Precedente :: Successivo |
Autore |
Messaggio |
mastro1972 Eroe
Registrato: 26/03/08 17:39 Messaggi: 51
|
Inviato: 22 Dic 2016 11:57 Oggetto: virus che apre pagine ad ogni azione del cursore |
|
|
Ciao, da un giorno quando navigo, ad ogni contatto tentativo di utilizzo del cursore, si aprono pagine della più svariata specie. anche solo per sistemare il cursore e scrivere questo post, o per cliccare su un link etc. Praticamente non riesco a fare più niente.
Grazie in anticipo per la vostra competenza e pazienza |
|
Top |
|
|
Maary79 Moderatrice Sistemi Operativi e Software
Registrato: 08/02/12 12:23 Messaggi: 12235
|
|
Top |
|
|
mastro1972 Eroe
Registrato: 26/03/08 17:39 Messaggi: 51
|
Inviato: 12 Feb 2017 20:55 Oggetto: |
|
|
Malwarebytes Anti-Malware
www.malwarebytes.org
Data scansione: 12/02/2017
Ora scansione: 10:24
File di log: Malwarebytes.txt
Amministratore: Sì
Versione: 2.2.1.1043
Database malware: v2017.02.12.03
Database rootkit: v2017.02.11.01
Licenza: Gratuito
Protezione da malware: Disattivata
Protezione da siti web nocivi: Disattivata
Auto-protezione: Disattivata
SO: Windows 7 Service Pack 1
CPU: x64
File system: NTFS
Utente: stefano
Tipo di scansione: Ricerca elementi nocivi
Risultati: Completata
Elementi analizzati: 382636
Tempo impiegato: 57 min, 44 sec
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Euristiche: Attivata
PUP: Attivata
PUM: Attivata
Processi: 0
(Nessun elemento nocivo rilevato)
Moduli: 0
(Nessun elemento nocivo rilevato)
Chiavi di registro: 1
Adware.SaveByClick, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\OKKAACFIGJLIEFPMDKIBJJMMHOJOENPE, , [f1223171693f270f7d6bdd16f40c4bb5],
Valori di registro: 1
Adware.SaveByClick, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\okkaacfigjliefpmdkibjjmmhojoenpe|path, C:\ProgramData\SaveByclick\okkaacfigjliefpmdkibjjmmhojoenpe.crx, , [f1223171693f270f7d6bdd16f40c4bb5]
Dati di registro: 0
(Nessun elemento nocivo rilevato)
Cartelle: 0
(Nessun elemento nocivo rilevato)
File: 4
PUP.Optional.TradeAdExchange, C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.tradeadexchange.com_0.localstorage, , [cc471c8614942d094599e8ea7d85c040],
PUP.Optional.TradeAdExchange, C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.tradeadexchange.com_0.localstorage-journal, , [b1621a88e5c38fa73aa4d5fdad559868],
PUP.Optional.CrossRider, C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, , [b85bfea4eebaa69071e130811ae928d8],
PUP.Optional.CrossRider, C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, , [65ae6939f4b4ff371240a809a85b51af],
Settori fisici: 0
(Nessun elemento nocivo rilevato)
(end)
# AdwCleaner v6.043 - Logfile created 12/02/2017 at 19:45:55
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-02-09.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : stefano - STEFANO-PC
# Running from : C:\Users\stefano\Desktop\SCANSIONE COMPLETA PC\adwcleaner_6.043.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder deleted: C:\Users\stefano\AppData\LocalLow\HPAppData
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1002 Bytes] - [29/04/2016 21:03:00]
C:\AdwCleaner\AdwCleaner[C2].txt - [5484 Bytes] - [01/05/2016 19:26:28]
C:\AdwCleaner\AdwCleaner[C3].txt - [1951 Bytes] - [22/12/2016 02:46:38]
C:\AdwCleaner\AdwCleaner[C4].txt - [1651 Bytes] - [24/12/2016 15:36:15]
C:\AdwCleaner\AdwCleaner[C5].txt - [1156 Bytes] - [12/02/2017 19:45:55]
C:\AdwCleaner\AdwCleaner[R0].txt - [2518 Bytes] - [08/11/2013 23:11:21]
C:\AdwCleaner\AdwCleaner[S0].txt - [2639 Bytes] - [08/11/2013 23:13:28]
C:\AdwCleaner\AdwCleaner[S1].txt - [7004 Bytes] - [29/04/2016 20:55:24]
C:\AdwCleaner\AdwCleaner[S2].txt - [5706 Bytes] - [01/05/2016 19:23:19]
C:\AdwCleaner\AdwCleaner[S3].txt - [2081 Bytes] - [22/12/2016 02:45:00]
C:\AdwCleaner\AdwCleaner[S4].txt - [1784 Bytes] - [24/12/2016 15:27:21]
C:\AdwCleaner\AdwCleaner[S5].txt - [1952 Bytes] - [12/02/2017 19:39:03]
########## EOF - C:\AdwCleaner\AdwCleaner[C5].txt - [1740 Bytes] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Home Premium x64
Ran by stefano (Administrator) on 12/02/2017 at 20:09:05,80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 9
Successfully deleted: C:\Windows\system32\Tasks\PCDEventLauncherTask (Task)
Successfully deleted: C:\Users\stefano\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2OQ41OUL (Temporary Internet Files Folder)
Successfully deleted: C:\Users\stefano\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A54X9I2L (Temporary Internet Files Folder)
Successfully deleted: C:\Users\stefano\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H3KD6TTY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\stefano\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWLGYZMZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2OQ41OUL (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A54X9I2L (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H3KD6TTY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MWLGYZMZ (Temporary Internet Files Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/02/2017 at 20:11:21,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
non riesco a postare sulla pagina wikisend i due log di fsrt |
|
Top |
|
|
mastro1972 Eroe
Registrato: 26/03/08 17:39 Messaggi: 51
|
Inviato: 12 Feb 2017 22:56 Oggetto: |
|
|
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2017
Ran by stefano (administrator) on STEFANO-PC (12-02-2017 20:31:40)
Running from C:\Users\stefano\Desktop
Loaded Profiles: stefano (Available Profiles: stefano)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Realtek) C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtlService.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-27] ()
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2055816 2011-05-30] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [885760 2011-05-30] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-10-05] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2566800480-503390382-1343632058-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-03-22] (TomTom)
HKU\S-1-5-21-2566800480-503390382-1343632058-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-2566800480-503390382-1343632058-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-2566800480-503390382-1343632058-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-2566800480-503390382-1343632058-1000\...\Run: [2a071] => C:\Users\stefano\2a07.js
HKU\S-1-5-21-2566800480-503390382-1343632058-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\stefano\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\stefano\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\stefano\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-14] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\stefano\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-14] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\stefano\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-14] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\stefano\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-14] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-10-22]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-02-04]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\stefano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-01-07]
ShortcutTarget: MEGAsync.lnk -> C:\Users\stefano\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{825C2020-9DAB-40DA-9C1B-20AF4700EEFE}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2566800480-503390382-1343632058-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/11
HKU\S-1-5-21-2566800480-503390382-1343632058-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2566800480-503390382-1343632058-1000 -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2013-04-05] (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-04-05] (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-10-07] (Sun Microsystems, Inc.)
BHO-x32: Guida per l'accesso a Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-10-07] (Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
FireFox:
========
FF ProfilePath: C:\Users\stefano\AppData\Roaming\TomTom\HOME\Profiles\uzjdf7y5.default [2016-12-25]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2013-04-27] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-10-22] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKU\S-1-5-21-2566800480-503390382-1343632058-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_39 -> C:\Windows\system32\npdeployJava1.dll [2013-04-05] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2013-04-05] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_35 -> C:\Windows\SysWOW64\npdeployJava1.dll [2012-10-07] (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll [2012-10-07] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\stefano\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\stefano\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.216\pepflashplayer.dll => No File
CHR Profile: C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default [2017-02-12]
CHR Extension: (Documenti Google) - C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Google Drive) - C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google Search) - C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Sicurezza browser Avira) - C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-20]
CHR Extension: (Google Documenti offline) - C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Revolucija) - C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgainbpdmjhmmbhjpgmdlhiedbamncmi [2017-02-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-12-12]
CHR Extension: (Img to Base64) - C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbmijbedabffkkpjbcehcfgkknefhlgg [2016-12-19]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-21]
CHR Extension: (Jeizl) - C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjiilggfhonkggkncnopgdfemhhlmc [2017-02-02]
CHR Extension: (Gmail) - C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\stefano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2566800480-503390382-1343632058-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2571352 2016-01-05] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-19] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Realtek11nSU; C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-09-09] (Dell Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2009-08-21] (Google Inc)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176464 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148032 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-06-02] (Avira Operations GmbH & Co. KG)
S3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
S3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2012-01-18] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2012-01-18] ()
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [120960 2009-08-14] (QUALCOMM Incorporated)
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-12 20:31 - 2017-02-12 20:32 - 00021093 _____ C:\Users\stefano\Desktop\FRST.txt
2017-02-12 20:31 - 2017-02-12 20:31 - 00000000 ____D C:\Users\stefano\Desktop\FRST-OlderVersion
2017-02-09 21:09 - 2017-02-09 21:09 - 00012932 _____ C:\Users\stefano\Downloads\QV.jpeg
2017-02-09 20:26 - 2017-02-09 20:26 - 00525544 _____ C:\Users\stefano\Downloads\STEFANO-MASTROIANNI-1215663721170254561205764286.pdf
2017-02-08 08:11 - 2017-02-08 08:11 - 00071013 _____ C:\Users\stefano\Downloads\Genova.zip
2017-02-07 22:53 - 2017-02-07 22:53 - 00078091 _____ C:\Users\stefano\Downloads\giudizi terza E.odt
2017-02-07 17:10 - 2017-02-07 17:10 - 00076643 _____ C:\Users\stefano\Downloads\cin. 86 -riflessioni e verifica scrutini.pdf
2017-02-04 18:06 - 2017-02-04 18:06 - 01121354 _____ C:\Users\stefano\Downloads\replay-2017-2-4.json
2017-02-04 16:34 - 2017-02-04 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-02-03 21:37 - 2017-02-03 21:37 - 00040127 _____ C:\Users\stefano\Downloads\circ85.pdf
2017-02-02 17:30 - 2017-02-02 17:30 - 00368942 _____ C:\Users\stefano\Downloads\CGS_POSTEID_PF.pdf
2017-02-02 17:29 - 2017-02-02 17:29 - 00915712 _____ C:\Users\stefano\Downloads\KIT_SPID.pdf
2017-01-29 17:15 - 2017-01-29 17:15 - 00202876 _____ C:\Users\stefano\Downloads\1_Lanzone V.pdf
2017-01-26 14:20 - 2016-03-13 12:23 - 1468662147 _____ C:\Users\stefano\Downloads\CB01.CO-1l.m4g0.d1.0z.39.BR.HD.mkv
2017-01-23 19:38 - 2017-01-23 19:38 - 00289554 _____ C:\Users\stefano\Downloads\cin. 78 - corso per docenti esperti garanti dei diritti dei bambini, ragazzi e adolescenti.pdf
2017-01-23 19:37 - 2017-01-23 19:37 - 00275004 _____ C:\Users\stefano\Downloads\cin. 79 - corso di formazione sulla sicurezza informatica it security - iis g. caboto.pdf
2017-01-21 20:22 - 2017-01-21 21:01 - 956295356 _____ C:\Users\stefano\Downloads\Al posto tuo [HD] (2016) Bluray 1080p.mp4
2017-01-21 18:59 - 2017-01-21 18:59 - 00032379 _____ C:\Users\stefano\Downloads\circ77.pdf
2017-01-17 17:27 - 2017-01-17 17:27 - 00705091 _____ C:\Users\stefano\Downloads\001035_001.pdf
2017-01-16 17:24 - 2017-01-16 17:24 - 00031202 _____ C:\Users\stefano\Downloads\Laboratori.pdf
2017-01-16 17:23 - 2017-01-16 17:23 - 00209201 _____ C:\Users\stefano\Downloads\formazione neoassunti_calendario laboratori.pdf
2017-01-16 09:59 - 2017-01-16 09:59 - 00041740 _____ C:\Users\stefano\Downloads\ore eccedenti.pdf
2017-01-14 16:23 - 2017-01-14 16:23 - 00514464 _____ C:\Users\stefano\Downloads\22105-ket-vocabulary-list-1 (3).pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-12 20:31 - 2016-12-22 02:58 - 00000000 ____D C:\FRST
2017-02-12 20:31 - 2016-05-01 19:54 - 02421248 _____ (Farbar) C:\Users\stefano\Desktop\FRST64.exe
2017-02-12 20:30 - 2016-05-01 21:28 - 00000000 ____D C:\Users\stefano\Desktop\SCANSIONE COMPLETA PC
2017-02-12 20:04 - 2016-12-12 12:59 - 00000000 ___RD C:\Users\stefano\Google Drive
2017-02-12 20:01 - 2016-02-09 17:38 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-12 19:57 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-12 19:57 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-12 19:51 - 2013-11-08 23:18 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-02-12 19:47 - 2011-10-17 14:06 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2017-02-12 19:47 - 2011-10-17 14:06 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2017-02-12 19:47 - 2011-10-17 13:31 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2017-02-12 19:47 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-12 19:45 - 2013-11-08 23:11 - 00000000 ____D C:\AdwCleaner
2017-02-12 19:34 - 2014-10-05 21:01 - 00000978 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-12 19:32 - 2011-12-12 10:25 - 05961728 ___SH C:\Users\stefano\Downloads\Thumbs.db
2017-02-12 19:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-02-12 12:00 - 2016-04-29 18:09 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-12 11:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\ModemLogs
2017-02-12 10:15 - 2011-10-21 19:20 - 00000000 ____D C:\Users\stefano\AppData\Roaming\SoftGrid Client
2017-02-10 16:51 - 2016-01-07 12:21 - 00000000 ____D C:\Users\stefano\Documents\MEGAsync Downloads
2017-02-10 14:50 - 2011-10-21 18:03 - 00106488 _____ C:\Users\stefano\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-10 09:28 - 2010-11-21 16:30 - 00741838 _____ C:\Windows\system32\perfh010.dat
2017-02-10 09:28 - 2010-11-21 16:30 - 00147634 _____ C:\Windows\system32\perfc010.dat
2017-02-10 09:28 - 2009-07-14 06:13 - 01662796 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-10 09:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-02-08 18:11 - 2011-10-21 21:20 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2017-02-08 17:33 - 2011-11-16 21:09 - 00000000 ___RD C:\Users\stefano\Downloads\STEFANO
2017-02-07 23:28 - 2015-09-20 20:47 - 00000000 ____D C:\Users\stefano\AppData\Local\MEGAsync
2017-02-07 16:37 - 2015-07-16 11:59 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 16:37 - 2015-07-16 11:59 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-05 09:42 - 2011-10-17 13:53 - 00000000 ____D C:\ProgramData\Sonic
2017-02-04 16:34 - 2016-10-31 17:26 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-02-04 16:34 - 2016-10-31 16:34 - 00001926 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-01-29 21:09 - 2016-12-09 16:04 - 00000000 ____D C:\Users\stefano\Downloads\aperitivi ZENZERO
2017-01-29 12:58 - 2009-07-14 06:08 - 00032548 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-22 11:42 - 2014-11-25 15:47 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-21 21:05 - 2013-04-29 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-01-21 19:06 - 2016-10-31 16:32 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-21 15:59 - 2015-04-25 09:27 - 00089600 ___SH C:\Users\stefano\Desktop\Thumbs.db
2017-01-18 16:40 - 2012-01-05 12:29 - 00000000 ___RD C:\Users\stefano\Downloads\FEDERICA
==================== Files in the root of some directories =======
2012-02-20 20:04 - 2012-02-20 20:04 - 0001977 _____ () C:\Program Files (x86)\BurlingtonEnglish.lnk
2013-12-11 19:29 - 2016-02-08 02:12 - 0007859 _____ () C:\Users\stefano\AppData\Roaming\pcouffin.cat
2013-12-11 19:29 - 2016-02-08 02:12 - 0001167 _____ () C:\Users\stefano\AppData\Roaming\pcouffin.inf
2013-12-11 19:29 - 2016-02-08 02:12 - 0000055 _____ () C:\Users\stefano\AppData\Roaming\pcouffin.log
2011-10-22 11:05 - 2016-01-31 22:39 - 0113152 _____ () C:\Users\stefano\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-10-26 20:10 - 2013-03-08 14:03 - 0000173 ___SH () C:\ProgramData\.zreglib
2011-10-21 18:14 - 2011-10-22 21:43 - 0001127 _____ () C:\ProgramData\hpzinstall.log
2011-10-31 14:31 - 2011-10-31 14:31 - 0001744 _____ () C:\ProgramData\__wdump.txt
Some files in TEMP:
====================
2016-12-15 07:06 - 2016-12-15 07:06 - 2458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\stefano\AppData\Local\Temp\libeay32.dll
2016-12-15 07:06 - 2016-12-15 07:06 - 0970912 _____ (Microsoft Corporation) C:\Users\stefano\AppData\Local\Temp\msvcr120.dll
2016-12-15 07:06 - 2016-12-15 07:06 - 0772672 _____ () C:\Users\stefano\AppData\Local\Temp\sqlite3.dll
2017-02-08 18:55 - 2017-02-08 18:55 - 0140040 _____ (tmssoftware.com) C:\Users\stefano\AppData\Local\Temp\wusetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-04-18 08:26
==================== End of FRST.txt ============================ |
|
Top |
|
|
mastro1972 Eroe
Registrato: 26/03/08 17:39 Messaggi: 51
|
Inviato: 12 Feb 2017 22:57 Oggetto: |
|
|
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2017
Ran by stefano (12-02-2017 20:33:08)
Running from C:\Users\stefano\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-10-21 17:00:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2566800480-503390382-1343632058-500 - Administrator - Disabled)
Guest (S-1-5-21-2566800480-503390382-1343632058-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2566800480-503390382-1343632058-1002 - Limited - Enabled)
stefano (S-1-5-21-2566800480-503390382-1343632058-1000 - Administrator - Enabled) => C:\Users\stefano
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Boris Graffiti (HKLM-x32\...\{262BF2CD-601D-4F43-919C-4B00B1D1F338}) (Version: 5.20.200 - Boris FX, Inc.)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version: - Blue Mammoth Games)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
BurlingtonEnglish (HKLM-x32\...\{9A6B88E6-2523-4920-9D76-1403554EFEB9}) (Version: 1.0 - BurlingtonEnglish)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.4.0 - Conexant)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Data Vault (Version: 4.3.7.0 - Dell Inc.) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{C53BCCBE-9268-4C09-82E9-611444A73B3F}) (Version: 2.10.1.3 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{AE468012-E8B9-44D5-9ED7-761C7885BBF0}) (Version: 1.5.201.0 - Fingertapps)
Dell Palcoscenico (HKLM-x32\...\{E05E387C-1CB0-4FAE-93CF-04918205EF5C}) (Version: 1.5.420.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{0D98F04D-11A1-4B64-A406-43292B9EEE90}) (Version: 1.5.0.130 - ArcSoft)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.61 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{27130E51-9555-408B-8134-7BFF54EDE27B}) (Version: 1.3.0.72 - Dell)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DJ_AIO_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Driver Pinnacle Video (HKLM\...\{5EB90C06-964F-4195-B83E-BD7E55C88415}) (Version: 12.00.0017 - Pinnacle Systems)
Erickson - Dalla parola alla frase (HKU\S-1-5-21-2566800480-503390382-1343632058-1000\...\Dalla parola alla frase) (Version: 1.0 - Edizioni Centro Studi Erickson)
Erickson - Divertirsi con l'ortografia (HKU\S-1-5-21-2566800480-503390382-1343632058-1000\...\Divertirsi con l'ortografia) (Version: 1.0 - Edizioni Centro Studi Erickson)
Erickson - Grammatica facile (HKU\S-1-5-21-2566800480-503390382-1343632058-1000\...\Grammatica facile) (Version: 1.0 - Edizioni Centro Studi Erickson)
Erickson - Sviluppare le abilità di letto-scrittura 2 (HKU\S-1-5-21-2566800480-503390382-1343632058-1000\...\Sviluppare le abilità di letto-scrittura 2) (Version: 1.0 - Edizioni Centro Studi Erickson)
F2100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
F2100_Help (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet All-In-One Driver Software 13.0 Rel. 1 (HKLM\...\{EB773820-0871-46A8-9B96-F2B04F8B34F0}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{29AAC3D3-23FC-496D-8266-0E3833686758}) (Version: 6.0.2.10 - Apple Inc.)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Java(TM) 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.350 - Oracle)
Java(TM) 6 Update 39 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416039FF}) (Version: 6.0.390 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Magic Bullet Looks Studio (HKLM-x32\...\Magic Bullet Looks Studio) (Version: - )
Malwarebytes Anti-Malware versione 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office a portata di clic 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Italiano (HKLM-x32\...\{90140011-0066-0410-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0415-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 繁體中文 (HKLM\...\{A423B3FB-C9E6-4953-9A83-2A5F45CAF466}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 繁體中文 (HKLM-x32\...\{0BE37B03-93EF-4B46-A4F3-30ED22569D1A}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 (x64) (HKLM\...\{53D7A054-4598-4947-A159-E8FCC77720AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 (x64) (HKLM\...\{32508A23-C9EA-4D29-83CA-97A42A13701E}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyScript Notes Lite (HKLM-x32\...\{A82E3AFE-0BD9-4A17-9A58-9112B5C679C5}) (Version: 2.2.0.0 - Vision Objects)
NVIDIA Display Control Panel (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 6.14.12.6716 - NVIDIA Corporation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Pinnacle Studio 12 (HKLM-x32\...\{D041EB9E-890A-4098-8F94-51DA194AC72A}) (Version: 12.0.0.6163 - Pinnacle Systems)
Pinnacle Studio 12 Ultimate Plugins (HKLM-x32\...\{D1860E6E-520E-4380-8433-E58E8F88B473}) (Version: 12.0.0.0 - Pinnacle Systems)
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
proDAD Vitascene 1.0 (HKLM-x32\...\proDAD-Vitascene-1.0) (Version: - )
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Sitecom 300N USB Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0175 - Sitecom Corp.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Supporto applicazioni Apple (32 bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Supporto applicazioni Apple (64 bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TFA InfanziaPrimaria (HKLM-x32\...\TFA_INFANZIAPRIMARIA) (Version: - )
TomTom HOME (HKLM-x32\...\{EC5F4C1B-F838-4CB7-8561-8F809296428B}) (Version: 2.9.5 - Nome società)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Visualizzatore di Microsoft PowerPoint (HKLM-x32\...\{95140000-00AF-0410-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WebM Project Directshow Filters (HKU\S-1-5-21-2566800480-503390382-1343632058-1000\...\webmdshow) (Version: - )
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 3.1.9 - Shark007)
Windows Driver Package - ACER Incorporated (qcusbser) Modem (08/16/2010 2.0.6.6) (HKLM\...\D149DB73BE02E748657C63CBB404510E56E08F63) (Version: 08/16/2010 2.0.6.6 - ACER Incorporated)
Windows Driver Package - ACER Incorporated (qcusbser) Ports (08/16/2010 2.0.6.6) (HKLM\...\5D9817CE83DD092EB8923949297A94C53A0A27CF) (Version: 08/16/2010 2.0.6.6 - ACER Incorporated)
Windows Driver Package - Acer, Inc (androidusb) USB (08/16/2010 1.0.0010.00000) (HKLM\...\83E7AE861B9BCCB05F7AA822F9EE26C0672E6888) (Version: 08/16/2010 1.0.0010.00000 - Acer, Inc)
Windows Driver Package - Linux Developer Community Net (08/16/2010 5.1.2600.2781) (HKLM\...\637F4A11ADE9B1B3D8F4A37C0C4CA8EA924B739E) (Version: 08/16/2010 5.1.2600.2781 - Linux Developer Community)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3A0318C7-36BD-4EE5-8B26-76E006620155} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {3C3BB115-28C2-4ABA-B811-963E12F7F81A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {3D8BC85E-2F2C-441B-A5CD-E9640B8AE4BA} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-09-09] (Dell Inc.)
Task: {4429DFEB-425B-482A-AA25-C45E9D4EE4AF} - System32\Tasks\{8C4B81A3-96A0-4338-814C-4AAFA34C0DD5} => pcalua.exe -a D:\Welcome.exe -d D:\
Task: {59A66CD4-DD1A-49FE-99E4-EF2C37308D12} - System32\Tasks\2a07 => C:\Users\stefano\2a07.js
Task: {84B27769-E2C9-4293-83B7-01CB058CF2B5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {9654F6B7-03C8-4BC3-ACDF-68017C963E88} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {9CE46669-1952-41C9-BC61-2D2C64AAEF23} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {E64C2ABE-40DC-43B8-A514-197FF7D505C2} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {E85BA37B-8C45-4107-95EB-B4E1A7087A70} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-05-01 15:13 - 2016-11-14 11:09 - 00592384 _____ () C:\Users\stefano\AppData\Local\MEGAsync\ShellExtX64.dll
2011-12-08 19:19 - 2011-06-02 12:36 - 00165376 _____ () C:\Program Files\WinRAR\rarext.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-11 21:31 - 2016-03-11 21:31 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1040.dll
2016-10-05 18:18 - 2016-10-05 18:18 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-05 18:18 - 2016-10-05 18:18 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:18 - 2016-10-05 18:18 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2014-05-01 15:15 - 2016-11-14 11:09 - 00564736 _____ () C:\Users\stefano\AppData\Local\MEGAsync\ShellExtX32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2566800480-503390382-1343632058-1000\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-2566800480-503390382-1343632058-1000\...\bing.com -> hxxp://it.bing.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-12-18 12:46 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2566800480-503390382-1343632058-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\stefano\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9C5A0C98-CED6-4174-AF65-12803674CCC2}] => c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{2E109CD3-1C5E-456C-8052-15337E80F670}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{98CA78A7-959F-48F1-8E53-2C339B7C9FB6}] => LPort=2869
FirewallRules: [{2A19FF43-8923-4537-84D7-3328CB753F58}] => LPort=1900
FirewallRules: [{83218393-12C5-4DF3-912F-F717E9775E69}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C2D33A74-A22C-4436-B35E-F83F4AEE3592}] => C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{596C6165-88C3-416B-924A-4F437E36C368}] => C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
FirewallRules: [{8B20CE7A-5FE6-4F3F-A1B1-39329D261F11}] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
FirewallRules: [{08B5A53B-5FCA-48C1-B999-DDC4801B5680}] => C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
FirewallRules: [{09835FA2-E165-4B6A-9497-CACC41B3C8FA}] => C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
FirewallRules: [{B244D618-7C5F-4DD6-A2E1-5B66674725DD}] => C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
FirewallRules: [{D4823FD5-6714-449D-B03B-E36ACDEB513F}] => C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe
FirewallRules: [{6D48266F-D769-427F-869D-B09AA854FFD8}] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
FirewallRules: [{89FC443D-499C-40C9-86FD-E85F7C20D122}] => C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
FirewallRules: [{501402D9-50BE-4C32-98E3-F6CD1E6E7074}] => C:\Program Files (x86)\Dell\Stage Remote\DMR.exe
FirewallRules: [{4F34B98E-34BF-49D2-A7C8-B0260FB2BBB6}] => C:\Program Files (x86)\Dell\Stage Remote\Controller.exe
FirewallRules: [{27776006-AB34-4747-8C91-2A5D0C6BBFBE}] => C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{55BF4B9B-87BE-42D9-B811-3E4820329F55}] => C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{1EAAD5FB-3E80-4EDB-BB40-8120810B3A1E}] => LPort=1542
FirewallRules: [{CDDFB531-74B5-4B03-8AA9-6A838BA9465A}] => LPort=1542
FirewallRules: [{F70E868D-4D1D-426B-9E0A-96654B6ED556}] => LPort=53
FirewallRules: [{6D158965-040D-4BD0-A830-5D27D4328259}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{3E63C473-7947-46FE-A355-2D62B3ED6062}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{91D5B90A-9673-4C7A-8064-252CB99EAB5F}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{AB6A21D8-4870-4803-947C-81685CF8C660}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{E71338F2-8C65-4ED9-BFE8-7823B7DA3EDE}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{BD616C44-824F-4732-B74B-F74C3D0C326B}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{1C9E2C29-F297-475F-8ADA-9672DB506383}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{9E80C853-F271-4629-B71A-3BB2A66233D1}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{485125BB-1631-4304-B106-2F41A8228971}] => C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{33310BC8-67C8-488C-9085-1A3B60FAD067}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{F4AC6085-3455-45E8-A028-EBBFD105588B}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{AA345FBB-B58F-44F7-B326-49697022674C}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{80095954-79B3-4A5B-997E-B2315407E7E6}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{F19A23E0-7C6D-4AD0-BD98-B909DBE7841D}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{E7592EE7-CA17-44CA-BC42-6E7378642387}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{1908D4F0-02A1-4EB5-A34B-68FF97DE0527}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{127475F3-CD3B-4139-BB33-A6658AC67DE6}] => C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{162629B7-C5A6-41D2-B97C-FEEDA251D4CC}] => C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{4B29823B-17D3-4732-947B-6DBB64EC6D35}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => C:\program files (x86)\dell\dell datasafe online\nobuclient.exe
FirewallRules: [UDP Query User{69DDE8FE-3381-4C1C-B796-AA51D6A35D0E}C:\program files (x86)\dell\dell datasafe online\nobuclient.exe] => C:\program files (x86)\dell\dell datasafe online\nobuclient.exe
FirewallRules: [{94294621-8B8A-4028-8EDD-CF158918C24A}] => C:\Program Files (x86)\Pinnacle\Studio 12\Programs\RM.exe
FirewallRules: [{488BF0C5-8186-465A-AFE4-EDFD9C4827B2}] => C:\Program Files (x86)\Pinnacle\Studio 12\Programs\RM.exe
FirewallRules: [{DEF8F7A6-14FA-4520-8729-6F0D66958CB5}] => C:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe
FirewallRules: [{C2CCB167-E896-4FD3-AC20-201F59FB90E9}] => C:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe
FirewallRules: [{7AFB9AE9-8079-44ED-9C99-D86EFF70EABA}] => C:\Program Files (x86)\Pinnacle\Studio 12\Programs\umi.exe
FirewallRules: [{1E935391-2945-4516-BA2E-B781B645B6BE}] => C:\Program Files (x86)\Pinnacle\Studio 12\Programs\umi.exe
FirewallRules: [TCP Query User{50972EFF-8495-4DAF-8E0E-4540C08BA568}C:\windows\system32\javaw.exe] => C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{D4C9E96D-EDDB-4585-A8CC-DE02F055194E}C:\windows\system32\javaw.exe] => C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{D1E1B799-6DD4-4411-AB8C-92D308BE20E2}C:\program files (x86)\pinnacle\studio 12\programs\studio.exe] => C:\program files (x86)\pinnacle\studio 12\programs\studio.exe
FirewallRules: [UDP Query User{FA766E33-E67A-4FB5-9157-3EB5A5325985}C:\program files (x86)\pinnacle\studio 12\programs\studio.exe] => C:\program files (x86)\pinnacle\studio 12\programs\studio.exe
FirewallRules: [TCP Query User{DFC5A193-6287-4FD5-92FE-E9C215ABEC33}C:\program files\java\jre6\bin\javaw.exe] => C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{DEE00DE2-9C0D-4611-8DB7-B3C0B5971B49}C:\program files\java\jre6\bin\javaw.exe] => C:\program files\java\jre6\bin\javaw.exe
FirewallRules: [{22E23EAE-9FC3-45D8-8383-2BD876CDF3B5}] => C:\Program Files (x86)\Cracked Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{9959045A-9026-421F-8B5C-45578110D294}] => C:\Program Files (x86)\Cracked Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{B63EDD84-B46C-4B6A-8C73-A68C089E338B}] => C:\Program Files (x86)\Cracked Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{D1DFC896-B323-4B3E-B249-5FDBC410C3A1}] => C:\Program Files (x86)\Cracked Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{7FFB4DDB-69AD-4680-9D0B-698025BF7B89}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F090CAD2-AF25-475B-85C4-F92F36E1D6E3}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{52387764-0FC7-400B-B499-4695350CE588}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{400751C1-7619-476D-AEED-D012A125320D}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6E883BEC-1F30-4DE1-B55E-55FED8AE5B94}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{614D4CE4-724E-41D4-92AA-BECBB00ED602}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{33551CC6-9735-4165-90BE-9521465C0530}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DA6CAD8E-2305-4AEA-92E4-53281D41169A}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4C2CD4A5-E564-477F-8F60-49268AD28437}] => C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{5A4670CF-D4CF-4DFA-915F-42D69FA5C598}] => C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [TCP Query User{57A586D1-C897-4CDA-AE8A-785131D0DAB7}C:\program files (x86)\microsoft games\age of empires\empires.exe] => C:\program files (x86)\microsoft games\age of empires\empires.exe
FirewallRules: [UDP Query User{6A2EC6B2-709C-4C4F-B857-CF294CEF4039}C:\program files (x86)\microsoft games\age of empires\empires.exe] => C:\program files (x86)\microsoft games\age of empires\empires.exe
FirewallRules: [TCP Query User{80FCE8DC-C1FC-46D9-A7FB-DD5BD4892DF0}C:\windows\syswow64\dplaysvr.exe] => C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{51BD26CD-C8B1-4E35-A25E-1D6161F10862}C:\windows\syswow64\dplaysvr.exe] => C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{EB45F26A-E22C-476B-903E-7D40F61D2F76}C:\program files (x86)\microsoft games\age of empires\empiresx.exe] => C:\program files (x86)\microsoft games\age of empires\empiresx.exe
FirewallRules: [UDP Query User{B94F077E-AFDA-4C2E-85A2-B5E87316CE72}C:\program files (x86)\microsoft games\age of empires\empiresx.exe] => C:\program files (x86)\microsoft games\age of empires\empiresx.exe
FirewallRules: [{28303848-E627-4AD8-89C8-09AACD76F288}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{476E2076-9560-4D19-825C-83F50741A0B8}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
11-01-2017 22:19:39 Windows Update
12-02-2017 20:09:10 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/12/2017 08:29:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe". Errore nel file manifesto o dei criteri "", alla riga .
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (02/12/2017 08:03:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe". Errore nel file manifesto o dei criteri "", alla riga .
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (02/12/2017 07:58:10 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
(Patch task for {90140011-0066-0410-0000-0000000FF1CE}): DownloadLatest Failed: Nessuna connessione di rete attualmente attiva. Quando verrà collegata una scheda, Servizio trasferimento intelligente in background (BITS) ripeterà l'operazione.
Error: (02/12/2017 07:49:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Impossibile riattivare il filtro eventi con query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" nello spazio dei nomi "//./root/CIMV2". Errore 0x80041003. Impossibile recapitare gli eventi tramite questo filtro fino alla risoluzione del problema.
Error: (02/12/2017 07:45:01 PM) (Source: MsiInstaller) (EventID: 11706) (User: stefano-PC)
Description: Product: Dell Data Vault -- Error 1706. An installation package for the product Dell Data Vault cannot be found. Try the installation again using a valid copy of the installation package 'DDV.msi'.
Error: (02/12/2017 07:36:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma chrome.exe versione 56.0.2924.87 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.
ID processo: 13f4
Ora di avvio: 01d2855eb4ef4b46
Ora di chiusura: 3
Percorso applicazione: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
ID segnalazione:
Error: (02/12/2017 07:29:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe". Errore nel file manifesto o dei criteri "", alla riga .
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Error: (02/12/2017 07:23:07 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
(Patch task for {90140011-0066-0410-0000-0000000FF1CE}): DownloadLatest Failed: Nessuna connessione di rete attualmente attiva. Quando verrà collegata una scheda, Servizio trasferimento intelligente in background (BITS) ripeterà l'operazione.
Error: (02/12/2017 07:13:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Impossibile riattivare il filtro eventi con query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" nello spazio dei nomi "//./root/CIMV2". Errore 0x80041003. Impossibile recapitare gli eventi tramite questo filtro fino alla risoluzione del problema.
Error: (02/12/2017 12:04:05 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo a scopo informativo.
(Patch task for {90140011-0066-0410-0000-0000000FF1CE}): DownloadLatest Failed: Nessuna connessione di rete attualmente attiva. Quando verrà collegata una scheda, Servizio trasferimento intelligente in background (BITS) ripeterà l'operazione.
System errors:
=============
Error: (02/12/2017 08:09:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio NVIDIA Driver Helper Service. Questo evento si è già verificato 1 volta(e).
Error: (02/12/2017 07:46:21 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Tentativo di eseguire un'azione di correzione (Riavvia il servizio) dopo l'arresto imprevista del servizio Windows Search. Tentativo non riuscito per l'errore:
Un'istanza del servizio è già in esecuzione.
Error: (02/12/2017 07:45:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Application Virtualization Client. Questo evento si è già verificato 1 volta(e).
Error: (02/12/2017 07:45:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Windows Installer è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 120000 millisecondi: Riavvia il servizio.
Error: (02/12/2017 07:45:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Programma di installazione dei moduli di Windows è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 120000 millisecondi: Riavvia il servizio.
Error: (02/12/2017 07:45:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Copia shadow del volume. Questo evento si è già verificato 1 volta(e).
Error: (02/12/2017 07:45:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Cache tipi di carattere Windows Presentation Foundation 3.0.0.0 è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 0 millisecondi: Riavvia il servizio.
Error: (02/12/2017 07:45:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Servizio di condivisione in rete Windows Media Player è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 30000 millisecondi: Riavvia il servizio.
Error: (02/12/2017 07:45:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Dell Update Service. Questo evento si è già verificato 1 volta(e).
Error: (02/12/2017 07:45:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Windows Search è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 30000 millisecondi: Riavvia il servizio.
CodeIntegrity:
===================================
Date: 2014-12-18 12:45:27.613
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.
Date: 2014-12-18 12:45:27.582
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.
Date: 2014-12-18 12:45:27.535
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.
Date: 2014-12-18 12:45:27.504
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.
Date: 2014-12-14 23:23:03.506
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.
Date: 2014-12-14 23:23:03.475
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.
Date: 2014-12-14 23:23:03.428
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.
Date: 2014-12-14 23:23:03.397
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.
Date: 2014-11-25 11:26:05.129
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.
Date: 2014-11-25 11:26:05.098
Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2310 CPU @ 2.90GHz
Percentage of memory in use: 27%
Total physical RAM: 6126.64 MB
Available physical RAM: 4413.12 MB
Total Virtual: 12251.47 MB
Available Virtual: 10273.27 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:1383.98 GB) (Free:352.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 1397.3 GB) (Disk ID: 18B00264)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1384 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================ |
|
Top |
|
|
|
|
Non puoi inserire nuovi argomenti Non puoi rispondere a nessun argomento Non puoi modificare i tuoi messaggi Non puoi cancellare i tuoi messaggi Non puoi votare nei sondaggi
|
|