodedata.pyd
MOD - [2014/09/28 23:10:27 | 000,557,056 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\pysqlite2._sqlite.pyd
MOD - [2014/09/28 23:10:27 | 000,525,640 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\windows._lib_cacheinvalidation.pyd
MOD - [2014/09/28 23:10:27 | 000,364,544 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\pythoncom27.dll
MOD - [2014/09/28 23:10:27 | 000,320,512 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\win32com.shell.shell.pyd
MOD - [2014/09/28 23:10:27 | 000,167,936 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\win32gui.pyd
MOD - [2014/09/28 23:10:27 | 000,128,512 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\_elementtree.pyd
MOD - [2014/09/28 23:10:27 | 000,127,488 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\pyexpat.pyd
MOD - [2014/09/28 23:10:27 | 000,122,368 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\wx._wizard.pyd
MOD - [2014/09/28 23:10:27 | 000,119,808 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\win32file.pyd
MOD - [2014/09/28 23:10:27 | 000,108,544 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\win32security.pyd
MOD - [2014/09/28 23:10:27 | 000,098,816 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\win32api.pyd
MOD - [2014/09/28 23:10:27 | 000,087,552 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\_ctypes.pyd
MOD - [2014/09/28 23:10:27 | 000,078,336 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\wx._animate.pyd
MOD - [2014/09/28 23:10:27 | 000,045,568 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\_socket.pyd
MOD - [2014/09/28 23:10:27 | 000,038,912 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\win32inet.pyd
MOD - [2014/09/28 23:10:27 | 000,035,840 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\win32process.pyd
MOD - [2014/09/28 23:10:27 | 000,022,528 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\win32ts.pyd
MOD - [2014/09/28 23:10:27 | 000,018,432 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\win32event.pyd
MOD - [2014/09/28 23:10:27 | 000,017,408 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\win32profile.pyd
MOD - [2014/09/28 23:10:27 | 000,011,264 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\win32crypt.pyd
MOD - [2014/09/28 23:10:27 | 000,010,240 | ---- | M] () -- C:\Users\Carlo\AppData\Local\Temp\_MEI52802\select.pyd
MOD - [2014/09/24 07:09:17 | 003,715,184 | ---- | M] () -- C:\Programmi\Mozilla Firefox\mozjs.dll
MOD - [2014/09/23 06:07:05 | 000,331,592 | ---- | M] () -- C:\Programmi\Google\Chrome\Application\37.0.2062.124\ppgooglenaclpluginchrome.dll
MOD - [2014/09/23 06:07:02 | 008,577,864 | ---- | M] () -- C:\Programmi\Google\Chrome\Application\37.0.2062.124\pdf.dll
MOD - [2014/09/23 06:06:58 | 001,098,056 | ---- | M] () -- C:\Programmi\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
MOD - [2014/09/23 06:06:56 | 000,174,408 | ---- | M] () -- C:\Programmi\Google\Chrome\Application\37.0.2062.124\libegl.dll
MOD - [2014/09/23 06:06:55 | 001,660,232 | ---- | M] () -- C:\Programmi\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
MOD - [2014/09/10 20:01:25 | 016,825,520 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_15_0_0_152.dll
MOD - [2013/09/05 01:14:10 | 004,300,456 | ---- | M] () -- C:\Programmi\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2012/03/22 19:42:44 | 000,202,448 | ---- | M] () -- C:\Programmi\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
MOD - [2009/09/03 21:09:00 | 000,525,688 | ---- | M] () -- C:\Programmi\TOSHIBA\TECO\TecoPower.dll
MOD - [2009/07/29 16:35:38 | 000,014,648 | ---- | M] () -- C:\Programmi\TOSHIBA\TBS\NotifyTBS.dll
MOD - [2009/07/16 16:27:48 | 000,052,536 | ---- | M] () -- C:\Programmi\TOSHIBA\FlashCards\Hotkey\FnZ.dll
MOD - [2009/07/16 16:27:44 | 007,263,544 | ---- | M] () -- C:\Programmi\TOSHIBA\FlashCards\BlackPng.dll
MOD - [2009/03/12 20:08:04 | 000,049,152 | ---- | M] () -- C:\Programmi\TOSHIBA\PCDiag\NotifyPCD.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (appstoreService)
SRV - [2014/09/27 08:01:49 | 000,125,288 | ---- | M] () [On_Demand | Stopped] -- C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{0C808377-8C23-44ED-9016-05F42E6D4900}\Installer\InstallerService.exe -- (Installer Service)
SRV - [2014/09/25 17:47:46 | 001,141,848 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- c:\Programmi\Real\RealPlayer\RPDS\Bin\rpdsvc.exe -- (RealPlayer Cloud Service)
SRV - [2014/09/24 07:09:08 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/24 01:01:14 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/09/17 17:47:54 | 000,142,648 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programmi\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2014/09/12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programmi\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/15 10:30:05 | 000,804,944 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programmi\Avira\AntiVir Desktop\avmailc7.exe -- (AntiVirMailService)
SRV - [2014/08/07 16:15:27 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programmi\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014/08/07 16:15:08 | 001,021,520 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programmi\Avira\AntiVir Desktop\avwebg7.exe -- (AntiVirWebService)
SRV - [2014/08/07 16:15:04 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programmi\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014/07/30 05:04:26 | 000,023,552 | ---- | M] () [Auto | Running] -- C:\Programmi\Real\UpdateService\RealPlayerUpdateSvc.exe -- (RealPlayerUpdateSvc)
SRV - [2014/07/30 02:17:08 | 000,039,568 | ---- | M] () [Auto | Running] -- C:\Programmi\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2014/02/22 12:21:46 | 000,428,032 | ---- | M] (MS) [Auto | Running] -- C:\Programmi\LSM\lsm.exe -- (Log S.M.)
SRV - [2014/02/22 10:40:44 | 000,287,744 | ---- | M] (MS) [Auto | Running] -- C:\Programmi\LSM\aus.exe -- (AUS)
SRV - [2013/12/19 01:41:02 | 030,814,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2013/12/11 21:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programmi\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/10/18 18:45:38 | 000,770,432 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Programmi\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2013/09/07 22:41:28 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programmi\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2013/05/27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/03/22 19:42:16 | 000,614,088 | ---- | M] (Cambridge Silicon Radio Limited) [Auto | Running] -- C:\Programmi\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe -- (CsrBtService)
SRV - [2012/03/22 19:42:06 | 000,432,336 | ---- | M] (Cambridge Silicon Radio Limited) [Auto | Running] -- C:\Programmi\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe -- (CsrBtOBEXService)
SRV - [2012/03/22 19:41:54 | 000,938,712 | ---- | M] (Cambridge Silicon Radio Limited) [Auto | Running] -- C:\Programmi\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe -- (CSRBtAudioService)
SRV - [2012/03/22 19:41:46 | 000,042,712 | ---- | M] (Cambridge Silicon Radio Limited) [Auto | Running] -- C:\Programmi\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe -- (BtSwitcherService)
SRV - [2012/02/21 22:48:33 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Programmi\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/02/20 23:05:50 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/10/19 20:51:39 | 000,126,976 | ---- | M] (CrypKey (Canada) Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\Crypserv.exe -- (CrypKey License)
SRV - [2011/07/20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011/03/28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011/02/11 14:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Programmi\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/11/20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programmi\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010/09/08 16:44:16 | 000,008,704 | ---- | M] (Vodafone) [Disabled | Stopped] -- C:\Programmi\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)
SRV - [2010/01/09 22:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010/01/09 22:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009/09/03 21:08:40 | 000,185,712 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programmi\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2009/08/27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/08/21 10:29:40 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programmi\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (mcdbus)
DRV - [2014/07/29 09:21:41 | 000,035,848 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\avnetflt.sys -- (avnetflt)
DRV - [2014/07/03 18:54:18 | 000,097,648 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2014/06/03 22:12:41 | 000,136,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2014/05/20 20:45:17 | 000,107,736 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/01/22 08:52:12 | 000,184,192 | ---- | M] (DEVGURU Co., LTD.(
???? | ????? ???? ?????.)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2014/01/22 08:52:12 | 000,088,576 | ---- | M] (DEVGURU Co., LTD.(
???? | ????? ???? ?????.)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/12/04 03:23:26 | 000,161,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2013/11/25 23:48:11 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013/09/05 03:38:32 | 009,253,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013/07/31 09:12:06 | 000,603,648 | ---- | M] (DiBcom) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dvb7700all.sys -- (DVB7700ALL)
DRV - [2013/03/14 23:41:56 | 000,042,592 | ---- | M] (
libusb-win32 / Wiki / Home) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2012/08/27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012/06/27 10:37:56 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2012/06/27 10:37:56 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2012/06/27 10:37:56 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2012/06/27 10:37:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2012/06/22 12:01:32 | 000,019,984 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\EsgScanner.sys -- (EsgScanner)
DRV - [2012/03/22 19:38:12 | 000,020,168 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\csrusbfilter.sys -- (csrusbfilter)
DRV - [2012/03/22 19:38:08 | 000,039,616 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\csrusb.sys -- (csrusb)
DRV - [2012/03/22 19:38:04 | 000,053,448 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\csrserial.sys -- (csrserial)
DRV - [2012/03/22 19:38:02 | 000,031,936 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\csrpan.sys -- (csrpan)
DRV - [2012/03/22 19:37:56 | 000,032,448 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\csrhfgcc.sys -- (csrhfgcc)
DRV - [2012/03/22 19:37:50 | 002,083,528 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CsrBtPort.sys -- (CsrBtPort)
DRV - [2012/03/22 19:37:46 | 000,083,648 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\csrbthav.sys -- (csr_bthav)
DRV - [2012/03/22 19:37:42 | 000,032,464 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CsrBthAudioHF.sys -- (CsrBthAudioHF)
DRV - [2012/03/22 19:37:40 | 000,022,720 | ---- | M] (Cambridge Silicon Radio Limited) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\csravrcp.sys -- (csravrcp)
DRV - [2012/02/09 08:06:40 | 000,112,096 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2011/07/22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programmi\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programmi\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/06/20 10:07:08 | 001,117,800 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2011/05/06 16:57:10 | 000,013,904 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Programmi\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2010/11/20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/09/01 14:33:12 | 000,079,360 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vodafone_K3805-z_cdc_ecm.sys -- (vodafone_K3805-z_cdc_ecm)
DRV - [2010/09/01 14:33:12 | 000,067,584 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vodafone_K3805-z_cdc_acm.sys -- (vodafone_K3805-z_cdc_acm)
DRV - [2010/09/01 14:33:12 | 000,061,952 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)
DRV - [2010/09/01 14:33:12 | 000,009,728 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vodafone_K3805-z_cpo.sys -- (vodafone_K3805-z_cpo)
DRV - [2010/05/13 14:54:18 | 000,070,400 | ---- | M] (ONDA) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\onda_mx83xup_cdc_acm.sys -- (onda_mx83xup_cdc_acm)
DRV - [2010/05/13 14:54:18 | 000,009,728 | ---- | M] (ONDA) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\onda_mx83xup_cpo.sys -- (onda_mx83xup_cpo)
DRV - [2010/05/13 14:54:16 | 000,067,200 | ---- | M] (ONDA) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\onda_mx83xup_dc_enum.sys -- (onda_mx83xup_dc_enum)
DRV - [2010/04/26 12:53:38 | 000,105,984 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmnsusbser.sys -- (cmnsusbser)
DRV - [2010/03/19 01:11:11 | 000,023,360 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\Ckldrv.sys -- (NetworkX)
DRV - [2009/09/17 20:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009/07/14 16:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/06/22 18:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2005/01/31 11:20:04 | 000,211,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928)
DRV - [2005/01/31 11:12:46 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2002/05/22 19:35:26 | 000,061,856 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TPKD.SYS -- (TPkd)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
Google
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
Google
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
Google
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
Google
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.bing.com/search?q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms}
IE - HKLM\..\URLSearchHook: {1d03a978-ac0c-4004-b9fd-9cf361c7bd3f} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}
IE - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 76 80 03 32 0B F0 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
Google
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:8080
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.3
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.13.2: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.13: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.13.2: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Carlo\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Carlo\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Carlo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Carlo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Carlo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014/09/25 17:50:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{9D2AA73B-6049-4799-B8AC-925723370070}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/09/25 17:50:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2014/05/13 17:50:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carlo\AppData\Roaming\mozilla\Extensions
[2012/02/21 23:10:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carlo\AppData\Roaming\mozilla\Firefox\extensions
[2012/02/21 23:10:52 | 000,000,000 | ---D | M] (BittorrentBar_IT Community Toolbar) -- C:\Users\Carlo\AppData\Roaming\mozilla\Firefox\extensions\{1d03a978-ac0c-4004-b9fd-9cf361c7bd3f}
[2014/09/28 08:04:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carlo\AppData\Roaming\mozilla\Firefox\Profiles\sekaa432.default\extensions
[2014/09/28 07:50:16 | 000,007,937 | ---- | M] () -- C:\Users\Carlo\AppData\Roaming\mozilla\firefox\profiles\sekaa432.default\searchplugins\Google.xml
[2013/12/30 15:48:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2014/09/28 07:47:11 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\browser\extensions
[2014/09/28 07:47:11 | 000,000,000 | ---D | M] (Default) -- C:\Programmi\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\acoonfmhnndodekhecidldfdjgooefpg\1.3_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbpdhiclgghnffhkinjikglgmolhpee\1.2.0.3_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\3.1.1_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn\20.4_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgpkinhfhnglbhoeoeooekalejbhbhgl\0.1.6_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cindmhdfkimaeggbebfjkmkdfiohldbm\2.5.1_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh\0.2.3_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dekpabfaimofbinkbjlgdkkecodejmbf\0.3_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlhdbjgofnajhpiakdjklonjlpbbonnc\1.0.1_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eglgfnfolcgijipffhlhbbnefdcbjbml\1.1.0_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.3.1_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknipbpempcbnncdekkeimmpjggfaem\1.0.5_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp\1.1.2_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne\2.1.1_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\goficmpcgcnombioohjcgdhbaloknabb\6.0.4.21_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2022.121_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\himomacamcpodhkahelbnmaddladgjgo\4.0.1_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki\2.0.14395.1218_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid\1.4_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\icodbndgedclejcmgnjfigcclgafddhh\2.1_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikndjlfnladhjhbinopnjophmfpngfgc\4.3.42.43_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jepfaioimehapnjhmjihcbajchcfjfhk\1.0.1.3_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg\0.5_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkdplbidfjjgodnocjdeoiedjollbacj\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiciehannidbjakcefendokamkjnolhg\1.2_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\knlgfedckdhkgjinnhogmhkbcjpmmhko\1.0.9_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpkiefkekbiinjdjoecchihcigapdfhc\2.3.37_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd\0.82_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme\0.9_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.10_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbgkhncobohkmgdjdiijlbgjidpnnkcd\2.0.0.5_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncfjlfpabnjllhcpgncdmbelnehboeki\0.0.0.1_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkigggmlihigheckmmebgogbgdmllpo\1.2_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd\2.2.4_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfgnnlnfbpcammlnibfkplpnbbbdeli\0.4_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnhlnnalackljjehlfocmheepffkiihf\1.6.4_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj\17.2.7_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\oflhioojkbelepjlnafgmgkkjhojphcg\1.1_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: No name found = C:\Users\Carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmkffmgahaepmhkhkblhopnpleeikokc\1.2_0\
O1 HOSTS File: ([2014/04/26 18:53:40 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programmi\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programmi\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (CmjBrowserHelperObject Object) - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Programmi\Mindjet\MindManager 9\Mm8InternetExplorer.dll (Mindjet)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programmi\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programmi\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [00TCrdMain] C:\Programmi\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CsrAudioguiCtrl] C:\Programmi\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe (Cambridge Silicon Radio Limited)
O4 - HKLM..\Run: [CSRHarmonySkypePlugin] C:\Programmi\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe (Cambridge Silicon Radio Limited)
O4 - HKLM..\Run: [CsrHCRPServer] C:\Programmi\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe (Cambridge Silicon Radio Limited)
O4 - HKLM..\Run: [CsrSyncMLServer] C:\Programmi\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe ()
O4 - HKLM..\Run: [HarmonyUserStartup] C:\Programmi\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe (Cambridge Silicon Radio Limited)
O4 - HKLM..\Run: [HDMICtrlMan] C:\Programmi\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4 - HKLM..\Run: [HSON] C:\Programmi\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TPwrMain] C:\Programmi\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TrayApplication] C:\Programmi\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe (Cambridge Silicon Radio Limited)
O4 - HKLM..\Run: [TUSBSleepChargeSrv] C:\Programmi\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKLM..\Run: [vksts] C:\Programmi\CSR\CSR Harmony Wireless Software Stack\vksts.exe (Cambridge Silicon Radio Limited)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Carlo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&sporta in Microsoft Excel - C:\Programmi\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Carlo\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8 - Extra context menu item: I&nvia a OneNote - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to Mindjet MindManager - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Programmi\Mindjet\MindManager 9\Mm8InternetExplorer.dll (Mindjet)
O9 - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmi\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programmi\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14741AB6-FCB8-48F6-9C59-3FA14934BC61}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{405401D9-87F4-408A-9DB5-D9BE65898A91}: DhcpNameServer = 83.224.70.94 83.224.66.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{405401D9-87F4-408A-9DB5-D9BE65898A91}: NameServer = 83.224.70.94 83.224.66.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CDD33AA-1377-4532-8327-0B60A3095484}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DCAA7E92-00E8-4D94-A419-5E9CCE33DBAE}: NameServer = 83.224.70.94 83.224.66.138
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmi\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmi\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programmi\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programmi\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (bootdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/09/28 09:31:40 | 000,000,000 | ---D | C] -- C:\Users\Carlo\.scuolabook
[2014/09/28 09:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2014/09/28 09:20:37 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2014/09/28 09:09:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scuolabook
[2014/09/28 09:09:45 | 000,000,000 | ---D | C] -- C:\Program Files\Alfabook
[2014/09/28 07:48:00 | 000,000,000 | ---D | C] -- C:\Users\Carlo\AppData\Roaming\it.platform.bSmart
[2014/09/28 07:47:22 | 000,000,000 | ---D | C] -- C:\Program Files\bSmart
[2014/09/28 07:36:44 | 000,000,000 | ---D | C] -- C:\Users\Carlo\AppData\Roaming\it.bsmart.HomeDea
[2014/09/27 20:37:02 | 000,000,000 | ---D | C] -- C:\Users\Carlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/09/27 19:44:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/09/27 08:47:53 | 000,000,000 | ---D | C] -- C:\Users\Carlo\Desktop\Nuova cartella
[2014/09/27 08:01:48 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2014/09/27 08:01:48 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2014/09/25 17:51:54 | 000,000,000 | ---D | C] -- C:\Users\Carlo\AppData\Roaming\RealNetworks
[2014/09/25 17:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2014/09/25 17:50:01 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks
[2014/09/25 17:48:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2014/09/18 19:02:38 | 000,000,000 | ---D | C] -- C:\Users\Carlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2014/09/18 19:02:37 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2014/09/17 00:27:35 | 000,000,000 | ---D | C] -- C:\Users\Carlo\AppData\Roaming\SUPERAntiSpyware.com
[2014/09/17 00:26:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2014/09/17 00:26:39 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/09/17 00:26:39 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014/09/16 21:28:18 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014/09/16 21:28:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2014/09/16 17:57:56 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/09/15 08:04:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2014/09/11 19:55:03 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/09/11 19:55:02 | 002,861,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/09/11 19:55:02 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/09/11 19:55:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/09/11 19:55:01 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/09/11 19:55:01 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/09/11 19:55:01 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/09/11 19:55:00 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/09/11 19:54:59 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/09/11 19:54:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014/09/11 19:54:59 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014/09/11 19:54:59 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/09/11 19:54:59 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/09/11 19:54:58 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/09/11 19:54:57 | 001,440,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/09/09 18:31:32 | 002,352,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014/09/09 17:39:08 | 000,000,000 | ---D | C] -- C:\Users\Carlo\AppData\Roaming\VideoEditor
[2014/09/09 17:39:08 | 000,000,000 | ---D | C] -- C:\Users\Carlo\Documents\FlashIntegro
[2014/09/09 17:37:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro
[2014/09/09 17:37:05 | 000,081,760 | ---- | C] (Flash-Integro LLC) -- C:\Windows\System32\mslvddsfilter2.ax
[2014/09/09 17:37:00 | 000,638,976 | ---- | C] (DivXNetworks, Inc.) -- C:\Windows\System32\divx.dll
[2014/09/09 17:37:00 | 000,438,272 | ---- | C] (On2.com) -- C:\Windows\System32\vp6vfw.dll
[2014/09/09 17:37:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\FlashIntegro
[2014/09/09 17:36:59 | 000,261,632 | ---- | C] (MainConcept) -- C:\Windows\System32\mcdvd_32.dll
[2014/09/09 17:36:59 | 000,221,215 | ---- | C] (DivXNetworks, Inc.) -- C:\Windows\System32\divxdec.ax
[2014/09/09 17:36:59 | 000,098,304 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\L3CODECX.AX
[2014/09/09 17:36:59 | 000,082,944 | ---- | C] (Voxware, Inc.) -- C:\Windows\System32\vct3216.acm
[2014/09/09 17:36:59 | 000,081,920 | ---- | C] (fccHandler) -- C:\Windows\System32\AC3ACM.acm
[2014/09/09 17:36:59 | 000,038,912 | ---- | C] (NCT Company) -- C:\Windows\System32\alf2cd.acm
[2014/09/09 17:36:59 | 000,013,239 | ---- | C] (SHARP Corporation) -- C:\Windows\System32\Scg726.acm
[2014/09/09 17:36:59 | 000,000,000 | ---D | C] -- C:\Program Files\FlashIntegro
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/09/29 09:01:00 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/09/29 08:38:58 | 000,014,128 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/29 08:38:58 | 000,014,128 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/29 08:27:00 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/09/29 08:22:00 | 000,001,160 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2049851280-221954902-4004691520-1000UA.job
[2014/09/28 23:07:40 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/09/28 23:06:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/09/28 23:06:26 | 2407,735,296 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/28 09:54:42 | 000,000,430 | ---- | M] () -- C:\Windows\wininit.ini
[2014/09/28 09:09:52 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Scuolabook.lnk
[2014/09/28 07:49:05 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/09/28 07:47:23 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\bSmart.lnk
[2014/09/27 21:22:21 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2049851280-221954902-4004691520-1000Core.job
[2014/09/27 20:37:02 | 000,002,270 | ---- | M] () -- C:\Users\Carlo\Desktop\Avvio applicazioni di Chrome.lnk
[2014/09/27 20:35:08 | 000,002,206 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/09/27 07:47:49 | 000,701,660 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2014/09/27 07:47:49 | 000,619,146 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/09/27 07:47:49 | 000,128,974 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2014/09/27 07:47:49 | 000,107,466 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/09/27 07:42:34 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2014/09/25 17:50:26 | 000,001,012 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer Cloud.lnk
[2014/09/25 17:48:23 | 000,201,800 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2014/09/25 17:48:15 | 000,001,213 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
[2014/09/25 17:47:48 | 000,278,600 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2014/09/24 01:01:12 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/09/24 01:01:12 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/09/18 22:08:24 | 000,000,408 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/09/18 19:02:39 | 000,002,249 | ---- | M] () -- C:\Users\Carlo\Desktop\SpyHunter.lnk
[2014/09/17 00:26:42 | 000,001,968 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/09/17 00:11:43 | 000,002,059 | ---- | M] () -- C:\Users\Carlo\Desktop\Antivirus Pro Profile New profile.LNK
[2014/09/15 08:04:04 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2014/09/10 18:42:17 | 000,011,264 | ---- | M] () -- C:\Users\Carlo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/09/09 18:46:50 | 002,433,864 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/09/09 17:37:11 | 000,001,167 | ---- | M] () -- C:\Users\Carlo\Desktop\VSDC Free Video Editor.lnk
[2014/09/02 14:35:48 | 000,081,760 | ---- | M] (Flash-Integro LLC) -- C:\Windows\System32\mslvddsfilter2.ax
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/09/28 09:20:40 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2014/09/28 09:09:52 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Scuolabook.lnk
[2014/09/28 07:47:23 | 000,000,836 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bSmart.lnk
[2014/09/28 07:47:23 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\bSmart.lnk
[2014/09/27 20:37:02 | 000,002,270 | ---- | C] () -- C:\Users\Carlo\Desktop\Avvio applicazioni di Chrome.lnk
[2014/09/27 20:35:08 | 000,002,206 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/09/27 07:42:34 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2014/09/25 17:50:26 | 000,001,012 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer Cloud.lnk
[2014/09/18 22:35:44 | 2407,735,296 | -HS- | C] () -- C:\hiberfil.sys
[2014/09/18 21:48:19 | 000,285,747 | ---- | C] () -- C:\shldr
[2014/09/18 21:48:19 | 000,008,192 | ---- | C] () -- C:\shldr.mbr
[2014/09/18 19:02:39 | 000,002,249 | ---- | C] () -- C:\Users\Carlo\Desktop\SpyHunter.lnk
[2014/09/17 00:26:42 | 000,001,968 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/09/17 00:11:43 | 000,002,059 | ---- | C] () -- C:\Users\Carlo\Desktop\Antivirus Pro Profile New profile.LNK
[2014/09/09 17:37:11 | 000,001,167 | ---- | C] () -- C:\Users\Carlo\Desktop\VSDC Free Video Editor.lnk
[2014/09/09 17:37:00 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\Lagarith.dll
[2014/09/09 17:37:00 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2014/09/09 17:36:59 | 000,245,760 | ---- | C] () -- C:\Windows\System32\lame.ax
[2014/09/09 17:36:59 | 000,156,910 | ---- | C] () -- C:\Windows\WMSysPr8.prx
[2014/09/09 17:36:59 | 000,053,248 | ---- | C] () -- C:\Windows\System32\xvid.ax
[2014/05/01 19:31:49 | 000,003,906 | ---- | C] () -- C:\Users\Carlo\AppData\Local\recently-used.xbel
[2014/04/26 18:41:36 | 000,000,430 | ---- | C] () -- C:\Windows\wininit.ini
[2014/04/13 08:29:34 | 000,000,408 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/11/03 17:53:07 | 000,000,004 | ---- | C] () -- C:\Windows\vx86036.dat
[2013/11/03 17:52:37 | 000,000,052 | ---- | C] () -- C:\Windows\Crypkey.ini
[2013/11/03 17:52:35 | 000,023,360 | ---- | C] () -- C:\Windows\System32\Ckldrv.sys
[2013/11/03 17:52:34 | 000,011,776 | ---- | C] () -- C:\Windows\Ckrfresh.exe
[2013/02/08 22:27:41 | 000,000,519 | ---- | C] () -- C:\Windows\PowerReg.dat
[2012/06/14 07:30:23 | 000,011,264 | ---- | C] () -- C:\Users\Carlo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/08 11:07:40 | 000,159,464 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
========== ZeroAccess Check ==========
[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Files - Unicode (All) ==========
[2013/11/22 05:41:25 | 105,618,727 | ---- | M] ()(C:\Windows\System32\???e) -- C:\Windows\System32\뵣ﰁe
[2013/11/21 17:41:19 | 105,618,727 | ---- | C] ()(C:\Windows\System32\???e) -- C:\Windows\System32\뵣ﰁe
[2013/09/27 22:31:15 | 098,286,374 | ---- | M] ()(C:\Windows\System32\???^) -- C:\Windows\System32\͈ક^
[2013/09/27 16:31:07 | 098,286,374 | ---- | C] ()(C:\Windows\System32\???^) -- C:\Windows\System32\͈ક^
[2013/09/11 21:25:24 | 097,170,353 | ---- | M] ()(C:\Windows\System32\???Y) -- C:\Windows\System32\芟Y
[2013/09/10 18:44:57 | 097,170,353 | ---- | C] ()(C:\Windows\System32\???Y) -- C:\Windows\System32\芟Y
========== Alternate Data Streams ==========
@alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:07BF512B @alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:373E1720
< End of report >
