Discussione: Errore all'avvio
View Single Post
Old 18-12-2012, 12:42   #4
Getaway_Friends
Senior Member
 
L'Avatar di Getaway_Friends
 
Iscritto dal: Sep 2007
Messaggi: 1170
Quote:
Originariamente inviato da Eress Guarda i messaggi
Procurati Hirenscd, poi avvii il pc da quello, controlla se l'hd è visibile dal disco, nel caso fai delle scansioni antivirus per inziare.
Non riesco a trovare Hirenscd e in questi giorni ho notato che molti programmi mi danno errore, tipo nero, pinnacle studio 14 e microsoft office... ho eseguito una scansione con combofix e questo è il report:

ComboFix 12-12-17.02 - Getaway 18/12/2012 12:12:37.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.39.1040.18.4095.2421 [GMT 1:00]
Eseguito da: C:\Users\Getaway\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files (x86)\Incredibar.com
C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\inCRedibar.dll
C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll
C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll
C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe
C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\inCRedibartlbr.dll
C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownloadnSave
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownloadnSave\DownloadnSave.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownloadnSave\Uninstall.lnk
C:\Users\Getaway\AppData\Roaming\inst.exe
C:\Users\Getaway\AppData\Roaming\vso_ts_preview.xml
C:\Windows\SysWow64\muzapp.exe
C:\Windows\SysWow64\UNWISE.EXE


((((((((((((((((((((((((( Files Creati Da 2012-11-18 al 2012-12-18 )))))))))))))))))))))))))))))))))))


2012-12-18 11:34:11 . 2012-12-18 11:34:11 -------- d-----w- C:\Users\Default\AppData\Local\temp
2012-12-17 23:54:07 . 2012-12-17 23:54:07 -------- d-----w- C:\ProgramData\PCTV Systems
2012-12-17 23:52:39 . 2012-12-17 23:52:39 -------- d-----w- C:\Users\Getaway\AppData\Local\Avid
2012-12-17 23:50:07 . 2012-12-17 23:50:07 -------- d-----w- C:\Program Files (x86)\Common Files\Pegasus Imaging
2012-12-17 23:38:26 . 2012-12-17 23:40:56 -------- d-----w- C:\ProgramData\Avid
2012-12-16 01:29:20 . 2009-05-19 16:39:22 3072 ------w- C:\Windows\SysWow64\BrDctF2S.dll
2012-12-16 01:29:20 . 2007-12-13 21:16:24 73728 ------w- C:\Windows\SysWow64\BrDctF2.dll
2012-12-16 01:29:20 . 2007-12-13 21:16:18 5120 ------w- C:\Windows\SysWow64\BrDctF2L.dll
2012-12-16 01:29:20 . 2006-12-28 12:39:54 176128 ------w- C:\Windows\SysWow64\BroSNMP.dll
2012-12-16 01:29:17 . 2008-06-17 14:33:14 167936 ------w- C:\Windows\SysWow64\NSSearch.dll
2012-12-08 15:58:10 . 2012-12-10 13:26:17 -------- d-----w- C:\Windows\AutoKMS
2012-12-08 15:37:57 . 2012-12-10 13:26:06 -------- d-----w- C:\Program Files\Common Files\DESIGNER
2012-12-08 15:37:20 . 2012-12-10 13:26:12 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2012-12-08 15:36:55 . 2012-12-10 13:25:07 -------- d-----w- C:\Program Files\Microsoft Sync Framework
2012-12-08 15:36:55 . 2012-12-10 13:25:07 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2012-12-08 15:36:55 . 2012-12-08 15:36:55 -------- d-----w- C:\Windows\PCHEALTH
2012-12-08 15:35:37 . 2012-12-10 13:26:05 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-12-08 15:34:29 . 2012-12-10 13:24:14 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2012-12-08 15:34:29 . 2012-12-10 13:23:57 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2012-12-08 15:33:53 . 2012-12-10 13:24:17 -------- d-----w- C:\Program Files\Microsoft Office
2012-12-08 15:33:43 . 2012-12-10 13:23:34 -------- d-----r- C:\MSOCache
2012-12-04 10:26:33 . 2012-12-04 10:26:33 283200 ----a-w- C:\Windows\system32\drivers\dtsoftbus01.sys
2012-12-04 10:21:58 . 2012-12-04 10:26:33 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
2012-12-03 19:46:28 . 2007-12-10 00:00:00 568832 ----a-w- C:\Windows\system32\ZSHP1018.EXE
2012-12-03 19:46:28 . 2007-12-10 00:00:00 115200 ----a-w- C:\Windows\system32\ZLhp1018.DLL
2012-11-23 15:14:54 . 2012-11-23 15:14:54 -------- d-----w- C:\ProgramData\Ask
.


(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))

2012-12-12 17:07:09 . 2012-04-03 15:38:14 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-12 17:07:09 . 2011-05-13 09:28:09 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-04 10:22:16 . 2010-09-28 20:16:36 564824 ----a-w- C:\Windows\system32\drivers\sptd.sys
2012-09-29 17:54:26 . 2010-09-28 20:22:18 25928 ----a-w- C:\Windows\system32\drivers\mbam.sys


------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.

[7] 2009-07-14 01:41:56 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385 (win7_rtm.090713-1255)] .. C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2012-08-01 19:11:15 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7600.16385 (win7_rtm.090713-1255)] .. C:\Windows\system32\user32.dll

[-] 2012-08-01 19:11:15 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7600.16385 (win7_rtm.090713-1255)] .. C:\Windows\SysWOW64\user32.dll
[7] 2009-07-14 01:11:24 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385 (win7_rtm.090713-1255)] .. C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))


*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 11:49:26 153136]
"GoogleChromeAutoLaunch_C1F73B137D9CAC7AD0AB81F364D39F91"="C:\Users\Getaway\AppData\Local\Google\Chrome\Application\chrome.exe" [2012-12-05 01:15:17 1242728]
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 10:46:46 3673728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-05-18 00:46:06 2157056]
"JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe" [2009-06-30 03:57:48 36864]
"PlusService"="C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2012-07-24 07:48:45 801792]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 22:32:54 61440]
"SSBkgdUpdate"="C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 08:03:38 210472]
"PaperPort PTD"="C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-09 22:07:00 29984]
"IndexSearch"="C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-09 22:05:10 46368]
"PPort11reminder"="C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 08:01:58 328992]
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-14 09:16:34 348664]
"MessengerPlusForSkypeService"="C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" [2012-10-11 10:24:43 122368]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 19:43:34 926896]
"AdobeCS5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 21:10:47 402432]
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 11:37:14 517096]
"BrMfcWnd"="C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 15:46:10 1159168]
"ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 09:26:54 114688]

C:\Users\Getaway\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
tbhcn.lnk - C:\Users\Getaway\AppData\Roaming\BrowserCompanion\tbhcn.exe [2012-6-28 695448]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\I:\0autocheck autochk *

R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-04-02 04:27:27 90112]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 12:27:14 138576]
R2 CrossLoopService;CrossLoop Service;C:\Users\Getaway\AppData\Local\CrossLoop\CrossLoopService.exe [2010-08-17 17:26:38 560848]
R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-08-10 19:35:20 227184]
R2 ServUpdater;Serv Updater;C:\Users\Getaway\AppData\Local\ServUpdater\ServiceUpd.exe [2011-12-16 16:44:48 156160]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 11:28:36 160944]
R2 SoftwareUpd;Software Upd;C:\Users\Getaway\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe [2012-04-23 13:43:10 161280]
R3 cpuz135;cpuz135;C:\Users\Getaway\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\system32\DRIVERS\ewusbnet.sys [2009-07-23 09:57:20 132608]
R3 MotDev;Motorola Inc. USB Device;C:\Windows\system32\DRIVERS\motodrv.sys [x]
R3 netr7364;Driver scheda LAN wireless USB RT73 per Vista;C:\Windows\system32\DRIVERS\netr7364.sys [2009-06-10 20:35:38 707072]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\system32\drivers\nmwcdnsucx64.sys [2010-07-26 11:24:54 12800]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\system32\drivers\nmwcdnsux64.sys [2010-07-26 11:24:58 171008]
R3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 20:20:56 174440]
R3 Samsung UPD Service;Samsung UPD Service;C:\Windows\System32\SUPDSvc.exe [2010-08-09 02:04:10 166704]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys [2011-12-08 04:22:28 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 04:22:28 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 04:22:28 177640]
R3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 11:37:14 517096]
R3 tvnserver;TightVNC Server;C:\Users\Getaway\AppData\Local\CrossLoop\tvnserver.exe [2010-07-21 06:50:26 814080]
R3 WatAdminSvc;Servizio Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-01 19:10:58 1255736]
S0 sptd;sptd;C:\Windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys [2011-12-16 08:51:31 27760]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-04 10:26:33 283200]
S2 aksdf;aksdf;C:\Windows\system32\DRIVERS\aksdf.sys [2006-12-13 17:14:14 65024]
S2 AntiVirSchedulerService;Avira Pianificatore;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-08-14 09:16:38 86224]
S2 MsgPlusService;Messenger Plus! Service;C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [2012-10-11 10:24:43 122368]
S2 SSPORT;SSPORT;C:\Windows\system32\Drivers\SSPORT.sys [2009-03-02 13:12:18 11576]
S2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-10-23 09:47:48 2848168]
S3 BthAvrcp;Profilo Bluetooth AVRCP;C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 06:38:24 29184]
S3 Point64;Microsoft IntelliPoint Filter Driver;C:\Windows\system32\DRIVERS\point64.sys [2010-07-21 15:03:16 45456]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys [2009-05-08 03:24:58 1196032]


[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

Contenuto della cartella 'Scheduled Tasks'

2012-12-18 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 15:38:14 . 2012-12-12 17:07:09]

2012-12-17 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-145727960-3603238907-3936116073-1001Core.job
- C:\Users\Getaway\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-07 20:53:13 . 2012-05-07 20:53:10]

2012-12-18 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-145727960-3603238907-3936116073-1001UA.job
- C:\Users\Getaway\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-07 20:53:13 . 2012-05-07 20:53:10]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 15:03:16 2327952]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2010-07-21 15:18:04 2306448]
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 01:44:40 500208]
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 13:54:26 112512]

------- Scansione supplementare -------

uLocal Page = C:\Windows\system32\blank.htm
uStart Page = hxxp://www.plusnetwork.com/?sp=blatbf&t=a1122
mLocal Page = C:\Windows\SysWOW64\blank.htm
IE: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: E&sporta in Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: I&nvia a OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{01DCDBC3-497F-46FD-85A3-EFACDD4F500B}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{2DB70E27-5BC0-4AC6-A960-5AB9F2FF1021}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{378623EE-FADB-494C-A96B-32ED1C8D5439}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{505C192E-D397-4F43-8C90-4BACE9992967}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{50F67C4A-B9B0-49F7-ACEF-02C253D57A1E}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{60447A9A-82F3-4F36-AF27-6B48C18542CD}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{7BAC288B-344A-4C01-8C8D-90FD1B7C54E4}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{81E9E648-B5A4-4C27-BB5F-F00011F95793}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{8DA48D4A-0227-4EC2-86F4-2123A2F7004A}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{925147BB-857E-48B0-B26C-BBE751E69251}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{BE39EEAD-B424-4E22-8475-6C81B9A9CC8F}: NameServer = 176.31.229.24,176.31.229.25
FF - ProfilePath - C:\Users\Getaway\AppData\Roaming\Mozilla\Firefox\Profiles\opcboqr6.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.it
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 9666
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 9050
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 9666
FF - prefs.js: network.proxy.type - 4
FF - ExtSQL: 2019-09-25 23:40; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; C:\Users\Getaway\AppData\Roaming\Mozilla\Firefox\Profiles\opcboqr6.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF - ExtSQL: !HIDDEN! 2010-11-29 21:49; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6PQFM0JAj2&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 567a729400000000000000025b00a5a5
FF - user.js: extensions.incredibar_i.instlDay - 15558
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.140:34:29
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6PQFM0JAj2
FF - user.js: extensions.incredibar_i.upn2n - 92543361416833028
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10650
FF - user.js: extensions.incredibar_i.ppd - 34%5F7

- - - - CHIAVI ORFANE RIMOSSE - - - -

URLSearchHooks-{55f58bee-3fad-46fe-bf11-887e3bb32a43} - (no file)
BHO-{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
Toolbar-{F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
AddRemove-EuroTrasporti v.3.3 - c:\windows\system32\appremove.exe
AddRemove-Hardlock Device Drivers - C:\Windows\system32\UNWISE.EXE
AddRemove-incredibar - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe



--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@C:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="C:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="C:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
__________________
Case: Cooler Master RC-690-KWN1-GP - Black Window MoBo: Asus P5QD Turbo CPU: Intel Core 2 Quad Q9550 + Arctic Cooling Freezer 7 Pro VGA: Asus Nvidia GeForce GTX 650 Ram: OCZ 4x2GB OCZ2G8004GK PC2-6400 HD: Samsung MZ-75E250B/EU SSD 850 EVO + 2 Seagate Barracuda ST2000DM001 Alim: Enermax MODU 82+ II 625W Mast: Sony AD-5260S Monitor: Iiyama Prolite XB2483HSU
Getaway_Friends è offline   Rispondi citando il messaggio o parte di esso