nel registro di sistema sono presenti alcune voci come indicato nel link sotto riferito a un vostro articolo
http://www.MegaLab.it/8276/2/come-rimuovere-i-virus-ransomware-o-virus-della-polizia-e-recuperare-i-dati-criptati
shutdown flags, win stationsdisabled,userinit system32.
eccoti il log di system look
SystemLook 30.07.11 by jpshortstuff
Log created at 19:51 on 30/01/2013 by user
Administrator - Elevation successful
========== file ==========
C:\Windows\System32\Wait.exe - File found and opened.
MD5: 4EC6B8195640CCAF2D0DC319B82F79E3
Created at 18:54 on 06/03/2011
Modified at 09:52 on 28/01/2009
Size: 142337 bytes
Attributes: --a----
C:\Windows\System32\drivers\sptd.sys - Unable to find/read file.
========== Environment Variables ==========
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\user\AppData\Roaming
asl.log=%asl.log%
CLASSPATH=%CLASSPATH%
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PC-USER
ComSpec=C:\Windows\system32\cmd.exe
configsetroot=%configsetroot%
DFSTRACINGON=%DFSTRACINGON%
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\user
LOCALAPPDATA=C:\Users\user\AppData\Local
LOGONSERVER=\\PC-USER
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\SolidWorks Corp\COSMOS M;C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\Microsoft SQL Server\90\Tools\binn;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\WiFi\bin;C:\Windows\Microsoft.NET\Framework\v2.0.50727;C:\Program Files\Common Files\Acronis\SnapAPI;C:\Windows\System32\WindowsPowerShell\v1.0
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 10, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0a
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=%PROMPT%
PUBLIC=C:\Users\Public
QTJAVA=%QTJAVA%
SESSIONNAME=%SESSIONNAME%
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\user\AppData\Local\Temp
TMP=C:\Users\user\AppData\Local\Temp
TRACE_FORMAT_SEARCH_PATH=%TRACE_FORMAT_SEARCH_PATH%
USERDOMAIN=PC-user
USERNAME=user
USERPROFILE=C:\Users\user
VBOX_INSTALL_PATH=%VBOX_INSTALL_PATH%
windir=C:\Windows
-= EOF =-
Log created at 19:51 on 30/01/2013 by user
Administrator - Elevation successful
========== file ==========
C:\Windows\System32\Wait.exe - File found and opened.
MD5: 4EC6B8195640CCAF2D0DC319B82F79E3
Created at 18:54 on 06/03/2011
Modified at 09:52 on 28/01/2009
Size: 142337 bytes
Attributes: --a----
C:\Windows\System32\drivers\sptd.sys - Unable to find/read file.
========== Environment Variables ==========
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\user\AppData\Roaming
asl.log=%asl.log%
CLASSPATH=%CLASSPATH%
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PC-USER
ComSpec=C:\Windows\system32\cmd.exe
configsetroot=%configsetroot%
DFSTRACINGON=%DFSTRACINGON%
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\user
LOCALAPPDATA=C:\Users\user\AppData\Local
LOGONSERVER=\\PC-USER
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\SolidWorks Corp\COSMOS M;C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\Microsoft SQL Server\90\Tools\binn;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\WiFi\bin;C:\Windows\Microsoft.NET\Framework\v2.0.50727;C:\Program Files\Common Files\Acronis\SnapAPI;C:\Windows\System32\WindowsPowerShell\v1.0
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 10, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0a
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=%PROMPT%
PUBLIC=C:\Users\Public
QTJAVA=%QTJAVA%
SESSIONNAME=%SESSIONNAME%
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\user\AppData\Local\Temp
TMP=C:\Users\user\AppData\Local\Temp
TRACE_FORMAT_SEARCH_PATH=%TRACE_FORMAT_SEARCH_PATH%
USERDOMAIN=PC-user
USERNAME=user
USERPROFILE=C:\Users\user
VBOX_INSTALL_PATH=%VBOX_INSTALL_PATH%
windir=C:\Windows
-= EOF =-
il log extras di otl
OTL Extras logfile created on: 31/01/2013 21:50:47 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: Regno Unito | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.06 Gb Available Physical Memory | 53.30% Memory free
4.93 Gb Paging File | 3.63 Gb Available in Paging File | 73.56% Paging File free
Paging file location(s): C:\pagefile.sys 3067 3067F:\pagef [Binary data over 200 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.57 Gb Total Space | 59.80 Gb Free Space | 53.60% Space Free | Partition Type: NTFS
Drive D: | 111.55 Gb Total Space | 111.46 Gb Free Space | 99.91% Space Free | Partition Type: NTFS
Drive E: | 7.13 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: PC-USER | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\PROGRA~1\MEDIAM~1\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\PROGRA~1\MEDIAM~1\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\PROGRA~1\MEDIAM~1\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-397757737-986699961-1055673849-1003]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4F9EAF6B-6F99-40C7-9ACE-2469FFA6F139}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{EF7EFAE4-A9F5-48D2-BC8C-9D760A18FEAD}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=%systemroot%\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A3B8C4B-6BAF-4EB1-BE47-A69F750A24F5}" = protocol=17 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |
"{4D12B58D-9373-46F1-9F76-B9FE22C9C1FA}" = protocol=58 | dir=in | app=system |
"{53D15430-396E-4BD3-8965-8272ACF5B2D6}" = protocol=17 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |
"{631FBCA3-EEE7-4A01-A8AD-F5E3ED0D42B6}" = protocol=6 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |
"{803AAA64-7D1D-40A5-9F87-B8EC9FACA402}" = protocol=17 | dir=in | app=c:\program files\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe |
"{818C8618-2A4C-4BDD-A183-4FD3A8795F8E}" = protocol=6 | dir=in | app=c:\program files\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe |
"{BAD05865-3DAB-456B-B145-48916BB2F938}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-203 |
"{C9A23E54-55B1-4763-A97F-7C3577496CF2}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{D9D3ED53-3C62-4AFA-BF94-A0F219FC8714}" = protocol=6 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |
"TCP Query User{22A9D9CC-B931-43AB-ABD9-7185D3480792}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{24606D3C-EEDF-463D-8771-3EC9C02D9630}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{2C4CD8AE-42F8-44B3-A99D-ED9A8C367AFC}C:\program files\mediamonkey\mediamonkey.exe" = protocol=6 | dir=in | app=c:\program files\mediamonkey\mediamonkey.exe |
"TCP Query User{D50AC6D1-8148-4B95-8FE2-F881A56248FB}C:\program files\wintv\wintv7\wintv7.exe" = protocol=6 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |
"UDP Query User{0BEED1BF-FDB6-4BB4-84F5-44602DDE9677}C:\program files\wintv\wintv7\wintv7.exe" = protocol=17 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |
"UDP Query User{436C1642-4825-46CD-BF6A-4C2702C9F646}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{E571B376-3DD3-4407-938F-CCF737BBA4F4}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{EB4787D6-43DB-40AC-97C6-7D229D14CC56}C:\program files\mediamonkey\mediamonkey.exe" = protocol=17 | dir=in | app=c:\program files\mediamonkey\mediamonkey.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03DB01C6-F188-41DA-B7C1-109F6CBCCF04}" = Delcam PSDocEnglishStandalone 2010
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series" = Canon MP210 series
"{120D9280-C7A0-F52B-0F0C-8F1DE9ACEAEE}" = Catalyst Control Center Localization Korean
"{15041B8B-AC63-41DF-91D2-2118CE39E8D9}" = SolidWorks Flow Simulation 2010 SP0
"{15112D8C-D377-D1F9-3701-90E9CF9EC65B}" = Catalyst Control Center Localization Japanese
"{1553E6CA-E99D-4885-A8BE-EF67342B859F}" = COSMOSM 2010 (2009/280)
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{163B1CF0-6C0C-D558-341E-BA1DE37F9FA1}" = Catalyst Control Center Localization Danish
"{1959101B-E34C-4266-8915-20F23B5BCF43}" = SolidWorks eDrawings 2010
"{20D08187-7192-A65D-4ABA-BB09BF315E4F}" = Catalyst Control Center Core Implementation
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{226EF265-A4E4-4E10-BAA9-9C5D89F6EAF9}" = Catalyst Control Center Localization Turkish
"{238BA203-497D-16EA-8495-A42A37A1D1DC}" = Catalyst Control Center Localization Russian
"{257A8354-805C-40E5-A5BF-81397D169FB2}" = Default
"{2D72ACF2-C3A9-A980-FB98-0062C1F4AABF}" = Catalyst Control Center Localization Chinese Standard
"{2D8D14CC-5B31-44B9-87FC-BEC3D8AFFD1D}" = SolidWorks Explorer 2010 SP0
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{34ED728D-ECE5-4A0D-9963-B54B318D0932}" = ccc-Branding
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4971AB6A-D3AF-4227-51BD-0165C56F35F6}" = Catalyst Control Center Localization Dutch
"{4ceda886-a089-4f97-a408-27ae660d7760}" = Business Contact Manager SP1 per Outlook 2007
"{4D2D9016-70A9-4D91-9AA7-686ACAF056D9}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{4EB4978B-F18F-A9BF-114D-275F675CD9E7}" = Catalyst Control Center Localization Polish
"{55CA4086-0D2C-30E3-A7B5-C76BA737CECE}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ita
"{55D2E060-9CCB-47B7-BBC2-FE71A1604B65}" = Microsoft SQL Server Native Client
"{56DCD20A-E558-4396-AF59-14D15AA737BB}" = DWGeditor
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5A44BF79-7923-E7D4-C8A6-F93F81EF48B9}" = Catalyst Control Center Localization Finnish
"{5DCE4F2F-427B-F3DA-AF1E-34FBFCF779ED}" = ccc-core-static
"{62F596B9-0DF7-AD7B-2D66-E6DC4BFB94C1}" = Catalyst Control Center Localization French
"{6379FD0A-8964-4A50-80A6-B20B65117905}" = File di supporto dell'installazione di Microsoft SQL Server (Italiano)
"{64B3A619-65FF-6AF5-ABF8-D7D17E20D8A1}" = Catalyst Control Center Localization German
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{691BD252-796D-4AE3-924C-C48A1CD4BEDF}" = OpenOffice.org 3.2
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736D2DAD-3D87-4CAA-8646-83D238AD68E0}" = PhotoView 360
"{7616F372-AFF8-355C-582D-6EA9BE9445CF}" = Catalyst Control Center Graphics Light
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79B92639-4B90-CD61-6CB3-72C1977D7256}" = Catalyst Control Center Localization Portuguese
"{7B8CFD39-A3EA-7469-344A-35715AA9DB10}" = Catalyst Control Center Localization Spanish
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = Chiavetta Internet MT835UP
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99C2CE24-18E1-5779-642B-ED28AFBE912E}" = Catalyst Control Center Localization Thai
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Componenti di connettività di Microsoft Office Small Business
"{AAA58088-CBEE-466C-F225-E6DC91A9A067}" = Catalyst Control Center Localization Norwegian
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF2066F6-7C57-46A1-A306-077EBBFC7B2B}" = SolidWorks 2010 SP0
"{B1286E7E-AAAF-955C-1C72-60C5EF8F5F2D}" = Catalyst Control Center Localization Italian
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4A0EFC6-0933-6AE9-8EE0-7D6C5D5E28A8}" = Catalyst Control Center Localization Swedish
"{B8DC25AB-AEF8-264E-072D-62EB71D331B6}" = Catalyst Control Center Localization Hungarian
"{BDFD03D4-CA66-36B1-41DE-F10059E248C4}" = Catalyst Control Center Localization Greek
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{CCA1A427-8E84-4080-9703-B3CF4DDF7CC5}" = Delcam PowerSHAPE8080
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D273D5F0-5868-358A-F5EE-77565BD6AAD4}" = Catalyst Control Center Localization Chinese Traditional
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D867B4B4-D6D7-40BC-AE63-742C9EC03023}" = Microsoft SQL Server VSS Writer
"{D88C3E7C-1DA6-4AD7-97FC-75BC8705B266}" = runtime
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{DC7B9AB3-2635-45AA-957D-90FDE7CD51D7}" = Assistente per l'accesso a Windows Live
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F79E42D0-C1F2-C461-5E1A-3A169E25F2C2}" = ccc-utility
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF9E6D14-CD96-B086-BF2B-1E5DE6A7780F}" = Catalyst Control Center Localization Czech
"504244733D18C8F63FF584AEB290E3904E791693" = Pacchetto driver Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Any Video Converter_is1" = Any Video Converter 3.5.8
"Avira AntiVir Desktop" = Avira Antivirus Premium 2012
"Business Contact Manager" = Business Contact Manager SP1 per Outlook 2007
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"Defraggler" = Defraggler
"Free CD to MP3 Converter" = Free CD to MP3 Converter
"Google Chrome" = Google Chrome
"Hauppauge WinTV 7" = Hauppauge WinTV 7
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.70.0.1100
"MediaMonkey_is1" = MediaMonkey 4.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - ita" = Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Thunderbird (8.0)" = Mozilla Thunderbird (8.0)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"PhotoStitch" = Canon Utilities PhotoStitch
"PROHYBRIDR" = 2007 Microsoft Office system
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"Registrazione utente Canon MP210 series" = Registrazione utente Canon MP210 series
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"SolidWorks Installation Manager 20100-40000-1100-200" = SolidWorks 2010 SP0
"Speccy" = Speccy
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 31/01/2013 15:30:38 | Computer Name = PC-user | Source = MsiInstaller | ID = 11402
Description =
Error - 31/01/2013 15:30:43 | Computer Name = PC-user | Source = MsiInstaller | ID = 1024
Description =
Error - 31/01/2013 15:30:55 | Computer Name = PC-user | Source = MsiInstaller | ID = 11402
Description =
Error - 31/01/2013 15:30:57 | Computer Name = PC-user | Source = MsiInstaller | ID = 1024
Description =
Error - 31/01/2013 15:31:13 | Computer Name = PC-user | Source = MsiInstaller | ID = 11402
Description =
Error - 31/01/2013 15:31:14 | Computer Name = PC-user | Source = MsiInstaller | ID = 1024
Description =
Error - 31/01/2013 16:46:41 | Computer Name = PC-user | Source = Windows Search Service | ID = 1006
Description =
Error - 31/01/2013 16:46:44 | Computer Name = PC-user | Source = Windows Search Service | ID = 1006
Description =
Error - 31/01/2013 16:46:56 | Computer Name = PC-user | Source = Windows Search Service | ID = 1006
Description =
Error - 31/01/2013 16:47:01 | Computer Name = PC-user | Source = Windows Search Service | ID = 1006
Description =
[ System Events ]
Error - 31/01/2013 15:31:02 | Computer Name = PC-user | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 31/01/2013 15:34:22 | Computer Name = PC-user | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 31/01/2013 16:46:41 | Computer Name = PC-user | Source = Service Control Manager | ID = 7024
Description =
Error - 31/01/2013 16:46:41 | Computer Name = PC-user | Source = Service Control Manager | ID = 7034
Description =
Error - 31/01/2013 16:46:44 | Computer Name = PC-user | Source = Service Control Manager | ID = 7024
Description =
Error - 31/01/2013 16:46:44 | Computer Name = PC-user | Source = Service Control Manager | ID = 7034
Description =
Error - 31/01/2013 16:46:56 | Computer Name = PC-user | Source = Service Control Manager | ID = 7024
Description =
Error - 31/01/2013 16:46:56 | Computer Name = PC-user | Source = Service Control Manager | ID = 7034
Description =
Error - 31/01/2013 16:47:01 | Computer Name = PC-user | Source = Service Control Manager | ID = 7024
Description =
Error - 31/01/2013 16:47:01 | Computer Name = PC-user | Source = Service Control Manager | ID = 7034
Description =
[ TuneUp Events ]
Error - 10/08/2009 07:13:06 | Computer Name = PC-user | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 10/08/2009 07:13:36 | Computer Name = PC-user | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 10/08/2009 07:13:46 | Computer Name = PC-user | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 10/08/2009 08:40:41 | Computer Name = PC-user | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 10/08/2009 08:40:41 | Computer Name = PC-user | Source = TuneUp Program Statistics | ID = 131840
Description =
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: Regno Unito | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.06 Gb Available Physical Memory | 53.30% Memory free
4.93 Gb Paging File | 3.63 Gb Available in Paging File | 73.56% Paging File free
Paging file location(s): C:\pagefile.sys 3067 3067F:\pagef [Binary data over 200 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.57 Gb Total Space | 59.80 Gb Free Space | 53.60% Space Free | Partition Type: NTFS
Drive D: | 111.55 Gb Total Space | 111.46 Gb Free Space | 99.91% Space Free | Partition Type: NTFS
Drive E: | 7.13 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: PC-USER | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\PROGRA~1\MEDIAM~1\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\PROGRA~1\MEDIAM~1\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\PROGRA~1\MEDIAM~1\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-397757737-986699961-1055673849-1003]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4F9EAF6B-6F99-40C7-9ACE-2469FFA6F139}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{EF7EFAE4-A9F5-48D2-BC8C-9D760A18FEAD}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=%systemroot%\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A3B8C4B-6BAF-4EB1-BE47-A69F750A24F5}" = protocol=17 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |
"{4D12B58D-9373-46F1-9F76-B9FE22C9C1FA}" = protocol=58 | dir=in | app=system |
"{53D15430-396E-4BD3-8965-8272ACF5B2D6}" = protocol=17 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |
"{631FBCA3-EEE7-4A01-A8AD-F5E3ED0D42B6}" = protocol=6 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |
"{803AAA64-7D1D-40A5-9F87-B8EC9FACA402}" = protocol=17 | dir=in | app=c:\program files\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe |
"{818C8618-2A4C-4BDD-A183-4FD3A8795F8E}" = protocol=6 | dir=in | app=c:\program files\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe |
"{BAD05865-3DAB-456B-B145-48916BB2F938}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-203 |
"{C9A23E54-55B1-4763-A97F-7C3577496CF2}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{D9D3ED53-3C62-4AFA-BF94-A0F219FC8714}" = protocol=6 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |
"TCP Query User{22A9D9CC-B931-43AB-ABD9-7185D3480792}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{24606D3C-EEDF-463D-8771-3EC9C02D9630}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{2C4CD8AE-42F8-44B3-A99D-ED9A8C367AFC}C:\program files\mediamonkey\mediamonkey.exe" = protocol=6 | dir=in | app=c:\program files\mediamonkey\mediamonkey.exe |
"TCP Query User{D50AC6D1-8148-4B95-8FE2-F881A56248FB}C:\program files\wintv\wintv7\wintv7.exe" = protocol=6 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |
"UDP Query User{0BEED1BF-FDB6-4BB4-84F5-44602DDE9677}C:\program files\wintv\wintv7\wintv7.exe" = protocol=17 | dir=in | app=c:\program files\wintv\wintv7\wintv7.exe |
"UDP Query User{436C1642-4825-46CD-BF6A-4C2702C9F646}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{E571B376-3DD3-4407-938F-CCF737BBA4F4}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{EB4787D6-43DB-40AC-97C6-7D229D14CC56}C:\program files\mediamonkey\mediamonkey.exe" = protocol=17 | dir=in | app=c:\program files\mediamonkey\mediamonkey.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03DB01C6-F188-41DA-B7C1-109F6CBCCF04}" = Delcam PSDocEnglishStandalone 2010
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series" = Canon MP210 series
"{120D9280-C7A0-F52B-0F0C-8F1DE9ACEAEE}" = Catalyst Control Center Localization Korean
"{15041B8B-AC63-41DF-91D2-2118CE39E8D9}" = SolidWorks Flow Simulation 2010 SP0
"{15112D8C-D377-D1F9-3701-90E9CF9EC65B}" = Catalyst Control Center Localization Japanese
"{1553E6CA-E99D-4885-A8BE-EF67342B859F}" = COSMOSM 2010 (2009/280)
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{163B1CF0-6C0C-D558-341E-BA1DE37F9FA1}" = Catalyst Control Center Localization Danish
"{1959101B-E34C-4266-8915-20F23B5BCF43}" = SolidWorks eDrawings 2010
"{20D08187-7192-A65D-4ABA-BB09BF315E4F}" = Catalyst Control Center Core Implementation
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{226EF265-A4E4-4E10-BAA9-9C5D89F6EAF9}" = Catalyst Control Center Localization Turkish
"{238BA203-497D-16EA-8495-A42A37A1D1DC}" = Catalyst Control Center Localization Russian
"{257A8354-805C-40E5-A5BF-81397D169FB2}" = Default
"{2D72ACF2-C3A9-A980-FB98-0062C1F4AABF}" = Catalyst Control Center Localization Chinese Standard
"{2D8D14CC-5B31-44B9-87FC-BEC3D8AFFD1D}" = SolidWorks Explorer 2010 SP0
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{34ED728D-ECE5-4A0D-9963-B54B318D0932}" = ccc-Branding
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4971AB6A-D3AF-4227-51BD-0165C56F35F6}" = Catalyst Control Center Localization Dutch
"{4ceda886-a089-4f97-a408-27ae660d7760}" = Business Contact Manager SP1 per Outlook 2007
"{4D2D9016-70A9-4D91-9AA7-686ACAF056D9}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{4EB4978B-F18F-A9BF-114D-275F675CD9E7}" = Catalyst Control Center Localization Polish
"{55CA4086-0D2C-30E3-A7B5-C76BA737CECE}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ita
"{55D2E060-9CCB-47B7-BBC2-FE71A1604B65}" = Microsoft SQL Server Native Client
"{56DCD20A-E558-4396-AF59-14D15AA737BB}" = DWGeditor
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5A44BF79-7923-E7D4-C8A6-F93F81EF48B9}" = Catalyst Control Center Localization Finnish
"{5DCE4F2F-427B-F3DA-AF1E-34FBFCF779ED}" = ccc-core-static
"{62F596B9-0DF7-AD7B-2D66-E6DC4BFB94C1}" = Catalyst Control Center Localization French
"{6379FD0A-8964-4A50-80A6-B20B65117905}" = File di supporto dell'installazione di Microsoft SQL Server (Italiano)
"{64B3A619-65FF-6AF5-ABF8-D7D17E20D8A1}" = Catalyst Control Center Localization German
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{691BD252-796D-4AE3-924C-C48A1CD4BEDF}" = OpenOffice.org 3.2
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736D2DAD-3D87-4CAA-8646-83D238AD68E0}" = PhotoView 360
"{7616F372-AFF8-355C-582D-6EA9BE9445CF}" = Catalyst Control Center Graphics Light
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79B92639-4B90-CD61-6CB3-72C1977D7256}" = Catalyst Control Center Localization Portuguese
"{7B8CFD39-A3EA-7469-344A-35715AA9DB10}" = Catalyst Control Center Localization Spanish
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = Chiavetta Internet MT835UP
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99C2CE24-18E1-5779-642B-ED28AFBE912E}" = Catalyst Control Center Localization Thai
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Componenti di connettività di Microsoft Office Small Business
"{AAA58088-CBEE-466C-F225-E6DC91A9A067}" = Catalyst Control Center Localization Norwegian
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF2066F6-7C57-46A1-A306-077EBBFC7B2B}" = SolidWorks 2010 SP0
"{B1286E7E-AAAF-955C-1C72-60C5EF8F5F2D}" = Catalyst Control Center Localization Italian
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4A0EFC6-0933-6AE9-8EE0-7D6C5D5E28A8}" = Catalyst Control Center Localization Swedish
"{B8DC25AB-AEF8-264E-072D-62EB71D331B6}" = Catalyst Control Center Localization Hungarian
"{BDFD03D4-CA66-36B1-41DE-F10059E248C4}" = Catalyst Control Center Localization Greek
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{CCA1A427-8E84-4080-9703-B3CF4DDF7CC5}" = Delcam PowerSHAPE8080
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D273D5F0-5868-358A-F5EE-77565BD6AAD4}" = Catalyst Control Center Localization Chinese Traditional
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D867B4B4-D6D7-40BC-AE63-742C9EC03023}" = Microsoft SQL Server VSS Writer
"{D88C3E7C-1DA6-4AD7-97FC-75BC8705B266}" = runtime
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{DC7B9AB3-2635-45AA-957D-90FDE7CD51D7}" = Assistente per l'accesso a Windows Live
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F79E42D0-C1F2-C461-5E1A-3A169E25F2C2}" = ccc-utility
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF9E6D14-CD96-B086-BF2B-1E5DE6A7780F}" = Catalyst Control Center Localization Czech
"504244733D18C8F63FF584AEB290E3904E791693" = Pacchetto driver Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Any Video Converter_is1" = Any Video Converter 3.5.8
"Avira AntiVir Desktop" = Avira Antivirus Premium 2012
"Business Contact Manager" = Business Contact Manager SP1 per Outlook 2007
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"Defraggler" = Defraggler
"Free CD to MP3 Converter" = Free CD to MP3 Converter
"Google Chrome" = Google Chrome
"Hauppauge WinTV 7" = Hauppauge WinTV 7
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.70.0.1100
"MediaMonkey_is1" = MediaMonkey 4.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - ita" = Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Thunderbird (8.0)" = Mozilla Thunderbird (8.0)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"PhotoStitch" = Canon Utilities PhotoStitch
"PROHYBRIDR" = 2007 Microsoft Office system
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"Registrazione utente Canon MP210 series" = Registrazione utente Canon MP210 series
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"SolidWorks Installation Manager 20100-40000-1100-200" = SolidWorks 2010 SP0
"Speccy" = Speccy
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 31/01/2013 15:30:38 | Computer Name = PC-user | Source = MsiInstaller | ID = 11402
Description =
Error - 31/01/2013 15:30:43 | Computer Name = PC-user | Source = MsiInstaller | ID = 1024
Description =
Error - 31/01/2013 15:30:55 | Computer Name = PC-user | Source = MsiInstaller | ID = 11402
Description =
Error - 31/01/2013 15:30:57 | Computer Name = PC-user | Source = MsiInstaller | ID = 1024
Description =
Error - 31/01/2013 15:31:13 | Computer Name = PC-user | Source = MsiInstaller | ID = 11402
Description =
Error - 31/01/2013 15:31:14 | Computer Name = PC-user | Source = MsiInstaller | ID = 1024
Description =
Error - 31/01/2013 16:46:41 | Computer Name = PC-user | Source = Windows Search Service | ID = 1006
Description =
Error - 31/01/2013 16:46:44 | Computer Name = PC-user | Source = Windows Search Service | ID = 1006
Description =
Error - 31/01/2013 16:46:56 | Computer Name = PC-user | Source = Windows Search Service | ID = 1006
Description =
Error - 31/01/2013 16:47:01 | Computer Name = PC-user | Source = Windows Search Service | ID = 1006
Description =
[ System Events ]
Error - 31/01/2013 15:31:02 | Computer Name = PC-user | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 31/01/2013 15:34:22 | Computer Name = PC-user | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 31/01/2013 16:46:41 | Computer Name = PC-user | Source = Service Control Manager | ID = 7024
Description =
Error - 31/01/2013 16:46:41 | Computer Name = PC-user | Source = Service Control Manager | ID = 7034
Description =
Error - 31/01/2013 16:46:44 | Computer Name = PC-user | Source = Service Control Manager | ID = 7024
Description =
Error - 31/01/2013 16:46:44 | Computer Name = PC-user | Source = Service Control Manager | ID = 7034
Description =
Error - 31/01/2013 16:46:56 | Computer Name = PC-user | Source = Service Control Manager | ID = 7024
Description =
Error - 31/01/2013 16:46:56 | Computer Name = PC-user | Source = Service Control Manager | ID = 7034
Description =
Error - 31/01/2013 16:47:01 | Computer Name = PC-user | Source = Service Control Manager | ID = 7024
Description =
Error - 31/01/2013 16:47:01 | Computer Name = PC-user | Source = Service Control Manager | ID = 7034
Description =
[ TuneUp Events ]
Error - 10/08/2009 07:13:06 | Computer Name = PC-user | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 10/08/2009 07:13:36 | Computer Name = PC-user | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 10/08/2009 07:13:46 | Computer Name = PC-user | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 10/08/2009 08:40:41 | Computer Name = PC-user | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 10/08/2009 08:40:41 | Computer Name = PC-user | Source = TuneUp Program Statistics | ID = 131840
Description =
< End of report >
il log di otl
http://paste.ubuntu.com/1594836/
ciao e grazie.