OTL logfile created on: 28/01/2013 15.16.04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michele Nicolosi\Desktop
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
1,99 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 59,02% Memory free
4,21 Gb Paging File | 3,28 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 85,62 Gb Total Space | 35,81 Gb Free Space | 41,82% Space Free | Partition Type: NTFS
Computer Name: PC-RICERCA | User Name: Michele Nicolosi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - C:\Users\Michele Nicolosi\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programmi\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programmi\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programmi\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programmi\Chiavetta Internet Olicard 100\TimMonitor.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programmi\Sony\VAIO Power Management\OPT Drive Power Saving.exe (Sony Corporation)
PRC - C:\Programmi\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Programmi\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Programmi\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Programmi\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Programmi\Apoint\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Programmi\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Programmi\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Programmi\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Programmi\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Programmi\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Programmi\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Programmi\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - C:\Programmi\Chiavetta Internet Olicard 100\TimMonitor.exe ()
MOD - C:\Windows\System32\igfxTMM.dll ()
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV - (AdobeARMservice) -- C:\Programmi\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programmi\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (avast! Firewall) -- C:\Programmi\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV - (SeaPort) -- C:\Programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Programmi\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (WinDefend) -- C:\Programmi\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programmi\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (uCamMonitor) -- C:\Programmi\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (VzFw) -- C:\Programmi\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Programmi\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Programmi\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programmi\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Programmi\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Programmi\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-UPnP) -- C:\Programmi\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) -- C:\Programmi\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (SQLWriter) -- C:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (VAIOMediaPlatform-UCLS-AppServer) -- C:\Programmi\Sony\VAIO Media Integrated Server\UCLS.exe (Sony Corporation)
SRV - (IviRegMgr) -- C:\Programmi\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (MSCSPTISRV) -- C:\Programmi\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Programmi\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Programmi\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
SRV - (ose) -- C:\Programmi\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - (catchme) -- C:\Users\MICHEL~1\AppData\Local\Temp\catchme.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswNdis2) -- C:\Windows\System32\drivers\aswNdis2.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFW) -- C:\Windows\System32\drivers\aswFW.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
DRV - (aswNdis) -- C:\Windows\System32\drivers\aswNdis.sys (ALWIL Software)
DRV - (eeCtrl) -- C:\Programmi\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (pmx3gnet) -- C:\Windows\System32\drivers\pmx3gnet.sys (Olivetti)
DRV - (pmx3gmdm) -- C:\Windows\System32\drivers\pmx3gmdm.sys (Olivetti)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080427.009\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080427.009\NAVENG.SYS (Symantec Corporation)
DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)
DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC)
DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (shpf) -- C:\Windows\System32\drivers\shpf.sys (Sony Corporation)
DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (SPI) -- C:\Windows\System32\drivers\SonyPI.sys (Sony Corporation)
DRV - (R5U870FLx86) -- C:\Windows\System32\drivers\R5U870FLx86.sys (Ricoh)
DRV - (R5U870FUx86) -- C:\Windows\System32\drivers\R5U870FUx86.sys (Ricoh)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.club-vaio.comIE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{08B28BA1-EA54-41A6-8E82-F3642F7B7738}: "URL" =
http://www.google.it/search?hl=it&q={searchTerms}&meta=
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.club-vaio.comIE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
http://partnerpage.google.com/eu.s [Binary data over 200 bytes]
IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ieIE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.it/IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..\SearchScopes\{08B28BA1-EA54-41A6-8E82-F3642F7B7738}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_it
IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "www.google.it"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/12/10 23.42.05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2012/12/26 16.56.23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2012/12/26 16.56.44 | 000,000,000 | ---D | M]
[2012/11/01 07.15.10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michele Nicolosi\AppData\Roaming\mozilla\Extensions
O1 HOSTS File: ([2006/09/18 22.41.30 | 000,000,761 | -H-- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Supporto di collegamento per Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programmi\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programmi\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Programmi\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AML] C:\Program Files\Sony\VAIO Launcher\AML.exe (Sony)
O4 - HKLM..\Run: [Apoint] C:\Programmi\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TimMonitor] C:\Program Files\Chiavetta Internet Olicard 100\TimMonitor.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&sporta in Microsoft Excel - C:\Programmi\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Invia immagine alla periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Invia pagina alla periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmi\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: ebay.co.uk ([www] http in Siti attendibili)
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: ebay.fr ([www] * in Siti attendibili)
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: ebay.it ([www] * in Siti attendibili)
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: google.it ([www] * in Siti attendibili)
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: ilmeteo.it ([www] * in Siti attendibili)
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: intesanpaolo.com ([www] * in Siti attendibili)
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: miur.it ([www] * in Siti attendibili)
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: tiscali.it ([www] * in Siti attendibili)
O15 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\..Trusted Domains: unimib.it ([www] * in Siti attendibili)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}
http://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21DC8D6A-6279-4F96-99A8-0BCA4E9496C7}: DhcpNameServer = 193.70.152.25 193.70.192.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{37B2980E-4C7D-44A3-A289-3EC7D4EE26DD}: NameServer = 149.132.2.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{520D82A6-C608-42EA-BB71-CD5C2C1E53EB}: DhcpNameServer = 213.230.130.222 217.200.200.42
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE38E0A0-544E-4B31-83F2-9F6343B33416}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programmi\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programmi\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programmi\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programmi\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22.43.36 | 000,000,024 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1f1563e8-9e18-11de-8273-001e3d3def78}\Shell\AutoRun\command - "" = Brondi.exe
O33 - MountPoints2\{24bbde97-8c0a-11e0-b6da-ca47c88c261d}\Shell - "" = AutoRun
O33 - MountPoints2\{24bbde97-8c0a-11e0-b6da-ca47c88c261d}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{24bbdea2-8c0a-11e0-b6da-fdcb485ec238}\Shell - "" = AutoRun
O33 - MountPoints2\{24bbdea2-8c0a-11e0-b6da-fdcb485ec238}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{24bbdeb0-8c0a-11e0-b6da-aaa70d77c552}\Shell - "" = AutoRun
O33 - MountPoints2\{24bbdeb0-8c0a-11e0-b6da-aaa70d77c552}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5017966c-79d6-11df-9234-001e3d3def78}\Shell - "" = AutoRun
O33 - MountPoints2\{5017966c-79d6-11df-9234-001e3d3def78}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5017966e-79d6-11df-9234-001e3d3def78}\Shell - "" = AutoRun
O33 - MountPoints2\{5017966e-79d6-11df-9234-001e3d3def78}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5332aa3f-c5bf-11e1-8249-907231138cf3}\Shell - "" = AutoRun
O33 - MountPoints2\{5332aa3f-c5bf-11e1-8249-907231138cf3}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c6814f06-92e4-11e0-9a66-89727ead3e31}\Shell - "" = AutoRun
O33 - MountPoints2\{c6814f06-92e4-11e0-9a66-89727ead3e31}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{d748ce0e-a78b-11e0-a7d5-e7bd932a59b1}\Shell - "" = AutoRun
O33 - MountPoints2\{d748ce0e-a78b-11e0-a7d5-e7bd932a59b1}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ef725547-7910-11df-841a-001e3d3def78}\Shell - "" = AutoRun
O33 - MountPoints2\{ef725547-7910-11df-841a-001e3d3def78}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ef725593-7910-11df-841a-001e3d3def78}\Shell - "" = AutoRun
O33 - MountPoints2\{ef725593-7910-11df-841a-001e3d3def78}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2729452270-3402089170-694906330-1004\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
[color=#E56717]========== Files/Folders - Created Within 360 Days ==========[/color]
[2013/01/27 15.32.20 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/01/27 13.16.49 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/01/27 13.16.48 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/01/27 13.16.48 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/01/27 13.15.34 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/01/27 13.14.15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/01/27 13.11.39 | 005,027,618 | R--- | C] (Swearware) -- C:\Users\Michele Nicolosi\Desktop\ComboFix.exe
[2013/01/27 12.46.24 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/01/27 12.13.52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Michele Nicolosi\Desktop\OTL.exe
[2013/01/24 17.18.23 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\Desktop\miknik1
[2013/01/23 13.42.53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/23 13.42.43 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/01/23 13.42.42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/22 23.18.44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2013/01/22 23.18.32 | 000,106,560 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2013/01/22 23.15.03 | 000,199,320 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2013/01/22 23.14.59 | 000,020,624 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2013/01/22 23.14.10 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2013/01/22 16.28.25 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/01/22 16.28.06 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2013/01/22 11.03.09 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2013/01/17 22.57.06 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Roaming\Malwarebytes
[2013/01/17 22.56.48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/01/08 23.13.05 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Roaming\QuickScan
[2013/01/02 15.54.54 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2012/12/26 16.57.33 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2012/12/26 16.56.09 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2012/12/26 16.55.43 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer
[2012/12/26 16.55.03 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2012/12/26 16.55.03 | 000,000,000 | ---D | C] -- C:\Program Files\HP Photo Creations
[2012/12/26 16.54.13 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Roaming\HpUpdate
[2012/12/26 16.53.03 | 000,544,616 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\HPDiscoPMa211.dll
[2012/12/26 16.52.59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012/12/26 16.49.23 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012/12/26 16.49.16 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012/12/26 16.48.17 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Local\HP
[2012/12/10 23.43.07 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/12/10 23.43.06 | 000,361,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/12/10 23.42.58 | 000,035,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012/12/10 23.42.55 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/12/10 23.42.51 | 000,738,504 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/12/10 23.42.48 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/12/10 23.41.44 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/12/10 23.41.42 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/11/27 22.20.53 | 010,217,672 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\Michele Nicolosi\Desktop\Adobe Flash Player.exe
[2012/11/24 21.19.51 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/11/24 21.19.51 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/11/03 15.17.40 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Local\Macromedia
[2012/11/02 23.55.47 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/11/01 07.14.44 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Roaming\Mozilla
[2012/11/01 07.14.21 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/11/01 07.14.11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/10/11 22.57.08 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Local\Deployment
[2012/06/05 20.09.38 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Roaming\Coza
[2012/02/23 00.04.10 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/02/23 00.04.10 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/02/21 14.04.14 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gruppo di programmi (1)
[2012/02/21 12.03.13 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Local\MigWiz
[2012/02/21 10.08.52 | 000,000,000 | ---D | C] -- C:\f2885acb31a7b14b6c0926
[2012/02/21 00.32.56 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
[2012/02/16 22.04.52 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/02/16 22.04.37 | 000,000,000 | -H-D | C] -- C:\Program Files\Microsoft Silverlight
[2012/02/14 20.26.54 | 000,000,000 | ---D | C] -- C:\Users\Michele Nicolosi\AppData\Local\PackageAware
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 360 Days ==========[/color]
[2013/01/28 15.23.16 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/28 15.01.01 | 000,000,278 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Messager.job
[2013/01/28 14.54.45 | 000,001,823 | ---- | M] () -- C:\Users\Michele Nicolosi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitora avvisi inchiostro - HP Deskjet 3070 B611 series (Rete).lnk
[2013/01/28 14.32.22 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/28 14.32.22 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/28 14.32.13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/28 14.32.07 | 2137,100,288 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/27 23.18.20 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/01/27 13.11.38 | 005,027,618 | R--- | M] (Swearware) -- C:\Users\Michele Nicolosi\Desktop\ComboFix.exe
[2013/01/27 12.14.02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michele Nicolosi\Desktop\OTL.exe
[2013/01/27 12.06.26 | 000,406,408 | -H-- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/24 17.18.47 | 000,018,745 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\miknik1.zip
[2013/01/23 13.42.53 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/22 23.18.45 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013/01/22 12.39.46 | 000,574,315 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\adwcleaner.exe
[2013/01/16 23.30.30 | 306,973,106 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/12/26 16.55.29 | 000,001,788 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2012/12/26 16.53.00 | 000,002,139 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 3070 B611 series.lnk
[2012/12/26 16.53.00 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\HP ePrintCenter - HP Deskjet 3070 B611 series.lnk
[2012/12/26 16.53.00 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Acquisto materiali di consumo - HP Deskjet 3070 B611 series.lnk
[2012/12/26 16.49.01 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2012/12/17 18.47.43 | 000,021,885 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\_1217121205_001.pdf
[2012/12/14 16.49.28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/12/10 23.30.52 | 000,002,150 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/12/10 23.24.08 | 000,000,430 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/12/03 23.13.44 | 000,031,478 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\ricevuta 4-2012.rtf
[2012/12/03 23.01.43 | 000,032,039 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\ricevuta 3-2012.rtf
[2012/11/27 22.22.54 | 010,217,672 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Michele Nicolosi\Desktop\Adobe Flash Player.exe
[2012/11/24 21.19.51 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/11/24 21.19.51 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/10/30 23.51.58 | 000,738,504 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/10/30 23.51.58 | 000,361,032 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/10/30 23.51.58 | 000,199,320 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2012/10/30 23.51.58 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/10/30 23.51.58 | 000,035,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012/10/30 23.51.57 | 000,058,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/10/30 23.51.56 | 000,106,560 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2012/10/30 23.51.56 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/10/30 23.51.56 | 000,020,624 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2012/10/30 23.51.07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/10/30 23.50.59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/10/08 09.17.46 | 000,004,461 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\michele.nicolosi@unimib.it.p12
[2012/09/21 10.26.08 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2012/05/31 11.25.14 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/05/28 20.22.19 | 000,000,680 | ---- | M] () -- C:\Users\Michele Nicolosi\AppData\Local\d3d9caps.dat
[2012/02/27 21.00.37 | 000,379,047 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\SchedaTecnicaProgetto.mht
[2012/02/22 07.15.13 | 000,000,293 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\Disco locale (C) - collegamento.lnk
[2012/02/21 13.55.55 | 000,001,768 | ---- | M] () -- C:\Users\Michele Nicolosi\pcufficio.RDP
[2012/02/21 13.49.32 | 000,001,768 | ---- | M] () -- C:\Users\Michele Nicolosi\Desktop\pcufficio.RDP
[2012/02/21 13.47.29 | 000,001,768 | ---- | M] () -- C:\Users\Michele Nicolosi\Documents\pcufficio.RDP
[2012/02/21 11.33.32 | 000,196,608 | -H-- | M] () -- C:\Windows\System32\Ikeext.etl
[2012/02/13 23.19.55 | 000,671,944 | -H-- | M] () -- C:\Windows\System32\perfh010.dat
[2012/02/13 23.19.55 | 000,595,996 | -H-- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/13 23.19.55 | 000,123,464 | -H-- | M] () -- C:\Windows\System32\perfc010.dat
[2012/02/13 23.19.55 | 000,104,070 | -H-- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2013/01/27 13.16.49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/01/27 13.16.48 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/01/27 13.16.48 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/01/27 13.16.48 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/01/27 13.16.48 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/01/24 17.18.47 | 000,018,745 | ---- | C] () -- C:\Users\Michele Nicolosi\Desktop\miknik1.zip
[2013/01/23 13.42.53 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/22 23.18.45 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013/01/22 12.39.44 | 000,574,315 | ---- | C] () -- C:\Users\Michele Nicolosi\Desktop\adwcleaner.exe
[2012/12/26 17.01.19 | 000,001,823 | ---- | C] () -- C:\Users\Michele Nicolosi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitora avvisi inchiostro - HP Deskjet 3070 B611 series (Rete).lnk
[2012/12/26 16.56.52 | 000,001,241 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk
[2012/12/26 16.55.29 | 000,001,788 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2012/12/26 16.55.20 | 000,000,278 | ---- | C] () -- C:\Windows\tasks\HP Photo Creations Messager.job
[2012/12/26 16.53.00 | 000,002,139 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 3070 B611 series.lnk
[2012/12/26 16.53.00 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\HP ePrintCenter - HP Deskjet 3070 B611 series.lnk
[2012/12/26 16.53.00 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\Acquisto materiali di consumo - HP Deskjet 3070 B611 series.lnk
[2012/12/26 16.49.01 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/12/17 18.47.51 | 000,021,885 | ---- | C] () -- C:\Users\Michele Nicolosi\Desktop\_1217121205_001.pdf
[2012/12/10 23.06.48 | 000,002,150 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/12/03 23.02.18 | 000,031,478 | ---- | C] () -- C:\Users\Michele Nicolosi\Desktop\ricevuta 4-2012.rtf
[2012/12/03 23.01.43 | 000,032,039 | ---- | C] () -- C:\Users\Michele Nicolosi\Desktop\ricevuta 3-2012.rtf
[2012/11/24 21.19.53 | 000,000,978 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/14 08.53.20 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/03/13 22.30.20 | 000,000,430 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/02/27 21.00.36 | 000,379,047 | ---- | C] () -- C:\Users\Michele Nicolosi\Desktop\SchedaTecnicaProgetto.mht
[2012/02/22 07.15.13 | 000,000,293 | ---- | C] () -- C:\Users\Michele Nicolosi\Desktop\Disco locale (C) - collegamento.lnk
[2012/02/21 13.55.54 | 000,001,768 | ---- | C] () -- C:\Users\Michele Nicolosi\pcufficio.RDP
[2012/02/21 13.46.16 | 000,001,768 | ---- | C] () -- C:\Users\Michele Nicolosi\Documents\pcufficio.RDP
[2012/02/21 13.36.37 | 000,000,680 | ---- | C] () -- C:\Users\Michele Nicolosi\AppData\Local\d3d9caps.dat
[2011/11/15 11.47.45 | 000,000,767 | ---- | C] () -- C:\Users\Michele Nicolosi\AppData\Local\recently-used.xbel
[2011/10/15 20.51.49 | 000,000,127 | -H-- | C] () -- C:\Windows\System32\MRT.INI
[2011/06/08 22.49.42 | 001,929,576 | ---- | C] () -- C:\Windows\System32\HPScanTRDrv_DJ3070_B611.dll
[2011/05/17 14.30.43 | 000,004,096 | ---- | C] () -- C:\Users\Michele Nicolosi\AppData\Local\keyfile3.drm
[2009/09/11 12.50.26 | 000,006,144 | ---- | C] () -- C:\Users\Michele Nicolosi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2006/11/02 13.54.18 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 16.46.32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 05.36.24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/19 08.36.49 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[color=#E56717]========== LOP Check ==========[/color]
[2008/07/13 21.07.53 | 000,000,000 | -H-D | M] -- C:\Users\Giampaolo\AppData\Roaming\InterVideo
[2008/03/14 09.43.58 | 000,000,000 | -H-D | M] -- C:\Users\Giampaolo\AppData\Roaming\Template
[2010/05/17 07.13.46 | 000,000,000 | -H-D | M] -- C:\Users\Laura xxxxxx\AppData\Roaming\InterVideo
[2012/09/21 20.34.46 | 000,000,000 | ---D | M] -- C:\Users\Michele Nicolosi\AppData\Roaming\Coza
[2010/04/10 09.10.18 | 000,000,000 | ---D | M] -- C:\Users\Michele Nicolosi\AppData\Roaming\InterVideo
[2013/01/08 23.13.26 | 000,000,000 | ---D | M] -- C:\Users\Michele Nicolosi\AppData\Roaming\QuickScan
[2010/06/17 08.46.47 | 000,000,000 | ---D | M] -- C:\Users\Michele Nicolosi\AppData\Roaming\Uniblue
[color=#E56717]========== Purity Check ==========[/color]
< End of report >