Jump to content


Photo

I'm supposed to be infected

Strange behaviour of Firefox

  • This topic is locked This topic is locked
5 replies to this topic

#1 emanuele

emanuele

    Advanced Member

  • Helper Trainee
  • PipPipPip
  • 130 posts

Posted 22 November 2014 - 01:22 AM

Hi everybodies
I'm worried I've been infected, because while I open a page of Firefox, a lot of pages start to open.
I post herewith my logs

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 21/11/2014
Scan Time: 8.24.49
Logfile: MBAM.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.21.05
Rootkit Database: v2014.11.18.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Mepra

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 320532
Time Elapsed: 25 min, 13 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 20/09/2012 11.30.03
System Uptime: 20/11/2014 15.54.25 (17 hours ago)
.
Motherboard: Foxconn | | 2ABF
Processor: Processore Intel Pentium III Xeon | CPU 1 | 2893/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 450 GiB total, 301,801 GiB free.
D: is Removable
E: is CDROM ()
F: is FIXED (NTFS) - 16 GiB total, 1,949 GiB free.
G: is CDROM ()
J: is FIXED (FAT32) - 466 GiB total, 40,707 GiB free.
Y: is NetworkDisk (NTFS) - 1861 GiB total, 1318,586 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe Acrobat 7.1.0 Professional
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 16 ActiveX
Adobe Flash Player 16 NPAPI
Adobe Reader XI (11.0.09)
Adobe Shockwave Player 12.1
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2510531)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2544521)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2618444)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2744842)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2761465)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2792100)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2797052)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2799329)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2809289)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2817183)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2829530)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2838727)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2846071)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2847204)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2862772)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2870699)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2879017)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2888505)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2898785)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2909210)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2909921)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2925418)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2936068)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2964358)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB982381)
Aggiornamento della protezione per Windows Media Player (KB2834904-v2)
Aggiornamento della protezione per Windows Media Player (KB2834904)
Aggiornamento della protezione per Windows XP (KB2778344)
Aggiornamento della protezione per Windows XP (KB2780091)
Aggiornamento della protezione per Windows XP (KB2799494)
Aggiornamento della protezione per Windows XP (KB2802968)
Aggiornamento della protezione per Windows XP (KB2807986)
Aggiornamento della protezione per Windows XP (KB2808735)
Aggiornamento della protezione per Windows XP (KB2813170)
Aggiornamento della protezione per Windows XP (KB2813345)
Aggiornamento della protezione per Windows XP (KB2820197)
Aggiornamento della protezione per Windows XP (KB2820917)
Aggiornamento della protezione per Windows XP (KB2829361)
Aggiornamento della protezione per Windows XP (KB2834886)
Aggiornamento della protezione per Windows XP (KB2839229)
Aggiornamento della protezione per Windows XP (KB2845187)
Aggiornamento della protezione per Windows XP (KB2847311)
Aggiornamento della protezione per Windows XP (KB2849470)
Aggiornamento della protezione per Windows XP (KB2850851)
Aggiornamento della protezione per Windows XP (KB2850869)
Aggiornamento della protezione per Windows XP (KB2859537)
Aggiornamento della protezione per Windows XP (KB2862152)
Aggiornamento della protezione per Windows XP (KB2862330)
Aggiornamento della protezione per Windows XP (KB2862335)
Aggiornamento della protezione per Windows XP (KB2864063)
Aggiornamento della protezione per Windows XP (KB2868626)
Aggiornamento della protezione per Windows XP (KB2876217)
Aggiornamento della protezione per Windows XP (KB2876315)
Aggiornamento della protezione per Windows XP (KB2876331)
Aggiornamento della protezione per Windows XP (KB2883150)
Aggiornamento della protezione per Windows XP (KB2892075)
Aggiornamento della protezione per Windows XP (KB2893294)
Aggiornamento della protezione per Windows XP (KB2893984)
Aggiornamento della protezione per Windows XP (KB2898715)
Aggiornamento della protezione per Windows XP (KB2900986)
Aggiornamento della protezione per Windows XP (KB2914368)
Aggiornamento della protezione per Windows XP (KB2916036)
Aggiornamento della protezione per Windows XP (KB2922229)
Aggiornamento della protezione per Windows XP (KB2929961)
Aggiornamento della protezione per Windows XP (KB2930275)
Aggiornamento per Windows Internet Explorer 8 (KB2598845)
Aggiornamento per Windows XP (KB2863058)
Aggiornamento per Windows XP (KB2904266)
Aggiornamento per Windows XP (KB2934207)
Apple Mobile Device Support
Avira
Avira Free Antivirus
Bit4Id - CSP e PKCS#11 per la CRS Lombardia - 1.2.11
CCleaner
CIGO dt
CompanionLink
Core FTP LE
CRS Kit 1.0
CRS Manager 1.1.4.0
CUD 2014
DAEMON Tools Lite
Dropbox
DYMO Label v.8
Fast File Renamer 2.0
File Repair
FileHippo App Manager
Google Chrome
Google Update Helper
GoToMeeting 5.5.0.1132
GPRES2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
IBM AS/400 Client Access Express per Windows
IBM AS/400 Client Access Express per Windows SI11806
IBM Notes 9.0.1 (Basic) it
INPS uniEMens integrato
iTunes
Java 7 Update 71
Java Auto Updater
K-Lite Codec Pack 7.0.0 (Standard)
Kaspersky Security Scan
LibreOffice 4.2 Help Pack (Italian)
LibreOffice 4.2.6.3
Live Upgrade
Mercurio Internet
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Silverlight
Microsoft SQL Server Compact 3.5 SP2 ITA
Modello 730 2014
Modello 770 Semplificato 2014
Mozilla Firefox 33.1.1 (x86 it)
Mozilla Maintenance Service
NinjaTrader 7
QuickTime 7
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
RealUpgrade 1.1
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2)
Spybot - Search & Destroy
Supporto applicazioni Apple
swMSM
VC80CRTRedist - 8.0.50727.6195
VLC media player 2.0.8
Windows Internet Explorer 8
.
==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.71.2
Run by Mepra at 8:52:44 on 2014-11-21
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.1953.496 [GMT 1:00]
.
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\DYMO\DYMO Label Software\DymoPnpService.exe
C:\lotus\notes\nsd.exe
C:\Programmi\Java\jre7\bin\jqs.exe
C:\Programmi\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\lotus\notes\SUService.exe
c:\Programmi\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\lotus\notes\ntmulti.exe
C:\Programmi\Panasonic\Panasonic-DMS\Panasonic NUS\PamService.exe
C:\Programmi\Panasonic\TrapMonitor\Trapmnnt.exe
C:\Programmi\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Programmi\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Programmi\Spybot - Search & Destroy 2\SDUpdSvc.exe
c:\Programmi\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Programmi\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Programmi\Avira\My Avira\Avira.OE.ServiceHost.exe
C:\Programmi\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programmi\Panasonic\Panasonic-DMS\Device Monitor\DMWakeup.exe
C:\Programmi\Panasonic\Panasonic-DMS\Panasonic NUS\PamDlg.exe
C:\WINDOWS\system32\SSLEmptyCache.exe
C:\Programmi\Real\RealPlayer\update\realsched.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\Programmi\Spybot - Search & Destroy 2\SDTray.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\Programmi\Avira\My Avira\Avira.OE.Systray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\FileHippo.com\FileHippo.AppManager.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Documents and Settings\Mepra\Mercurio\jre\launch4j-tmp\Mercurio.exe
C:\Programmi\Panasonic\Panasonic-DMS\LRecvTrap\LRecvTrap.exe
C:\Programmi\Panasonic\Panasonic-DMS\Port Controller\Mfpscdl.exe
C:\Documents and Settings\Mepra\Dati applicazioni\Dropbox\bin\Dropbox.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmi\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
C:\Programmi\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\RealNetworks\RealDownloader\recordingmanager.exe
C:\Programmi\Adobe\Adobe Photoshop CS5\Photoshop.exe
C:\Programmi\File comuni\Adobe\CS5ServiceManager\CS5ServiceManager.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
mSearch Page = about:blank
mDefault_Page_URL = about:blank
mDefault_Search_URL = about:blank
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\programmi\file comuni\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\dati applicazioni\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\programmi\java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\programmi\file comuni\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\programmi\java\jre7\bin\jp2ssv.dll
uRun: [DAEMON Tools Lite] "c:\programmi\daemon tools lite\DTLite.exe" -autorun
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [FileHippo.com] "c:\programmi\filehippo.com\FileHippo.AppManager.exe" /background
uRun: [Mercurio Live] c:\documents and settings\mepra\mercurio\Mercurio.exe
uRun: [KSS] "c:\programmi\kaspersky lab\kaspersky security scan 2.0\kss.exe" /autorun
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AdobeAAMUpdater-1.0] "c:\programmi\file comuni\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\programmi\file comuni\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\programmi\file comuni\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [Panasonic Device Monitor Wakeup] c:\programmi\panasonic\panasonic-dms\device monitor\DMWakeup.exe
mRun: [Panasonic Application Manager Agent] c:\programmi\panasonic\panasonic-dms\panasonic nus\PamDlg.exe
mRun: [APSDaemon] "c:\programmi\file comuni\apple\apple application support\APSDaemon.exe"
mRun: [SSLEmptyCache] c:\windows\system32\SSLEmptyCache.exe
mRun: [Client Access Service] "c:\programmi\ibm\client access\cwbsvstr.exe"
mRun: [Client Access Help Update] "c:\programmi\ibm\client access\cwbinhlp.exe"
mRun: [Client Access Check Version] "c:\programmi\ibm\client access\cwbckver.exe" LOGIN
mRun: [Client Access Express Welcome] "c:\programmi\ibm\client access\cwbwlwiz.exe"
mRun: [TkBellExe] "c:\programmi\real\realplayer\update\realsched.exe" -osboot
mRun: [avgnt] "c:\programmi\avira\antivir desktop\avgnt.exe" /min
mRun: [SDTray] "c:\programmi\spybot - search & destroy 2\SDTray.exe"
mRun: [Adobe ARM] "c:\programmi\file comuni\adobe\arm\1.0\AdobeARM.exe"
mRun: [DLSService] "c:\programmi\dymo\dymo label software\DLSService.exe"
mRun: [SunJavaUpdateSched] "c:\programmi\file comuni\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\programmi\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\programmi\quicktime\QTTask.exe" -atboottime
mRun: [Avira Systray] c:\programmi\avira\my avira\Avira.OE.Systray.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\documents and settings\mepra\menu avvio\programmi\esecuzione automatica\Av.bat
StartupFolder: c:\docume~1\mepra\menuav~1\progra~1\esecuz~1\colleg~1.lnk - c:\AS-LOGIN.bat
StartupFolder: c:\docume~1\mepra\menuav~1\progra~1\esecuz~1\dropbox.lnk - c:\documents and settings\mepra\dati applicazioni\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\mepra\menuav~1\progra~1\esecuz~1\mercurio.lnk - c:\programmi\mercurio\Mercurio.exe
StartupFolder: c:\docume~1\alluse~1\menuav~1\progra~1\esecuz~1\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-7760-000000000002}\SC_Acrobat.exe
StartupFolder: c:\docume~1\alluse~1\menuav~1\progra~1\esecuz~1\jobsta~1.lnk - c:\programmi\panasonic\panasonic-dms\lrecvtrap\LRecvTrap.exe
StartupFolder: c:\docume~1\alluse~1\menuav~1\progra~1\esecuz~1\panaso~1.lnk - c:\programmi\panasonic\panasonic-dms\port controller\Mfpscdl.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: &Download All using 4shared Desktop - c:\programmi\4shared desktop\Desktop.32/D_ALL_LINK
IE: &Download using 4shared Desktop - c:\programmi\4shared desktop\Desktop.32/D_ONE_LINK
IE: Convert link target to Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\programmi\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programmi\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1348151699250
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1348151756703
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://active.macromedia.com/flash5/cabs/swflash.cab
TCP: Interfaces\{B29C1FD5-8878-4C91-ADC7-6FF324C56C01} : NameServer = 62.97.32.21,62.97.33.21
Name-Space Handler: ftp\* - {419A0123-4312-1122-A0C0-434FDA6DA542} - c:\programmi\coreftp\pftpns.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\programmi\google\chrome\application\41.0.2224.3\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\mepra\dati applicazioni\mozilla\firefox\profiles\5sh61bw1.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: c:\documents and settings\all users\dati applicazioni\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\dati applicazioni\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\dati applicazioni\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\documents and settings\all users\dati applicazioni\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\documents and settings\mepra\dati applicazioni\mozilla\firefox\profiles\5sh61bw1.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\programmi\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\programmi\dymo\dymo label software\framework\npDYMOLabelFramework.dll
FF - plugin: c:\programmi\file comuni\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect32.dll
FF - plugin: c:\programmi\file comuni\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect64.dll
FF - plugin: c:\programmi\google\update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: c:\programmi\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\programmi\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\programmi\microsoft silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\programmi\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1214154.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_16_0_0_228.dll
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2014-6-23 37352]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2014-3-17 243128]
R1 SDHookDriver;Hook Test Driver;c:\programmi\spybot - search & destroy 2\SDHookDrv32.sys [2014-7-4 46336]
R2 AntiVirSchedulerService;Avira Scheduler;c:\programmi\avira\antivir desktop\sched.exe [2014-6-23 432888]
R2 AntiVirService;Avira Real-Time Protection;c:\programmi\avira\antivir desktop\avguard.exe [2014-6-23 432888]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2014-6-23 98160]
R2 Avira.OE.ServiceHost;Avira Service Host;c:\programmi\avira\my avira\Avira.OE.ServiceHost.exe [2014-10-22 164656]
R2 DymoPnpService;DYMO PnP Service;c:\programmi\dymo\dymo label software\DymoPnpService.exe [2014-3-20 33072]
R2 IBM Notes Diagnostics;Diagnostica IBM Notes;c:\lotus\notes\nsd.exe -svcinvoke -ini "c:\lotus\notes\notes.ini" --> c:\lotus\notes\nsd.exe -svcinvoke -ini c:\lotus\notes\notes.ini [?]
R2 KSS;Servizio Kaspersky Security Scan;c:\programmi\kaspersky lab\kaspersky security scan 2.0\kss.exe [2014-6-15 202080]
R2 LNSUSvc;Servizio IBM Notes Smart Upgrade ;c:\lotus\notes\SUService.exe [2013-10-15 1654376]
R2 Panasonic Application Manager Service;Panasonic Application Manager Service;c:\programmi\panasonic\panasonic-dms\panasonic nus\PamService.exe [2008-10-15 20480]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\programmi\realnetworks\realdownloader\rndlresolversvc.exe [2013-8-14 39056]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\programmi\spybot - search & destroy 2\SDFSSvc.exe [2014-7-4 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\programmi\spybot - search & destroy 2\SDUpdSvc.exe [2014-7-4 2088408]
R2 UNS;Intel® Management and Security Application User Notification Service;c:\programmi\intel\intel® management engine components\uns\UNS.exe [2012-9-20 2656280]
R3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\MBAMSwissArmy.sys [?]
R3 MEI;Intel® Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2012-9-20 41088]
R3 SNXPCARD;Multi-I/O Card Driver;c:\windows\system32\drivers\snxpcard.sys [2012-9-20 59272]
R3 SNXPSERX;Multi-I/O Serial Port Driver;c:\windows\system32\drivers\snxpserx.sys [2012-9-20 60808]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\programmi\spybot - search & destroy 2\SDWSCSvc.exe [2014-7-4 171928]
S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usbxp.sys [2013-9-16 24832]
S3 SwitchBoard;SwitchBoard;c:\programmi\file comuni\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S4 AntiVirWebService;Avira Web Protection;c:\programmi\avira\antivir desktop\avwebgrd.exe [2014-6-23 993584]
.
=============== Created Last 30 ================
.
2014-11-20 17:47:15 -------- d-----w- c:\programmi\Kaspersky Lab
2014-11-20 17:47:15 -------- d-----w- c:\documents and settings\all users\dati applicazioni\Kaspersky Lab
2014-11-18 09:55:58 -------- d-----w- c:\programmi\SiteLookup
2014-10-28 07:15:57 159744 ----a-w- c:\programmi\internet explorer\plugin\npqtplugin5.dll
2014-10-28 07:15:57 159744 ----a-w- c:\programmi\internet explorer\plugin\npqtplugin4.dll
2014-10-28 07:15:57 159744 ----a-w- c:\programmi\internet explorer\plugin\npqtplugin3.dll
2014-10-28 07:15:57 159744 ----a-w- c:\programmi\internet explorer\plugin\npqtplugin2.dll
2014-10-28 07:15:57 159744 ----a-w- c:\programmi\internet explorer\plugin\npqtplugin.dll
.
==================== Find3M ====================
.
2014-11-20 14:24:15 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-20 14:24:15 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-17 12:15:08 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-10-17 12:15:08 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-10-14 08:00:16 86016 ----a-w- c:\windows\system32\NtDirect.dll
2014-10-02 13:23:20 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2014-10-02 13:23:20 69632 ----a-w- c:\windows\system32\QuickTime.qts
2014-10-01 11:51:02 98160 ----a-w- c:\windows\system32\drivers\avgntflt.sys
.
============= FINISH: 8.53.15,67 ===============


Results of screen317's Security Check version 0.99.90
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
CCleaner
Java 7 Update 71
Adobe Flash Player 16.0.0.228
Adobe Reader XI
Mozilla Firefox (33.1.1)
Google Chrome (40.0.2214.10)
Google Chrome (41.0.2224.3)
Google Chrome (chrome.exe..)
Google Chrome (debug.log..)
Google Chrome (Dictionaries...)
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Kaspersky Lab Kaspersky Security Scan 2.0 kss.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 14% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````


;***********************************************************************************************************************************************************************************
ANALYSIS: 2014-11-22 08:19:38
PROTECTIONS: 1
MALWARE: 2
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Avira Desktop 14.0.7.310 No Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00624454 Trj/Genetic.gen Virus/Trojan No 0 Yes No c:\documents and settings\mepra\desktop\securitycheck.exe
14579601 PUP/Conduit.A HackTools No 0 No No c:\documents and settings\mepra\documenti\downloads\divxinstaller(3).exe[checktbexist.exe]
14579601 PUP/Conduit.A HackTools No 0 No No j:\documenti 05 08 2014\downloads\divxinstaller(3).exe[installer.exe]
14579601 PUP/Conduit.A HackTools No 0 No No j:\documenti 05 08 2014\downloads\divxinstaller(3).exe[checktbexist.exe]
14579601 PUP/Conduit.A HackTools No 0 No No c:\documents and settings\mepra\documenti\downloads\divxinstaller(3).exe[installer.exe]
;===================================================================================================================================================================================
SUSPECTS
Sent Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description
;===================================================================================================================================================================================
;===================================================================================================================================================================================


#2 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,223 posts

Posted 22 November 2014 - 07:27 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
 
Download Malwarebytes' Anti-Malware from Here
 
Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
  • POST THE LOG FOR MY REVIEW.
     
    Note:
    If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
    Click OK to either and let MBAM proceed with the disinfection process.
    If asked to restart the computer, please do so immediately.
    ===
     
    Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
  • IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
  • If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
  • ===
     
    Download the version of this tool for your operating system.
    and save it to a folder on your computer's Desktop.
    Double-click to run it. When the tool opens click Yes to disclaimer.
    Press Scan button.
    It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
    ===
     
    Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
    To attach a file select the "More Reply Option" and follow the instructions.
     
    How is the computer running?
    Wait for further instructions.

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #3 emanuele

    emanuele

      Advanced Member

    • Helper Trainee
    • PipPipPip
    • 130 posts

    Posted 24 November 2014 - 04:07 AM

    Hi nasadq

     

    Thank you very much for your prompt help

    I post herewith the logs: about your last questions (how is my computer running), it seems that the computer is a bit slow

     

    Emanuele67

     

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Data scansione: 24/11/2014
    Ora scansione: 10.21.24
    File di log: MBAM.txt
    Amministratore: Si

    Versione: 2.00.3.1025
    Database malware: v2014.11.24.04
    Database rootkit: v2014.11.22.01
    Licenza: Premium
    Protezione da malware: Attivata
    Protezione da siti web nocivi: Attivata
    Autoprotezione: Disattivata

    SO: Windows XP Service Pack 3
    CPU: x86
    File system: NTFS
    Utente: Mepra

    Tipo di scansione: Scansione elementi nocivi
    Risultati: Completata
    Elementi analizzati: 319291
    Tempo impiegato: 16 min, 24 sec

    Memoria: Attivata
    Esecuzioni automatiche: Attivata
    File system: Attivata
    Archivi compressi: Attivata
    Rootkit: Disattivata
    Euristica: Attivata
    PUP: Attivata
    PUM: Attivata

    Processi: 0
    (Nessun elemento malevolo rilevato)

    Moduli: 0
    (Nessun elemento malevolo rilevato)

    Chiavi di registro: 0
    (Nessun elemento malevolo rilevato)

    Valori di registro: 0
    (Nessun elemento malevolo rilevato)

    Dati di registro: 0
    (Nessun elemento malevolo rilevato)

    Cartelle: 0
    (Nessun elemento malevolo rilevato)

    File: 0
    (Nessun elemento malevolo rilevato)

    Settori fisici: 0
    (Nessun elemento malevolo rilevato)

    (end)

     

    # AdwCleaner v4.101 - Rapporto creato 24/11/2014 in 10:47:53
    # Aggiornato 09/11/2014 di Xplode
    # Database : 2014-11-07.1 [Local]
    # Sistema operativo : Microsoft Windows XP Service Pack 3 (32 bits)
    # Nome utente : Mepra - EMANUELE
    # In esecuzione da : C:\Documents and Settings\Mepra\Desktop\adwcleaner-4-101-multi-win.exe
    # Opzione : Pulisci

    ***** [ Servizi ] *****

    ***** [ File / Cartelle ] *****

    Cartella Eliminato : C:\Documents and Settings\All Users\Dati applicazioni\apn
    Cartella Eliminato : C:\Programmi\SiteLookup
    Cartella Eliminato : C:\Documents and Settings\Mepra\Dati applicazioni\WebExtend
    File Eliminato : C:\Documents and Settings\Mepra\Dati applicazioni\Bubble Dock.installation.log

    ***** [ Compiti ] *****

    ***** [ Collegamenti ] *****

    ***** [ Registro ] *****

    Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\4shared Tools
    Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
    Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7}
    Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7}
    Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
    Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
    Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

    ***** [ Browser ] *****

    -\\ Internet Explorer v8.0.6001.18702

    -\\ Mozilla Firefox v33.1.1 (x86 it)

    [5sh61bw1.default\prefs.js] - Riga eliminata : user_pref("extensions.toolbar_AVIRA-V7C@apn.ask.com.install-event-fired", true);

    -\\ Google Chrome v41.0.2224.3

    [C:\Documents and Settings\Mepra\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Web Data] - Eliminati [Search Provider] : hxxp://www.my-online-search.com/?q={searchTerms}&babsrc=SP_ofln&mntrId=5C4180C16EE2D760&cat=buenosearch&dlb=1&affID=128492&tsp=5207

    *************************

    AdwCleaner[R0].txt - [14518 octets] - [26/09/2014 16:52:06]
    AdwCleaner[R1].txt - [2465 octets] - [24/11/2014 10:45:10]
    AdwCleaner[S0].txt - [14823 octets] - [26/09/2014 16:56:53]
    AdwCleaner[S1].txt - [2418 octets] - [24/11/2014 10:47:53]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2478 octets] ##########

     

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2014
    Ran by Mepra (administrator) on EMANUELE on 24-11-2014 11:03:36
    Running from C:\Documents and Settings\Mepra\Desktop\FRST
    Loaded Profile: Mepra (Available profiles: Mepra)
    Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Italiano (Italia)
    Internet Explorer Version 8
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Avira Operations GmbH & Co. KG) C:\Programmi\Avira\AntiVir Desktop\sched.exe
    (Avira Operations GmbH & Co. KG) C:\Programmi\Avira\AntiVir Desktop\avguard.exe
    (Apple Inc.) C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Programmi\Bonjour\mDNSResponder.exe
    (Sanford, L.P.) C:\Programmi\DYMO\DYMO Label Software\DymoPnpService.exe
    (IBM) C:\Lotus\Notes\nsd.exe
    (Oracle Corporation) C:\Programmi\Java\jre7\bin\jqs.exe
    (Kaspersky Lab ZAO) C:\Programmi\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
    (Intel Corporation) C:\Programmi\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (IBM Corp) C:\Lotus\Notes\SUService.exe
    (Malwarebytes Corporation) C:\Programmi\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Programmi\Malwarebytes Anti-Malware\mbamservice.exe
    (IBM Corp) C:\Lotus\Notes\ntmulti.exe
    (Panasonic Communications Co., Ltd.) C:\Programmi\Panasonic\Panasonic-DMS\Panasonic NUS\PamService.exe
    (Panasonic) C:\Programmi\Panasonic\TrapMonitor\Trapmnnt.exe
    () C:\Programmi\RealNetworks\RealDownloader\rndlresolversvc.exe
    (Safer-Networking Ltd.) C:\Programmi\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Malwarebytes Corporation) C:\Programmi\Malwarebytes Anti-Malware\mbam.exe
    (Safer-Networking Ltd.) C:\Programmi\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Microsoft Corporation) C:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (Intel Corporation) C:\Programmi\Intel\Intel® Management Engine Components\UNS\UNS.exe
    (Avira Operations GmbH & Co. KG) C:\Programmi\Avira\AntiVir Desktop\avshadow.exe
    (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
    (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
    (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
    (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
    (Panasonic Communications Co., Ltd.) C:\Programmi\Panasonic\Panasonic-DMS\Device Monitor\DMWakeup.exe
    (Panasonic Communications Co., Ltd.) C:\Programmi\Panasonic\Panasonic-DMS\Panasonic NUS\PamDlg.exe
    () C:\WINDOWS\system32\SSLEmptyCache.exe
    (RealNetworks, Inc.) C:\Programmi\Real\RealPlayer\Update\realsched.exe
    (Avira Operations GmbH & Co. KG) C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
    (Safer-Networking Ltd.) C:\Programmi\Spybot - Search & Destroy 2\SDTray.exe
    (Oracle Corporation) C:\Programmi\File comuni\Java\Java Update\jusched.exe
    (Avira Operations GmbH & Co. KG) C:\Programmi\Avira\My Avira\Avira.OE.Systray.exe
    () C:\Programmi\FileHippo.com\FileHippo.AppManager.exe
    (Kaspersky Lab ZAO) C:\Programmi\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
    (Sun Microsystems, Inc.) C:\Documents and Settings\Mepra\Mercurio\jre\launch4j-tmp\Mercurio.exe
    (Panasonic Communications Co., Ltd.) C:\Programmi\Panasonic\Panasonic-DMS\LRecvTrap\LRecvTrap.exe
    (Panasonic Communications Co., Ltd.) C:\Programmi\Panasonic\Panasonic-DMS\Port Controller\Mfpscdl.exe
    (Dropbox, Inc.) C:\Documents and Settings\Mepra\Dati applicazioni\Dropbox\bin\Dropbox.exe
    (Sun Microsystems, Inc.) C:\Programmi\Mercurio\jre\bin\javaw.exe
    (Apple Inc.) C:\Programmi\iPod\bin\iPodService.exe

    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20065936 2012-06-06] (Realtek Semiconductor Corp.)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Programmi\File comuni\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
    HKLM\...\Run: [SwitchBoard] => C:\Programmi\File comuni\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Programmi\File comuni\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
    HKLM\...\Run: [Panasonic Device Monitor Wakeup] => C:\Programmi\Panasonic\Panasonic-DMS\Device Monitor\DMWakeup.exe [421888 2008-06-17] (Panasonic Communications Co., Ltd.)
    HKLM\...\Run: [Panasonic Application Manager Agent] => C:\Programmi\Panasonic\Panasonic-DMS\Panasonic NUS\PamDlg.exe [49152 2008-12-16] (Panasonic Communications Co., Ltd.)
    HKLM\...\Run: [APSDaemon] => C:\Programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
    HKLM\...\Run: [SSLEmptyCache] => C:\WINDOWS\system32\SSLEmptyCache.exe [57344 2008-05-21] ()
    HKLM\...\Run: [Client Access Service] => C:\Programmi\IBM\Client Access\cwbsvstr.exe [20530 2001-05-08] (IBM Corporation)
    HKLM\...\Run: [Client Access Help Update] => C:\Programmi\IBM\Client Access\cwbinhlp.exe [24626 2001-05-08] (IBM Corporation)
    HKLM\...\Run: [Client Access Check Version] => C:\Programmi\IBM\Client Access\cwbckver.exe [49152 2001-05-08] (IBM Corporation)
    HKLM\...\Run: [Client Access Express Welcome] => C:\Programmi\IBM\Client Access\cwbwlwiz.exe [20530 2001-05-08] (IBM Corporation)
    HKLM\...\Run: [TkBellExe] => C:\Programmi\Real\RealPlayer\update\realsched.exe [295512 2013-08-29] (RealNetworks, Inc.)
    HKLM\...\Run: [avgnt] => C:\Programmi\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-18] (Avira Operations GmbH & Co. KG)
    HKLM\...\Run: [SDTray] => C:\Programmi\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    HKLM\...\Run: [Adobe ARM] => C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
    HKLM\...\Run: [DLSService] => "C:\Programmi\DYMO\DYMO Label Software\DLSService.exe"
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Programmi\File comuni\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
    HKLM\...\Run: [iTunesHelper] => C:\Programmi\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
    HKLM\...\Run: [QuickTime Task] => C:\Programmi\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKLM\...\Run: [Avira Systray] => C:\Programmi\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
    HKU\S-1-5-21-682003330-1957994488-839522115-1003\...\Run: [DAEMON Tools Lite] => C:\Programmi\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
    HKU\S-1-5-21-682003330-1957994488-839522115-1003\...\Run: [FileHippo.com] => C:\Programmi\FileHippo.com\FileHippo.AppManager.exe [1435136 2014-10-03] ()
    HKU\S-1-5-21-682003330-1957994488-839522115-1003\...\Run: [KSS] => C:\Programmi\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-15] (Kaspersky Lab ZAO)
    HKU\S-1-5-21-682003330-1957994488-839522115-1003\...\Run: [Mercurio Live] => C:\Documents and Settings\Mepra\Mercurio\Mercurio.exe [31744 2013-06-25] (Zucchetti S.p.A.)
    Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Adobe Acrobat Speed Launcher.lnk
    ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe ()
    Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Job Status Utility.lnk
    ShortcutTarget: Job Status Utility.lnk -> C:\Programmi\Panasonic\Panasonic-DMS\LRecvTrap\LRecvTrap.exe (Panasonic Communications Co., Ltd.)
    Startup: C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Panasonic Communications Utility.lnk
    ShortcutTarget: Panasonic Communications Utility.lnk -> C:\Programmi\Panasonic\Panasonic-DMS\Port Controller\Mfpscdl.exe (Panasonic Communications Co., Ltd.)
    Startup: C:\Documents and Settings\Mepra\Menu Avvio\Programmi\Esecuzione automatica\Av.bat ()
    Startup: C:\Documents and Settings\Mepra\Menu Avvio\Programmi\Esecuzione automatica\Collegamento a AS-LOGIN.lnk
    ShortcutTarget: Collegamento a AS-LOGIN.lnk -> C:\AS-LOGIN.bat ()
    Startup: C:\Documents and Settings\Mepra\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Mepra\Dati applicazioni\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\Documents and Settings\Mepra\Menu Avvio\Programmi\Esecuzione automatica\Mercurio.lnk
    ShortcutTarget: Mercurio.lnk -> C:\Programmi\Mercurio\Mercurio.exe (Zucchetti S.p.A.)
    BootExecute: autocheck autochk * sdnclean.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-682003330-1957994488-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-682003330-1957994488-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-682003330-1957994488-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    SearchScopes: HKU\S-1-5-21-682003330-1957994488-839522115-1003 -> DefaultScope {65D290DA-7796-44A7-B6DA-2F026F9A5741} URL = https://www.google.c...?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-682003330-1957994488-839522115-1003 -> {65D290DA-7796-44A7-B6DA-2F026F9A5741} URL = https://www.google.c...?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-682003330-1957994488-839522115-1003 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://it.search.yah...}&fr=chr-comodo
    BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Dati applicazioni\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programmi\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programmi\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1348151756703
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
    DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoft...s/as2stubie.cab
    DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macrom...abs/swflash.cab
    Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmi\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
    Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
    Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Programmi\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
    ShellExecuteHooks: Hook per l'esecuzione degli URL - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8492032 2012-06-08] (Microsoft Corporation)
    Winsock: Catalog5 04 C:\Programmi\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Tcpip\..\Interfaces\{B29C1FD5-8878-4C91-ADC7-6FF324C56C01}: [NameServer] 62.97.32.21,62.97.33.21

    FireFox:
    ========
    FF ProfilePath: C:\Documents and Settings\Mepra\Dati applicazioni\Mozilla\Firefox\Profiles\5sh61bw1.default
    FF Homepage: about:home
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_228.dll ()
    FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.)
    FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programmi\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin: @dymo.com/DymoLabelFramework -> C:\Programmi\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.)
    FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Programmi\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Programmi\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Programmi\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @pandasecurity.com/activescan -> C:\Programmi\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
    FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> C:\Programmi\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Documents and Settings\All Users\Dati applicazioni\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Dati applicazioni\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
    FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Dati applicazioni\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
    FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> C:\Programmi\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
    FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Documents and Settings\All Users\Dati applicazioni\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programmi\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programmi\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @videolan.org/vlc,version=2.0.3 -> C:\Programmi\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Programmi\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin: Adobe Reader -> C:\Programmi\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Programmi\File comuni\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
    FF Extension: Avira Browser Safety - C:\Documents and Settings\Mepra\Dati applicazioni\Mozilla\Firefox\Profiles\5sh61bw1.default\Extensions\abs@avira.com [2014-11-20]
    FF Extension: Italian dictionary - C:\Documents and Settings\Mepra\Dati applicazioni\Mozilla\Firefox\Profiles\5sh61bw1.default\Extensions\it-IT@dictionaries.addons.mozilla.org [2014-08-04]
    FF Extension: r9ULKb4x2RMsRde - C:\Documents and Settings\Mepra\Dati applicazioni\Mozilla\Firefox\Profiles\5sh61bw1.default\Extensions\{5d606586-4556-4272-9196-a2e4014cd664} [2014-11-24]
    FF Extension: Browser Ext Assistance - C:\Documents and Settings\Mepra\Dati applicazioni\Mozilla\Firefox\Profiles\5sh61bw1.default\Extensions\{729c9605-0626-4792-9584-4cbe65b243e6} [2014-11-18]
    FF Extension: Web Finder - C:\Documents and Settings\Mepra\Dati applicazioni\Mozilla\Firefox\Profiles\5sh61bw1.default\Extensions\{aef90853-1c88-47e0-97d4-0da8f83f6c66} [2014-11-19]
    FF Extension: Bitdefender QuickScan - C:\Documents and Settings\Mepra\Dati applicazioni\Mozilla\Firefox\Profiles\5sh61bw1.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-07-18]
    FF Extension: 4shared Desktop Plugin - C:\Documents and Settings\Mepra\Dati applicazioni\Mozilla\Firefox\Profiles\5sh61bw1.default\Extensions\4sharedCopyLinks.xpi [2013-03-14]
    FF Extension: MEGA - C:\Documents and Settings\Mepra\Dati applicazioni\Mozilla\Firefox\Profiles\5sh61bw1.default\Extensions\firefox@mega.co.nz.xpi [2014-08-07]
    FF Extension: Test Pilot - C:\Documents and Settings\Mepra\Dati applicazioni\Mozilla\Firefox\Profiles\5sh61bw1.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-02-01]
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-09-20]
    FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Dati applicazioni\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF Extension: RealDownloader - C:\Documents and Settings\All Users\Dati applicazioni\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-08-29]
    FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Dati applicazioni\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF Extension: No Name - {20a82645-c095-46ed-80e3-08825760534b} [Not Found]
    FF Extension: No Name - {DF153AFF-6948-45d7-AC98-4FC4AF8A08E2} [Not Found]

    Chrome:
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR DefaultSearchKeyword: Default -> my-online-search.com
    CHR DefaultSearchURL: Default -> http://www.my-online...128492&tsp=5207
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
    CHR Profile: C:\Documents and Settings\Mepra\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\default
    CHR Extension: (Documenti Google) - C:\Documents and Settings\Mepra\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-06]
    CHR Extension: (Google Drive) - C:\Documents and Settings\Mepra\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-06]
    CHR Extension: (YouTube) - C:\Documents and Settings\Mepra\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-06]
    CHR Extension: (Ricerca Google) - C:\Documents and Settings\Mepra\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-06]
    CHR Extension: (Avira Browser Safety) - C:\Documents and Settings\Mepra\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-27]
    CHR Extension: (RealDownloader) - C:\Documents and Settings\Mepra\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-11-06]
    CHR Extension: (Google Wallet) - C:\Documents and Settings\Mepra\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-06]
    CHR Extension: (Gmail) - C:\Documents and Settings\Mepra\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-06]
    CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Dati applicazioni\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S3 Adobe LM Service; C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe [69632 2012-11-30] (Adobe Systems) [File not signed]
    R2 AntiVirSchedulerService; C:\Programmi\Avira\AntiVir Desktop\sched.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG)
    R2 AntiVirService; C:\Programmi\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG)
    S4 AntiVirWebService; C:\Programmi\Avira\AntiVir Desktop\AVWEBGRD.EXE [993584 2014-11-18] (Avira Operations GmbH & Co. KG)
    R2 Apple Mobile Device; C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744 2014-10-07] (Apple Inc.)
    S2 Avira.OE.ServiceHost; C:\Programmi\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
    R2 Bonjour Service; C:\Programmi\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
    S3 Cwbrxd; C:\WINDOWS\CWBRXD.EXE [53248 2001-05-08] (IBM Corporation) [File not signed]
    R2 DymoPnpService; C:\Programmi\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2014-03-20] (Sanford, L.P.)
    S3 FLEXnet Licensing Service; C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2012-09-20] (Macrovision Europe Ltd.) [File not signed]
    S2 gupdate; C:\Programmi\Google\Update\GoogleUpdate.exe [116648 2013-11-06] (Google Inc.)
    S3 gupdatem; C:\Programmi\Google\Update\GoogleUpdate.exe [116648 2013-11-06] (Google Inc.)
    R2 IBM Notes Diagnostics; C:\lotus\notes\nsd.exe [5164136 2013-10-15] (IBM)
    S3 IDriverT; C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
    R3 iPod Service; C:\Programmi\iPod\bin\iPodService.exe [540968 2014-10-15] (Apple Inc.)
    R2 JavaQuickStarterService; C:\Programmi\Java\jre7\bin\jqs.exe [182696 2014-10-17] (Oracle Corporation)
    R2 KSS; C:\Programmi\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-15] (Kaspersky Lab ZAO)
    R2 LMS; C:\Programmi\Intel\Intel® Management Engine Components\LMS\LMS.exe [326168 2011-02-01] (Intel Corporation)
    R2 LNSUSvc; C:\lotus\notes\SUService.exe [1654376 2013-10-15] (IBM Corp)
    R2 MBAMScheduler; C:\Programmi\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
    R2 MBAMService; C:\Programmi\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
    S3 MozillaMaintenance; C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe [114288 2014-11-14] (Mozilla Foundation)
    R2 MSSQL$SQLEXPRESS; c:\Programmi\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
    S4 MSSQLServerADHelper; c:\Programmi\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
    R2 Multi-user Cleanup Service; C:\lotus\notes\ntmulti.exe [38504 2013-10-15] (IBM Corp)
    R2 Panasonic Application Manager Service; C:\Programmi\Panasonic\Panasonic-DMS\Panasonic NUS\PamService.exe [20480 2008-10-15] (Panasonic Communications Co., Ltd.) [File not signed]
    R2 Panasonic Trap Monitor Service; C:\Programmi\Panasonic\TrapMonitor\Trapmnnt.exe [69632 2004-02-24] (Panasonic) [File not signed]
    R2 RealNetworks Downloader Resolver Service; C:\Programmi\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
    R2 SDScannerService; C:\Programmi\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Programmi\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    S2 SDWSCService; C:\Programmi\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    R2 SQLBrowser; c:\Programmi\Microsoft SQL Server\90\Shared\sqlbrowser.exe [238944 2010-12-10] (Microsoft Corporation)
    R2 SQLWriter; c:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe [86880 2010-12-10] (Microsoft Corporation)
    S3 SwitchBoard; C:\Programmi\File comuni\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R2 UNS; C:\Programmi\Intel\Intel® Management Engine Components\UNS\UNS.exe [2656280 2011-02-01] (Intel Corporation)
    S3 WMPNetworkSvc; C:\Programmi\Windows Media Player\WMPNetwk.exe [913408 2006-10-18] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S3 ACSSCR; C:\WINDOWS\System32\DRIVERS\a38usbxp.sys [24832 2004-04-30] (Advanced Card Systems Ltd)
    R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [98160 2014-10-01] (Avira Operations GmbH & Co. KG)
    R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2014-10-01] (Avira Operations GmbH & Co. KG)
    R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2014-05-27] (Avira Operations GmbH & Co. KG)
    R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-03-17] (Disc Soft Ltd)
    R3 ialm; C:\WINDOWS\System32\DRIVERS\igxpmp32.sys [2177024 2011-11-21] (Intel Corporation) [File not signed]
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-24] (Malwarebytes Corporation)
    R3 MEI; C:\WINDOWS\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation) [File not signed]
    R0 pavboot; C:\WINDOWS\System32\drivers\pavboot.sys [28552 2009-06-30] (Panda Security, S.L.)
    R1 SDHookDriver; C:\Programmi\Spybot - Search & Destroy 2\SDHookDrv32.sys [46336 2014-04-25] ()
    R3 SNXPCARD; C:\WINDOWS\System32\DRIVERS\snxpcard.sys [59272 2009-12-03] (Manufactor)
    R3 SNXPSERX; C:\WINDOWS\System32\DRIVERS\snxpserx.sys [60808 2009-12-03] (Manufactor)
    R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2014-05-27] (Avira GmbH)
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-11-24 11:03 - 2014-11-24 11:03 - 00000000 ____D () C:\Documents and Settings\Mepra\Desktop\FRST
    2014-11-24 10:43 - 2014-11-24 10:43 - 02140160 _____ () C:\Documents and Settings\Mepra\Desktop\adwcleaner-4-101-multi-win.exe
    2014-11-24 09:15 - 2014-11-24 09:15 - 00001055 _____ () C:\Documents and Settings\Mepra\Desktop\MBAM.txt
    2014-11-24 08:43 - 2014-11-24 10:53 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2014-11-24 08:43 - 2014-11-24 10:15 - 00000749 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    2014-11-24 08:43 - 2014-11-24 10:15 - 00000000 ____D () C:\Programmi\Malwarebytes Anti-Malware
    2014-11-24 08:43 - 2014-11-24 10:15 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Avvio\Programmi\Malwarebytes Anti-Malware
    2014-11-24 08:43 - 2014-10-01 11:11 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
    2014-11-24 08:43 - 2014-10-01 11:11 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
    2014-11-21 08:57 - 2009-06-30 10:37 - 00028552 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\pavboot.sys
    2014-11-20 18:47 - 2014-11-20 18:47 - 00000794 _____ () C:\Documents and Settings\Mepra\Desktop\Kaspersky Security Scan.lnk
    2014-11-20 18:47 - 2014-11-20 18:47 - 00000000 ____D () C:\Programmi\Kaspersky Lab
    2014-11-20 18:47 - 2014-11-20 18:47 - 00000000 ____D () C:\Documents and Settings\Mepra\Menu Avvio\Programmi\Kaspersky Security Scan
    2014-11-20 18:47 - 2014-11-20 18:47 - 00000000 ____D () C:\Documents and Settings\All Users\Dati applicazioni\Kaspersky Lab
    2014-11-20 16:01 - 2014-11-20 16:01 - 00000702 _____ () C:\Documents and Settings\All Users\Menu Avvio\Programmi\Mozilla Firefox.lnk
    2014-11-20 16:01 - 2014-11-20 16:01 - 00000696 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
    2014-11-20 16:01 - 2014-11-20 16:01 - 00000000 ____D () C:\Programmi\Mozilla Maintenance Service
    2014-11-20 16:01 - 2014-11-20 16:01 - 00000000 ____D () C:\Programmi\Mozilla Firefox
    2014-11-19 17:01 - 2014-11-19 17:01 - 00000127 _____ () C:\Report 2014-11-19 17.01.15.txt
    2014-11-18 10:56 - 2014-11-18 10:56 - 00001098 _____ () C:\Documents and Settings\All Users\Menu Avvio\Programmi\Adobe Application Manager.lnk
    2014-11-18 10:56 - 2014-11-18 10:56 - 00001092 _____ () C:\Documents and Settings\All Users\Desktop\Adobe Application Manager.lnk
    2014-11-06 15:20 - 2014-11-06 15:20 - 00000830 _____ () C:\Documents and Settings\All Users\Desktop\Avira.lnk
    2014-11-06 09:49 - 2014-11-06 09:49 - 00002072 _____ () C:\Documents and Settings\Mepra\Desktop\F24 On Line.lnk
    2014-11-05 14:52 - 2014-11-05 14:56 - 00077499 _____ () C:\Report 2014-11-05 14.52.38.txt
    2014-11-03 15:00 - 2014-11-03 15:00 - 00639111 _____ () C:\Documents and Settings\Mepra\Desktop\Allegato_n1_Modulo_di_domanda_Release_1_04dv2.pdf.p7m
    2014-11-03 15:00 - 2014-11-03 15:00 - 00042993 _____ () C:\Documents and Settings\Mepra\Desktop\Prospetto_calcolo_parametri_dimensionali.pdf.p7m
    2014-10-30 10:29 - 2014-11-18 08:23 - 00000000 ____D () C:\Documents and Settings\Mepra\Documenti\NinjaTrader 7
    2014-10-30 10:29 - 2014-11-11 18:33 - 00000000 ____D () C:\Documents and Settings\Mepra\Documenti\NinjaTrader Backup
    2014-10-30 10:29 - 2014-10-30 10:29 - 00001896 _____ () C:\Documents and Settings\All Users\Desktop\NinjaTrader 7.lnk
    2014-10-30 10:29 - 2014-10-30 10:29 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Avvio\Programmi\NinjaTrader 7
    2014-10-30 10:19 - 2014-11-24 10:49 - 00420920 _____ () C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
    2014-10-27 08:26 - 2014-10-27 08:26 - 00000654 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-11-24 11:03 - 2014-09-29 07:24 - 00000000 ____D () C:\FRST
    2014-11-24 11:03 - 2012-09-20 10:37 - 00000000 ____D () C:\Documents and Settings\Mepra\Impostazioni locali\Temp
    2014-11-24 11:00 - 2012-09-20 16:38 - 00000000 ____D () C:\Documents and Settings\Mepra\Documenti\Download
    2014-11-24 10:55 - 2012-09-20 10:28 - 01101031 _____ () C:\WINDOWS\WindowsUpdate.log
    2014-11-24 10:54 - 2013-04-15 09:29 - 00000000 ____D () C:\Documents and Settings\Mepra\Dati applicazioni\Dropbox
    2014-11-24 10:54 - 2013-01-17 12:29 - 00000000 ____D () C:\Documents and Settings\Mepra\Desktop\ANTIVIRUS
    2014-11-24 10:54 - 2012-09-20 16:40 - 00000000 ___RD () C:\Documents and Settings\Mepra\Documenti\Dropbox
    2014-11-24 10:53 - 2013-06-25 08:40 - 00000000 ____D () C:\Documents and Settings\Mepra\Mercurio
    2014-11-24 10:53 - 2012-12-27 09:50 - 00000292 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-682003330-1957994488-839522115-1003.job
    2014-11-24 10:53 - 2012-10-03 10:08 - 00000031 _____ () C:\dev.ini
    2014-11-24 10:52 - 2012-12-27 09:50 - 00000300 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-682003330-1957994488-839522115-1003.job
    2014-11-24 10:52 - 2008-04-14 12:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
    2014-11-24 10:51 - 2014-07-04 14:31 - 00000636 _____ () C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
    2014-11-24 10:51 - 2013-11-06 11:47 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2014-11-24 10:51 - 2012-12-13 12:11 - 00000270 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-682003330-1957994488-839522115-1003.job
    2014-11-24 10:51 - 2012-09-20 11:05 - 00000159 _____ () C:\WINDOWS\wiadebug.log
    2014-11-24 10:51 - 2012-09-20 11:05 - 00000050 _____ () C:\WINDOWS\wiaservc.log
    2014-11-24 10:50 - 2014-06-23 14:08 - 00029162 _____ () C:\SUService.log
    2014-11-24 10:50 - 2014-03-24 08:17 - 00000222 _____ () C:\WINDOWS\Tasks\Notifica di interruzione del servizio per Microsoft Windows XP - Accesso.job
    2014-11-24 10:50 - 2012-09-20 10:34 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2014-11-24 10:49 - 2012-10-10 08:43 - 00618806 ____C () C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-System.dat
    2014-11-24 10:49 - 2012-09-20 10:37 - 00000194 ___SH () C:\Documents and Settings\Mepra\ntuser.ini
    2014-11-24 10:49 - 2012-09-20 10:34 - 00032536 _____ () C:\WINDOWS\SchedLgU.Txt
    2014-11-24 10:49 - 2012-09-20 10:34 - 00000000 ___HD () C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni
    2014-11-24 10:47 - 2014-09-26 16:52 - 00000000 ____D () C:\AdwCleaner
    2014-11-24 10:47 - 2012-09-20 11:02 - 00000000 __RHD () C:\Documents and Settings\All Users\Dati applicazioni
    2014-11-24 10:47 - 2012-09-20 11:02 - 00000000 ____D () C:\Programmi
    2014-11-24 10:47 - 2012-09-20 10:37 - 00000000 __RHD () C:\Documents and Settings\Mepra\Dati applicazioni
    2014-11-24 10:30 - 2013-11-06 11:47 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2014-11-24 10:13 - 2013-02-01 10:47 - 00000978 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2014-11-24 08:43 - 2012-09-20 11:02 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Avvio\Programmi
    2014-11-24 08:28 - 2014-09-16 11:06 - 00002299 _____ () C:\Documents and Settings\All Users\Menu Avvio\Programmi\Adobe Reader XI.lnk
    2014-11-24 08:28 - 2012-11-30 14:57 - 00002299 _____ () C:\Documents and Settings\All Users\Menu Avvio\Programmi\Adobe Acrobat 7.0 Professional.lnk
    2014-11-24 08:18 - 2012-12-13 12:11 - 00000278 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-682003330-1957994488-839522115-1003.job
    2014-11-22 12:34 - 2012-09-20 10:37 - 00000000 ____D () C:\Documents and Settings\Mepra
    2014-11-22 12:00 - 2012-09-20 10:37 - 00000000 ___RD () C:\Documents and Settings\Mepra\Documenti
    2014-11-22 11:59 - 2014-01-09 14:06 - 00207360 _____ () C:\Documents and Settings\Mepra\Documenti\Mensa ARISTON 2014.xls
    2014-11-22 11:51 - 2013-01-09 14:58 - 00512000 _____ () C:\Documents and Settings\Mepra\Documenti\Prospetto permessi dal 2012.xls
    2014-11-22 02:00 - 2012-09-21 09:10 - 00000332 _____ () C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-EMANUELE-Mepra.job
    2014-11-22 02:00 - 2012-09-20 17:18 - 00000000 ____D () C:\Documents and Settings\Mepra\Impostazioni locali\Dati applicazioni\Adobe
    2014-11-21 18:30 - 2012-09-20 10:37 - 00000000 ___HD () C:\Documents and Settings\Mepra\Impostazioni locali\Dati applicazioni
    2014-11-21 17:50 - 2013-07-25 09:12 - 00000000 ____D () C:\Documents and Settings\Mepra\Documenti\Angelo Meanti
    2014-11-21 17:22 - 2012-09-20 17:34 - 00000000 ____D () C:\Documents and Settings\Mepra\zucchetti_prof
    2014-11-21 14:31 - 2012-09-20 16:43 - 00103936 ____C () C:\Documents and Settings\Mepra\Documenti\Forza Lavoro Aziendale.xls
    2014-11-21 08:57 - 2014-01-29 08:15 - 00408986 _____ () C:\WINDOWS\setupapi.log
    2014-11-21 08:57 - 2012-12-14 17:58 - 00000000 ____D () C:\Programmi\Panda Security
    2014-11-20 18:47 - 2012-09-20 10:37 - 00000000 ____D () C:\Documents and Settings\Mepra\Menu Avvio\Programmi
    2014-11-20 16:24 - 2008-04-14 12:00 - 00000579 _____ () C:\WINDOWS\win.ini
    2014-11-20 15:55 - 2012-09-20 14:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
    2014-11-20 15:50 - 2012-09-20 10:30 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Impostazioni locali\Dati applicazioni
    2014-11-20 15:24 - 2013-02-01 10:47 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
    2014-11-20 15:24 - 2013-02-01 10:47 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
    2014-11-19 21:42 - 2013-01-02 18:44 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
    2014-11-19 18:58 - 2012-09-20 10:26 - 00000000 ____D () C:\WINDOWS\Registration
    2014-11-19 12:01 - 2012-09-26 16:27 - 00019708 _____ () C:\WINDOWS\setupact.log
    2014-11-19 08:14 - 2014-07-04 14:31 - 00000608 _____ () C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
    2014-11-18 12:29 - 2012-11-08 17:26 - 00000000 ____D () C:\Documents and Settings\Mepra\Desktop\CD per fiere USA dettaglio
    2014-11-18 11:02 - 2013-01-24 18:30 - 00000000 ____D () C:\Programmi\SpywareBlaster
    2014-11-18 11:00 - 2012-09-20 17:14 - 00000000 ____D () C:\Programmi\Bonjour
    2014-11-18 10:55 - 2012-09-20 16:42 - 00000000 ____D () C:\Documents and Settings\Mepra\Documenti\Privacy
    2014-11-18 09:59 - 2012-09-20 16:42 - 00000000 ____D () C:\Documents and Settings\Mepra\Documenti\Pagamenti
    2014-11-18 08:25 - 2012-11-22 15:30 - 00000000 ____D () C:\BACKUP
    2014-11-17 19:18 - 2012-11-29 14:17 - 00000276 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    2014-11-17 16:38 - 2012-12-27 09:50 - 00000318 _____ () C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-682003330-1957994488-839522115-1003.job
    2014-11-17 10:58 - 2012-11-15 18:23 - 00000000 ____D () C:\EasyUpld
    2014-11-17 10:26 - 2012-09-21 16:19 - 00000420 _____ () C:\WINDOWS\BRWMARK.INI
    2014-11-17 08:40 - 2012-09-20 17:02 - 00000000 ___RD () C:\Apri
    2014-11-17 08:26 - 2013-04-15 09:30 - 00000000 ____D () C:\Documents and Settings\Mepra\Menu Avvio\Programmi\Dropbox
    2014-11-17 08:26 - 2012-09-20 10:37 - 00000000 ___RD () C:\Documents and Settings\Mepra\Menu Avvio\Programmi\Esecuzione automatica
    2014-11-12 15:59 - 2013-09-19 09:15 - 00002409 _____ () C:\Documents and Settings\All Users\Desktop\INPS uniEMens Integrato.lnk
    2014-11-12 08:31 - 2012-11-09 14:50 - 00000000 ____D () C:\Documents and Settings\Mepra\Dati applicazioni\CoreFTP
    2014-11-12 03:03 - 2013-08-28 16:46 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2014-11-12 03:00 - 2012-09-20 14:06 - 100445232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2014-11-11 16:15 - 2012-09-20 16:43 - 00000000 ____D () C:\Documents and Settings\Mepra\Documenti\Visite mediche
    2014-11-11 14:35 - 2012-09-20 16:43 - 00011776 ____C () C:\Documents and Settings\Mepra\Documenti\Lista dipendenti per assenze.xls
    2014-11-10 08:58 - 2012-09-20 10:37 - 00000000 ___HD () C:\Documents and Settings\Mepra\Risorse di rete
    2014-11-10 08:15 - 2014-08-27 09:23 - 00000000 ____D () C:\Documents and Settings\All Users\Dati applicazioni\Package Cache
    2014-11-08 12:46 - 2012-10-10 08:43 - 00618806 ____C () C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-S-1-5-21-682003330-1957994488-839522115-1003-0.dat
    2014-11-06 15:20 - 2014-06-23 09:24 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Avvio\Programmi\Avira
    2014-11-06 15:20 - 2014-06-23 09:23 - 00000000 ____D () C:\Programmi\Avira
    2014-11-04 10:11 - 2012-09-20 16:43 - 00053760 _____ () C:\Documents and Settings\Mepra\Documenti\Prospetto malattie e maternità.xls
    2014-11-03 16:27 - 2012-09-20 10:37 - 00000000 ___RD () C:\Documents and Settings\Mepra\Documenti\Immagini
    2014-10-31 18:41 - 2014-02-25 11:56 - 00000000 ____D () C:\Documents and Settings\Mepra\Desktop\Collegamenti desktop inutilizzati
    2014-10-30 10:29 - 2013-07-09 18:11 - 00000000 ____D () C:\Programmi\NinjaTrader 7
    2014-10-30 10:16 - 2014-09-22 08:38 - 00387072 ___SH () C:\Documents and Settings\Mepra\Documenti\Thumbs.db
    2014-10-29 18:32 - 2014-10-06 10:07 - 00000000 ____D () C:\Documents and Settings\Mepra\Documenti\Tirocinio
    2014-10-28 09:26 - 2012-09-20 16:41 - 00000000 ____D () C:\Documents and Settings\Mepra\Documenti\Leggi e Decreti
    2014-10-28 08:15 - 2013-05-25 07:39 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Avvio\Programmi\QuickTime
    2014-10-28 08:15 - 2012-09-29 10:14 - 00000000 ____D () C:\Programmi\QuickTime
    2014-10-27 15:24 - 2012-09-21 10:41 - 00000358 _____ () C:\WINDOWS\barcode.INI
    2014-10-27 09:14 - 2012-09-20 11:02 - 01382434 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2014-10-27 09:14 - 2008-04-14 12:00 - 00597920 _____ () C:\WINDOWS\system32\perfh010.dat
    2014-10-27 09:14 - 2008-04-14 12:00 - 00121290 _____ () C:\WINDOWS\system32\perfc010.dat
    2014-10-27 08:26 - 2012-09-25 16:38 - 00000000 ____D () C:\Programmi\CCleaner

    Some content of TEMP:
    ====================
    C:\Documents and Settings\Mepra\Impostazioni locali\Temp\avgnt.exe
    C:\Documents and Settings\Mepra\Impostazioni locali\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsajvus.dll
    C:\Documents and Settings\Mepra\Impostazioni locali\Temp\Quarantine.exe
    C:\Documents and Settings\Mepra\Impostazioni locali\Temp\sqlite3.dll

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    ==================== End Of Log ============================

     

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-11-2014
    Ran by Mepra at 2014-11-24 11:04:24
    Running from C:\Documents and Settings\Mepra\Desktop\FRST
    Boot Mode: Normal
    ==========================================================

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Avira Desktop (Disabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Acrobat 7.1.0 Professional (HKLM\...\Adobe Acrobat 7.0 Professional) (Version: 7.1.0 - Adobe Systems)
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
    Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
    Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.228 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.228 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.09) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2761465) (HKLM\...\KB2761465-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2792100) (HKLM\...\KB2792100-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2797052) (HKLM\...\KB2797052-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2799329) (HKLM\...\KB2799329-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2809289) (HKLM\...\KB2809289-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2817183) (HKLM\...\KB2817183-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2829530) (HKLM\...\KB2829530-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2847204) (HKLM\...\KB2847204-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows Media Player  (KB2834904) (HKLM\...\KB2834904_WM11) (Version:  - Microsoft Corporation)
    Aggiornamento della protezione per Windows Media Player  (KB2834904-v2) (HKLM\...\KB2834904-v2_WM11) (Version:  - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2778344) (HKLM\...\KB2778344) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2799494) (HKLM\...\KB2799494) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2808735) (HKLM\...\KB2808735) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2813170) (HKLM\...\KB2813170) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2820197) (HKLM\...\KB2820197) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2829361) (HKLM\...\KB2829361) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2839229) (HKLM\...\KB2839229) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2849470) (HKLM\...\KB2849470) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2850851) (HKLM\...\KB2850851) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2876315) (HKLM\...\KB2876315) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2883150) (HKLM\...\KB2883150) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
    Aggiornamento della protezione per Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
    Aggiornamento per Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
    Aggiornamento per Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
    Aggiornamento per Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
    Aggiornamento per Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
    Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
    Avira (HKLM\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
    Avira (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
    Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
    Bit4Id - CSP e PKCS#11 per la CRS Lombardia - 1.2.11 (HKLM\...\Bit4Id - CSP e PKCS#11 per la CRS Lombardia) (Version: 1.2.11 - Bit4Id)
    CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
    CIGO dt (HKLM\...\{FD257CD8-B183-4DC1-B5DB-C35FD01F7316}) (Version: 1.0.121 - INPS)
    CompanionLink (HKLM\...\{506EA5AF-B1FF-4340-AFC5-7A3EAC61737F}) (Version: 5.00.5050 - CompanionLink Software, Inc.)
    Core FTP LE (HKLM\...\CoreFTP) (Version:  - )
    CRS Kit 1.0 (HKLM\...\CRS Kit_is1) (Version:  - Lombardia Informatica S.p.a.)
    CRS Manager 1.1.4.0 (HKLM\...\CRS Manager_is1) (Version:  - )
    CUD 2014 (HKLM\...\CUD 2014) (Version:  - )
    DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
    Dropbox (HKU\S-1-5-21-682003330-1957994488-839522115-1003\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
    DYMO Label v.8 (HKLM\...\DYMO Label v.8) (Version: 8.5.1.1816 - Sanford, L.P.)
    Fast File Renamer 2.0 (HKLM\...\FastFileRenamer2) (Version:  - )
    File Repair (HKLM\...\File Repair_is1) (Version:  - File Repair)
    FileHippo App Manager (HKLM\...\FileHippo.com) (Version:  - FileHippo.com)
    Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2224.3 - Google Inc.)
    Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
    GoToMeeting 5.5.0.1132 (HKU\S-1-5-21-682003330-1957994488-839522115-1003\...\GoToMeeting) (Version: 5.5.0.1132 - CitrixOnline)
    GPRES2 (HKLM\...\{A7C4E3B8-F27D-44A9-97AD-D827F84011BE}) (Version: 9.17.0 - Zucchetti)
    IBM AS/400 Client Access Express per Windows (HKLM\...\ClientAccessExpress) (Version:  - )
    IBM AS/400 Client Access Express per Windows SI11806 (HKLM\...\ClientAccessExpressSP) (Version:  - )
    IBM Notes 9.0.1 (Basic) it (HKLM\...\{5A7EAC73-5284-402C-BD4F-D12FC5DC605B}) (Version: 9.01.13312 - IBM)
    INPS uniEMens integrato (HKLM\...\{99DF73D3-2FEB-4C9B-9788-DB314D735630}) (Version: 3.3.2 - INPS)
    iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
    Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
    Kaspersky Security Scan (HKLM\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C4}) (Version: 12.0.1.881 - Kaspersky Lab)
    Kaspersky Security Scan (Version: 12.0.1.881 - Kaspersky Lab) Hidden
    K-Lite Codec Pack 7.0.0 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
    LibreOffice 4.2 Help Pack (Italian) (HKLM\...\{630857B6-85B8-453B-A06A-6B278C231337}) (Version: 4.2.6.3 - The Document Foundation)
    LibreOffice 4.2.6.3 (HKLM\...\{14DB1822-00B5-4820-86B5-EF893CA46B53}) (Version: 4.2.6.3 - The Document Foundation)
    Live Upgrade (HKLM\...\Live Upgrade) (Version:  - )
    Malwarebytes Anti-Malware versione 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
    Mercurio Internet (HKLM\...\Mercurio) (Version: 04.00.00 - Zucchetti s.p.a.)
    Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 ITA (HKLM\...\{B23B8C0C-DEAE-4147-AFD4-


    #4 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,223 posts

    Posted 24 November 2014 - 06:37 AM

    Nothing suspicious was found on your logs.

     

    Try this.

     

    Firefox:
    Reset Default Browsing settings:
    ===
     
    Keep me posted.

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #5 emanuele

    emanuele

      Advanced Member

    • Helper Trainee
    • PipPipPip
    • 130 posts

    Posted 24 November 2014 - 07:41 AM

    Hi nasdaq

     

    It seems that, after the reset, Firefox works fine: I don't see opening windows anymore

     

    God bless you for your help again

     

    If I should have some other problem, I will inform you immediately

     

    Emanuele67



    #6 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,223 posts

    Posted 24 November 2014 - 09:46 AM

    Since the issue appears to be resolved this Topic is closed.

    If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760




    Member of UNITE
    Support SpywareInfo Forum - click the button