Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Virus that blocks my internet connection [Solved]


  • This topic is locked This topic is locked

#1
Gian89

Gian89

    New Member

  • Member
  • Pip
  • 4 posts
The other day to see a match in streaming I went to the sites that probably contained a virus. From that day on, my internet stopped working. In fact, when I turn the wifi on, my pc connects to my network fastweb but if I try to open any browser will not connect to any site. For example google chrome shows me the error 105 which is related to the DNS. I already tried to check on this site: http://dns-changer.eu/ if it was this virus but the result was negative and also tried to change manually my DNS to Google DNS but nothing is changed. My pc has windows 8 so I had left windows defender as the only defense. I tried to go into the network settings and when I click on the details of wifi connection does not give me any information and the download and upload traffic is equal to zero. The only way I can connect to internet is to connect my iphone via bluetooth and create an hotspot. How can i solve this problem? Did you know some virus that acting like that? If yes how can I remove this infection?
Thanks in advance.

OTL logfile created on: 12/02/2013 12.37.06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gianluca\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16453)
Locale: 00000410 | Country: Italy | Language: ITA | Date Format: dd/MM/yyyy

3,99 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 51,29% Memory free
4,68 Gb Paging File | 2,32 Gb Available in Paging File | 49,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,16 Gb Total Space | 111,13 Gb Free Space | 24,69% Space Free | Partition Type: NTFS

Computer Name: ACER5940G | User Name: Gianluca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/02/12 12.36.35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gianluca\Desktop\OTL.exe
PRC - [2012/12/18 20.08.28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/14 16.49.28 | 000,824,232 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012/12/14 16.49.28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16.49.28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16.49.28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/11/28 16.28.22 | 000,548,264 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2012/10/17 02.22.28 | 000,386,920 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2012/09/20 06.55.29 | 000,333,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WWAHost.exe
PRC - [2012/07/25 12.28.53 | 000,295,440 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
PRC - [2012/07/25 12.28.45 | 000,078,352 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
PRC - [2012/07/25 12.28.35 | 000,090,640 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2012/12/11 01.32.40 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2012/12/06 05.23.00 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2012/12/06 05.22.59 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2012/11/16 21.44.58 | 000,238,080 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/11/06 05.36.55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/11/06 05.17.41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2012/09/20 10.10.47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/09/20 07.31.18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/09/20 07.30.41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012/07/26 04.17.59 | 000,015,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2012/07/26 04.08.04 | 001,968,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2012/07/26 04.07.47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/26 04.07.42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/26 04.07.40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/26 04.07.25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/26 04.06.36 | 000,463,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2012/07/26 04.06.34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/26 04.06.33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/26 04.06.33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/26 04.06.00 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/07/26 04.05.55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/26 04.05.34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/26 04.05.28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/07/26 04.05.24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/26 04.05.08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/26 04.05.04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2012/07/26 01.24.02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/26 01.24.02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/26 01.24.02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/26 01.24.02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/26 01.24.02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/26 01.24.02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2012/12/18 20.08.28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/14 16.49.28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16.49.28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/11/29 09.26.17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/28 16.28.22 | 000,548,264 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2012/11/06 05.36.55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/10/17 02.22.28 | 000,386,920 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2012/07/26 04.20.04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/25 12.28.53 | 000,295,440 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service)
SRV - [2012/07/25 12.28.45 | 000,078,352 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service)
SRV - [2012/07/25 12.28.35 | 000,090,640 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2010/02/19 13.37.14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/12/14 16.49.28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/12/10 18.56.29 | 000,034,352 | ---- | M] (Egistec) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\FPSensor.sys -- (FPSensor)
DRV:64bit: - [2012/11/27 20.05.42 | 000,020,776 | ---- | M] (Splashtop Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\sthid.sys -- (sthid)
DRV:64bit: - [2012/11/27 08.00.32 | 000,194,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2012/11/27 04.56.29 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2012/11/27 04.55.44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/20 05.54.31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/16 22.08.32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/11/16 20.39.12 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/11/06 08.52.07 | 000,445,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2012/11/06 08.36.23 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2012/11/06 04.55.44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/11/02 15.38.36 | 000,050,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\point64.sys -- (Point64)
DRV:64bit: - [2012/10/26 19.00.50 | 000,131,416 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012/10/12 09.08.01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 08.25.48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/11 08.13.49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012/09/28 22.52.10 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012/09/28 10.32.56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/09/20 08.55.33 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2012/09/20 08.55.33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012/09/20 08.55.30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/09/20 08.55.29 | 000,028,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/09/20 08.55.27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 08.55.24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/09/20 08.03.08 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2012/08/21 13.01.20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/26 06.26.46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 06.26.45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 06.00.58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 06.00.58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 06.00.58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 06.00.57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 06.00.55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2012/07/26 06.00.55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2012/07/26 06.00.55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 06.00.55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 06.00.52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 06.00.52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 06.00.52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 06.00.51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 06.00.51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 06.00.49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 06.00.49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 06.00.49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 06.00.48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 05.57.54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 05.54.34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/07/26 05.53.16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/26 05.44.30 | 000,258,288 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2012/07/26 05.36.15 | 000,034,216 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2012/07/26 04.17.38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/26 03.29.14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/26 03.29.08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/26 03.29.03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/26 03.28.52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/26 03.27.58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/26 03.27.41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/26 03.27.37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/26 03.27.33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/26 03.27.29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/26 03.27.16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/26 03.27.01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/26 03.26.46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/26 03.26.43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/26 03.26.34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/26 03.26.13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/26 03.25.57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/26 03.25.56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/26 03.25.26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sys -- (Vid)
DRV:64bit: - [2012/07/26 03.25.22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2012/07/26 03.25.13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/26 03.25.12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2012/07/26 03.25.12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2012/07/26 03.25.01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/26 03.23.53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/26 03.23.42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/06/02 15.31.50 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2012/06/02 15.31.37 | 000,425,472 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2012/03/26 14.50.12 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011/04/09 00.00.20 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2009/07/09 03.00.00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/18 20.12.32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV - [2012/07/05 12.07.06 | 000,147,704 | ---- | M] (CyberLink Corp.) [2012/12/10 23:19:59] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl -- ({73526619-C24F-470B-9BED-53D455FBB5C6})
DRV - [2012/06/20 10.35.49 | 000,083,704 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mhotspot.com/search.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.it.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it-IT
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1D 60 9E 99 E5 D6 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Gianluca\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/10 23.06.59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/12/10 22.50.54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gianluca\AppData\Roaming\mozilla\Extensions
[2012/12/10 22.43.22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/11/29 09.26.57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/29 12.46.58 | 000,001,606 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-it.xml
[2012/11/29 12.46.58 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/29 12.46.58 | 000,000,957 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-it.xml
[2012/11/29 12.46.58 | 000,001,030 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\hoepli.xml
[2012/11/29 12.46.59 | 000,001,395 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-it.xml
[2012/11/29 12.46.59 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-it.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - Extension: Google Translate = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Google Drive = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: MTG Deck Builder.Net = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bffejgldkajddnhmnbojnoafbcnnndbc\1_0\
CHR - Extension: Downloads Button = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjplopaahplnjaiobkdnbjoibameibol\1.0_0\
CHR - Extension: YouTube = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Ricerca Google = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: History Button = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fofpnhmbgmmeaialapfddhbhfongoinh\1.0_0\
CHR - Extension: Hardware Theme: Inspired by Roman Nurik = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepcpohhelndknlebdckholhdbeabimb\1.2.8_0\
CHR - Extension: ScrewAds - Block, Skip, Remove YouTube Ads = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbnjoljpgkhiaicaejkdcjbfjknipnc\2.1.5_0\
CHR - Extension: FreshStart \u2013 Gestore di Sessioni Browser = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmidkjogcjnnlfimjcedenagjfacpobb\1.6.1_0\
CHR - Extension: Gmail = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Google Translate = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Google Drive = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: MTG Deck Builder.Net = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bffejgldkajddnhmnbojnoafbcnnndbc\1_0\
CHR - Extension: Downloads Button = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjplopaahplnjaiobkdnbjoibameibol\1.0_0\
CHR - Extension: YouTube = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Ricerca Google = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: History Button = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fofpnhmbgmmeaialapfddhbhfongoinh\1.0_0\
CHR - Extension: Hardware Theme: Inspired by Roman Nurik = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepcpohhelndknlebdckholhdbeabimb\1.2.8_0\
CHR - Extension: ScrewAds - Block, Skip, Remove YouTube Ads = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbnjoljpgkhiaicaejkdcjbfjknipnc\2.1.5_0\
CHR - Extension: FreshStart \u2013 Gestore di Sessioni Browser = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmidkjogcjnnlfimjcedenagjfacpobb\1.6.1_0\
CHR - Extension: Gmail = C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2011/02/16 21.59.29 | 000,001,661 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AMD AVT] C:\WINDOWS\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [PowerDVD12Agent] C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PowerDVD12DMREngine] C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VitaKeyPdtWzd] "C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe" File not found
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Gianluca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Gianluca\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe File not found
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.13.173.92 62.13.173.93
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C49ED86-91B1-47AF-8862-F863920B7C80}: DhcpNameServer = 62.13.173.92 62.13.173.93
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{93069489-DACF-4962-9C3F-A79429594E74}: NameServer = 192.168.1.8,192.168.2.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D74958B2-A9C6-49B3-9AD9-5164721F5846}: DhcpNameServer = 62.13.173.92 62.13.173.93
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA5C0554-0349-4CC0-A914-AD10A34372B5}: DhcpNameServer = 62.101.93.101 83.103.25.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA5C0554-0349-4CC0-A914-AD10A34372B5}: NameServer = 8.8.8.8,8.8.4.4
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/12 12.36.25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gianluca\Desktop\OTL.exe
[2013/02/12 12.05.15 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\AppData\Roaming\Malwarebytes
[2013/02/12 12.04.54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/02/12 12.04.43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/02/12 12.04.40 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2013/02/12 12.04.40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/02/12 12.01.51 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Gianluca\Desktop\mbam-setup-1.70.0.1100.exe
[2013/02/09 15.33.40 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\AppData\Roaming\ATI
[2013/02/09 15.33.40 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\AppData\Local\ATI
[2013/02/09 15.33.40 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/02/09 15.33.00 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013/02/09 15.32.58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013/02/09 15.32.50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013/02/09 15.32.46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013/02/09 15.32.46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013/02/09 15.32.41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Pro Control Center
[2013/02/09 15.30.48 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2013/02/09 15.30.05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013/02/09 15.28.08 | 000,000,000 | ---D | C] -- C:\AMD
[2013/02/06 11.56.20 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/02/01 15.51.30 | 003,811,392 | ---- | C] (Autodesk, Inc.) -- C:\Users\Gianluca\Desktop\fbx20133_maya2012_win_x64.exe
[2013/02/01 14.34.13 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\Documents\BorderGrid
[2013/02/01 11.42.39 | 000,000,000 | ---D | C] -- C:\Backup Borderline
[2013/01/28 18.16.03 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\Documents\Borderline (Unity3)
[2013/01/28 17.44.40 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\Desktop\backup unity 3
[2013/01/28 17.15.44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unity 3.5.7
[2013/01/28 16.53.06 | 530,575,600 | ---- | C] (Unity Technologies ApS) -- C:\Users\Gianluca\Desktop\UnitySetup-3.5.7.exe
[2013/01/24 15.49.59 | 000,000,000 | --SD | C] -- C:\Users\Gianluca\Google Drive
[2013/01/24 15.48.48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013/01/23 01.27.49 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\Desktop\Codice non utilizzato
[2013/01/22 17.40.59 | 000,000,000 | ---D | C] -- C:\BorderlineRepo
[2013/01/22 15.50.09 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\Desktop\PathfindingProject_Free_WebsiteDownload
[2013/01/22 15.18.55 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\AppData\Roaming\Subversion
[2013/01/22 15.17.23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
[2013/01/22 15.16.34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Git
[2013/01/22 15.14.01 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\AppData\Local\Programs
[2013/01/22 15.06.37 | 015,152,461 | ---- | C] (The Git Development Community ) -- C:\Users\Gianluca\Desktop\Git-1.8.0-preview20121022.exe
[2013/01/22 15.05.39 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\AppData\Roaming\syntevo
[2013/01/22 15.05.26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartGitHg 4
[2013/01/22 15.04.38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartGitHg 4
[2013/01/20 01.57.26 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\Documents\Assets Character
[2013/01/19 17.22.00 | 000,000,000 | -H-D | C] -- C:\Users\Gianluca\Documents\Freemake_do_not_remove_this_folder
[2013/01/17 17.54.59 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\AppData\Roaming\gtk-2.0
[2013/01/17 16.14.24 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\Documents\Borderline
[2013/01/17 14.57.05 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\Desktop\ScriptManu
[2013/01/17 12.05.49 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\AppData\Local\Songr
[2013/01/16 10.18.52 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\AppData\Local\ElevatedDiagnostics
[2013/01/16 10.17.50 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\AppData\Local\Diagnostics
[2013/01/14 17.17.03 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\Documents\BorderProva
[2013/01/13 22.55.07 | 000,000,000 | ---D | C] -- C:\Users\Gianluca\Documents\Project 1
[5 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[4 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/02/12 12.36.35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gianluca\Desktop\OTL.exe
[2013/02/12 12.04.54 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/12 12.03.03 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Gianluca\Desktop\mbam-setup-1.70.0.1100.exe
[2013/02/12 12.02.04 | 001,965,110 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013/02/12 12.02.04 | 000,855,462 | ---- | M] () -- C:\WINDOWS\SysNative\perfh010.dat
[2013/02/12 12.02.04 | 000,775,556 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013/02/12 12.02.04 | 000,177,144 | ---- | M] () -- C:\WINDOWS\SysNative\perfc010.dat
[2013/02/12 12.02.04 | 000,157,016 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013/02/12 11.59.29 | 002,086,216 | ---- | M] () -- C:\Users\Gianluca\Desktop\avira_antivirus_premium.exe
[2013/02/12 11.55.11 | 000,001,174 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/12 11.01.00 | 000,001,170 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/12 11.00.44 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/01 17.09.24 | 000,001,057 | ---- | M] () -- C:\Users\Gianluca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/02/01 17.09.07 | 000,001,031 | ---- | M] () -- C:\Users\Gianluca\Desktop\Dropbox.lnk
[2013/02/01 15.52.15 | 003,811,392 | ---- | M] (Autodesk, Inc.) -- C:\Users\Gianluca\Desktop\fbx20133_maya2012_win_x64.exe
[2013/01/28 19.46.18 | 000,439,252 | ---- | M] () -- C:\Users\Gianluca\Desktop\appunti_CAN1.pdf
[2013/01/28 17.50.08 | 000,013,486 | ---- | M] () -- C:\Users\Gianluca\Desktop\Unity_v3.x.ilr
[2013/01/28 17.23.33 | 000,001,176 | ---- | M] () -- C:\Users\Public\Desktop\Unity 3.lnk
[2013/01/28 17.18.16 | 000,006,905 | ---- | M] () -- C:\Users\Gianluca\Desktop\film_per_sequel.rtf
[2013/01/28 17.10.30 | 530,575,600 | ---- | M] (Unity Technologies ApS) -- C:\Users\Gianluca\Desktop\UnitySetup-3.5.7.exe
[2013/01/28 17.00.35 | 017,720,385 | ---- | M] () -- C:\Users\Gianluca\Desktop\Unity_357_exe_and_licence.7z
[2013/01/24 15.50.00 | 000,001,725 | ---- | M] () -- C:\Users\Gianluca\Desktop\Google Drive.lnk
[2013/01/23 01.53.35 | 000,000,061 | ---- | M] () -- C:\Users\Gianluca\.gitconfig
[2013/01/22 15.10.51 | 015,152,461 | ---- | M] (The Git Development Community ) -- C:\Users\Gianluca\Desktop\Git-1.8.0-preview20121022.exe
[2013/01/22 15.05.26 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\SmartGitHg 4.lnk
[2013/01/21 02.39.00 | 560,188,515 | ---- | M] () -- C:\Users\Gianluca\Desktop\Top-Down Fantasy Assets fixed.unitypackage
[2013/01/17 18.00.34 | 000,000,218 | ---- | M] () -- C:\Users\Gianluca\.recently-used.xbel
[2013/01/17 01.10.05 | 000,001,158 | ---- | M] () -- C:\Users\Gianluca\Desktop\Notepad.lnk
[2013/01/15 15.28.11 | 004,868,696 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013/01/15 15.27.34 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/01/15 15.27.27 | 3428,229,120 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/15 14.34.18 | 000,002,263 | ---- | M] () -- C:\Users\Gianluca\Desktop\Google Chrome.lnk
[5 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[4 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/02/12 12.04.54 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/12 11.59.07 | 002,086,216 | ---- | C] () -- C:\Users\Gianluca\Desktop\avira_antivirus_premium.exe
[2013/01/28 19.46.13 | 000,439,252 | ---- | C] () -- C:\Users\Gianluca\Desktop\appunti_CAN1.pdf
[2013/01/28 17.50.08 | 000,013,486 | ---- | C] () -- C:\Users\Gianluca\Desktop\Unity_v3.x.ilr
[2013/01/28 17.18.15 | 000,006,905 | ---- | C] () -- C:\Users\Gianluca\Desktop\film_per_sequel.rtf
[2013/01/28 16.59.19 | 017,720,385 | ---- | C] () -- C:\Users\Gianluca\Desktop\Unity_357_exe_and_licence.7z
[2013/01/24 15.50.00 | 000,001,725 | ---- | C] () -- C:\Users\Gianluca\Desktop\Google Drive.lnk
[2013/01/23 01.53.35 | 000,000,061 | ---- | C] () -- C:\Users\Gianluca\.gitconfig
[2013/01/22 15.05.26 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\SmartGitHg 4.lnk
[2013/01/21 17.40.20 | 560,188,515 | ---- | C] () -- C:\Users\Gianluca\Desktop\Top-Down Fantasy Assets fixed.unitypackage
[2013/01/21 10.10.53 | 000,295,639 | ---- | C] () -- C:\Users\Gianluca\Desktop\Riassunto by Mozzo - DIRITTO.pdf
[2013/01/17 18.00.34 | 000,000,218 | ---- | C] () -- C:\Users\Gianluca\.recently-used.xbel
[2013/01/17 01.10.05 | 000,001,158 | ---- | C] () -- C:\Users\Gianluca\Desktop\Notepad.lnk
[2013/01/15 15.27.37 | 004,868,696 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013/01/11 16.08.52 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2012/12/10 05.31.11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/11/16 21.01.08 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2012/11/16 21.01.08 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2012/07/26 09.13.10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2012/07/26 09.13.09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2012/07/26 08.21.26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/07/26 02.17.42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2012/07/25 21.37.29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012/07/25 21.28.31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2012/06/02 15.31.19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/04/18 18.39.10 | 000,028,672 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll
[2011/09/12 23.06.16 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2012/12/11 01.26.10 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/11/06 05.19.27 | 019,789,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/11/06 05.20.00 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 04.05.38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 04.18.27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 04.07.41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/12/11 01.45.45 | 000,000,000 | ---D | M] -- C:\Users\Gianluca\AppData\Roaming\Autodesk
[2013/02/05 16.47.44 | 000,000,000 | ---D | M] -- C:\Users\Gianluca\AppData\Roaming\Dropbox
[2012/12/11 22.25.10 | 000,000,000 | ---D | M] -- C:\Users\Gianluca\AppData\Roaming\FileZilla
[2013/01/17 17.54.59 | 000,000,000 | ---D | M] -- C:\Users\Gianluca\AppData\Roaming\gtk-2.0
[2013/01/11 15.18.51 | 000,000,000 | ---D | M] -- C:\Users\Gianluca\AppData\Roaming\MonoDevelop-Unity-2.8
[2012/12/10 20.02.34 | 000,000,000 | ---D | M] -- C:\Users\Gianluca\AppData\Roaming\OpenOffice.org
[2013/01/28 17.50.31 | 000,000,000 | ---D | M] -- C:\Users\Gianluca\AppData\Roaming\PACE Anti-Piracy
[2013/02/06 11.56.20 | 000,000,000 | ---D | M] -- C:\Users\Gianluca\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/01/11 15.18.54 | 000,000,000 | ---D | M] -- C:\Users\Gianluca\AppData\Roaming\stetic
[2013/01/22 15.18.55 | 000,000,000 | ---D | M] -- C:\Users\Gianluca\AppData\Roaming\Subversion
[2013/01/22 15.05.39 | 000,000,000 | ---D | M] -- C:\Users\Gianluca\AppData\Roaming\syntevo
[2013/01/28 18.00.22 | 000,000,000 | ---D | M] -- C:\Users\Gianluca\AppData\Roaming\Unity
[2013/01/28 17.36.22 | 000,000,000 | ---D | M] -- C:\Users\Gianluca\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 1190 bytes -> C:\Users\Gianluca\AppData\Local\6vebjqkFT:rdxyg0JBSTDaITjMT1dipAU
@Alternate Data Stream - 1152 bytes -> C:\Users\Gianluca\AppData\Local\Temp:3o4GqXY1p5i1Tmh6QHY
@Alternate Data Stream - 1149 bytes -> C:\Users\Gianluca\AppData\Local\Temp:hUWg2iDaydNnL3MlOYr1JhMnIPcGH

< End of report >
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi this looks like it could either be very easy or a pain.. So lets see which it is

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:OTL
@Alternate Data Stream - 1190 bytes -> C:\Users\Gianluca\AppData\Local\6vebjqkFT:rdxyg0JBSTDaITjMT1dipAU
@Alternate Data Stream - 1152 bytes -> C:\Users\Gianluca\AppData\Local\Temp:3o4GqXY1p5i1Tmh6QHY
@Alternate Data Stream - 1149 bytes -> C:\Users\Gianluca\AppData\Local\Temp:hUWg2iDaydNnL3MlOYr1JhMnIPcGH

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Please download MiniToolBox, save it to your desktop and run it.
Posted Image
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
  • 0

#3
Gian89

Gian89

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Oh my god now everything works! You cannot imagine how much you've saved me. Thank you very very much!
One last question: given that I was infected, is advisable to install a better antivirus than windows defender?
Anyway here are the logs:

OTL log:
All processes killed
========== OTL ==========
ADS C:\Users\Gianluca\AppData\Local\6vebjqkFT:rdxyg0JBSTDaITjMT1dipAU deleted successfully.
ADS C:\Users\Gianluca\AppData\Local\Temp:3o4GqXY1p5i1Tmh6QHY deleted successfully.
ADS C:\Users\Gianluca\AppData\Local\Temp:hUWg2iDaydNnL3MlOYr1JhMnIPcGH deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 58264 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Gianluca
->Temp folder emptied: 631819439 bytes
->Temporary Internet Files folder emptied: 36756535 bytes
->Java cache emptied: 2110372 bytes
->FireFox cache emptied: 9408119 bytes
->Google Chrome cache emptied: 433706491 bytes
->Flash cache emptied: 58955 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 12100096 bytes
%systemroot%\System32 (64bit) .tmp files removed: 8845824 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 24639548 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 187372 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1.106,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 02122013_181639

Files\Folders moved on Reboot...
C:\Users\Gianluca\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Gianluca\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\WINDOWS\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\winstore.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


MINITOOLBOX log:
MiniToolBox by Farbar Version:10-01-2013
Ran by Gianluca (administrator) on 12-02-2013 at 18:33:06
Running from "C:\Users\Gianluca\Desktop"
Windows 8 Pro (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Configurazione IP di Windows

Cache del resolver DNS svuotata.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = WiFi (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Ethernet (Media disconnected)


# ----------------------------------
# Configurazione IPv4
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Ethernet" nexthop=160.80.216.1 publish=S
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="WiFi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 14" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0
add address name="Ethernet" address=160.80.216.121 mask=255.255.0.0


popd
# Fine configurazione IPv4



Configurazione IP di Windows

Nome host . . . . . . . . . . . . . . : Acer5940G
Suffisso DNS primario . . . . . . . . :
Tipo nodo . . . . . . . . . . . . . . : Ibrido
Routing IP abilitato. . . . . . . . . : No
Proxy WINS abilitato . . . . . . . . : No
Elenco di ricerca suffissi DNS. . . . : fastwebnet.it

Scheda LAN wireless Local Area Connection* 14:

Stato supporto. . . . . . . . . . . . : Supporto disconnesso
Suffisso DNS specifico per connessione:
Descrizione . . . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
Indirizzo fisico. . . . . . . . . . . : 00-22-FB-72-17-09
DHCP abilitato. . . . . . . . . . . . : S
Configurazione automatica abilitata : S

Scheda LAN wireless WiFi:

Suffisso DNS specifico per connessione: fastwebnet.it
Descrizione . . . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Indirizzo fisico. . . . . . . . . . . : 00-22-FB-72-17-08
DHCP abilitato. . . . . . . . . . . . : S
Configurazione automatica abilitata : S
Indirizzo IPv6 locale rispetto al collegamento . : fe80::f92d:15d4:8b15:b492%13(Preferenziale)
Indirizzo IPv4. . . . . . . . . . . . : 192.168.1.133(Preferenziale)
Subnet mask . . . . . . . . . . . . . : 255.255.255.0
Lease ottenuto. . . . . . . . . . . . : marted 12 febbraio 2013 18.22.24
Scadenza lease . . . . . . . . . . . : marted 12 febbraio 2013 18.52.24
Gateway predefinito . . . . . . . . . : 192.168.1.254
Server DHCP . . . . . . . . . . . . . : 192.168.1.254
IAID DHCPv6 . . . . . . . . . . . : 318776059
DUID Client DHCPv6. . . . . . . . : 00-01-00-01-18-57-1D-D6-00-26-22-6A-37-52
Server DNS . . . . . . . . . . . . . : 8.8.8.8
8.8.4.4
Server WINS primario . . . . . . . . : 192.168.1.254
NetBIOS su TCP/IP . . . . . . . . . . : Attivato

Scheda Ethernet Ethernet:

Stato supporto. . . . . . . . . . . . : Supporto disconnesso
Suffisso DNS specifico per connessione:
Descrizione . . . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Indirizzo fisico. . . . . . . . . . . : 00-26-22-6A-37-52
DHCP abilitato. . . . . . . . . . . . : No
Configurazione automatica abilitata : S

Scheda Ethernet VirtualBox Host-Only Network:

Suffisso DNS specifico per connessione:
Descrizione . . . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
Indirizzo fisico. . . . . . . . . . . : 08-00-27-00-BC-7D
DHCP abilitato. . . . . . . . . . . . : No
Configurazione automatica abilitata : S
Indirizzo IPv6 locale rispetto al collegamento . : fe80::447e:97ce:7de3:878e%21(Preferenziale)
Indirizzo IPv4. . . . . . . . . . . . : 192.168.56.1(Preferenziale)
Subnet mask . . . . . . . . . . . . . : 255.255.255.0
Gateway predefinito . . . . . . . . . :
IAID DHCPv6 . . . . . . . . . . . : 537395239
DUID Client DHCPv6. . . . . . . . : 00-01-00-01-18-57-1D-D6-00-26-22-6A-37-52
Server DNS . . . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS su TCP/IP . . . . . . . . . . : Attivato

Scheda Tunnel isatap.fastwebnet.it:

Stato supporto. . . . . . . . . . . . : Supporto disconnesso
Suffisso DNS specifico per connessione: fastwebnet.it
Descrizione . . . . . . . . . . . . . : Microsoft ISATAP Adapter
Indirizzo fisico. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP abilitato. . . . . . . . . . . . : No
Configurazione automatica abilitata : S

Scheda Tunnel Teredo Tunneling Pseudo-Interface:

Stato supporto. . . . . . . . . . . . : Supporto disconnesso
Suffisso DNS specifico per connessione:
Descrizione . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Indirizzo fisico. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP abilitato. . . . . . . . . . . . : No
Configurazione automatica abilitata : S

Scheda Tunnel isatap.{8AA976D8-05CA-4B61-B8CA-44146C783843}:

Stato supporto. . . . . . . . . . . . : Supporto disconnesso
Suffisso DNS specifico per connessione:
Descrizione . . . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Indirizzo fisico. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP abilitato. . . . . . . . . . . . : No
Configurazione automatica abilitata : S
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Nome: google.com
Addresses: 2a00:1450:4002:801::1002
173.194.35.6
173.194.35.2
173.194.35.9
173.194.35.3
173.194.35.8
173.194.35.7
173.194.35.0
173.194.35.1
173.194.35.14
173.194.35.5
173.194.35.4


Esecuzione di Ping google.com [173.194.35.6] con 32 byte di dati:
Risposta da 173.194.35.6: byte=32 durata=94ms TTL=53
Risposta da 173.194.35.6: byte=32 durata=102ms TTL=53

Statistiche Ping per 173.194.35.6:
Pacchetti: Trasmessi = 2, Ricevuti = 2,
Persi = 0 (0% persi),
Tempo approssimativo percorsi andata/ritorno in millisecondi:
Minimo = 94ms, Massimo = 102ms, Medio = 98ms
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Nome: yahoo.com
Addresses: 98.139.183.24
206.190.36.45
98.138.253.109


Esecuzione di Ping yahoo.com [98.139.183.24] con 32 byte di dati:
Risposta da 98.139.183.24: byte=32 durata=738ms TTL=48
Risposta da 98.139.183.24: byte=32 durata=713ms TTL=48

Statistiche Ping per 98.139.183.24:
Pacchetti: Trasmessi = 2, Ricevuti = 2,
Persi = 0 (0% persi),
Tempo approssimativo percorsi andata/ritorno in millisecondi:
Minimo = 713ms, Massimo = 738ms, Medio = 725ms

Esecuzione di Ping 127.0.0.1 con 32 byte di dati:
Risposta da 127.0.0.1: byte=32 durata=18ms TTL=128
Risposta da 127.0.0.1: byte=32 durata=3ms TTL=128

Statistiche Ping per 127.0.0.1:
Pacchetti: Trasmessi = 2, Ricevuti = 2,
Persi = 0 (0% persi),
Tempo approssimativo percorsi andata/ritorno in millisecondi:
Minimo = 3ms, Massimo = 18ms, Medio = 10ms
===========================================================================
Elenco interfacce
23...00 22 fb 72 17 09 ......Microsoft Hosted Network Virtual Adapter
13...00 22 fb 72 17 08 ......Intel® WiFi Link 5100 AGN
12...00 26 22 6a 37 52 ......Broadcom NetLink ™ Gigabit Ethernet
21...08 00 27 00 bc 7d ......VirtualBox Host-Only Ethernet Adapter
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Tabella route
===========================================================================
Route attive:
Indirizzo rete Mask Gateway Interfaccia Metrica
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.133 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.133 286
192.168.1.133 255.255.255.255 On-link 192.168.1.133 286
192.168.1.255 255.255.255.255 On-link 192.168.1.133 286
192.168.56.0 255.255.255.0 On-link 192.168.56.1 276
192.168.56.1 255.255.255.255 On-link 192.168.56.1 276
192.168.56.255 255.255.255.255 On-link 192.168.56.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.56.1 276
224.0.0.0 240.0.0.0 On-link 192.168.1.133 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.56.1 276
255.255.255.255 255.255.255.255 On-link 192.168.1.133 286
===========================================================================
Route permanenti:
Indirizzo rete Mask Indir. gateway Metrica
0.0.0.0 0.0.0.0 160.80.216.1 Predefinito
===========================================================================

IPv6 Tabella route
===========================================================================
Route attive:
Interf Metrica Rete Destinazione Gateway
1 306 ::1/128 On-link
21 276 fe80::/64 On-link
13 286 fe80::/64 On-link
21 276 fe80::447e:97ce:7de3:878e/128
On-link
13 286 fe80::f92d:15d4:8b15:b492/128
On-link
1 306 ff00::/8 On-link
21 276 ff00::/8 On-link
13 286 ff00::/8 On-link
===========================================================================
Route permanenti:
Nessuna
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [64000] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/12/2013 03:41:13 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Impossibile trovare l'assembly dipendente Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Utilizzare sxstrace.exe per ottenere una diagnosi dettagliata.

Error: (02/12/2013 03:41:12 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Impossibile trovare l'assembly dipendente Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Utilizzare sxstrace.exe per ottenere una diagnosi dettagliata.

Error: (02/12/2013 03:41:12 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Impossibile trovare l'assembly dipendente Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Utilizzare sxstrace.exe per ottenere una diagnosi dettagliata.

Error: (02/12/2013 03:41:12 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Impossibile trovare l'assembly dipendente Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Utilizzare sxstrace.exe per ottenere una diagnosi dettagliata.

Error: (02/12/2013 03:41:12 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Impossibile trovare l'assembly dipendente Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Utilizzare sxstrace.exe per ottenere una diagnosi dettagliata.

Error: (02/12/2013 03:41:11 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Impossibile trovare l'assembly dipendente Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Utilizzare sxstrace.exe per ottenere una diagnosi dettagliata.

Error: (02/12/2013 03:41:11 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Impossibile trovare l'assembly dipendente Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Utilizzare sxstrace.exe per ottenere una diagnosi dettagliata.

Error: (02/12/2013 03:41:10 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Impossibile trovare l'assembly dipendente Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Utilizzare sxstrace.exe per ottenere una diagnosi dettagliata.

Error: (02/12/2013 03:41:10 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Impossibile trovare l'assembly dipendente Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1".
Utilizzare sxstrace.exe per ottenere una diagnosi dettagliata.

Error: (02/12/2013 03:41:03 PM) (Source: SideBySide) (User: )
Description: Generazione del contesto di attivazione non riuscita per "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Impossibile trovare l'assembly dipendente Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Utilizzare sxstrace.exe per ottenere una diagnosi dettagliata.


System errors:
=============
Error: (02/12/2013 06:16:39 PM) (Source: Service Control Manager) (User: )
Description: Arresto imprevista del servizio Adobe Acrobat Update Service. Questo evento si gi verificato 1 volta(e).

Error: (02/11/2013 07:53:55 PM) (Source: Service Control Manager) (User: )
Description: Arresto imprevista del servizio CyberLink PowerDVD 12 Media Server Service. Questo evento si gi verificato 58 volta(e).

Error: (02/11/2013 06:28:11 PM) (Source: ACPI) (User: )
Description: : il controller integrato (EC) non ha risposto entro il periodo di timeout specificato. possibile che si sia verificato un errore hardware o firmware dell'EC o che l'accesso all'EC da parte del BIOS non sia corretto. consigliabile richiedere una versione aggiornata del BIOS al produttore del computer. In alcuni casi, questo errore pu impedire il funzionamento corretto del computer.

Error: (02/09/2013 05:27:29 PM) (Source: Service Control Manager) (User: )
Description: Arresto imprevista del servizio CyberLink PowerDVD 12 Media Server Service. Questo evento si gi verificato 57 volta(e).

Error: (02/09/2013 03:31:45 PM) (Source: Service Control Manager) (User: )
Description: Il servizio AMD External Events Utility non stato avviato per il seguente errore:
%%1053

Error: (02/09/2013 03:31:45 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della connessione del servizio AMD External Events Utility.

Error: (02/08/2013 06:07:01 PM) (Source: Service Control Manager) (User: )
Description: Arresto imprevista del servizio CyberLink PowerDVD 12 Media Server Service. Questo evento si gi verificato 56 volta(e).

Error: (02/08/2013 03:46:20 PM) (Source: Service Control Manager) (User: )
Description: Arresto imprevista del servizio CyberLink PowerDVD 12 Media Server Service. Questo evento si gi verificato 55 volta(e).

Error: (02/07/2013 10:10:48 PM) (Source: Service Control Manager) (User: )
Description: Arresto imprevista del servizio CyberLink PowerDVD 12 Media Server Service. Questo evento si gi verificato 54 volta(e).

Error: (02/07/2013 04:59:40 PM) (Source: Service Control Manager) (User: )
Description: Arresto imprevista del servizio CyberLink PowerDVD 12 Media Server Service. Questo evento si gi verificato 53 volta(e).


Microsoft Office Sessions:
=========================
Error: (02/12/2013 03:41:13 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Adobe\Adobe Media Encoder CS5\PCI\Dolby\resources\libraries\ARKCmdDefrag.dll

Error: (02/12/2013 03:41:12 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Adobe\Adobe Media Encoder CS5\PCI\AMEPCI\resources\libraries\ARKCmdCaps.dll

Error: (02/12/2013 03:41:12 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Adobe\Adobe Media Encoder CS5\PCI\AMEPCI\resources\libraries\ARKEngine.dll

Error: (02/12/2013 03:41:12 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Adobe\Adobe Media Encoder CS5\PCI\AMEPCI\resources\libraries\ARKCmdFS.dll

Error: (02/12/2013 03:41:12 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Adobe\Adobe Media Encoder CS5\PCI\AMEPCI\resources\libraries\ARKCmdDefrag.dll

Error: (02/12/2013 03:41:11 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Adobe\Adobe Encore CS5\SetupRoyalty\resources\libraries\ARKCmdCaps.dll

Error: (02/12/2013 03:41:11 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Adobe\Adobe Encore CS5\SetupRoyalty\resources\libraries\ARKCmdFS.dll

Error: (02/12/2013 03:41:10 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Adobe\Adobe Encore CS5\SetupRoyalty\resources\libraries\ARKEngine.dll

Error: (02/12/2013 03:41:10 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Adobe\Adobe Encore CS5\SetupRoyalty\resources\libraries\ARKCmdDefrag.dll

Error: (02/12/2013 03:41:03 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2012\python\lib\distutils\command\wininst-8_d.exe


=========================== Installed Programs ============================

Add or Remove Adobe Premiere Pro CS5 (Version: 5.0)
Adobe After Effects CS5 (Version: 10)
Adobe AIR (Version: 3.5.0.1060)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Dreamweaver CS5 (Version: 11.0)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader XI (11.0.01) - Italiano (Version: 11.0.01)
AMD Accelerated Video Transcoding (Version: 12.5.100.21116)
AMD APP SDK Runtime (Version: 10.0.937.2)
AMD Catalyst Install Manager (Version: 8.0.877.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.71116.1554)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Torrent (Version: 3.2.3.28705)
Autodesk Backburner 2012.1.0 (Version: 2012.1.0)
Autodesk DirectConnect 2012 64-bit (Version: 6.0.443.0)
Autodesk FBX 2013.3 Plug-in for Maya 2012 64-bit
Autodesk MatchMover 2012 64-bit (Version: 14.00.0000)
Autodesk Maya 2012 64-bit (Version: 14.0.0.0)
Bonjour (Version: 3.0.0.10)
Canon Easy-PhotoPrint EX
Canon iP4700 series Printer Driver
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.1116.1515.27190)
Catalyst Control Center InstallProxy (Version: 2012.1116.1515.27190)
Catalyst Control Center Localization All (Version: 2012.1116.1515.27190)
Catalyst Pro Control Center (Version: 2012.1116.1515.27190)
ccc-utility64 (Version: 2012.1116.1515.27190)
CCC Help Chinese Standard (Version: 2012.1116.1514.27190)
CCC Help Chinese Traditional (Version: 2012.1116.1514.27190)
CCC Help Czech (Version: 2012.1116.1514.27190)
CCC Help Danish (Version: 2012.1116.1514.27190)
CCC Help Dutch (Version: 2012.1116.1514.27190)
CCC Help English (Version: 2012.1116.1514.27190)
CCC Help Finnish (Version: 2012.1116.1514.27190)
CCC Help French (Version: 2012.1116.1514.27190)
CCC Help German (Version: 2012.1116.1514.27190)
CCC Help Greek (Version: 2012.1116.1514.27190)
CCC Help Hungarian (Version: 2012.1116.1514.27190)
CCC Help Italian (Version: 2012.1116.1514.27190)
CCC Help Japanese (Version: 2012.1116.1514.27190)
CCC Help Korean (Version: 2012.1116.1514.27190)
CCC Help Norwegian (Version: 2012.1116.1514.27190)
CCC Help Polish (Version: 2012.1116.1514.27190)
CCC Help Portuguese (Version: 2012.1116.1514.27190)
CCC Help Russian (Version: 2012.1116.1514.27190)
CCC Help Spanish (Version: 2012.1116.1514.27190)
CCC Help Swedish (Version: 2012.1116.1514.27190)
CCC Help Thai (Version: 2012.1116.1514.27190)
CCC Help Turkish (Version: 2012.1116.1514.27190)
CD-LabelPrint
Composite 2012 64-bit (Version: 7.0.0)
Crystal Reports for Visual Studio (Version: 12.51.0.240)
CyberLink PowerDVD 12 (Version: 12.0.1905.56)
Dotfuscator Software Services - Community Edition (Version: 5.0.2300.0)
Dropbox (Version: 1.6.16)
DVDFab 9.0.1.5 (08/12/2012) Qt
FileZilla Client 3.6.0.2 (Version: 3.6.0.2)
Freemake Video Converter versione 3.1.2 (Version: 3.1.2)
Git version 1.8.0-preview20121022 (Version: 1.8.0-preview20121022)
Google Chrome (Version: 24.0.1312.57)
Google Drive (Version: 1.7.4018.3496)
Google Update Helper (Version: 1.3.21.123)
iTunes (Version: 11.0.0.163)
Java 7 Update 11 (Version: 7.0.110)
Java 7 Update 9 (64-bit) (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java SE Development Kit 7 Update 9 (64-bit) (Version: 1.7.0.90)
JDownloader 0.9 (Version: 0.9)
Malwarebytes Anti-Malware versione 1.70.0.1100 (Version: 1.70.0.1100)
MATLAB R2012a (Version: 7.14)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (Version: 2.0.50217.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Mouse and Keyboard Center (Version: 2.0.162.0)
Microsoft Silverlight (Version: 3.0.40818.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Management Objects (x64) (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (Version: 10.50.1447.4)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (Version: 10.50.1447.4)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1447.4)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Framework SDK v1.0 SP1 (Version: 1.0.3010.0)
Microsoft Sync Framework Services v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (Version: 2.0.3010.0)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.30319)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual F# 2.0 Runtime (Version: 10.0.30319)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (Version: 10.0.30319)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.30319)
Microsoft Visual Studio 2010 Performance Collection Tools - ENU (Version: 10.0.30319)
Microsoft Visual Studio 2010 Premium - ENU (Version: 10.0.30319)
Microsoft Visual Studio 2010 SharePoint Developer Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.30319)
Microsoft Visual Studio Macro Tools (Version: 9.0.30729)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 17.0.1 (x86 it) (Version: 17.0.1)
Mozilla Maintenance Service (Version: 17.0.1)
MPC-HC 1.6.4.6052 (64-bit) (Version: 1.6.4.6052)
NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit (Version: 2.60.0216.1828)
OpenOffice.org 3.4.1 (Version: 3.41.9593)
Oracle VM VirtualBox 4.2.4 (Version: 4.2.4)
PDF Settings CS5 (Version: 10.0)
PxMergeModule (Version: 1.00.0000)
QuickTime (Version: 7.73.80.64)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (Version: 10.1.2531.0)
SmartGit/Hg 4
Songr (Version: 1.9.63)
Splashtop Streamer (Version: 2.2.0.0)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
Supporto applicazioni Apple (Version: 2.3.2)
Synaptics Pointing Device Driver (Version: 13.2.2.0)
Unity (Version: )
Unity Web Player (Version: )
Visual Studio 2010 Prerequisites - English (Version: 10.0.30319)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
Web Deployment Tool (Version: 1.1.0618)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
XAMPP 1.8.1

========================= Devices: ================================

Name: Periferica sistema di base
Description: Periferica sistema di base
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferica sistema di base
Description: Periferica sistema di base
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferica sistema di base
Description: Periferica sistema di base
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 4086.77 MB
Available physical RAM: 2279.62 MB
Total Pagefile: 4790.77 MB
Available Pagefile: 2634.2 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.64 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:450.16 GB) (Free:111.93 GB) NTFS

========================= Users: ========================================

Account utente per \\ACER5940G

Administrator Gianluca Guest
Esecuzione comando riuscita.

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets now sweep for orphans. Windows defender is not an anti virus I can give you a list of free ones if you wish

Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
  • 0

#5
Gian89

Gian89

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
The Scan didn't found any malware and I think because of that I couldn't complete your six and seven step.
Here the log:

Malwarebytes Anti-Malware (Prova) 1.70.0.1100
www.malwarebytes.org

Versione database: v2013.02.12.07

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
Gianluca :: ACER5940G [amministratore]

Protezione: Disattivata

12/02/2013 19.57.51
mbam-log-2013-02-12 (19-57-51).txt

Tipo di scansione: Scansione veloce
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 210316
Tempo impiegato: 5 minuti, 56 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 0
(non sono stati rilevati elementi nocivi)

(fine)
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is the computer now .. Any problems ?
  • 0

#7
Gian89

Gian89

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Now the computer is perfect! No problem with the connection.
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Here is a list of antivirus programmes

Avast Free
Avira Free
AVG Free

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

If you use on-line banking then as an added layer of protection install Trusteer Rapport

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:
  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP