Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-08-2017
Ran by tony sigona (19-08-2017 07:55:20)
Running from C:\Documents and Settings\tony sigona\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) (2016-08-04 12:11:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1390067357-484763869-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-1390067357-484763869-725345543-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1390067357-484763869-725345543-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1390067357-484763869-725345543-1002 - Limited - Disabled)
tony sigona (S-1-5-21-1390067357-484763869-725345543-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\tony sigona
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {7591db91-41f0-48a3-b128-1a293fd8233d}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1390067357-484763869-725345543-1003\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.)
Adobe Flash Player 26 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Italiano (HKLM\...\{AC76BA86-7AD7-1040-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
aerosoft's - Gibraltar 2004 - FS2004 (HKLM\...\{5D82B298-37CB-45A9-8DCF-653AE7970B51}) (Version: - )
aerosoft's - Wonderful Madeira - FS2004 (HKLM\...\{A7B4ACF2-5A81-44F4-8253-9211A3B8AFA8}-FS2004) (Version: - )
Aggiornamento della protezione per Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento della protezione per Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento per Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Aggiornamento per Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
ArcSoft PhotoBase 3 (HKLM\...\{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}) (Version: - )
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
Canon CanoScan Toolbox 4.1 (HKLM\...\{BCE46757-7674-4416-BEDB-68205A60409E}) (Version: - )
CLOUD9 Aviano CD upd (HKLM\...\{7E56E385-CBCC-48AC-9AC9-3B67BB9010EF}) (Version: 1.03 CD upd - )
CLOUD9 F104 1.03 (HKLM\...\{117B91A3-2308-446E-AB92-6855002A28DD}) (Version: 1.03 - )
CLOUD9 F104 add pack 2 (HKLM\...\{0C5A6CAD-7DA8-4104-BE1D-2938C2E352A7}) (Version: 1.00 - )
CLOUD9 F104 SP2 (HKLM\...\{3D26A007-25BA-4723-887E-13486DF3CC74}) (Version: 1.02 - )
CLOUD9 F104-CD 1.04 (HKLM\...\{7B6F93FB-C628-488E-B80E-B51E5107C148}) (Version: 1.04 - )
CLOUD9 Frecce Tricolori 1.00 CD (HKLM\...\{B2FC58CA-CCD8-4247-ADF1-59A2630D0DAC}) (Version: 1.00 CD - )
CLOUD9 Frecce Tricolori 1.04 (HKLM\...\{3F41C204-6D86-4A37-909D-E954C34C96F6}) (Version: 1.04 - )
C-Media 3D Audio (HKLM\...\C-Media Audio) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FS9 Configurator (HKLM\...\{ED654F5D-5DC9-46EA-9D10-621231527F98}) (Version: 1.6.0 - Ken Salter)
FSD Porter\FS 2004 (HKLM\...\FSD Porter for FS 2004) (Version: - )
Game Booster 3 (HKLM\...\Game Booster_is1) (Version: 3.4 - IObit)
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
iFly Jets - The 737NG for FS2004 (HKLM\...\iFly Jets - The 737NG for FS2004) (Version: - )
Java 8 Update 131 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
kACARS_Free (HKLM\...\{EB7C076C-719C-4030-8864-AB20F326E714}) (Version: 1.0.1011 - FS-Products)
LAGO FS Falcon FS2004 version 2.00 (HKLM\...\{D36165EF-5846-45A6-BD11-F581D183F312}) (Version: 2.00.00 - )
LAGO G91 (HKLM\...\{F35A99F6-B690-45FC-B826-AF812B1A6133}) (Version: 1.00.1 - )
LAGO Lampedusa (HKLM\...\{67367969-31A6-4372-BE90-97A13D612114}) (Version: 1.00.000 - )
LAGO Reggio Calabria version 2.00 for FS2004 (HKLM\...\{0DFB2506-9036-4757-BB88-9A717E524326}) (Version: 2.00.00 - )
LAGO Tornado! 2.00 (HKLM\...\{AD3471F4-08E2-4C1C-BA0F-AF4BE17BBE13}) (Version: 2.00.00 - )
Logitech Gaming Software (HKLM\...\{93EC14D5-7AAA-4EAD-BB75-013817A96598}) (Version: 4.30 - )
Logitech Pocket Digital (HKLM\...\{83A881FC-79D3-4A66-A173-F38BEBA40866}) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ITA (HKLM\...\{842F9881-E181-30B3-A152-008D61433274}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ITA (HKLM\...\{86BA3130-5938-3192-BBCF-6B0A2D86FA58}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano) (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - ita) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Flight Simulator 2004 - Un secolo di Aviazione (HKLM\...\Flight Simulator 9.0) (Version: 9.0 - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Milano Malpensa (HKLM\...\{382C0492-0456-4B9D-A80A-1154F4DABC5F}) (Version: 1.0.0.0 - ISD Project)
Mirage 2000 N Basic Pack (HKU\S-1-5-21-1390067357-484763869-725345543-1003\...\Mirage 2000 N Basic Pack) (Version: - )
Mobile Partner (HKLM\...\Mobile Partner) (Version: 11.301.08.20.51 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 43.0.1 (x86 it) (HKLM\...\Mozilla Firefox 43.0.1 (x86 it)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM\...\{3D249F10-79EC-48D4-93E5-C470ABE523FA}) (Version: 1.00.150.2 - Nokia) Hidden
Nokia Connectivity Cable Driver (HKLM\...\InstallShield_{3D249F10-79EC-48D4-93E5-C470ABE523FA}) (Version: 1.00.150.2 - Nokia)
Nokia PC Suite (HKLM\...\{617095DB-B523-4D11-BBFD-2D74C2AD98B8}) (Version: 6.60.16 - Nokia) Hidden
Nokia PC Suite (HKLM\...\InstallShield_{617095DB-B523-4D11-BBFD-2D74C2AD98B8}) (Version: 6.60.16 - Nokia)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
Pacchetto driver Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
PC Connectivity Solution (HKLM\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PMDG747_400 Queen of the Skies (HKLM\...\{97679567-0095-464E-B5F2-E218A1CF3421}) (Version: 1.10.0000 - Precision Manuals Development Group)
PMDG747_400F (HKLM\...\{164360E5-0AAD-48AD-8A36-3F8A859FAB6F}) (Version: 1.01.0000 - Precision Manuals Development Group)
QuickCam (HKLM\...\{43A9F944-0398-425E-9E22-201F65FE0CCA}) (Version: 5.4.4 - Logitech, Inc.)
Rafale C for FS9 (HKU\S-1-5-21-1390067357-484763869-725345543-1003\...\Rafale C for FS9) (Version: - )
RealPlayer 7 Basic (HKLM\...\RealPlayer 6.0) (Version: - )
SceneryConfigEditor v1.1.1 (remove only) (HKLM\...\SceneryConfigEditor) (Version: - )
Skype™ 7.36 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.150 - Skype Technologies S.A.)
VIRTUALI Addon Manager 1.81 (HKLM\...\VIRTUALI Addon Manager 1.81_is1) (Version: - )
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebFldrs XP (HKLM\...\{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080413.144514 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
XML Paper Specification Shared Components Language Pack 1.0 (HKLM\...\XPSEPSCLP) (Version: - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1390067357-484763869-725345543-1003_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Documents and Settings\tony sigona\Impostazioni locali\Dati applicazioni\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1390067357-484763869-725345543-1003_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Documents and Settings\tony sigona\Impostazioni locali\Dati applicazioni\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1390067357-484763869-725345543-1003_Classes\CLSID\{7EBDAAE0-8120-11CF-899F-00AA00688B10}\InprocServer32 -> C:\WINDOWS\system32\msstkprp.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1390067357-484763869-725345543-1003_Classes\CLSID\{7EBDAAE1-8120-11CF-899F-00AA00688B10}\InprocServer32 -> C:\WINDOWS\system32\msstkprp.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1390067357-484763869-725345543-1003_Classes\CLSID\{7EBDAAE2-8120-11CF-899F-00AA00688B10}\InprocServer32 -> C:\WINDOWS\system32\msstkprp.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1390067357-484763869-725345543-1003_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Documents and Settings\tony sigona\Impostazioni locali\Dati applicazioni\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1390067357-484763869-725345543-1003_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Documents and Settings\tony sigona\Impostazioni locali\Dati applicazioni\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programmi\AVAST Software\Avast\ashShell.dll [2017-08-04] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programmi\AVAST Software\Avast\ashShell.dll [2017-08-04] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Programmi\WinRAR\rarext.dll [2008-09-16] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programmi\AVAST Software\Avast\ashShell.dll [2017-08-04] (AVAST Software)
ContextMenuHandlers3: [GB3ContextMenu] -> {3A488FE8-9916-4F36-BDFF-3DED559142E5} => C:\Programmi\IObit\Game Booster 3\GBV3ContextMenu.dll [2011-11-29] (IObit)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Programmi\WinRAR\rarext.dll [2008-09-16] ()
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\WINDOWS\system32\nvshell.dll [2009-02-09] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {A70C977A-BF00-412C-90B7-034C51DA2439} => C:\WINDOWS\system32\nvcpl.dll [2009-02-09] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Programmi\AVAST Software\Avast\ashShell.dll [2017-08-04] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Programmi\WinRAR\rarext.dll [2008-09-16] ()
==================== Scheduled Tasks=============================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Avast Emergency Update.job => C:\Programmi\AVAST Software\Avast\AvEmUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1390067357-484763869-725345543-1003Core.job => C:\Documents and Settings\tony sigona\Impostazioni locali\Dati applicazioni\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1390067357-484763869-725345543-1003UA.job => C:\Documents and Settings\tony sigona\Impostazioni locali\Dati applicazioni\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\Game_Booster_AutoUpdate.job => C:\Programmi\IObit\Game Booster 3\AutoUpdate.exe
Task: C:\WINDOWS\Tasks\SafeZone scheduled Autoupdate 1472744085.job => C:\Programmi\AVAST Software\SZBrowser\launcher.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Documents and Settings\tony sigona\Menu Avvio\Programmi\Pack LLH Alpes 1\deneige.lnk -> C:\Programmi\Microsoft Games\Flight Simulator 9\deneige.bat ()
Shortcut: C:\Documents and Settings\tony sigona\Menu Avvio\Programmi\Pack LLH Alpes 1\neige.lnk -> C:\Programmi\Microsoft Games\Flight Simulator 9\neige.bat ()
==================== Loaded Modules (Whitelisted) ==============
2016-08-04 16:31 - 2008-09-16 20:18 - 000132608 _____ () C:\Programmi\WinRAR\rarext.dll
2009-02-09 07:18 - 2009-02-09 07:18 - 000466944 _____ () C:\WINDOWS\system32\nvshell.dll
2017-08-04 10:39 - 2017-08-04 10:39 - 000170224 _____ () C:\Programmi\AVAST Software\Avast\JsonRpcServer.dll
2017-08-04 10:40 - 2017-08-04 10:40 - 000192664 _____ () C:\Programmi\AVAST Software\Avast\event_routing_rpc.dll
2017-08-04 10:40 - 2017-08-04 10:40 - 000224256 _____ () C:\Programmi\AVAST Software\Avast\tasks_core.dll
2017-08-18 18:04 - 2017-08-18 18:04 - 005895544 _____ () C:\Programmi\AVAST Software\Avast\defs\17081808\algo.dll
2017-08-04 10:40 - 2017-08-04 10:40 - 000689272 _____ () C:\Programmi\AVAST Software\Avast\ffl2.dll
2017-08-04 10:39 - 2017-08-04 10:39 - 000231664 _____ () C:\Programmi\AVAST Software\Avast\streamback.dll
2017-08-04 10:41 - 2017-08-04 10:41 - 001059160 _____ () C:\Programmi\AVAST Software\Avast\AvChrome.dll
2016-09-01 17:22 - 2016-09-01 17:22 - 048936448 _____ () C:\Programmi\AVAST Software\Avast\libcef.dll
2017-04-29 08:21 - 2009-03-31 18:06 - 000114688 _____ () C:\Programmi\Mobile Partner\Mobile Partner.exe
2017-04-29 08:21 - 2007-08-23 16:39 - 000014848 ____R () C:\Programmi\Mobile Partner\isaputrace.dll
2017-04-29 08:21 - 2010-02-28 19:01 - 000114688 _____ () C:\Programmi\Mobile Partner\DeviceMgrPlugin.dll
2017-04-29 08:21 - 2009-09-29 15:15 - 000151552 _____ () C:\Programmi\Mobile Partner\NetInfoPlugin.dll
2017-04-29 08:21 - 2009-03-31 17:59 - 000090112 _____ () C:\Programmi\Mobile Partner\DialUpPlugin.dll
2017-04-29 08:21 - 2009-03-31 18:03 - 000057344 _____ () C:\Programmi\Mobile Partner\ConfigFilePlugin.dll
2017-04-29 08:21 - 2010-02-28 17:24 - 000991232 _____ () C:\Programmi\Mobile Partner\NDISAPI.dll
2017-04-29 08:21 - 2009-03-10 20:08 - 000155648 ____R () C:\Programmi\Mobile Partner\DetectDev.dll
2017-04-29 08:21 - 2009-03-10 20:08 - 000561152 ____R () C:\Programmi\Mobile Partner\atcomm.dll
2017-04-29 08:21 - 2009-03-10 20:08 - 000061440 ____R () C:\Programmi\Mobile Partner\XCodec.dll
2017-04-29 08:21 - 2009-03-10 20:08 - 000061440 ____R () C:\Programmi\Mobile Partner\DeviceOperate.dll
2017-04-29 08:21 - 2009-03-31 18:05 - 000135168 _____ () C:\Programmi\Mobile Partner\LocaleMgrPlugin.dll
2017-04-29 08:21 - 2009-03-31 18:04 - 000032768 _____ () C:\Programmi\Mobile Partner\NotifyServicePlugin.dll
2017-04-29 08:21 - 2010-02-28 18:59 - 000196608 _____ () C:\Programmi\Mobile Partner\DeviceMgrUIPlugin.dll
2017-04-29 08:21 - 2007-07-31 15:50 - 000090112 ____R () C:\Programmi\Mobile Partner\FileManager.dll
2017-04-29 08:21 - 2009-03-31 18:05 - 000159744 _____ () C:\Programmi\Mobile Partner\SMSPlugin.dll
2016-08-04 17:49 - 2014-08-31 11:55 - 001274880 _____ () C:\Documents and Settings\tony sigona\Desktop\firemin_2086\Firemin.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Documents and Settings\All Users\Dati applicazioni\TEMP:98B6886C [138]
AlternateDataStreams: C:\Documents and Settings\All Users\Dati applicazioni\TEMP:A1D5C6AA [134]
AlternateDataStreams: C:\Documents and Settings\All Users\Dati applicazioni\TEMP:D78FB54E [127]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1390067357-484763869-725345543-1003\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1390067357-484763869-725345543-1003\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2001-08-31 17:00 - 2001-08-31 17:00 - 000000768 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1390067357-484763869-725345543-1003\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 212.52.97.25 - 193.70.152.25
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Reality Fusion GameCam SE.lnk => C:\WINDOWS\pss\Reality Fusion GameCam SE.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^tony sigona^Menu Avvio^Programmi^Esecuzione automatica^Reality Fusion GameCam SE.lnk => C:\WINDOWS\pss\Reality Fusion GameCam SE.lnkStartup
MSCONFIG\startupreg: AvgUi => "C:\Programmi\AVG\Framework\Common\avguirnx.exe" /lps=fmw
MSCONFIG\startupreg: Cmaudio => RunDll32 cmicnfg.cpl,CMICtrlWnd
MSCONFIG\startupreg: CTFMON.EXE => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: DataLayer => C:\Programmi\File comuni\PCSuite\DataLayer\DataLayer.exe
MSCONFIG\startupreg: LVCOMS => C:\Programmi\File comuni\Logitech\PDDriver\LVCOMS.EXE
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
MSCONFIG\startupreg: nwiz => nwiz.exe /install
MSCONFIG\startupreg: PC Suite Tray => "C:\Programmi\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: PCSuiteTrayApplication => C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
MSCONFIG\startupreg: PcSync => C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
MSCONFIG\startupreg: RealTray => C:\Programmi\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
StandardProfile\AuthorizedApplications: [C:\Programmi\Microsoft Games\Flight Simulator 9\fs9.exe] => Enabled:Microsoft Flight Simulator
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\dpnsvr.exe] => Enabled:Microsoft DirectPlay8 Server
StandardProfile\AuthorizedApplications: [C:\Programmi\AVG\Av\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\tony sigona\Impostazioni locali\Dati applicazioni\Facebook\Video\Skype\FacebookVideoCalling.exe] => Enabled:Facebook Video Calling Plugin
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\tony sigona\Dati applicazioni\uTorrent\uTorrent.exe] => Enabled:μTorrent
StandardProfile\AuthorizedApplications: [C:\Programmi\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Programmi\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Programmi\Skype\Phone\Skype.exe] => Enabled:Skype
==================== Restore Points =========================
21-07-2017 14:04:39 Punto di arresto del sistema
22-07-2017 17:29:11 Punto di arresto del sistema
23-07-2017 19:02:25 Punto di arresto del sistema
24-07-2017 19:29:17 Punto di arresto del sistema
25-07-2017 19:37:01 Punto di arresto del sistema
26-07-2017 20:05:34 Punto di arresto del sistema
27-07-2017 21:48:51 Punto di arresto del sistema
29-07-2017 07:37:25 Punto di arresto del sistema
30-07-2017 12:36:50 Punto di arresto del sistema
31-07-2017 20:40:30 Punto di arresto del sistema
02-08-2017 07:41:49 Punto di arresto del sistema
03-08-2017 07:47:22 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
04-08-2017 10:51:31 Installed Windows XP Wdf01009.
05-08-2017 11:49:17 Punto di arresto del sistema
06-08-2017 12:11:05 Punto di arresto del sistema
07-08-2017 12:30:42 Punto di arresto del sistema
08-08-2017 13:39:37 Punto di arresto del sistema
10-08-2017 06:44:12 Punto di arresto del sistema
11-08-2017 18:38:46 Punto di arresto del sistema
12-08-2017 19:16:55 Punto di arresto del sistema
14-08-2017 07:28:47 Punto di arresto del sistema
15-08-2017 18:18:07 Punto di arresto del sistema
16-08-2017 08:09:06 Skype™ 7.36 rimosso
17-08-2017 11:10:47 Punto di arresto del sistema
18-08-2017 11:25:00 Punto di arresto del sistema
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/19/2017 06:53:11 AM) (Source: Google Update) (EventID: 20) (User: SIGONA-A3C70D4F)
Description: Event-ID 20
Error: (08/18/2017 10:44:35 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Impossibile estrarre l'elenco principale di altri produttori dal file .cab di aggiornamento automatico in: <
http://www.download.windowsupdate.com/m ... ootstl.cab> a causa del seguente errore: Un certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.
Error: (08/18/2017 10:44:34 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Impossibile estrarre l'elenco principale di altri produttori dal file .cab di aggiornamento automatico in: <
http://www.download.windowsupdate.com/m ... ootstl.cab> a causa del seguente errore: Un certificato richiesto non rientra nel suo periodo di validità se verificato rispetto all'ora corrente del sistema o al timestamp sul file firmato.
Error: (08/17/2017 09:12:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Applicazione che ha provocato l'errore plugin-container.exe, versione 43.0.1.5828, modulo che ha provocato l'errore mozglue.dll, versione 43.0.1.5828, indirizzo errore 0x0000ed63.
Elaborazione evento specifico al supporto per [plugin-container.exe!ws!] in corso
Error: (08/17/2017 06:51:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Applicazione che ha provocato l'errore acrord32.exe, versione 11.0.0.379, modulo che ha provocato l'errore msvcr100.dll, versione 10.0.40219.1, indirizzo errore 0x00002008.
Elaborazione evento specifico al supporto per [acrord32.exe!ws!] in corso
Error: (08/17/2017 10:04:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Applicazione che ha provocato l'errore explorer.exe, versione 6.0.2900.5512, modulo che ha provocato l'errore ntdll.dll, versione 5.1.2600.5512, indirizzo errore 0x00010cae.
Elaborazione evento specifico al supporto per [explorer.exe!ws!] in corso
Error: (08/16/2017 08:52:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Applicazione che ha provocato l'errore plugin-container.exe, versione 43.0.1.5828, modulo che ha provocato l'errore mozglue.dll, versione 43.0.1.5828, indirizzo errore 0x0000ed63.
Elaborazione evento specifico al supporto per [plugin-container.exe!ws!] in corso
Error: (08/16/2017 02:03:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Applicazione che ha provocato l'errore skype.exe, versione 7.36.0.150, modulo che ha provocato l'errore advapi32.dll, versione 5.1.2600.5512, indirizzo errore 0x00060ab9.
Elaborazione evento specifico al supporto per [skype.exe!ws!] in corso
Error: (08/16/2017 08:23:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Applicazione che ha provocato l'errore plugin-container.exe, versione 43.0.1.5828, modulo che ha provocato l'errore mozglue.dll, versione 43.0.1.5828, indirizzo errore 0x0000ed63.
Elaborazione evento specifico al supporto per [plugin-container.exe!ws!] in corso
Error: (08/16/2017 07:56:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Applicazione che ha provocato l'errore skype.exe, versione 7.36.0.150, modulo che ha provocato l'errore advapi32.dll, versione 5.1.2600.5512, indirizzo errore 0x00060ab9.
Elaborazione evento specifico al supporto per [skype.exe!ws!] in corso
System errors:
=============
Error: (08/19/2017 07:20:09 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Il lease 10.176.180.221 dell'indirizzo IP della scheda di rete con indirizzo 001E101F3DA8 è stato
negato dal server DHCP 10.77.143.97. Il server DHCP ha inviato un messaggio DHCPNACK.
Error: (08/17/2017 08:52:15 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Il lease 10.160.90.209 dell'indirizzo IP della scheda di rete con indirizzo 001E101F305F è stato
negato dal server DHCP 10.178.15.50. Il server DHCP ha inviato un messaggio DHCPNACK.
Error: (08/17/2017 05:08:58 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Il lease 10.177.193.98 dell'indirizzo IP della scheda di rete con indirizzo 001E101F7433 è stato
negato dal server DHCP 10.160.90.210. Il server DHCP ha inviato un messaggio DHCPNACK.
Error: (08/17/2017 10:14:05 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Il lease 10.172.32.133 dell'indirizzo IP della scheda di rete con indirizzo 001E101FE9C7 è stato
negato dal server DHCP 10.177.193.97. Il server DHCP ha inviato un messaggio DHCPNACK.
Error: (08/16/2017 07:52:20 AM) (Source: 0) (EventID: 55) (User: )
Description: Event-ID 55
Error: (08/15/2017 08:08:29 PM) (Source: 0) (EventID: 55) (User: )
Description: Event-ID 55
Error: (08/14/2017 06:52:40 PM) (Source: 0) (EventID: 55) (User: )
Description: Event-ID 55
Error: (08/14/2017 09:41:08 AM) (Source: 0) (EventID: 55) (User: )
Description: Event-ID 55
Error: (08/13/2017 09:25:51 PM) (Source: 0) (EventID: 55) (User: )
Description: Event-ID 55
Error: (08/13/2017 06:54:34 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Il lease 10.13.93.202 dell'indirizzo IP della scheda di rete con indirizzo 001E101F6C46 è stato
negato dal server DHCP 10.154.37.1. Il server DHCP ha inviato un messaggio DHCPNACK.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of memory in use: 19%
Total physical RAM: 3070.73 MB
Available physical RAM: 2481.82 MB
Total Virtual: 4960.44 MB
Available Virtual: 4543.56 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:74.52 GB) (Free:52.64 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive e: (Mobile Partner) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: 35FB97AD)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================