×

Notice: this is a preview of the original feed. Please, read our copyright notice. If you are the copyright holder of this feed click here.

feed

Tags: blogspot remove somoto.com instruction malici malware comput uninstall toolbar software mountain view

Malware Removal Instructions
From network security to phishing and malicious software. Whatever problem you have, we're here to help you solve it!...

by Admin, Mountain View (geolocate), published: Thu 30 Jul 2015 08:10:00 PM CEST.

Favicon Remove DiscountExt Chrome Extension (Uninstall Guide)
19 Jul 2015, 8:57 pm
DiscountExt is an ad-injecting Chrome extension that displays adverts and pop-up windows on your web browser. It can infect other web browser too, so it's not just a Chrome related problem. I know, I know, with such a proliferation of different types of malicious software, viruses, phishing scams and unwanted programs to contend with, it can be virtually impossible to know what category everything fits in to – and even worse, knowing what harm these internet parasites can inflict on you can cause the stress levels to rise whenever we're find a program we don't recognize in the list of software we have installed on our PCs, or the uncertainty we face when we are downloading something.

But to be one step ahead of the game is to be better protected and so if you've ever wondered what the difference between ad-injecting extensions like DiscountExt and malware is, you're come to the right place. And as you're reading this, you're probably already aware of the existence of such Chrome extensions.

Are ad-injecting extensions the same as a virus or malware?

It's a question that many people have asked but in actual fact, they are neither virus nor malware. Although having said that, there are definitely some similarities between them. The most obvious one being that you want none of them installed on your computer. So if they are not the same thing, then what is the difference?

Malware

Malicious software, or malware as it is usually called, is the overall name for programs that infect your computer – and now your tablet or smartphone – and cause problems on your device. Some malware, such as adware spams you with pop-up adverts, some malware such as spyware spies on you and tracks your internet usage, while others such as Trojan Horses (actually often mistakenly classed as a virus) will corrupt your data. DiscountExt spams you with adverts as well, usually labeled "Ads by DiscountExt" or something completely unrelated like "Ads by compareItApplication", so is it malware? Not quite, but it's close and that doesn't mean that you should keep it on your computer either.

Viruses

It can be, or at least it used to be, tempting to lump everything unknown and undesirable on the internet that we knew could do us harm into the category of virus. But unlike malware, viruses are computer programs which spread themselves through self-replication. That means that once you have been infected by a virus, say something that was attached to an email, when you open the attachment or file and executed it, it will then attach itself to emails and start spreading itself among the contacts in your address book. We;ve all received those panicked emails from friends or acquaintances urging us 'not to open that email – it wasn’t from me!' So, obviously, DiscountExt is not a virus, luckily.

Rogue and ad-injecting web browser extensions

Lastly, we have our friend the ad-injecting and misleading Chrome extension called DiscountExt. It is sometimes termed 'greyware' as it is a little here nor there. Unlike malware and viruses it is, generally speaking, not dangerous. However it is undesirable for the most part as it doesn't serve any real function. Dangerous? Not really, except if adverts redirect you to dangerous websites that could infect your computer. Extremely annoying? Absolutely!

DiscountExt is a rather persistent Chrome extension. It can be installed under different names and even with administrative rights, so if you can't find and uninstall as you would normally do with any other program then think about recently installed programs. Chances are it came packed with one of these. To remove DiscountExt from Chrome and stop intrusive ads, please follow the steps on the removal guide below. If you have any questions, please leave a comment down below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com



DiscountExt Extension Removal Guide:


1. First of all, download anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this malware. Hopefully you won't have to do that.





2. Remove DiscountExt related programs from your computer using the Add/Remove Programs control panel (Windows XP) or Uninstall a program control panel (Windows 7 and Windows 8).

Go to the Start Menu. Select Control PanelAdd/Remove Programs.
If you are using Windows Vista or Windows 7, select Control PanelUninstall a Program.



If you are using Windows 8, simply drag your mouse pointer to the right edge of the screen, select Search from the list and search for "control panel".



Or you can right-click on a bottom left hot corner (formerly known as the Start button) and select Control panel from there.



3. When the Add/Remove Programs or the Uninstall a Program screen is displayed, scroll through the list of currently installed programs and remove the following:
  • DiscountExt
  • GoSave
  • ReadyCoupon
  • SaveNewaAppz
  • and any other recently installed application


Simply select each application and click Remove. If you are using Windows Vista, Windows 7 or Windows 8, click Uninstall up near the top of that window. When you're done, please close the Control Panel screen.

Remove DiscountExt related extensions from Google Chrome:

1. Click on Chrome menu button. Go to ToolsExtensions.



2. Click on the trashcan icon to remove DiscountExt, ReadyCoupon, DiscountMan, MediaPlayerV1, Gosave, HD-Plus 3.5 and other extensions that you do not recognize.

If the removal option is grayed out then read how to remove extensions installed by enterprise policy.




Remove DiscountExt related extensions from Mozilla Firefox:

1. Open Mozilla Firefox. Go to ToolsAdd-ons.



2. Select Extensions. Click Remove button to remove DiscountExt, ReadyCoupon, DiscountMan, Gosave, MediaPlayerV1, HD-Plus 3.5 and other extensions that you do not recognize.

Remove DiscountExt related add-ons from Internet Explorer:

1. Open Internet Explorer. Go to ToolsManage Add-ons. If you have the latest version, simply click on the Settings button.



2. Select Toolbars and Extensions. Click Remove/Disable button to remove the browser add-ons listed above.

Share this post


Favicon Remove Fake BSOD 1-888-991-9974 Caused by Malware (Uninstall Guide)
18 Jul 2015, 9:52 pm
1-888-991-9974 phone number appears on a fake Windows Blue Screen Of Death message (BSOD). It's a scam where scammers request payment to fix your computer. Microsoft does not put their phone numbers on any error messages even if they are genuine. If you're reading this article with expectations of finding out how to remove this fake error message and associated malware from your computer then you are in the right place. In this article I am going to tell you how to defend yourself from being attacked by tech support scams.

This fake BSOD error message with the 1-888-991-9974 phone number that appeared on your computer screen was installed by a Potentially Unwanted Software or adware. It most likely came with a software download from a sketchy website. I've read some reports saying that users got it after installing a driver for a printer. So what actually is a PUP and how do you defend yourself against attack? PUP is an acronym for Potentially Unwanted Program which, as the name suggests, is a piece of software that you probably don't want to have installed on your PC. But how do you know if you have been 'bitten' by a PUP - what does one look like and how does it behave?

PUPs and similar malware are normally associated with rogue tool bars, although they sometimes appear as search engines or home pages. But whatever they look like, they normally have one end goal in common, which is to redirect the searches you make on the internet so that you are unable to visit the websites you want to go to, instead being sent directly to one of their own choice. In this case, it hijacks your web browser, creates a proxy server but instead of redirecting you to dodgy websites or displaying advertisements, it displays this fake BSOD error message and says that you need to call 1-888-991-9974 for technical support.


The blue screen says:

A problem has been detected and windows has been shut down to prevent damage to your computer.
If this is the first time you've seen this stop error screen, restart your computer. If a driver is identified in the stop message, disable the driver or check with the manufacturer for driver updates. Try changing video adapters.
Check with your hardware vendor for any bios updates. Disable BIOS memory options such as caching or shadowing. If you need to use Safe Mode to remove or disable components, restart your computer, press F8 to select Advanced Startup Options, and then select Safe Mode.
For technical support to this problem, call Windows helpline: +1-888-991-9974.
Technical Information:
*** STOP: 0x0000001E (0xFFFFFFFFC00000094,0xFFFFFF8000C074D1E,0x000000000,0xFFFFFFFFFFD)

And while you could argue this is not dangerous and won't do you any harm. The fact it is, it is not only incredibly annoying but it is a real waste of your time too. Imagine being infected by a PUP at work – how much would your (or your employees') productivity drop if you spent half your day trying get rid of it? It's not always easy, trust me.

So now let's take a look at how you defend yourself from such fake Blue Screens Of Death. It's a good idea, as with any malware, to know a little bit more about how they operate so that you can be better prepared to face them. First of all, it will install itself on your PC surreptitiously. This is usually by being bundled with another software download. It will piggyback on an installation so that when you download an app or software program, the it will sneakily install itself along with it.

So that begs the question, how do you make sure you are not also installing it alongside your definitely wanted program? The good news is that because malware programmers don't consider their product to be malware, they will mention that they are packaged with the main program in the End User License Agreement that belongs to that download.

Therefore the trick to NOT installing this malware too is to make sure that you read this license agreement carefully and double check whether any additional programs are mentioned. If you spot wording related to an add-on either abort the installation or make sure the check boxes are configured so that you don't also install the malware that will display fake error messages in your computer.

To remove fake BSOD caused by malware and other threats that may have been installed on your computer, please follow the removal guide below. If you have questions, leave a down comment below. I will be more than happy to help you. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com



Fake BSOD 1-888-991-9974 Removal Guide:


1. First of all, download recommended anti-malware software and run a full system scan. It will detect and remove this infection from your computer.





NOTE: If you can't download it, the problem can be resolved by finding the associated malware program in the Task Manager. Open Properties tab, end the process (windows.exe or similar) and delete the program. Or restart your computer in Safe Mode with Networking and download anti-malware software.

2. Download and run TDSSKiller. Press the button Start scan for the utility to start scanning.



3. Wait for the scan and disinfection process to be over. Then click Continue. Please reboot your computer after the disinfection is over.



Share this post


Favicon Remove .xtbl Virus and Restore Encrypted Files
18 Jul 2015, 8:27 pm
Ransom:Win32/Troldesh.A is a ransom virus that encrypts your files and changes file format to .xtbl. So, if your files are encrypted and you can't open them because they all have this .xtbl extension then your computer is definitely infected with ransomware. Unlike most widespread ransom viruses, it displays ransom note in English and Russian which probably means that cyber criminals don't want to limit themselves to English speaking countries only. You know as well as I do as an avid internet user that there are countless ways that we can be taken advantage of by cyber criminals, hackers, spammers and phishers. These people are raking in the big bucks from their dubious careers and they are employing increasingly innovative ways to exploit our (personal and cyber) vulnerabilities. We all know that clicking on an attachment in an email sent by someone not in your address book can unleash a virus on your PC but there are other ways that some extremely lethal threats can do us very real harm. And one of these is something called ransomware.

What is .xtbl ransomware?

Ransomware is a type of malware that most definitely plays on our weaknesses. It works by kidnapping your files and holding them hostage – or freezing them, rendering them inaccessible. Subsequently it will demand that you pay a ransom in order to be given access to a code that will enable you to unlock, or decrypt, them. The ransom note will either be sent to you by email or displayed on your computer screen. It's a tried and tested method of extortion that dates back to time immemorial – albeit in a repackaged format for the twenty first century. What makes this ransom virus deffirent from others is the .xtbl file extension which indicates with exactly which ransomware you are dealing with. There are obviously more than one: CryptoWall 3.0, CryptoLocker, CTB-Locker and others. Once your files are encrypted you will see a red text in black background saying that you must read README.txt for more information. There can be up to 10 README.txt files on your desktop.


Attention!
All the important files on your disks were encrypted.
The details can be found in README.txt files which you can find on any of your disks.

The README.txt reads:

Ваши файлы были зашифрованы.
Чтобы расшифровать их, Вам необходимо отправить код:
[edited]
на электронный адрес decode010@gmail.com или decode1110@gmail.com.
Далее вы получите все необходимые инструкции.
Попытки расшифровать самостоятельно не приведут ни к чему, кроме безвозвратной потери информации.

All the important files on your computer were encrypted.
To decrypt the files you should send the following code:
[edited]
to e-mail address decode010@gmail.com or decode1110@gmail.com.
Then you will receive all necessary instructions.
All the attempts of decryption by yourself will result only in irrevocable loss of your data.

Basically, you have to email your code to ecode010@gmail.com or decode1110@gmail.com in order to get further instructions. Cyber criminals change email addresses quite often, so yours might be different. They were previously using deshifrovka@india.com and deshifrator01@gmail.com.

Here's how the encrypted files look like:


The virus appends .xtbl file extension to ALL files and in some cases even renames all the files. At the moment, there's no way to actually decrypt files unless you have a super computer and can brute force every possible decryption key to decrypt your files. I bet you don't have it, so you can either restore your files from backups or pay the ransom. If you don't have backups then you can use a few tools listed below to recover at least some of your files.

How does .xtbl encryption virus infect your PC?

It sticks to its traditional roots by normally spreading itself either via an email attachment. However it may also attack you through a website that has been infected with it or, as is often the case with malware, by being packaged with another program.

The best form of protection against .xtbl virus is to be cautious

The rich and the famous might have to take the risk of being kidnapped seriously, but for you and I, it is probably not something that figures much in our day to day lives. I don't know about you but I know I'm probably not a high risk target (I hope I don't live to regret saying that!) –besides, I am not sure who a kidnapper would contact to get any kind of decent ransom for me! However, being careful when you're online is something that all of us should do – regardless of our status, power, fame or riches. And that means not opening email attachments from unknown senders. Being careful when opening email attachments EVEN if you know the sender (they could have been hacked), and not downloading programs or files from third party or dubious looking websites.

XTBL virus can be extremely convincing and has been designed to play on our fears. The fear that we will lose valuable data or the fear that we are being monitored or about to get in serious trouble.

What should I do if I've been infected?

It's easy to say, but try not to panic. And whatever you do, don't pay the ransom unless the encrypted files are very important and you can't afford to lose them. If the encrypted files are not very important or you don't have money to pay the ransom, you can remove try to restore your files (at least some of them) using Shadow Explorer, Recuva and some other specialized tools listed below. Please note that even of you decide to pay the ransom there's really no guarantee that cyber crooks will recover your files. If you have any questions, please leave a comment below. Last, but not least, if there's anything you think I should add or correct, please let me know. It might be a pain but the issue needs to be dealt with – and the way to do it is by not giving in, not paying up and not letting the attackers win.

Written by Michael Kaur, http://deletemalware.blogspot.com



Step 1: Removing .xtbl and related malware:


Before restoring your files from shadow copies, make sure XTBL virus is not running. You have to remove this malware permanently. Thankfully, there are a couple of anti-malware programs that will effectively detect and remove this malware from your computer.

1. First of all, download and install recommended anti-malware scanner. Run a full system scan and remove detected malware.





2. Then, download ESET Online Scanner and run a second scan to make sure there are no other malware running on your computer.

That's it! Your computer should be clean now and you can safely restore your files. Proceed to Step 2.


Step 2: Restoring files encrypted by .xtbl virus:


Method 1: The first and best method is to restore your files from a recent backup. If you have been regularly performing backups, then you should use your backups to restore your files.

Method 2: Try to restore previous versions of files using Windows folder tools. To learn more, please read Previous versions of files.

Method 3: Using the Shadow Volume Copies:

1. Download and install Shadow Explorer. Note, this tool is available with Windows XP Service Pack 2, Windows Vista, Windows 7, and Windows 8.

2. Open Shadow Explorer. From the drop down list you can select from one of the available point-in-time Shadow Copies. Select drive and the latest date that you wish to restore from.



3. Righ-click any encrypted file or entire folder and Export it. You will then be prompted as to where you would like to restore the contents of the folder to.



Hopefully, this will help you to restore all encrypted files or at least some of them.

Share this post


Favicon Remove "Ads by FreezeThePrice" Adware (Uninstall Guide)
16 Jul 2015, 9:42 pm
While I'm sure that you know what regular adware is, if you have been unfortunate enough to have found your computer infected by one of the more malignant types of adware called FreezeThePrice, then you won't need me to tell you just what a nightmare it can be to try to get rid of it and stop annoying "Ads by FreezeThePrice" advertisements that can take up your entire web browser tab. It is safe to say that while Advertising Supported Software, as adware is formally known, might not be as harmful as many of the other malicious software programs that are out there, it definitely takes home the gold medal for being one of the most pointlessly irritating ones.

We are all faced with adware every time that we are online, and most online adverts are fairly easy to ignore. The odd banner ad or boxed advert is probably not going to cause the average user too much hassle, however the FreezeThePrice adware that results in pop up or pop under windows will almost certainly have you throwing a few choice expletives at your PC! The problem is that you won't just see one pop up box and be able to click on it to close it – if only. No, pop up and under windows are relentless and will simply pop back up just as soon as you have closed them.


Even worse, many of these types of FreezeThePrice ads will have a button prominently placed on them that tells you to click 'ok' or 'close' to make them go away. However, very often these buttons are misleadingly labeled and will merely open the website they are advertising or even execute and run more malware. If you do have a pop up or under window on your screen, always take care to close it by clicking the little 'x' in the right hand corner of the box.

What else can this adware do?

Of course, as the name suggests, adware's main function is to market products, services or websites to us. But did you know that it also monitors the websites you browse so that it is able to tailor the FreezeThePrice adverts towards your interests? Once adware is installed on your PC, it will also download a spyware component, which tracks your data and sends it back to the adware programmer.

It can also slow your computer down thanks to all the work that the tracking component is doing behind the scenes. It uses your internet connection too, to send the info back to the programmer, which can have a knock on effect on your wi-fi speed.

How did I end up with FreezeThePrice on my computer?

Because this adware is normally packaged with other programs, files or apps you will probably have downloaded it at the same time that you upgraded, downloaded or installed something else. These programs or apps are usually free as the adware programmer uses advertising as a way to earn money on something they are giving away for nothing.

The only good news is that because FreezeThePrice is normally mentioned in the license agreement, you will have the option of blocking it before installation.

Needless to say, adware is a real pain, so protect yourself by installing a decent anti-malware program today. If it's already too late and your computer is infected with this adware and its relentless "Ads by FreezeThePrice" advertisements, please follow the steps on the removal guide below. If you have any questions, please leave a comment down below. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com



"Ads by FreezeThePrice" Removal Guide:


1. First of all, download anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this malware. Hopefully you won't have to do that.





2. Remove FreezeThePrice related programs from your computer using the Add/Remove Programs control panel (Windows XP) or Uninstall a program control panel (Windows 7 and Windows 8).

Go to the Start Menu. Select Control PanelAdd/Remove Programs.
If you are using Windows Vista or Windows 7, select Control PanelUninstall a Program.



If you are using Windows 8, simply drag your mouse pointer to the right edge of the screen, select Search from the list and search for "control panel".



Or you can right-click on a bottom left hot corner (formerly known as the Start button) and select Control panel from there.



3. When the Add/Remove Programs or the Uninstall a Program screen is displayed, scroll through the list of currently installed programs and remove the following:
  • FreezeThePrice
  • GoSave
  • Active Discount
  • AdCoupon
  • and any other recently installed application


Simply select each application and click Remove. If you are using Windows Vista, Windows 7 or Windows 8, click Uninstall up near the top of that window. When you're done, please close the Control Panel screen.

Remove FreezeThePrice related extensions from Google Chrome:

1. Click on Chrome menu button. Go to ToolsExtensions.



2. Click on the trashcan icon to remove FreezeThePrice, AdCoupon, MediaPlayerV1, Gosave, HD-Plus 3.5 and other extensions that you do not recognize.

If the removal option is grayed out then read how to remove extensions installed by enterprise policy.




Remove FreezeThePrice related extensions from Mozilla Firefox:

1. Open Mozilla Firefox. Go to ToolsAdd-ons.



2. Select Extensions. Click Remove button to remove FreezeThePrice, AdCoupon, Gosave, MediaPlayerV1, HD-Plus 3.5 and other extensions that you do not recognize.

Remove FreezeThePrice related add-ons from Internet Explorer:

1. Open Internet Explorer. Go to ToolsManage Add-ons. If you have the latest version, simply click on the Settings button.



2. Select Toolbars and Extensions. Click Remove/Disable button to remove the browser add-ons listed above.

Share this post


Favicon Remove decipher@keemail.me Virus and Restore Encrypted Files
15 Jul 2015, 7:54 pm
Becoming the victim of a ransom virus which encrypts your files and changes file names to "decipher@keemail.me" is, sadly, just part and parcel of using the internet these days. This new ransomware is probably related to fud@india.com which was quite active a few months ago. At least it follows the same pattern and uses pretty much the same methods to encrypt files and collect money from victims. File names usually look something like this:

filename.doc.id-8549320_decipher@keemail.me

Filename.doc is your original file name. Id-8549320 is your unique ID which is necessary if you want to pay the ransom and get your files back. Decipher@keemail.me is the email address used by cyber criminals to comunicate with victims (confirm payments and send decryption tools). Although, I can not confirm that they are actually willing to decrypt your files. Very often, users pay the ransom and do not receive ant decryption tools. That's why I generally don't recommend paying the ransom unless your files are so important, you don't have backups and you are willing to take the risk. With that aim in mind, here we are going to take a closer look at something called ransomware.

What is decipher@keemail.me ransomware?

You have probably spotted how there is a distinct pattern when it comes to naming our malicious software foes. Even malware is a contraction of malicious software. In a similar vein, adware displays adverts and spyware monitors what you're doing on your PC. And ransomware – will kidnap your files and documents and hold them hostage – normally by encrypting them so you cannot access or open them. And just like the daring kidnapping tales in children's stories a ransomware kidnapper, will of course demand a ransom before they release your data – usually you pay a not inconsiderable amount to be given a decryption code that allows you to unlock your files. However, unlike most ransomware, it does't leave ransom notes like help_decrypt.txt or how_to_decrypt on your computer. Sometimes, it can change your wallpaper and display information on how to get your files back. However, I noticed that it doesn't happen all the time which means this ransom virus is not coded and tested very well. Of course, it does the encryption part very well which is the main point, so everything else was probably not that important to those who created this malware.

How decipher@keemail.me infects your computer

It does have one thing in common with its malware brothers and sisters and that is the method it uses to infiltrate your PC. Some variantss of this ransomware will be secretly packaged with another program, file download or app. Others are spread via spam email or messenger attachments, and some ransomware executions will be triggered if you visit a website that has been compromised.

Will I know if I've been infected by decipher@keemail.me?

In a word: yes, you will most definitely know if you have a _decipher@keemail.me ransomware infection on your PC. The malware is certainly not shy and retiring – look at it this way, it wants to extort money from you and it wants payment in the shortest time possible, before you stop panicking and start thinking more seriously about how to solve the problem. Ransomware is all about scare tactics and taking advantage of people at the moment of distress. It preys on you when you are vulnerable and thinking that you are never going to see any of your files, photos or documents ever again. What should I do if I've been infected?

It's easy to say, but try not to panic. And whatever you do, don't pay the ransom unless the encrypted files are very important and you can't afford to lose them. If the encrypted files are not very important or you don't have money to pay the ransom, you can remove try to restore your files (at least some of them) using Shadow Explorer, Recuva and some other specialized tools listed below. Please note that even of you decide to pay the ransom there's really no guarantee that cyber crooks will recover your files. If you have any questions, please leave a comment below. Last, but not least, if there's anything you think I should add or correct, please let me know. It might be a pain but the issue needs to be dealt with – and the way to do it is by not giving in, not paying up and not letting the attackers win.

Written by Michael Kaur, http://deletemalware.blogspot.com



Step 1: Removing decipher@keemail.me and related malware:


Before restoring your files from shadow copies, make sure decipher@keemail.me ransomware is not running. You have to remove this malware permanently. Thankfully, there are a couple of anti-malware programs that will effectively detect and remove this malware from your computer.

1. First of all, download and install recommended anti-malware scanner. Run a full system scan and remove detected malware.





2. Then, download ESET Online Scanner and run a second scan to make sure there are no other malware running on your computer.

That's it! Your computer should be clean now and you can safely restore your files. Proceed to Step 2.


Step 2: Restoring files encrypted by decipher@keemail.me virus:


Method 1: The first and best method is to restore your files from a recent backup. If you have been regularly performing backups, then you should use your backups to restore your files.

Method 2: Try to restore previous versions of files using Windows folder tools. To learn more, please read Previous versions of files.

Method 3: Using the Shadow Volume Copies:

1. Download and install Shadow Explorer. Note, this tool is available with Windows XP Service Pack 2, Windows Vista, Windows 7, and Windows 8.

2. Open Shadow Explorer. From the drop down list you can select from one of the available point-in-time Shadow Copies. Select drive and the latest date that you wish to restore from.



3. Righ-click any encrypted file or entire folder and Export it. You will then be prompted as to where you would like to restore the contents of the folder to.



Hopefully, this will help you to restore all encrypted files or at least some of them.

Share this post

© 2015 Frêney, S.r.l. - V.A.T. ID IT03001860166