Menu
Precedente Successivo

Anche a me si aprono pagine pubblicitarie dopo aver istallato un

Chiuso
biasion Posti 1 Data di registrazione domenica 14 dicembre 2014 Stato Membri Ultimo intervento 14 dicembre 2014 - 14 dic 2014 alle 12:56
l'embrouille 75 Posti 5307 Data di registrazione lunedì 4 luglio 2011 Stato Membri Ultimo intervento giovedì 5 luglio 2018 - 14 dic 2014 alle 15:44
Ciao,
programma sconoscito che mi ha messo una 10ina di piccoli programmini che piano piano o disinstallato ma le pagine si aprono uguali ecco il report di combo fix grazie fatemi sapere biasionv@libero.it
ComboFix 14-12-10.03 - BIASION 14/12/2014 12:44:55.11.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1040.18.8163.5405 [GMT 1:00]
Eseguito da: c:\users\BIASION\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
[i] ADS - Windows: deleted 0 bytes in 1 streams. /i
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\background.html
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\chromeCoreFilesIndex.txt
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\crossriderManifest.json
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\manifest.xml
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins.json
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\102.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\13.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\14.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\17.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\180.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\184.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\19.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\192.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\193.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\195.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\200.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\220.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\221.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\223.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\242.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\246.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\262.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\263.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\267.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\273.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\281.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\301.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\4.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\47.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\64.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\7.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\78.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\80.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\9.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\91.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\93.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\plugins\97.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\userCode\background.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\extensionData\userCode\extension.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\icons\actions\1.png
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\icons\icon128.png
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\icons\icon16.png
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\icons\icon48.png
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\1194228eafd9bdf0f277c63fa817345a.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\21293631da6821b53719acf8577bd0d6.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\api\1479ffcba533e963a3ddfe62dc429b24.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\api\388aad2a1b628ae05266df56fa5a69f3.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\api\87d0d5e752ba80131ae4ad69f9e5ba96.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\api\c6849f86886e944f014b3af990b43d8a.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\api\e446c7af56904945f738bb87fcbe4c2c.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\api\pageAction.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\1fa0cd3e13d14e0ca53d97f7c2eeac3a.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\451abb198836b72cf39e5b7d9d397ea5.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\4ee74cf0223397123195d14b0bc22b3b.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\66bb17192a89ec4657882bd7c6346ec0.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\7b21cc5c16b400e2cdd577e687ee04fc.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\7caad29e37c8368f6ac65abe1ca678f9.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\99cdf4ca05f4339a224da2147be8298c.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\ad2cc32b19de9b2e674bf677cee77e19.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\app_api.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\bddbcb65f0bdb209b058f0be1c291d87.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\c8ac1ad4078eb3480fbbc75fd05a8cd6.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\ca85c06b99c478ce65278e6b2f74883d.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\ccd7a29badebf9267fd07e36199168ce.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\crossriderAPI.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\f3d2cec9f5b58f2ca80eb0f30d5e3c9a.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\fd3f7c940ef65115ceede8540c6a90a9.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\installer.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\popupResource\newPopup.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\lib\popupResource\popup.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\js\main.js
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\manifest.json
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\popup.html
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip\1.26.35_0\Settings.json
c:\users\BIASION\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\BIASION\AppData\Local\Temp\sfamcc00001.dll
c:\users\BIASION\AppData\Local\Temp\sfareca00001.dll
.
.
((((((((((((((((((((((((( Files Creati Da 2014-11-14 al 2014-12-14 )))))))))))))))))))))))))))))))))))
.
.
2014-12-14 11:47 . 2014-12-14 11:47 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-12-14 11:47 . 2014-12-14 11:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-13 18:03 . 2014-12-13 18:03 -------- d-----w- c:\users\BIASION\AppData\Roaming\Enigma Software Group
2014-12-13 18:03 . 2014-12-13 18:03 -------- d-----w- C:\sh4ldr
2014-12-13 18:02 . 2014-12-13 18:02 22704 ----a-w- c:\windows\system32\drivers\EsgScanner.sys
2014-12-13 18:01 . 2014-12-13 18:01 -------- d-----w- c:\program files\Enigma Software Group
2014-12-13 17:31 . 2014-12-13 17:31 -------- d-----w- c:\program files (x86)\predm
2014-12-13 17:28 . 2014-12-13 17:28 1376736 ----a-w- c:\users\BIASION\AppData\Roaming\VXPSKG.exe
2014-12-13 17:28 . 2014-12-13 19:04 -------- d-----w- c:\program files (x86)\7972ece5-91ee-4380-9310-6c089d5325f1
2014-12-13 17:27 . 2014-12-13 17:27 2031072 ----a-w- c:\users\BIASION\AppData\Roaming\ZYIQFHO.exe
2014-12-13 17:27 . 2014-12-13 19:04 -------- d-----w- c:\program files (x86)\Cinema Video Pro 1.6V13.12
2014-12-13 17:26 . 2014-12-13 17:26 -------- d-----w- c:\program files (x86)\MyPC Backup
2014-12-13 17:26 . 2014-12-13 17:26 2379 ----a-w- c:\windows\patsearch.bin
2014-12-13 17:17 . 2014-12-13 17:17 -------- d-----w- c:\users\BIASION\AppData\Local\com
2014-12-13 17:16 . 2014-12-13 17:16 1567200 ----a-w- c:\users\BIASION\AppData\Roaming\YCPZP.exe
2014-12-13 17:16 . 2014-12-13 19:04 -------- d-----w- c:\program files (x86)\7336eb5e-5f60-4fde-8669-e9ad7a944a0c
2014-12-13 17:15 . 2014-12-13 17:15 1883616 ----a-w- c:\users\BIASION\AppData\Roaming\SSXUC.exe
2014-12-13 17:15 . 2014-12-13 17:15 -------- d-----w- c:\users\BIASION\AppData\Local\globalUpdate
2014-12-13 17:15 . 2014-12-13 17:15 -------- d-----w- c:\program files (x86)\globalUpdate
2014-12-13 17:15 . 2014-12-13 19:04 -------- d-----w- c:\program files (x86)\Media+PlayerVidEd2.0
2014-12-13 17:14 . 2014-12-13 17:14 -------- d-----w- c:\users\BIASION\AppData\Local\ContextTrue
2014-12-13 17:14 . 2014-12-13 17:28 -------- d-----w- c:\program files (x86)\CloudGuard
2014-12-13 17:05 . 2014-12-13 17:05 -------- d-----w- C:\_acestream_cache_
2014-12-13 17:05 . 2014-12-13 17:29 -------- d-----w- c:\users\BIASION\AppData\Roaming\.ACEStream
2014-12-13 17:04 . 2014-12-13 17:53 -------- d-----w- c:\users\BIASION\AppData\Roaming\ACEStream
2014-12-13 12:36 . 2014-11-17 01:08 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2DC765A3-9DF0-4BDA-9B5A-14CC43B8E925}\mpengine.dll
2014-12-12 12:16 . 2014-11-17 01:08 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-10 10:56 . 2014-12-10 10:55 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E9E92832-E5CF-43C7-B6F2-EA71E17175E5}\gapaengine.dll
2014-12-09 10:55 . 2014-12-09 10:55 -------- d-----w- c:\programdata\AMMYY
2014-12-08 22:09 . 2012-02-13 09:25 174080 ----a-w- c:\windows\system32\binkw32.dll
2014-12-08 22:08 . 2012-02-13 09:25 174080 ----a-w- c:\windows\binkw32.dll
2014-12-08 22:02 . 2012-02-13 09:25 174080 ----a-w- c:\windows\SysWow64\binkw32.dll
2014-12-08 22:02 . 2014-12-08 22:02 -------- d-----w- c:\programdata\Logs
2014-12-08 22:02 . 2014-06-10 11:27 19392 ----a-w- c:\windows\system32\roboot64.exe
2014-12-04 14:44 . 2014-12-04 14:44 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-30 11:25 . 2011-07-27 23:06 275080 ------w- c:\windows\system32\MpSigStub.exe
2013-12-25 11:04 . 2013-12-25 10:40 50053120 ----a-w- c:\program files (x86)\GUT3228.tmp
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}]
2014-12-13 17:28 748000 ----a-w- c:\program files (x86)\Cinema Video Pro 1.6V13.12\Cinema Video Pro 1.6V13.12-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110611791113}]
2014-12-13 17:16 747488 ----a-w- c:\program files (x86)\Media+PlayerVidEd2.0\Media+PlayerVidEd2.0-bho.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2010-09-30 393216]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-11-28 30522472]
"nvhlpr"="c:\users\BIASION\AppData\Local\ContextTrue\nvhlpr.exe" [2014-07-11 601584]
"cnthlpr"="c:\users\BIASION\AppData\Local\ContextTrue\cnthlpr.exe" [2014-07-11 601584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-12-06 766208]
.
c:\users\BIASION\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
PalTalk.lnk - c:\program files (x86)\Paltalk Messenger\paltalk.exe nas [2012-10-1 8356008]
Ritaglio schermata e avvio di OneNote 2010.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-1-8 228448]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SpeedFan.lnk - c:\program files (x86)\SpeedFan\speedfan.exe [2011-11-3 4657048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"RequireSignedAppInit_DLLs"=0 (0x0)
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys;c:\windows\SYSNATIVE\drivers\SBREdrv.sys [x]
R1 wpnfd_1_10_0_4;wpnfd_1_10_0_4;c:\windows\system32\drivers\wpnfd_1_10_0_4.sys;c:\windows\SYSNATIVE\drivers\wpnfd_1_10_0_4.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe;c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 NTIOLib_1_0_1;NTIOLib_1_0_1;c:\program files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys;c:\program files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_6;NTIOLib_1_0_6;c:\program files (x86)\Setup Files\Ms7672vI70\NTIOLib_X64.sys;c:\program files (x86)\Setup Files\Ms7672vI70\NTIOLib_X64.sys [x]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 FSProFilter2;FSPro File Filter 2;c:\windows\System32\Drivers\FSPFltd2.sys;c:\windows\SYSNATIVE\Drivers\FSPFltd2.sys [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\program files\Enigma Software Group\SpyHunter\SH4Service.exe;c:\program files\Enigma Software Group\SpyHunter\SH4Service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 21:56 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2014-12-14 c:\windows\Tasks\220d4342-7416-46df-b865-99e0a0132309.job
- c:\program files (x86)\Media+PlayerVidEd2.0\220d4342-7416-46df-b865-99e0a0132309.exe [2014-12-13 17:16]
.
2014-12-14 c:\windows\Tasks\361d45e1-1c2e-47d8-a562-b98d593ad59c-1.job
- c:\program files (x86)\Media+PlayerVidEd2.0\Media+PlayerVidEd2.0-codedownloader.exe [2014-12-13 17:16]
.
2014-12-14 c:\windows\Tasks\361d45e1-1c2e-47d8-a562-b98d593ad59c-10_user.job
- c:\program files (x86)\Media+PlayerVidEd2.0\361d45e1-1c2e-47d8-a562-b98d593ad59c-10.exe [2014-12-13 17:15]
.
2014-12-14 c:\windows\Tasks\361d45e1-1c2e-47d8-a562-b98d593ad59c-11.job
- c:\program files (x86)\Media+PlayerVidEd2.0\361d45e1-1c2e-47d8-a562-b98d593ad59c-11.exe [2014-12-13 17:16]
.
2014-12-14 c:\windows\Tasks\361d45e1-1c2e-47d8-a562-b98d593ad59c-2.job
- c:\program files (x86)\Media+PlayerVidEd2.0\361d45e1-1c2e-47d8-a562-b98d593ad59c-2.exe [2014-12-13 17:16]
.
2014-12-14 c:\windows\Tasks\361d45e1-1c2e-47d8-a562-b98d593ad59c-3.job
- c:\program files (x86)\Media+PlayerVidEd2.0\361d45e1-1c2e-47d8-a562-b98d593ad59c-3.exe [2014-12-13 17:15]
.
2014-12-14 c:\windows\Tasks\361d45e1-1c2e-47d8-a562-b98d593ad59c-4.job
- c:\program files (x86)\Media+PlayerVidEd2.0\361d45e1-1c2e-47d8-a562-b98d593ad59c-4.exe [2014-12-13 17:16]
.
2014-12-14 c:\windows\Tasks\361d45e1-1c2e-47d8-a562-b98d593ad59c-5.job
- c:\program files (x86)\Media+PlayerVidEd2.0\361d45e1-1c2e-47d8-a562-b98d593ad59c-5.exe [2014-12-13 17:16]
.
2014-12-14 c:\windows\Tasks\361d45e1-1c2e-47d8-a562-b98d593ad59c-5_user.job
- c:\program files (x86)\Media+PlayerVidEd2.0\361d45e1-1c2e-47d8-a562-b98d593ad59c-5.exe [2014-12-13 17:16]
.
2014-12-14 c:\windows\Tasks\361d45e1-1c2e-47d8-a562-b98d593ad59c-6.job
- c:\program files (x86)\Media+PlayerVidEd2.0\361d45e1-1c2e-47d8-a562-b98d593ad59c-6.exe [2014-12-13 17:16]
.
2014-12-14 c:\windows\Tasks\361d45e1-1c2e-47d8-a562-b98d593ad59c-7.job
- c:\program files (x86)\Media+PlayerVidEd2.0\361d45e1-1c2e-47d8-a562-b98d593ad59c-7.exe [2014-12-13 17:16]
.
2014-12-14 c:\windows\Tasks\83b77950-51ce-4249-8c84-aa6f316ab6df-1.job
- c:\program files (x86)\Cinema Video Pro 1.6V13.12\Cinema Video Pro 1.6V13.12-codedownloader.exe [2014-12-13 17:28]
.
2014-12-14 c:\windows\Tasks\83b77950-51ce-4249-8c84-aa6f316ab6df-11.job
- c:\program files (x86)\Cinema Video Pro 1.6V13.12\83b77950-51ce-4249-8c84-aa6f316ab6df-11.exe [2014-12-13 17:27]
.
2014-12-14 c:\windows\Tasks\83b77950-51ce-4249-8c84-aa6f316ab6df-2.job
- c:\program files (x86)\Cinema Video Pro 1.6V13.12\83b77950-51ce-4249-8c84-aa6f316ab6df-2.exe [2014-12-13 17:28]
.
2014-12-14 c:\windows\Tasks\83b77950-51ce-4249-8c84-aa6f316ab6df-3.job
- c:\program files (x86)\Cinema Video Pro 1.6V13.12\83b77950-51ce-4249-8c84-aa6f316ab6df-3.exe [2014-12-13 17:27]
.
2014-12-14 c:\windows\Tasks\83b77950-51ce-4249-8c84-aa6f316ab6df-4.job
- c:\program files (x86)\Cinema Video Pro 1.6V13.12\83b77950-51ce-4249-8c84-aa6f316ab6df-4.exe [2014-12-13 17:28]
.
2014-12-14 c:\windows\Tasks\83b77950-51ce-4249-8c84-aa6f316ab6df-5.job
- c:\program files (x86)\Cinema Video Pro 1.6V13.12\83b77950-51ce-4249-8c84-aa6f316ab6df-5.exe [2014-12-13 17:28]
.
2014-12-14 c:\windows\Tasks\83b77950-51ce-4249-8c84-aa6f316ab6df-5_user.job
- c:\program files (x86)\Cinema Video Pro 1.6V13.12\83b77950-51ce-4249-8c84-aa6f316ab6df-5.exe [2014-12-13 17:28]
.
2014-12-14 c:\windows\Tasks\83b77950-51ce-4249-8c84-aa6f316ab6df-6.job
- c:\program files (x86)\Cinema Video Pro 1.6V13.12\83b77950-51ce-4249-8c84-aa6f316ab6df-6.exe [2014-12-13 17:28]
.
2014-12-14 c:\windows\Tasks\83b77950-51ce-4249-8c84-aa6f316ab6df-7.job
- c:\program files (x86)\Cinema Video Pro 1.6V13.12\83b77950-51ce-4249-8c84-aa6f316ab6df-7.exe [2014-12-13 17:28]
.
2014-12-14 c:\windows\Tasks\98416bd5-23c8-4b19-a122-e02987baf4ce.job
- c:\program files (x86)\Cinema Video Pro 1.6V13.12\98416bd5-23c8-4b19-a122-e02987baf4ce.exe [2014-12-13 17:28]
.
2014-12-14 c:\windows\Tasks\9f33aaf3-5724-4997-88b7-625f95b39c75.job
- c:\program files (x86)\Cinema Video Pro 1.6V13.12\9f33aaf3-5724-4997-88b7-625f95b39c75.exe [2014-12-13 17:28]
.
2014-12-14 c:\windows\Tasks\bcecf0e6-a19c-455a-b34e-a0cd6f025744.job
- c:\program files (x86)\Media+PlayerVidEd2.0\bcecf0e6-a19c-455a-b34e-a0cd6f025744.exe [2014-12-13 17:16]
.
2014-12-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-16355953-3418566716-1553465738-1000Core.job
- c:\users\BIASION\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-07 20:35]
.
2014-12-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-16355953-3418566716-1553465738-1000UA.job
- c:\users\BIASION\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-07 20:35]
.
2014-12-14 c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-12-13 17:27]
.
2014-12-14 c:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-12-13 17:27]
.
2014-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-17 14:51]
.
2014-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-17 14:51]
.
2014-12-14 c:\windows\Tasks\SSXUC.job
- c:\users\BIASION\AppData\Roaming\SSXUC.exe [2014-12-13 17:15]
.
2014-12-14 c:\windows\Tasks\VXPSKG.job
- c:\users\BIASION\AppData\Roaming\VXPSKG.exe [2014-12-13 17:28]
.
2014-12-14 c:\windows\Tasks\YCPZP.job
- c:\users\BIASION\AppData\Roaming\YCPZP.exe [2014-12-13 17:16]
.
2014-12-14 c:\windows\Tasks\ZYIQFHO.job
- c:\users\BIASION\AppData\Roaming\ZYIQFHO.exe [2014-12-13 17:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
"mylbx"="c:\program files\My Lockbox\mylbx.exe" [2013-10-28 2289952]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392]
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://isearch.omiga-plus.com/?type=hp&ts=1418490977&from=tugs&uid=M4-CT064M4SSD2_00000000113303174FD5
uDefault_Search_URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1418490977&from=tugs&uid=M4-CT064M4SSD2_00000000113303174FD5&q={searchTerms}
mStart Page = hxxp://isearch.omiga-plus.com/?type=hp&ts=1418490977&from=tugs&uid=M4-CT064M4SSD2_00000000113303174FD5
mLocal Page = c:\windows\SysWOW64\blank.htm
mDefault_Page_URL = hxxp://isearch.omiga-plus.com/?type=hp&ts=1418490977&from=tugs&uid=M4-CT064M4SSD2_00000000113303174FD5
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com
mCustomizeSearch = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1418490977&from=tugs&uid=M4-CT064M4SSD2_00000000113303174FD5&q={searchTerms}
mSearchAssistant = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1418490977&from=tugs&uid=M4-CT064M4SSD2_00000000113303174FD5&q={searchTerms}
Trusted Zone: milanofinanza.it\www
Trusted Zone: poste.it\postepay
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{069F0E78-362F-4431-9D15-8B83419C67CF}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{22F5EB6D-3FAF-419C-B40A-7173ABB7C6ED}: NameServer = 176.31.229.24,176.31.229.25
FF - ProfilePath - c:\users\BIASION\AppData\Roaming\Mozilla\Firefox\Profiles\gpd5zl69.default\
FF - prefs.js: browser.search.selectedEngine - omiga-plus
FF - prefs.js: browser.startup.homepage - hxxp://isearch.omiga-plus.com/?type=hp&ts=1418490977&from=tugs&uid=M4-CT064M4SSD2_00000000113303174FD5
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2014-12-13 18:04; magicplayer@acestream.org; c:\users\BIASION\AppData\Roaming\Mozilla\Firefox\Profiles\gpd5zl69.default\extensions\magicplayer@acestream.org
FF - ExtSQL: !HIDDEN! 2012-09-09 09:50; NoiaButtons@ArisT2_Noia4dev; c:\users\BIASION\AppData\Roaming\Mozilla\Firefox\Profiles\gpd5zl69.default\extensions\NoiaButtons@ArisT2_Noia4dev.xpi
FF - ExtSQL: !HIDDEN! 2012-09-09 09:51; Noia4Options@ArisT2; c:\users\BIASION\AppData\Roaming\Mozilla\Firefox\Profiles\gpd5zl69.default\extensions\Noia4Options@ArisT2.xpi
FF - ExtSQL: !HIDDEN! 2012-11-11 10:18; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\BIASION\AppData\Roaming\Mozilla\Firefox\Profiles\gpd5zl69.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: !HIDDEN! 2013-05-28 18:18; plugin@yontoo.com; c:\users\BIASION\AppData\Roaming\Mozilla\Firefox\Profiles\gpd5zl69.default\extensions\plugin@yontoo.com
FF - ExtSQL: !HIDDEN! 2013-10-22 20:01; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Toolbar-!{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - (no file)
Toolbar-!{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
Toolbar-{96A25A24-2E87-4374-8A50-CC6F943FCE4D} - (no file)
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
AddRemove-TTT * DLC 1.00 - c:\program files (x86)\Codemasters\GRID\Uninstall.exe
AddRemove-TTT * DLC 1.2 - c:\program files (x86)\Codemasters\GRID\Uninstall.exe
AddRemove-TTT * DLC 1.4 - c:\program files (x86)\Codemasters\GRID\Uninstall.exe
AddRemove-webssearches uninstaller - c:\users\BIASION\AppData\Roaming\webssearches\UninstallManager.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-16355953-3418566716-1553465738-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-16355953-3418566716-1553465738-1000)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.eml.14"
.
[HKEY_USERS\S-1-5-21-16355953-3418566716-1553465738-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-16355953-3418566716-1553465738-1000)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.vcf.14"
.
[HKEY_USERS\S-1-5-21-16355953-3418566716-1553465738-1000\Software\Win7zip]
@Denied: (A B 2 3) (Everyone)
"Uuid"=hex:e4,c5,51,34,f7,52,22,43,ad,8a,98,5d,ba,e8,b0,94
.
[HKEY_USERS\S-1-5-21-16355953-3418566716-1553465738-1000_Classes\CLSID\{E4C55134-F752-2243-AD8A-985DBAE8B094}]
@Denied: (A 4) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files (x86)\Paltalk Messenger\paltalk.exe
c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
.
**************************************************************************
.
Ora fine scansione: 2014-12-14 12:49:45 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2014-12-14 11:49
ComboFix2.txt 2014-12-13 19:08
ComboFix3.txt 2014-02-24 21:52
ComboFix4.txt 2012-11-11 13:43
ComboFix5.txt 2014-12-14 11:44
.
Pre-Run: 6.278.512.640 byte disponibili
Post-Run: 5.883.891.712 byte disponibili
.
- - End Of File - - E25B1926D7E8AD20A2870DD7DAC43C4F
A36C5E4F47E84449FF07ED3517B43A31


1 risposta

Risposta 1 / 1
l'embrouille 75 Posti 5307 Data di registrazione lunedì 4 luglio 2011 Stato Membri Ultimo intervento giovedì 5 luglio 2018 749
14 dic 2014 alle 15:44
Ciao,
1) Scaricare ZHPDiag qui :
https://ccm.net/download/download-23176-zhpdiag
Salvarlo sul tuo desktop.

L'installazione è molto semplice .
Vedrai sette finestre durante l'installazione.
I primi cinque finestre : clicca su " Suivant" ( Avanti )
La sesta finestra : clicca su " Installer " ( Installare)
La settima finestra : clicca su "Terminer" (Chiudi ) .
Il software è installato.

Attenzione : Vedrai allora due nuove icone sul desktop : ZHPDiag ( pergamena ) e ZHPFix ( siringa ) perché il software si compone di due parti . Uno per le scansioni, l'altra per le cure.

2) Per fare una scansione di diagnosi :

- Sotto Windows XP : Apre ZHPDiag, facendo un « doppio clic » sull'icona che ha la forma d'una pergamena. .
È necessario disporre di privilegi di amministratore sul PC .
- Sotto Vista , 7 e 8 : Apre ZHPDiag, facendo un « clic destro » sull'icona che ha la forma d'una pergamena. Poi clicca su " Esegui come amministratore " .

Quando ZHPDiag sarà aperto , vedrai due grandi tasti :
« Cercare » e « Configurare »
Clicca sul tasto destro "Configurare"



Nella nuova finestra che si aprirà :

- >In basso, a sinistra , vedrai tre lenti di ingrandimento .
Prima di chiudere il browser, leggi il seguente
Poi, clicca sul la seconda lente di ingrandimento.



Durante la scansione (10 minuti o meno ), attende con pazienza senza usare il tuo pc.
A volte , il software può sembrare inattivo , ma si sta lavorando.
Alla fine della scansione, un report sarà salvato nel blocco-note.

3) Per trasmettere il report, come fare ? :

Il report è sul tuo desktop. Come è troppo lungo, non puo essere postato su forum, deve essere ospitato su un speciale sito online.

Vai su questo sito https://pjjoint.malekal.com/index.php?lang=en
Una volta sulla pagina di deposito, clicca su "Sfoglia"
Si aprirà una finestra, recupera il tuo report sul tuo Dekstop
e clicca su "Apri"
Poi clicca su "Send File".



Un link sarà creato/
Copia e incolla questo linknella tua riposta.


Ubuntu 13.04 Firefox 21/ Magela 3 Opera 12.15
0

Discussioni simili

Non riesco ad aprire le e-mail da Android
paolo5930 -
paolo5930 -

10 risposte
Non riesco ad aprire Gmail
lucrezia -
e-claudia -

1 risposta
Impossibile entrare su Alice Mail da mobile
Francescoritondo -
Reny -

10 risposte
Mi si aprono pagine web da sole con pubblicità
ciaociao -
ciao -

5 risposte
Problema e-mail cellulare/PC
panterapatty -
n00r -

55 risposte
Unisciti ALLA COMMUNITY