Salve da un po di tempo mi si aprono in automatico delle finestre di publicità e ho provato ad eliminare um po di cose ma non so se ho fatto tutto correttamente qualcuno piu esperto puo controllarmi se nel file di log di hijackthis e di OTL c'è ancora qualcosa ,grazie a tutti coloro che vorranno aiutarmi.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13.24.02, on 17/03/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Spybot - Search & Destroy 2\SDUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Programmi\AVAST Software\Avast\avastUI.exe
C:\Programmi\Hard Disk Sentinel\HDSentinel.exe
C:\Programmi\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Principale\Dati applicazioni\Dropbox\bin\Dropbox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://developer.intel.com/design/motherbd/regionalsoftware/EN.htm#DG31PR
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Programmi\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Hard Disk Sentinel] "C:\Programmi\Hard Disk Sentinel\HDSentinel.exe" /AUTORUN
O4 - HKLM\..\Run: [SDTray] "C:\Programmi\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Principale\Dati applicazioni\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmi\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Programmi\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Programmi\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Programmi\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programmi\Skype\Updater\Updater.exe
--
End of file - 6145 bytes
OTL
OTL logfile created on: 17/03/2013 12.35.55 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Principale\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
1011,77 Mb Total Physical Memory | 536,20 Mb Available Physical Memory | 53,00% Memory free
3,34 Gb Paging File | 2,93 Gb Available in Paging File | 87,99% Paging File free
Paging file location(s): C:\pagefile.sys 2500 2500 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 117,19 Gb Total Space | 58,42 Gb Free Space | 49,85% Space Free | Partition Type: NTFS
Drive D: | 115,69 Gb Total Space | 115,45 Gb Free Space | 99,79% Space Free | Partition Type: NTFS
Computer Name: NEGOZIO | User Name: Principale | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Principale\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programmi\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Documents and Settings\Principale\Dati applicazioni\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Programmi\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.)
PRC - C:\Programmi\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Programmi\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programmi\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programmi\Hard Disk Sentinel\HDSentinel.exe (H.D.S. Hungary)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ========== MOD - C:\Programmi\AVAST Software\Avast\defs\13031700\algo.dll ()
MOD - C:\Programmi\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Programmi\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Programmi\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Programmi\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl ()
MOD - C:\Programmi\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
MOD - C:\Programmi\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\WINDOWS\system32\cpwmon2k.dll ()
MOD - C:\Programmi\Spybot - Search & Destroy 2\sqlite3.dll ()
========== Services (SafeList) ========== SRV - (Skype C2C Service) -- C:\Documents and Settings\All Users\Dati applicazioni\Skype\Toolbars\Skype C2C Service\c2c_service.exe File not found
SRV - (SDWSCService) -- C:\Programmi\Spybot File not found
SRV - (SDUpdateService) -- C:\Programmi\Spybot File not found
SRV - (SDScannerService) -- C:\Programmi\Spybot File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programmi\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (FLEXnet Licensing Service) -- C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (SkypeUpdate) -- C:\Programmi\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (odserv) -- C:\Programmi\File comuni\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (NMIndexingService) -- C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (ose) -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\DOCUME~1\PRINCI~1\IMPOST~1\Temp\catchme.sys File not found
DRV - (ALSysIO) -- C:\DOCUME~1\PRINCI~1\IMPOST~1\Temp\ALSysIO.sys File not found
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys ()
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys ()
DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (rt2870) -- C:\WINDOWS\system32\drivers\rt2870.sys (Ralink Technology, Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.alawar.it/IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://search.findeer.comIE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://search.findeer.comIE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://search.findeer.com IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://search.findeer.com IE - HKU\S-1-5-21-1085031214-261903793-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/IE - HKU\S-1-5-21-1085031214-261903793-1801674531-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1085031214-261903793-1801674531-1003\..\SearchScopes\{AD43A510-0817-11DE-A4D6-59A755D89593}: "URL" =
http://search.yahoo.com/search?ei=utf-8&fr=bfg&q={searchTerms}
IE - HKU\S-1-5-21-1085031214-261903793-1801674531-1003\..\SearchScopes\{B6244DB6-5A7E-4358-BC8C-EBD410989594}: "URL" =
http://www.google.com/search?hl=en&q={searchTerms}
IE - HKU\S-1-5-21-1085031214-261903793-1801674531-1003\..\SearchScopes\{E08A9998-D98F-476f-8F5C-37C80FE0A4DA}: "URL" =
http://it.search.yahoo.com/search?fr=chr-ober&type=gamenextit&p={searchTerms}
IE - HKU\S-1-5-21-1085031214-261903793-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.google.it/"
FF - prefs.js..extensions.enabledAddons: jqs%40sun.com:1.0
FF - prefs.js..extensions.enabledAddons: %7Ba7c6cf7f-112c-4500-a7ea-39801a327e5f%7D:2.0.13
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1483
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems:
wrc@avast.com:6.0.1289
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.7.0.8524
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programmi\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\programmi\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\programmi\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\programmi\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Dati applicazioni\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Principale\Impostazioni locali\Dati applicazioni\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programmi\AVAST Software\Avast\WebRep\FF [2013/03/05 06.42.42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\emoticoons-toolbar@emoticoons.com: C:\Documents and Settings\All Users\Documenti\Emoticoons\emoticoons-toolbar@emoticoons.com [2012/07/06 09.27.12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/12 07.50.39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2013/03/08 14.13.39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2013/02/19 22.22.29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Programmi\Mozilla Thunderbird\components [2013/03/12 06.50.10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Programmi\Mozilla Thunderbird\plugins
[2010/11/02 09.05.11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Principale\Dati applicazioni\Mozilla\Extensions
[2010/11/02 09.05.11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Principale\Dati applicazioni\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013/03/03 22.20.24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Principale\Dati applicazioni\Mozilla\Firefox\Profiles\h9eqvc6s.default\extensions
[2010/03/15 08.36.16 | 000,000,000 | ---D | M] (Conviva LivePass (Firefox)) -- C:\Documents and Settings\Principale\Dati applicazioni\Mozilla\Firefox\Profiles\h9eqvc6s.default\extensions\StreamingPlugin@conviva.com
[2012/04/16 09.53.47 | 000,020,591 | ---- | M] () (No name found) -- C:\Documents and Settings\Principale\Dati applicazioni\Mozilla\Firefox\Profiles\h9eqvc6s.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/03/03 22.20.24 | 000,872,587 | ---- | M] () (No name found) -- C:\Documents and Settings\Principale\Dati applicazioni\Mozilla\Firefox\Profiles\h9eqvc6s.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
[2013/02/19 22.22.24 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2013/02/19 22.22.24 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programmi\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/03/05 06.42.42 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAMMI\AVAST SOFTWARE\AVAST\WEBREP\FF
[2010/03/15 17.59.54 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMMI\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2013/03/08 14.13.38 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programmi\mozilla firefox\components\browsercomps.dll
[2012/10/12 07.50.16 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Programmi\mozilla firefox\plugins\nprpplugin.dll
[2009/10/26 15.45.36 | 000,102,400 | ---- | M] (Zylom) -- C:\Programmi\mozilla firefox\plugins\npzylomgamesplayer.dll
[2012/12/05 17.26.28 | 000,001,606 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\amazon-it.xml
[2012/09/08 15.32.27 | 000,002,465 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\bing.xml
[2012/12/05 17.26.28 | 000,000,957 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\eBay-it.xml
[2012/12/05 17.26.28 | 000,001,030 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\hoepli.xml
[2012/12/05 17.26.28 | 000,001,395 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\wikipedia-it.xml
[2012/12/05 17.26.28 | 000,001,166 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\yahoo-it.xml
========== Chrome ========== CHR - homepage:
http://search.findeer.comCHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
http://search.findeer.comCHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programmi\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programmi\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Programmi\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Principale\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Principale\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.7.0.8524_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programmi\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.180.7 (Enabled) = C:\Programmi\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U18 (Enabled) = C:\Programmi\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Programmi\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Programmi\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Programmi\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Programmi\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\Programmi\Mozilla Firefox\plugins\npzylomgamesplayer.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programmi\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programmi\Windows Media Player\npwmsdrm.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Principale\Impostazioni locali\Dati applicazioni\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Programmi\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Programmi\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Principale\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Principale\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Principale\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\Principale\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Principale\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\
CHR - Extension: Gmail = C:\Documents and Settings\Principale\Impostazioni locali\Dati applicazioni\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/12/03 17.48.46 | 000,361,612 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 12431 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1085031214-261903793-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Programmi\File comuni\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Programmi\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Hard Disk Sentinel] C:\Programmi\Hard Disk Sentinel\HDSentinel.exe (H.D.S. Hungary)
O4 - HKLM..\Run: [SDTray] C:\Programmi\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\Principale\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk = C:\Documents and Settings\Principale\Dati applicazioni\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1085031214-261903793-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1085031214-261903793-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1085031214-261903793-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1085031214-261903793-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programmi\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089}
http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4819DFDF-ABC4-488C-A323-919848C51175} Reg Error: Value error. (Conviva LivePass)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C838CA8A-D11A-4F7A-B58C-C65F724F3CB6}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmi\File comuni\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Principale\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Principale\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/28 20.44.49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{135eddf2-c9a7-11e1-be06-001cc0d34e5c}\Shell - "" = AutoRun
O33 - MountPoints2\{135eddf2-c9a7-11e1-be06-001cc0d34e5c}\Shell\AutoRun\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 60 Days ========== [2013/03/17 12.33.58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Principale\Desktop\OTL.exe
[2013/03/17 12.05.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Menu Avvio\Programmi\pserv.cpl
[2013/03/17 12.05.54 | 000,000,000 | ---D | C] -- C:\Programmi\p-nand-q.com
[2013/03/17 11.13.29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Principale\Recent
[2013/03/12 06.50.08 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Thunderbird
[2013/03/05 06.42.46 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/03/04 17.05.40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\FLEXnet
[2013/03/04 16.50.24 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\Macrovision Shared
[2013/02/27 15.54.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Vodafone
[2013/02/27 10.11.31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Dati applicazioni\org.mart3.VodafoneStation
[2013/02/27 10.10.57 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\Adobe AIR
[2013/02/27 10.10.54 | 000,000,000 | ---D | C] -- C:\Programmi\Vodafone
[2013/02/19 22.22.22 | 000,000,000 | ---D | C] -- C:\Programmi\Mozilla Firefox
[2013/02/13 23.06.39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Spybot - Search & Destroy 2
[2013/02/13 23.06.24 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\System32\sdnclean.exe
[2013/02/13 23.06.11 | 000,000,000 | ---D | C] -- C:\Programmi\Spybot - Search & Destroy 2
[2013/02/13 23.03.16 | 055,454,464 | ---- | C] (Safer-Networking Ltd. ) -- C:\Documents and Settings\Principale\Desktop\SpybotSD2.exe
[2013/02/09 13.46.06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\foto nuove
[2013/02/09 13.45.32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\foto del 09 03
[2013/02/09 13.24.40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Dati applicazioni\FileZilla
[2013/02/09 13.24.32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\FileZilla FTP Client
[2013/02/09 13.24.30 | 000,000,000 | ---D | C] -- C:\Programmi\FileZilla FTP Client
[2013/02/09 13.16.47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Desktop\sito
[2013/02/09 13.15.58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\SendBlaster2
[2013/02/09 13.15.57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\scanner documento
[2013/02/09 13.15.57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\sandro
[2013/02/09 13.15.56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\s.andrea corretta
[2013/02/09 13.15.55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\preventivo sito bitnet
[2013/02/09 13.15.55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\preventivi
[2013/02/09 13.15.53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\interflora
[2013/02/09 13.15.49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\immagini per landing speedy
[2013/02/09 12.29.28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\foto elen
[2013/02/09 12.29.02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\foto corrette
[2013/02/09 12.28.58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\foto calendario
[2013/02/09 12.28.55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\FATTURE USCITA
[2013/02/09 12.28.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\FATTURE IN ENTRATA
[2013/02/09 12.28.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\documenti formati pdf
[2013/02/09 12.28.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\comuni
[2013/02/09 12.28.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\bonsai
[2013/02/09 12.28.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\analisi sito defrancesco
[2013/02/09 12.28.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\alessandro venturi
[2013/02/09 12.28.53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\adwords
[2013/02/09 12.28.53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\accaunt
[2013/02/09 12.28.52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\sorgenti pagine sito
[2013/02/09 12.27.56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Documenti\traduzioni valeria
[2013/02/02 18.29.58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Desktop\Photo by corego • Instagram_files
[2013/01/22 11.01.31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Desktop\foto angolodeifiori
[2013/01/21 09.33.58 | 000,000,000 | ---D | C] -- C:\Program Files
[2013/01/21 09.33.55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\EPSON
[2013/01/19 15.06.28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Desktop\Connect V3.0
[2013/01/19 14.44.50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Dati applicazioni\VSRevoGroup
[2013/01/19 14.41.54 | 000,000,000 | ---D | C] -- C:\Programmi\VS Revo Group
[2013/01/19 14.41.54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Menu Avvio\Programmi\Revo Uninstaller
[2013/01/19 13.37.54 | 000,221,184 | R--- | C] (Ralink Technology, Inc.) -- C:\WINDOWS\System32\RaCoInst.dll
[2013/01/19 13.37.53 | 000,719,616 | R--- | C] (Ralink Technology, Corp.) -- C:\WINDOWS\System32\drivers\rt2870.sys
[2013/01/19 13.14.48 | 001,480,296 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\rtl8192ce.sys
[2013/01/19 13.14.43 | 000,000,000 | ---D | C] -- C:\Programmi\REALTEK PCIE Wireless LAN Driver
[2013/01/19 13.13.30 | 000,000,000 | ---D | C] -- C:\Desktop
[2013/01/19 13.10.40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Principale\Desktop\RTL8192ce_WindowsDriver_1005.28.1006.2011.F0066.P0830_ISS_1.00.0180.L
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 60 Days ========== [2013/03/17 12.34.00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Principale\Desktop\OTL.exe
[2013/03/17 12.30.22 | 000,000,308 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/03/17 12.29.21 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/03/17 12.29.03 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2013/03/17 12.29.02 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1085031214-261903793-1801674531-1003.job
[2013/03/17 12.29.01 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/17 12.29.00 | 000,000,612 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013/03/17 12.28.53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/03/17 12.18.15 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/03/17 12.05.01 | 000,403,682 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\pserv-2.7.exe
[2013/03/17 11.43.00 | 000,001,130 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/17 11.35.43 | 000,000,210 | -HS- | M] () -- C:\boot.ini
[2013/03/16 13.43.00 | 000,000,444 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F398F0FF-DB0C-45BD-BE3D-B511950F3D2F}.job
[2013/03/16 12.29.29 | 000,000,422 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\Collegamento a A su vodafone (local.mynet.vodafone.it).lnk
[2013/03/16 12.29.21 | 000,028,876 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\bhoooo.jpg
[2013/03/16 12.27.19 | 000,055,955 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\logo.jpg
[2013/03/15 10.14.36 | 000,010,296 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\ivana.jpg
[2013/03/15 09.35.03 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1085031214-261903793-1801674531-1003.job
[2013/03/13 12.19.00 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/03/13 12.18.59 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/03/11 19.43.35 | 000,000,043 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\biglietto1.gif
[2013/03/11 19.42.21 | 000,000,043 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\BIGLIETTO.gif
[2013/03/07 14.10.47 | 000,110,789 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\10834-spartito.jpg
[2013/03/07 00.33.24 | 000,765,736 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/03/07 00.33.24 | 000,368,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/03/07 00.33.24 | 000,164,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/03/07 00.33.24 | 000,062,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/03/07 00.33.24 | 000,049,760 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/03/07 00.33.24 | 000,049,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/03/07 00.33.23 | 000,066,336 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/03/07 00.33.22 | 000,029,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/03/07 00.32.51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/03/07 00.32.42 | 000,228,600 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/03/05 06.42.45 | 000,002,885 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/03/05 06.32.48 | 002,139,592 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/03/04 14.53.58 | 000,134,357 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\Immagine marco carra.JPG
[2013/03/04 14.53.50 | 000,006,144 | ---- | M] () -- C:\Documents and Settings\Principale\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/04 14.53.48 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/03/01 03.28.16 | 006,011,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013/02/28 12.57.57 | 000,001,742 | -H-- | M] () -- C:\Documents and Settings\Principale\Documenti\Default.rdp
[2013/02/27 15.54.54 | 000,000,781 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VodafoneStation2.lnk
[2013/02/27 10.08.33 | 008,632,792 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\VodafoneStation2.exe
[2013/02/26 06.51.04 | 000,062,771 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\Bouquet-di-Mimosa-Rose-Arancio-e-Gerbere.jpg
[2013/02/26 06.34.28 | 000,101,566 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\mimosa b.jpg
[2013/02/25 19.25.50 | 000,035,640 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\matrimonio 13072013.rtf
[2013/02/14 05.17.40 | 000,482,092 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2013/02/14 05.17.40 | 000,435,688 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/14 05.17.40 | 000,080,696 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2013/02/14 05.17.40 | 000,068,584 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/13 23.30.31 | 000,000,082 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013/02/13 23.07.00 | 000,000,608 | ---- | M] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013/02/13 23.07.00 | 000,000,438 | ---- | M] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
[2013/02/13 23.06.40 | 000,001,800 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spybot-S&D Start Center.lnk
[2013/02/13 23.05.18 | 055,454,464 | ---- | M] (Safer-Networking Ltd. ) -- C:\Documents and Settings\Principale\Desktop\SpybotSD2.exe
[2013/02/11 13.10.02 | 000,025,239 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\Fwd Nuovo ordine FloraQueen #20227187.eml
[2013/02/10 12.05.53 | 000,002,241 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/02/10 09.28.52 | 000,004,740 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\ORDINE 9557 SPEEDYFLOWERS per Arte Fiorita.eml
[2013/02/09 14.10.51 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\FileZilla.lnk
[2013/02/09 11.10.46 | 000,001,146 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\pagamento ordine 9330 Ferrari Stefano.rtf
[2013/02/06 11.47.30 | 000,211,502 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\8912347-cuore-di-san-valentino.jpg
[2013/02/05 20.57.34 | 001,212,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2013/02/05 20.57.34 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2013/02/05 20.57.33 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2013/02/05 20.57.33 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2013/02/05 20.57.33 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2013/02/05 20.57.33 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2013/02/05 20.57.33 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013/02/05 20.57.33 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2013/02/05 20.57.32 | 002,004,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013/02/05 20.57.32 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2013/02/05 20.57.32 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013/02/05 20.57.32 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2013/02/05 20.57.32 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013/02/05 20.57.32 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/02/05 20.57.32 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2013/02/05 20.57.32 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013/02/05 20.57.32 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2013/02/05 20.57.32 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2013/02/05 20.57.32 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2013/02/05 20.57.32 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2013/02/05 20.57.31 | 011,111,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013/02/05 20.57.31 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2013/02/05 20.57.31 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2013/02/05 20.57.30 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/02/05 20.57.30 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2013/02/05 20.57.30 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013/02/05 06.54.09 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2013/02/05 06.54.07 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2013/02/05 06.54.07 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2013/02/02 18.30.00 | 000,012,028 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\Photo by corego • Instagram.htm
[2013/01/26 12.54.52 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\settings.inc.php
[2013/01/26 04.55.42 | 000,552,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2013/01/25 09.17.42 | 000,094,629 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\2013_22_002030.pdf
[2013/01/24 17.41.14 | 000,001,048 | ---- | M] () -- C:\Documents and Settings\Principale\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk
[2013/01/24 17.40.55 | 000,001,044 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\Dropbox.lnk
[2013/01/22 19.24.20 | 000,043,908 | ---- | M] () -- C:\Documents and Settings\Principale\Documenti\primavera.gif
[2013/01/19 14.41.54 | 000,000,889 | ---- | M] () -- C:\Documents and Settings\Principale\Desktop\Revo Uninstaller.lnk
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/03/17 12.04.59 | 000,403,682 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\pserv-2.7.exe
[2013/03/16 12.29.21 | 000,028,876 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\bhoooo.jpg
[2013/03/16 12.27.18 | 000,055,955 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\logo.jpg
[2013/03/15 16.36.35 | 000,000,422 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\Collegamento a A su vodafone (local.mynet.vodafone.it).lnk
[2013/03/15 10.14.33 | 000,010,296 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\ivana.jpg
[2013/03/11 19.43.35 | 000,000,043 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\biglietto1.gif
[2013/03/11 19.42.17 | 000,000,043 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\BIGLIETTO.gif
[2013/03/07 14.10.47 | 000,110,789 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\10834-spartito.jpg
[2013/03/05 06.42.47 | 000,164,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/03/05 06.42.47 | 000,049,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/03/04 17.00.35 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Adobe Photoshop CS4.lnk
[2013/03/04 16.59.01 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Adobe Bridge CS4.lnk
[2013/03/04 16.53.00 | 000,001,076 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Adobe ExtendScript Toolkit CS4.lnk
[2013/03/04 14.53.58 | 000,134,357 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\Immagine marco carra.JPG
[2013/02/27 15.54.54 | 000,000,781 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VodafoneStation2.lnk
[2013/02/27 10.08.31 | 008,632,792 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\VodafoneStation2.exe
[2013/02/26 06.51.04 | 000,062,771 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\Bouquet-di-Mimosa-Rose-Arancio-e-Gerbere.jpg
[2013/02/26 06.34.25 | 000,101,566 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\mimosa b.jpg
[2013/02/23 11.49.26 | 000,035,640 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\matrimonio 13072013.rtf
[2013/02/21 16.22.52 | 000,043,908 | ---- | C] () -- C:\Documents and Settings\Principale\Documenti\primavera.gif
[2013/02/13 23.30.31 | 000,000,082 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013/02/13 23.06.59 | 000,000,608 | ---- | C] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013/02/13 23.06.59 | 000,000,438 | ---- | C] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
[2013/02/13 23.06.58 | 000,000,612 | ---- | C] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013/02/13 23.06.40 | 000,001,806 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Spybot-S&D Start Center.lnk
[2013/02/13 23.06.40 | 000,001,800 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spybot-S&D Start Center.lnk
[2013/02/11 13.10.02 | 000,025,239 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\Fwd Nuovo ordine FloraQueen #20227187.eml
[2013/02/10 09.28.52 | 000,004,740 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\ORDINE 9557 SPEEDYFLOWERS per Arte Fiorita.eml
[2013/02/09 14.10.51 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\FileZilla.lnk
[2013/02/09 13.42.07 | 000,001,742 | -H-- | C] () -- C:\Documents and Settings\Principale\Documenti\Default.rdp
[2013/02/09 11.10.46 | 000,001,146 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\pagamento ordine 9330 Ferrari Stefano.rtf
[2013/02/06 11.47.29 | 000,211,502 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\8912347-cuore-di-san-valentino.jpg
[2013/02/02 18.29.57 | 000,012,028 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\Photo by corego • Instagram.htm
[2013/01/27 19.46.29 | 000,001,566 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\Mozilla Firefox.lnk
[2013/01/26 12.54.07 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\settings.inc.php
[2013/01/25 09.17.41 | 000,094,629 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\2013_22_002030.pdf
[2013/01/21 09.55.47 | 000,001,048 | ---- | C] () -- C:\Documents and Settings\Principale\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk
[2013/01/19 14.41.54 | 000,000,889 | ---- | C] () -- C:\Documents and Settings\Principale\Desktop\Revo Uninstaller.lnk
[2013/01/19 13.37.54 | 000,013,931 | R--- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2013/01/19 13.14.43 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
[2012/10/03 12.32.14 | 000,088,688 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2012/02/15 08.48.36 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/07/14 11.24.59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2011/03/24 17.22.47 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\GkSui20.EXE
[2010/06/26 09.32.38 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\Principale\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/28 22.22.05 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Principale\.rnd
========== ZeroAccess Check ========== [2011/04/23 18.40.52 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 18.13.52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11.51.43 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 18.13.58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2010/09/04 18.30.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AlawarWrapper
[2011/10/19 10.35.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\AVAST Software
[2013/03/17 10.39.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Big Fish Games
[2013/01/21 09.34.17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\EPSON
[2009/07/22 16.52.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Friends Games
[2009/09/03 07.16.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\GamesBar
[2010/07/24 16.59.03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\HipSoft
[2009/07/09 18.26.36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MumboJumbo
[2009/09/12 18.37.21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Oberon Media
[2013/01/30 16.28.29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TEMP
[2010/07/26 18.28.16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\WildTangent
[2009/06/03 11.04.01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Zylom
[2010/09/04 18.30.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Principale\Dati applicazioni\1morebee
[2009/07/25 18.18.29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Principale\Dati applicazioni\Argonyt
[2010/09/24 17.16.18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Principale\Dati applicazioni\Artifex Mundi
[2010/07/12 17.02.33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Principale\Dati applicazioni\bfgbar
[2012/01/25 18.03.51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Principale\Dati applicazioni\Burraconline
[2010/03/15 18.25.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Principale\Dati applicazioni\Conviva
[2013/03/17 12.32.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Principale\Dati applicazioni\Dropbox
[2012/09/01 08.55.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Principale\Dati applicazioni\EmoticoonsToolbar
[2013/02/09 14.14.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Principale\Dati applicazioni\FileZilla
[2009/07/15 18.09.02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Principale\Dati applicazioni\Oberon Media
[2013/02/27 10.11.31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Principale\Dati applicazioni\org.mart3.VodafoneStation
[2011/07/09 18.08.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Principale\Dati applicazioni\Playrix Entertainment
[2009/05/28 21.53.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Principale\Dati applicazioni\TeamViewer
[2010/11/02 09.05.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Principale\Dati applicazioni\Thunderbird
[2012/04/26 17.45.55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Principale\Dati applicazioni\Unity
[2013/01/19 14.44.50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Principale\Dati applicazioni\VSRevoGroup
[2010/10/20 17.57.22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Principale\Dati applicazioni\Zylom
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 229 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:5AE33054
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:5D7E5A8F
@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:063969F8
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:C86B29EB
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:99C301D0
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:708BB0FA
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Dati applicazioni\TEMP:957E9765
< End of report >