Salve a tutti!!
Ho letto la vostra guida "ripulire un computer infetto" che si trova in questa sezione ed ho utilizzato combofix come da guida.
Non so leggere il log file e, cercando sul web, ho letto che in ogni caso è meglio farsi aiutare nell'analisi da persone competenti. Siccome io non lo sono mi rivolgo a voi e vi ringrazio per la disponibilità!!!
Innanzi tutto vorrei precisare che il problema per cui ho utilizzato combofix non è stato ancora risolto, dunque vi spiego questo problema e vi allego il log file di combofix.
Utilizzo Mozilla Firefox.
Da circa tre settimane noto che nella gran parte delle pagine web che apro (anche nel vostro forum) compaiono in alto e in basso dei banner pubblicitari mantre alcune parti del testo vengono sottolineate di verde e quando ci si passa sopra col mouse si aprono dei pop-up. Tutto questo avviene dopo aver caricato completamente la pagina web.
Non solo... Dopo aver caricato la pagina, al mio primo clic del mouse sulla pagina si apre un'altra finestra di Firefox (in background) con della pubblicità varia.
Sono sicuro che sia una cosa recente e anomala, perchè tutto ciò che vi ho detto succede anche in pagine che avevo già visitato e in cui sono SICURO che prima non c'erano.
Scusate il monologo, ma era per spiegare bene il mio problema.
Grazie mille per tutto l'aiuto che potrete darmi!!!
Ecco il log (é un pò lungo....):
-------------------------------------------------------
ComboFix 14-02-11.01 - Pigna 12/02/2014 12:33:12.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.2046.746 [GMT 1:00]
Eseguito da: c:\users\Pigna\Downloads\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome.manifest
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\asyncDB.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\background.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\browserAction.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\contextMenu.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\dbManager.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\dom_bg.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\fileManager.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\firefox.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\firefoxNotifications.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\firefoxOmnibox.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\message.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\pageAction.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\request.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\tabs.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\webRequest.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\windowsMessagingHandler.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\background.html
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\baseObject.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\browser.xul
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\addressBarChangeObserver.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\console.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\consts.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\delegate.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\extensionDataStore.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\folderIOWrapper.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\httpObserver.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\IDBWrapper.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\installer.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\logFile.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\prefs.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\progressListenerObserver.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\registry.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\reloadObserver.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\reports.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\requestObject.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\searchSettings.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\uninstallObserver.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\updateManager.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\utils.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\xhr.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\dialog.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\ffCoreFilesIndex.txt
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\main.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\options.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\options.xul
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\platformVersion.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\search_dialog.xul
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\defaults\preferences\prefs.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\manifest.xml
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins.json
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\1_base.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\1000020_analytics.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\1000025_analyticsFront.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\1000030_mz.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\104_jollywallet_m.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\17_jQuery.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\175_coolmirage_m.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\180_bpo_serp_m.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\182_openUrl.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\183_tabsWrapper.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\207_dbWrapper.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\21_debug.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\22_resources.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\28_initializer.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\47_resources_background.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\64_appApiMessage.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\72_appApiValidation.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\98_omniCommands.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\userCode\background.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\userCode\extension.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\install.rdf
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\locale\en-US\translations.dtd
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\button1.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\button2.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\button3.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\button4.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\button5.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\crossrider_statusbar.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\icon128.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\icon16.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\icon24.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\icon48.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\panelarrow-up.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\popup.html
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\skin.css
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\update.css
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Files Creati Da 2014-01-12 al 2014-02-12 )))))))))))))))))))))))))))))))))))
.
.
2014-02-12 12:12 . 2014-02-12 12:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-30 10:59 . 2014-01-30 10:59 -------- d-----w- c:\program files (x86)\directx
2014-01-29 10:55 . 2014-01-29 10:55 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll
2014-01-29 10:21 . 2014-02-04 16:25 -------- d-----w- c:\program files (x86)\Railroad Tycoon 3
2014-01-20 11:44 . 2013-12-18 20:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-19 13:06 . 2014-02-06 09:43 -------- d-----w- c:\program files (x86)\HDvid Codec V7.0
2014-01-19 13:05 . 2014-01-19 14:09 -------- d-----w- c:\program files (x86)\hdvidcodec.com
2014-01-14 22:23 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-14 22:23 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-14 22:23 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-14 22:23 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-14 22:23 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-14 22:23 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-14 22:23 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-14 22:23 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-14 22:23 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-05 10:35 . 2012-09-29 09:02 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-05 10:35 . 2012-09-29 09:02 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-15 00:58 . 2012-09-29 16:12 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-11-25 00:48 . 2013-11-25 00:48 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-11-23 18:26 . 2013-12-11 01:56 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 01:56 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-15 02:09 . 2013-12-11 02:02 17847296 ----a-w- c:\windows\system32\mshtml.dll
2013-11-15 01:42 . 2013-12-11 02:02 10926080 ----a-w- c:\windows\system32\ieframe.dll
2013-11-15 01:37 . 2013-12-11 02:02 2334720 ----a-w- c:\windows\system32\jscript9.dll
2013-11-15 01:29 . 2013-12-11 02:02 1347072 ----a-w- c:\windows\system32\urlmon.dll
2013-11-15 01:29 . 2013-12-11 02:02 1392128 ----a-w- c:\windows\system32\wininet.dll
2013-11-15 01:28 . 2013-12-11 02:02 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-15 01:28 . 2013-12-11 02:02 237056 ----a-w- c:\windows\system32\url.dll
2013-11-15 01:25 . 2013-12-11 02:02 85504 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-15 01:22 . 2013-12-11 02:02 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-15 01:20 . 2013-12-11 02:02 599040 ----a-w- c:\windows\system32\vbscript.dll
2013-11-15 01:20 . 2013-12-11 02:02 816640 ----a-w- c:\windows\system32\jscript.dll
2013-11-15 01:19 . 2013-12-11 02:02 2147840 ----a-w- c:\windows\system32\iertutil.dll
2013-11-15 01:19 . 2013-12-11 02:02 729088 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-15 01:18 . 2013-12-11 02:02 96768 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-15 01:18 . 2013-12-11 02:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-15 01:12 . 2013-12-11 02:02 248320 ----a-w- c:\windows\system32\ieui.dll
2013-11-14 22:50 . 2013-12-11 02:02 1806848 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-14 22:42 . 2013-12-11 02:02 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-14 22:42 . 2013-12-11 02:02 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-14 22:38 . 2013-12-11 02:02 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-14 22:38 . 2013-12-11 02:02 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-14 22:35 . 2013-12-11 02:02 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-24 07:46 . 2012-09-29 09:26 136704 ----a-w- c:\program files\Uninstall.exe
2012-08-24 07:46 . 2012-09-29 09:26 1249792 ----a-w- c:\program files\WinRAR.exe
2012-08-24 07:46 . 2012-09-29 09:26 102912 ----a-w- c:\program files\Zip64.sfx
2012-08-24 07:46 . 2012-09-29 09:26 99328 ----a-w- c:\program files\WinCon64.sfx
2012-08-24 07:46 . 2012-09-29 09:26 82944 ----a-w- c:\program files\Zip.sfx
2012-08-24 07:46 . 2012-09-29 09:26 76288 ----a-w- c:\program files\WinCon.sfx
2012-08-24 07:46 . 2012-09-29 09:26 433664 ----a-w- c:\program files\Rar.exe
2012-08-24 07:46 . 2012-09-29 09:26 294912 ----a-w- c:\program files\UnRar.exe
2012-08-24 07:46 . 2012-09-29 09:26 196608 ----a-w- c:\program files\RarExt.dll
2012-08-24 07:46 . 2012-09-29 09:26 168448 ----a-w- c:\program files\RarExt32.dll
2012-08-24 07:46 . 2012-09-29 09:26 133120 ----a-w- c:\program files\Default64.sfx
2012-08-24 07:46 . 2012-09-29 09:26 102400 ----a-w- c:\program files\Default.sfx
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2014-01-08 20:14 3349528 ----a-w- c:\program files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll" [2014-01-08 3349528]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Officejet Pro 8600 (NET)"="c:\program files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2011-09-09 2676584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-05 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2014-02-04 2552856]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2013-04-25 1075296]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-11-20 4411952]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\DRIVERS\SMSCir64.sys;c:\windows\SYSNATIVE\DRIVERS\SMSCir64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 UsbClientService;UsbClientService;c:\program files (x86)\Synology\Assistant\UsbClientService.exe;c:\program files (x86)\Synology\Assistant\UsbClientService.exe [x]
S2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [x]
S3 busenum;Synology Virtual USB Hub;c:\windows\system32\DRIVERS\busenum.sys;c:\windows\SYSNATIVE\DRIVERS\busenum.sys [x]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys;c:\windows\SYSNATIVE\DRIVERS\CAXHWAZL.sys [x]
S3 netw5v64;Driver scheda Intel(R) Wireless WiFi Link serie 5000 per Windows Vista a 64 bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
.
.
Contenuto della cartella 'Scheduled Tasks'
.
2014-02-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 10:35]
.
2014-02-12 c:\windows\Tasks\HDvid Codec V7.0-chromeinstaller-dev.job
- c:\program files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-chromeinstaller.exe [2014-01-19 13:06]
.
2014-02-12 c:\windows\Tasks\HDvid Codec V7.0-codedownloader.job
- c:\program files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-codedownloader.exe [2014-01-19 13:06]
.
2014-02-12 c:\windows\Tasks\HDvid Codec V7.0-enabler.job
- c:\program files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-enabler.exe [2014-01-19 13:06]
.
2014-02-12 c:\windows\Tasks\HDvid Codec V7.0-firefoxinstaller.job
- c:\program files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-firefoxinstaller.exe [2014-01-19 13:06]
.
2014-02-12 c:\windows\Tasks\HDvid Codec V7.0-updater.job
- c:\program files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-updater.exe [2014-01-19 13:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11111111-1111-1111-1111-110411901142}]
2014-01-19 13:06 969216 ----a-w- c:\program files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-bho64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 15960096]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 82464]
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.it/
IE: &Download by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.8.0.254 193.205.222.2
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
FF - ProfilePath - c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.it/
FF - prefs.js: network.proxy.http - proxy.fisica.unipg.it
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: extensions.iminent.tlbrSrchUrl - hxxp://start.iminent.com/?ref=toolbarm#q=
FF - user.js: extensions.iminent.id - 18ab46e50000000000000016d45f6b1b
FF - user.js: extensions.iminent.appId - {0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
FF - user.js: extensions.iminent.instlDay - 16089
FF - user.js: extensions.iminent.vrsn - 1.8.28.3
FF - user.js: extensions.iminent.vrsni - 1.8.28.3
FF - user.js: extensions.iminent.vrsnTs - 1.8.28.314:08
FF - user.js: extensions.iminent.prtnrId - iminent
FF - user.js: extensions.iminent.prdct - iminent
FF - user.js: extensions.iminent.aflt - orgnl
FF - user.js: extensions.iminent.smplGrp - none
FF - user.js: extensions.iminent.tlbrId - YBCPCSTIPO
FF - user.js: extensions.iminent.instlRef -
FF - user.js: extensions.iminent.dfltLng -
FF - user.js: extensions.iminent.excTlbr - false
FF - user.js: extensions.iminent.ffxUnstlRst - false
FF - user.js: extensions.iminent.admin - false
FF - user.js: extensions.iminent.autoRvrt - false
FF - user.js: extensions.iminent.rvrt - false
FF - user.js: extensions.iminent.newTab - false
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
BHO-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-Iminent - c:\program files (x86)\Iminent\Iminent.exe
Wow6432Node-HKLM-Run-IminentMessenger - c:\program files (x86)\Iminent\Iminent.Messengers.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @DenieD: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:23,cb,14,e2,57,c8,0a,6d,0e,9d,fd,64,76,30,e7,91,58,b6,8d,42,9f,
bc,06,f2,8d,2a,29,76,12,92,69,42,8a,53,00,50,ed,3e,29,59,6c,87,d4,f1,73,0f,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @DenieD: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @DenieD: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @DenieD: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @DenieD: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @DenieD: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:23,cb,14,e2,57,c8,0a,6d,0e,9d,fd,64,76,30,e7,91,58,b6,8d,42,9f,
bc,06,f2,8d,2a,29,76,12,92,69,42,8a,53,00,50,ed,3e,29,59,6c,87,d4,f1,73,0f,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @DenieD: (Full) (Everyone)
.
Ora fine scansione: 2014-02-12 13:15:46
ComboFix-quarantined-files.txt 2014-02-12 12:15
.
Pre-Run: 10.076.987.392 byte disponibili
Post-Run: 10.098.528.256 byte disponibili
.
- - End Of File - - 70E126873474B4BF5A4F130B91299766
A36C5E4F47E84449FF07ED3517B43A31
Ho letto la vostra guida "ripulire un computer infetto" che si trova in questa sezione ed ho utilizzato combofix come da guida.
Non so leggere il log file e, cercando sul web, ho letto che in ogni caso è meglio farsi aiutare nell'analisi da persone competenti. Siccome io non lo sono mi rivolgo a voi e vi ringrazio per la disponibilità!!!
Innanzi tutto vorrei precisare che il problema per cui ho utilizzato combofix non è stato ancora risolto, dunque vi spiego questo problema e vi allego il log file di combofix.
Utilizzo Mozilla Firefox.
Da circa tre settimane noto che nella gran parte delle pagine web che apro (anche nel vostro forum) compaiono in alto e in basso dei banner pubblicitari mantre alcune parti del testo vengono sottolineate di verde e quando ci si passa sopra col mouse si aprono dei pop-up. Tutto questo avviene dopo aver caricato completamente la pagina web.
Non solo... Dopo aver caricato la pagina, al mio primo clic del mouse sulla pagina si apre un'altra finestra di Firefox (in background) con della pubblicità varia.
Sono sicuro che sia una cosa recente e anomala, perchè tutto ciò che vi ho detto succede anche in pagine che avevo già visitato e in cui sono SICURO che prima non c'erano.
Scusate il monologo, ma era per spiegare bene il mio problema.
Grazie mille per tutto l'aiuto che potrete darmi!!!
Ecco il log (é un pò lungo....):
-------------------------------------------------------
ComboFix 14-02-11.01 - Pigna 12/02/2014 12:33:12.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.2046.746 [GMT 1:00]
Eseguito da: c:\users\Pigna\Downloads\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome.manifest
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\asyncDB.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\background.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\browserAction.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\contextMenu.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\dbManager.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\dom_bg.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\fileManager.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\firefox.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\firefoxNotifications.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\firefoxOmnibox.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\message.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\pageAction.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\request.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\tabs.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\webRequest.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\api\windowsMessagingHandler.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\background.html
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\baseObject.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\browser.xul
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\addressBarChangeObserver.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\console.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\consts.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\delegate.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\extensionDataStore.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\folderIOWrapper.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\httpObserver.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\IDBWrapper.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\installer.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\logFile.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\prefs.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\progressListenerObserver.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\registry.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\reloadObserver.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\reports.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\requestObject.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\searchSettings.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\uninstallObserver.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\updateManager.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\utils.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\core\xhr.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\dialog.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\ffCoreFilesIndex.txt
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\main.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\options.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\options.xul
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\platformVersion.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\chrome\content\search_dialog.xul
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\defaults\preferences\prefs.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\manifest.xml
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins.json
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\1_base.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\1000020_analytics.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\1000025_analyticsFront.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\1000030_mz.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\104_jollywallet_m.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\17_jQuery.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\175_coolmirage_m.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\180_bpo_serp_m.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\182_openUrl.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\183_tabsWrapper.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\207_dbWrapper.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\21_debug.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\22_resources.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\28_initializer.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\47_resources_background.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\64_appApiMessage.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\72_appApiValidation.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\plugins\98_omniCommands.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\userCode\background.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\extensionData\userCode\extension.js
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\install.rdf
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\locale\en-US\translations.dtd
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\button1.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\button2.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\button3.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\button4.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\button5.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\crossrider_statusbar.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\icon128.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\icon16.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\icon24.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\icon48.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\panelarrow-up.png
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\popup.html
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\skin.css
c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\extensions\885f632d-1471-40b9-9736-370834c9febf@6bc59f1b-7afb-44ab-8068-16b3cdaf03e6.com\skin\update.css
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Files Creati Da 2014-01-12 al 2014-02-12 )))))))))))))))))))))))))))))))))))
.
.
2014-02-12 12:12 . 2014-02-12 12:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-30 10:59 . 2014-01-30 10:59 -------- d-----w- c:\program files (x86)\directx
2014-01-29 10:55 . 2014-01-29 10:55 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll
2014-01-29 10:21 . 2014-02-04 16:25 -------- d-----w- c:\program files (x86)\Railroad Tycoon 3
2014-01-20 11:44 . 2013-12-18 20:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-19 13:06 . 2014-02-06 09:43 -------- d-----w- c:\program files (x86)\HDvid Codec V7.0
2014-01-19 13:05 . 2014-01-19 14:09 -------- d-----w- c:\program files (x86)\hdvidcodec.com
2014-01-14 22:23 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-14 22:23 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-14 22:23 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-14 22:23 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-14 22:23 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-14 22:23 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-14 22:23 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-14 22:23 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-14 22:23 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-05 10:35 . 2012-09-29 09:02 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-05 10:35 . 2012-09-29 09:02 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-15 00:58 . 2012-09-29 16:12 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-11-25 00:48 . 2013-11-25 00:48 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-11-23 18:26 . 2013-12-11 01:56 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 01:56 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-15 02:09 . 2013-12-11 02:02 17847296 ----a-w- c:\windows\system32\mshtml.dll
2013-11-15 01:42 . 2013-12-11 02:02 10926080 ----a-w- c:\windows\system32\ieframe.dll
2013-11-15 01:37 . 2013-12-11 02:02 2334720 ----a-w- c:\windows\system32\jscript9.dll
2013-11-15 01:29 . 2013-12-11 02:02 1347072 ----a-w- c:\windows\system32\urlmon.dll
2013-11-15 01:29 . 2013-12-11 02:02 1392128 ----a-w- c:\windows\system32\wininet.dll
2013-11-15 01:28 . 2013-12-11 02:02 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-15 01:28 . 2013-12-11 02:02 237056 ----a-w- c:\windows\system32\url.dll
2013-11-15 01:25 . 2013-12-11 02:02 85504 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-15 01:22 . 2013-12-11 02:02 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-15 01:20 . 2013-12-11 02:02 599040 ----a-w- c:\windows\system32\vbscript.dll
2013-11-15 01:20 . 2013-12-11 02:02 816640 ----a-w- c:\windows\system32\jscript.dll
2013-11-15 01:19 . 2013-12-11 02:02 2147840 ----a-w- c:\windows\system32\iertutil.dll
2013-11-15 01:19 . 2013-12-11 02:02 729088 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-15 01:18 . 2013-12-11 02:02 96768 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-15 01:18 . 2013-12-11 02:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-15 01:12 . 2013-12-11 02:02 248320 ----a-w- c:\windows\system32\ieui.dll
2013-11-14 22:50 . 2013-12-11 02:02 1806848 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-14 22:42 . 2013-12-11 02:02 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-14 22:42 . 2013-12-11 02:02 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-14 22:38 . 2013-12-11 02:02 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-14 22:38 . 2013-12-11 02:02 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-14 22:35 . 2013-12-11 02:02 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-24 07:46 . 2012-09-29 09:26 136704 ----a-w- c:\program files\Uninstall.exe
2012-08-24 07:46 . 2012-09-29 09:26 1249792 ----a-w- c:\program files\WinRAR.exe
2012-08-24 07:46 . 2012-09-29 09:26 102912 ----a-w- c:\program files\Zip64.sfx
2012-08-24 07:46 . 2012-09-29 09:26 99328 ----a-w- c:\program files\WinCon64.sfx
2012-08-24 07:46 . 2012-09-29 09:26 82944 ----a-w- c:\program files\Zip.sfx
2012-08-24 07:46 . 2012-09-29 09:26 76288 ----a-w- c:\program files\WinCon.sfx
2012-08-24 07:46 . 2012-09-29 09:26 433664 ----a-w- c:\program files\Rar.exe
2012-08-24 07:46 . 2012-09-29 09:26 294912 ----a-w- c:\program files\UnRar.exe
2012-08-24 07:46 . 2012-09-29 09:26 196608 ----a-w- c:\program files\RarExt.dll
2012-08-24 07:46 . 2012-09-29 09:26 168448 ----a-w- c:\program files\RarExt32.dll
2012-08-24 07:46 . 2012-09-29 09:26 133120 ----a-w- c:\program files\Default64.sfx
2012-08-24 07:46 . 2012-09-29 09:26 102400 ----a-w- c:\program files\Default.sfx
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2014-01-08 20:14 3349528 ----a-w- c:\program files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll" [2014-01-08 3349528]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Officejet Pro 8600 (NET)"="c:\program files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2011-09-09 2676584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-05 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2014-02-04 2552856]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2013-04-25 1075296]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-11-20 4411952]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\DRIVERS\SMSCir64.sys;c:\windows\SYSNATIVE\DRIVERS\SMSCir64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 UsbClientService;UsbClientService;c:\program files (x86)\Synology\Assistant\UsbClientService.exe;c:\program files (x86)\Synology\Assistant\UsbClientService.exe [x]
S2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [x]
S3 busenum;Synology Virtual USB Hub;c:\windows\system32\DRIVERS\busenum.sys;c:\windows\SYSNATIVE\DRIVERS\busenum.sys [x]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys;c:\windows\SYSNATIVE\DRIVERS\CAXHWAZL.sys [x]
S3 netw5v64;Driver scheda Intel(R) Wireless WiFi Link serie 5000 per Windows Vista a 64 bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
.
.
Contenuto della cartella 'Scheduled Tasks'
.
2014-02-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 10:35]
.
2014-02-12 c:\windows\Tasks\HDvid Codec V7.0-chromeinstaller-dev.job
- c:\program files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-chromeinstaller.exe [2014-01-19 13:06]
.
2014-02-12 c:\windows\Tasks\HDvid Codec V7.0-codedownloader.job
- c:\program files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-codedownloader.exe [2014-01-19 13:06]
.
2014-02-12 c:\windows\Tasks\HDvid Codec V7.0-enabler.job
- c:\program files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-enabler.exe [2014-01-19 13:06]
.
2014-02-12 c:\windows\Tasks\HDvid Codec V7.0-firefoxinstaller.job
- c:\program files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-firefoxinstaller.exe [2014-01-19 13:06]
.
2014-02-12 c:\windows\Tasks\HDvid Codec V7.0-updater.job
- c:\program files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-updater.exe [2014-01-19 13:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11111111-1111-1111-1111-110411901142}]
2014-01-19 13:06 969216 ----a-w- c:\program files (x86)\HDvid Codec V7.0\HDvid Codec V7.0-bho64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 15960096]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 82464]
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.it/
IE: &Download by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.8.0.254 193.205.222.2
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
FF - ProfilePath - c:\users\Pigna\AppData\Roaming\Mozilla\Firefox\Profiles\pxkffgao.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.it/
FF - prefs.js: network.proxy.http - proxy.fisica.unipg.it
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: extensions.iminent.tlbrSrchUrl - hxxp://start.iminent.com/?ref=toolbarm#q=
FF - user.js: extensions.iminent.id - 18ab46e50000000000000016d45f6b1b
FF - user.js: extensions.iminent.appId - {0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
FF - user.js: extensions.iminent.instlDay - 16089
FF - user.js: extensions.iminent.vrsn - 1.8.28.3
FF - user.js: extensions.iminent.vrsni - 1.8.28.3
FF - user.js: extensions.iminent.vrsnTs - 1.8.28.314:08
FF - user.js: extensions.iminent.prtnrId - iminent
FF - user.js: extensions.iminent.prdct - iminent
FF - user.js: extensions.iminent.aflt - orgnl
FF - user.js: extensions.iminent.smplGrp - none
FF - user.js: extensions.iminent.tlbrId - YBCPCSTIPO
FF - user.js: extensions.iminent.instlRef -
FF - user.js: extensions.iminent.dfltLng -
FF - user.js: extensions.iminent.excTlbr - false
FF - user.js: extensions.iminent.ffxUnstlRst - false
FF - user.js: extensions.iminent.admin - false
FF - user.js: extensions.iminent.autoRvrt - false
FF - user.js: extensions.iminent.rvrt - false
FF - user.js: extensions.iminent.newTab - false
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
BHO-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-Iminent - c:\program files (x86)\Iminent\Iminent.exe
Wow6432Node-HKLM-Run-IminentMessenger - c:\program files (x86)\Iminent\Iminent.Messengers.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @DenieD: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:23,cb,14,e2,57,c8,0a,6d,0e,9d,fd,64,76,30,e7,91,58,b6,8d,42,9f,
bc,06,f2,8d,2a,29,76,12,92,69,42,8a,53,00,50,ed,3e,29,59,6c,87,d4,f1,73,0f,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @DenieD: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @DenieD: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @DenieD: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @DenieD: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @DenieD: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:23,cb,14,e2,57,c8,0a,6d,0e,9d,fd,64,76,30,e7,91,58,b6,8d,42,9f,
bc,06,f2,8d,2a,29,76,12,92,69,42,8a,53,00,50,ed,3e,29,59,6c,87,d4,f1,73,0f,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @DenieD: (A) (Users) @DenieD: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @DenieD: (Full) (Everyone)
.
Ora fine scansione: 2014-02-12 13:15:46
ComboFix-quarantined-files.txt 2014-02-12 12:15
.
Pre-Run: 10.076.987.392 byte disponibili
Post-Run: 10.098.528.256 byte disponibili
.
- - End Of File - - 70E126873474B4BF5A4F130B91299766
A36C5E4F47E84449FF07ED3517B43A31