eccoli:
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Versione database: v2013.03.17.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16521
Federico :: FEDERICO-PC [amministratore]

17/03/2013 19:03:33
mbam-log-2013-03-17 (19-03-33).txt

Tipo di scansione: Scansione completa (C:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 288591
Tempo impiegato: 45 minuti, 41 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 1
HKCU\SOFTWARE\Funmoods (PUP.FunMoods) -> Spostato in quarantena ed eliminato con successo.

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 2
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search (PUP.ProtectedSearch) -> Spostato in quarantena ed eliminato con successo.
C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> Spostato in quarantena ed eliminato con successo.

File rilevati: 3
C:\$Recycle.Bin\S-1-5-21-1612247772-853188687-1366495259-1000\$RGMCRQK.exe (PUP.BundleInstaller.IB) -> Spostato in quarantena ed eliminato con successo.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search\Protected Search Settings.lnk (PUP.ProtectedSearch) -> Spostato in quarantena ed eliminato con successo.
C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> Spostato in quarantena ed eliminato con successo.

(fine)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:08:30, on 17/03/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Protected Search\ProtectedSearch.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
C:\Users\Public\Documents\AppData\PoApp\PService.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=119532&tt=070312_wc&babsrc=HP_ss&mntrId=E84900E04D18F018
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files\uTorrentBar_IT\prxtbuTo2.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {88ac3cb6-596b-4217-964c-b6757ef9602d} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Federico\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskToolbar - {3cb073f3-be3c-4e8f-942d-8a747b54486f} - C:\Program Files\asktoolbar4\asktoolbar4X.dll
O2 - BHO: uTorrentBar_IT - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files\uTorrentBar_IT\prxtbuTo2.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: aTube Toolbar - {bfc39e47-d643-4dc2-aa1d-61377501c844} - C:\Program Files\atube\atubeX.dll
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.10.0\bh\delta.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\Softonic\1.8.8.11\bh\Softonic.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\ChatZum Toolbar\tbunshBF29.tmp\tbcore3.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
O3 - Toolbar: uTorrentBar_IT Toolbar - {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - C:\Program Files\uTorrentBar_IT\prxtbuTo2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: aTube Toolbar - {bfc39e47-d643-4dc2-aa1d-61377501c844} - C:\Program Files\atube\atubeX.dll
O3 - Toolbar: AskToolbar - {3cb073f3-be3c-4e8f-942d-8a747b54486f} - C:\Program Files\asktoolbar4\asktoolbar4X.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: ChatZum Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\ChatZum Toolbar\tbunshBF29.tmp\tbcore3.dll
O3 - Toolbar: Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.8.8.11\SoftonicTlbr.dll
O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.10.0\deltaTlbr.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [facemoods] "C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [AliceMessenger] "C:\Program Files\Alice Messenger\alicemessenger.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{25CB117F-7AD4-4D76-A605-68E55C0F74CA}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{49CF940B-581F-43A2-897D-F342CBB24B83}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{ADF852DE-553F-4557-B7DD-FCA1A26BE755}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{D0632F46-BB8B-494C-AFEE-39F321F86E7B}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{e29ac6c2-7037-11de-816d-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{25CB117F-7AD4-4D76-A605-68E55C0F74CA}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{25CB117F-7AD4-4D76-A605-68E55C0F74CA}: NameServer = 8.8.8.8,8.8.4.4
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: LiveUpSC - SoftwareUpdService - C:\Users\Federico\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Users\Federico\AppData\Local\PosService\Pos.exe
O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Users\Federico\AppData\Local\ServUpdater\ServiceUpd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 12068 bytes

Ciao.
Il pc è ancora infetto.
Scarica Adwcleaner sul desktop:
http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
Clicca sul pulsante "Elimina".
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Postalo qui.

Poi:
Scarica OTL, e salvalo sul desktop:

http://oldtimer.geekstogo.com/OTL.exe

Clicca sull'icona di OTL che trovi sul tuo desktop .

Metti la spunta su SCAN ALL USERS.

Sotto output, metti la spunta : minimal output

Clicca sulla freccettina di File Age e seleziona 60 Days

Metti la spunta a LOP Check e Purity Check.

Sotto "Custom Scans\Fixes" copia-incolla questo codice:



Clicca su RUN SCAN

Lascia fare la scansione senza interferire.

Al termine della scansione trovi 2 log sul desktop. OTL.txt ed Extras.txt, salvali e caricali su Wikisend, per postarli sul forum.

Ecco Extras non mi esce cioè non c'è
OTL logfile created on: 17/03/2013 21:38:05 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Federico\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

1,94 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 46,18% Memory free
3,87 Gb Paging File | 2,52 Gb Available in Paging File | 65,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 233,66 Gb Total Space | 185,48 Gb Free Space | 79,38% Space Free | Partition Type: NTFS

Computer Name: FEDERICO-PC | User Name: Federico | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Federico\Downloads\OTL (2).exe (OldTimer Tools)
PRC - C:\Programmi\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Programmi\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programmi\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programmi\Canon\ImageBrowser EX\MFManager.exe ()
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programmi\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
PRC - C:\Users\Public\Documents\AppData\PoApp\PService.exe (PService)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programmi\Common Files\Common Desktop Agent\CDASrv.exe ()
PRC - C:\Programmi\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programmi\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Programmi\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Programmi\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
PRC - C:\Programmi\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
PRC - C:\Programmi\Alice Messenger\alicemessenger.exe (Telecom Italia S.p.A.)


========== Modules (No Company Name) ==========

MOD - C:\Programmi\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll ()
MOD - C:\Programmi\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll ()
MOD - C:\Programmi\Google\Chrome\Application\25.0.1364.172\pdf.dll ()
MOD - C:\Programmi\Google\Chrome\Application\25.0.1364.172\libglesv2.dll ()
MOD - C:\Programmi\Google\Chrome\Application\25.0.1364.172\libegl.dll ()
MOD - C:\Programmi\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ba58d64562391191a22ad0133512ed6f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll ()
MOD - C:\Programmi\Canon\ImageBrowser EX\MFManager.exe ()
MOD - C:\Programmi\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll ()
MOD - C:\Programmi\WinRAR\RarExt.dll ()
MOD - C:\Programmi\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Programmi\Common Files\Common Desktop Agent\CDASrvPS.dll ()
MOD - C:\Programmi\Common Files\Common Desktop Agent\CDASrv.exe ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programmi\Alice Messenger\connectors\RTCApiWrapper.dll ()
MOD - C:\Programmi\Alice Messenger\presentation\qt45_30_win32.dll ()
MOD - C:\Programmi\Alice Messenger\httpDrivers\httpDISEDriver.dll ()
MOD - C:\Programmi\Alice Messenger\httpDrivers\httpWsDriverGSoap.dll ()
MOD - C:\Programmi\Alice Messenger\httpDrivers\httpDriverWinInet.dll ()
MOD - C:\Programmi\Alice Messenger\PluginProxy.dll ()
MOD - C:\Programmi\Alice Messenger\middleSDK.dll ()
MOD - C:\Programmi\Alice Messenger\flash.dll ()
MOD - C:\Programmi\Alice Messenger\QtWebKit4.dll ()
MOD - C:\Programmi\Alice Messenger\imageformats\qjpeg4.dll ()
MOD - C:\Programmi\Alice Messenger\imageformats\qgif4.dll ()
MOD - C:\Programmi\Alice Messenger\imageformats\qmng4.dll ()
MOD - C:\Programmi\Alice Messenger\phonon4.dll ()
MOD - C:\Programmi\Alice Messenger\QtGui4.dll ()
MOD - C:\Programmi\Alice Messenger\QtNetwork4.dll ()
MOD - C:\Programmi\Alice Messenger\QtCore4.dll ()


========== Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (LiveUpSC) -- C:\Users\Federico\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe (SoftwareUpdService)
SRV - (AdobeARMservice) -- C:\Programmi\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (PowerOffer Service) -- C:\Users\Federico\AppData\Local\PosService\Pos.exe (PowerOfferService)
SRV - (ServUpdater) -- C:\Users\Federico\AppData\Local\ServUpdater\ServiceUpd.exe (ServiceUpd)
SRV - (HPSLPSVC) -- C:\Users\Federico\AppData\Local\Temp\7zS1F83\hpslpsvc32.dll (Hewlett-Packard Co.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programmi\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (IJPLMSVC) -- C:\Programmi\Canon\IJPLM\ijplmsvc.exe ()
SRV - (NAUpdate) -- C:\Programmi\Nero\Update\NASvc.exe (Nero AG)
SRV - (osppsvc) -- C:\Programmi\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programmi\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (StarWindServiceAE) -- C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programmi\Windows Defender\MpSvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (a5m721u0) -- File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (ampa) -- C:\Windows\System32\ampa.sys ()
DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.chatzum.com/?orig=DS&affid=61&cztbid=1280291968&q={searchTerms}
IE - HKLM\..\SearchScopes\{1}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Federico\Downloads
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 1B 91 F4 C4 99 CC 01 [binary data]
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\..\URLSearchHook: {88ac3cb6-596b-4217-964c-b6757ef9602d} - No CLSID value found
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\..\SearchScopes\{1}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\..\SearchScopes\{E1EF3C00-69CB-4918-8470-6250B368F95C}: "URL" = http://search.softonic.com/MOY00010/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=505
IE - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/12 23:03:29 | 000,000,000 | ---D | M]

[2013/03/02 21:09:30 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2012/11/11 13:39:06 | 000,003,269 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Web Search.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = https://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=fflb&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=rcs
CHR - default_search_provider: suggest_url = https://www.google.com/complete/search?q={searchTerms}
CHR - homepage: http://www.google.it/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Federico\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Ricerca Google = C:\Users\Federico\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: IE Tab = C:\Users\Federico\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\5.3.6.1_0\
CHR - Extension: avast! WebRep = C:\Users\Federico\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: Tube Me = C:\Users\Federico\AppData\Local\Google\Chrome\User Data\Default\Extensions\mholkbelnpdjcfleagoeomkcojplfngn\0.86_0\
CHR - Extension: Reload All Tabs = C:\Users\Federico\AppData\Local\Google\Chrome\User Data\Default\Extensions\midkcinmplflbiflboepnahkboeonkam\3.2.1_0\
CHR - Extension: Gmail = C:\Users\Federico\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/07/14 22:26:55 | 000,000,988 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programmi\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (aTube Toolbar) - {bfc39e47-d643-4dc2-aa1d-61377501c844} - C:\Programmi\atube\atubeX.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programmi\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (aTube Toolbar) - {bfc39e47-d643-4dc2-aa1d-61377501c844} - C:\Programmi\atube\atubeX.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CDAServer] C:\Programmi\Common Files\Common Desktop Agent\CDASrv.exe ()
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe (PLauncher)
O4 - HKU\S-1-5-21-1612247772-853188687-1366495259-1000..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-1612247772-853188687-1366495259-1000..\Run: [AliceMessenger] C:\Program Files\Alice Messenger\alicemessenger.exe (Telecom Italia S.p.A.)
O4 - HKU\S-1-5-21-1612247772-853188687-1366495259-1000..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-1612247772-853188687-1366495259-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&sporta in Microsoft Excel - C:\Programmi\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: I&nvia a OneNote - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25CB117F-7AD4-4D76-A605-68E55C0F74CA}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49CF940B-581F-43A2-897D-F342CBB24B83}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADF852DE-553F-4557-B7DD-FCA1A26BE755}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D0632F46-BB8B-494C-AFEE-39F321F86E7B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D0632F46-BB8B-494C-AFEE-39F321F86E7B}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{e29ac6c2-7037-11de-816d-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programmi\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 60 Days ==========

[2013/03/17 12:36:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins
[2013/03/17 12:36:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions
[2013/03/17 12:36:31 | 000,000,000 | ---D | C] -- C:\Users\Federico\AppData\Roaming\Systweak
[2013/03/17 12:36:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[2013/03/17 12:36:21 | 000,000,000 | ---D | C] -- C:\Program Files\RegClean Pro
[2013/03/17 12:32:23 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2013/03/17 12:32:23 | 000,000,000 | ---D | C] -- C:\Users\Federico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013/03/17 12:16:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emoticoons
[2013/03/17 12:16:02 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Emoticoons
[2013/03/17 12:12:14 | 000,000,000 | ---D | C] -- C:\Users\Federico\AppData\Roaming\Malwarebytes
[2013/03/17 12:11:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/03/17 12:11:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/03/17 12:11:44 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/03/17 12:11:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/03/16 13:01:35 | 000,745,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013/03/16 13:01:35 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013/03/16 13:01:34 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/03/16 13:01:34 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/03/16 13:01:34 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/03/16 13:01:34 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013/03/16 13:01:34 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013/03/16 13:01:34 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013/03/16 13:01:34 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/03/16 13:01:34 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/03/16 13:01:34 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013/03/16 13:01:34 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013/03/16 13:01:34 | 000,242,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013/03/16 13:01:34 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/03/16 13:01:34 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013/03/16 13:01:34 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013/03/16 13:01:34 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013/03/16 13:01:34 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013/03/16 13:01:34 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013/03/16 13:01:34 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/03/16 13:01:34 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013/03/16 13:01:34 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013/03/16 13:01:34 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/03/16 13:01:34 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013/03/16 13:01:34 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013/03/16 13:01:34 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/03/16 13:01:34 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/03/16 13:01:34 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013/03/16 13:01:34 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013/03/16 13:01:34 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/03/16 13:01:34 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013/03/16 13:01:34 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/03/16 13:01:34 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013/03/16 13:01:34 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/03/16 13:01:34 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013/03/16 13:01:34 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013/03/16 12:36:39 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013/03/16 12:18:32 | 000,018,360 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe
[2013/03/13 10:17:26 | 016,486,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2013/03/11 22:20:12 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/03/11 22:19:56 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/03/11 22:19:56 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/03/11 22:19:56 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/03/05 06:44:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/03/03 19:16:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2013/03/03 19:15:15 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2013/03/03 19:15:15 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2013/03/03 19:15:15 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll
[2013/03/03 19:15:15 | 000,819,648 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll
[2013/03/03 19:15:15 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2013/03/03 19:15:15 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll
[2013/03/03 19:15:15 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll
[2013/03/03 19:15:14 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2013/03/03 19:15:14 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2013/03/03 19:15:14 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2013/03/03 19:15:13 | 000,192,104 | ---- | C] (Sony Corporation) -- C:\Windows\System32\SFSS_APO.dll
[2013/03/03 19:15:12 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2013/03/03 19:15:12 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2013/03/03 19:15:12 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2013/03/03 19:15:12 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2013/03/03 19:15:11 | 002,417,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2013/03/03 19:15:10 | 003,173,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2013/03/03 19:15:10 | 000,645,776 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2013/03/03 19:15:10 | 000,087,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInstII.dll
[2013/03/03 19:15:10 | 000,013,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoLDR.dll
[2013/03/03 19:15:09 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2013/03/03 19:15:09 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2013/03/03 19:15:09 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2013/03/03 19:15:08 | 005,096,448 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2013/03/03 19:15:08 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2013/03/03 19:15:08 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2013/03/03 19:15:08 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2013/03/03 19:15:07 | 007,161,696 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2013/03/03 19:15:07 | 000,351,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2013/03/03 19:15:07 | 000,105,824 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2013/03/03 19:15:07 | 000,091,488 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2013/03/03 19:15:07 | 000,061,792 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2013/03/03 19:15:06 | 007,783,768 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2013/03/03 19:15:06 | 001,185,112 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek2.dll
[2013/03/03 19:15:06 | 000,350,552 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2013/03/03 19:15:05 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2013/03/03 19:15:05 | 000,709,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPOShell.dll
[2013/03/03 19:15:04 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2013/03/03 19:15:04 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2013/03/03 19:15:04 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2013/03/03 19:15:04 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2013/03/03 19:14:57 | 002,193,472 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2013/03/03 19:14:57 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2013/03/03 19:14:57 | 000,421,744 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2013/03/03 19:14:57 | 000,398,192 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2013/03/03 19:14:57 | 000,335,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2013/03/03 19:14:56 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2013/03/03 19:14:56 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2013/03/03 19:14:56 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2013/03/03 19:14:56 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2013/03/03 19:14:56 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2013/03/03 19:14:56 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2013/03/03 19:14:56 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2013/03/03 19:14:56 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2013/03/03 19:14:55 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2013/03/03 19:14:55 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2013/03/03 19:14:55 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2013/03/03 19:14:54 | 000,176,736 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2013/03/03 19:14:54 | 000,095,840 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2013/03/03 19:14:54 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/03/03 19:14:36 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2013/03/03 19:14:35 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013/02/28 04:04:58 | 000,000,000 | ---D | C] -- C:\Users\Federico\AppData\Local\SoftwareUpdater
[2013/02/28 04:04:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPcCleaner
[2013/02/28 04:04:57 | 000,000,000 | ---D | C] -- C:\Program Files\MyPcCleaner
[2013/02/28 04:04:55 | 000,000,000 | ---D | C] -- C:\Users\Federico\AppData\Local\Programs
[2013/02/27 03:01:53 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2013/02/27 03:01:40 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2013/02/27 03:01:32 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/27 03:01:32 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/27 03:01:32 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/27 03:01:28 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2013/02/27 03:01:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/27 03:01:25 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/27 03:01:25 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/27 03:01:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/27 03:01:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/27 03:01:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/27 03:01:24 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/02/27 03:01:23 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2013/02/27 03:01:23 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2013/02/27 03:01:22 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013/02/27 03:01:22 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/02/27 03:01:21 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2013/02/27 03:01:21 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/02/27 03:01:21 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/02/27 03:01:20 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/02/27 03:01:19 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2013/02/27 03:01:18 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/02/27 03:01:18 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2013/02/27 03:01:16 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013/02/12 22:32:45 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/02/12 22:32:33 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/02/12 22:32:31 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/02/12 22:32:28 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2013/02/12 22:28:28 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013/02/11 17:12:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Home Edition 5.1.2
[2013/02/11 17:12:31 | 000,000,000 | ---D | C] -- C:\Program Files\AOMEI Partition Assistant Home Edition 5.1.2
[2013/02/11 17:07:36 | 000,000,000 | ---D | C] -- C:\Users\Federico\Desktop\Programma e videoguida

========== Files - Modified Within 60 Days ==========

[2013/03/17 21:35:02 | 000,001,142 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/17 21:14:59 | 000,021,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/17 21:14:59 | 000,021,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/17 21:13:03 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/17 21:07:47 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/17 21:07:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/17 21:07:17 | 1559,142,400 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/17 15:01:23 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2013/03/17 14:00:40 | 000,000,278 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2013/03/17 14:00:03 | 296,110,658 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/03/17 12:36:25 | 000,001,008 | ---- | M] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2013/03/17 12:11:50 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/16 13:01:35 | 000,745,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013/03/16 13:01:35 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013/03/16 13:01:34 | 002,877,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/03/16 13:01:34 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/03/16 13:01:34 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/03/16 13:01:34 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013/03/16 13:01:34 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013/03/16 13:01:34 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013/03/16 13:01:34 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/03/16 13:01:34 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/03/16 13:01:34 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013/03/16 13:01:34 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013/03/16 13:01:34 | 000,242,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013/03/16 13:01:34 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/03/16 13:01:34 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013/03/16 13:01:34 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013/03/16 13:01:34 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013/03/16 13:01:34 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013/03/16 13:01:34 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013/03/16 13:01:34 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/03/16 13:01:34 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013/03/16 13:01:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013/03/16 13:01:34 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/03/16 13:01:34 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013/03/16 13:01:34 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013/03/16 13:01:34 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/03/16 13:01:34 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/03/16 13:01:34 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013/03/16 13:01:34 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013/03/16 13:01:34 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/03/16 13:01:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013/03/16 13:01:34 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/03/16 13:01:34 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013/03/16 13:01:34 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/03/16 13:01:34 | 000,025,185 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013/03/16 13:01:34 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013/03/16 13:01:34 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013/03/13 23:45:59 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/13 22:32:42 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013/03/13 10:17:31 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/03/13 10:17:31 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/03/13 10:17:26 | 016,486,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2013/03/12 23:03:32 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/03/12 20:55:19 | 367,204,352 | ---- | M] () -- C:\Users\Federico\Desktop\Criminal.Minds.8x03.Attraverso.lo.specchio.iTALiAN.DLMux.XviD-DarkSideMux.avi
[2013/03/11 22:19:48 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/03/11 22:19:46 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/03/11 22:19:46 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/03/11 22:19:45 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2013/03/11 22:19:45 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013/03/11 22:19:45 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/03/10 20:45:36 | 367,003,648 | ---- | M] () -- C:\Users\Federico\Desktop\Criminal.Minds.8x04.Il.complesso.di.Dio.iTALiAN.DLMux.XviD-DarkSideMux.avi
[2013/03/10 14:53:50 | 576,794,624 | ---- | M] () -- C:\Users\Federico\Desktop\The.Walking.Dead.3x11.Giuda.iTALiAN.DLMux.XviD-DarkSideMux.avi
[2013/03/07 22:30:58 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/03/07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/03/07 00:33:24 | 000,164,736 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/03/07 00:33:24 | 000,049,248 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/03/07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/03/07 00:33:23 | 000,060,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013/03/07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/03/07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/03/07 00:32:42 | 000,228,600 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/03/05 06:44:05 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/02/26 08:12:48 | 576,665,600 | ---- | M] () -- C:\Users\Federico\Desktop\The.Walking.Dead.3x10.Bentornato.a.casa.iTALiAN.DLMux.XviD-DarkSideMux.avi
[2013/02/24 17:34:53 | 370,148,410 | ---- | M] () -- C:\Users\Federico\Desktop\The Unit - 3x02 - Catena di comando.avi
[2013/02/24 15:12:14 | 370,169,660 | ---- | M] () -- C:\Users\Federico\Desktop\The Unit - 3x01 - La mappa.avi
[2013/02/21 23:18:30 | 419,567,616 | ---- | M] () -- C:\Users\Federico\Desktop\Criminal.Minds.8x02.L.Accordo.ITA.WEB-DLMux.XviD-UPZ.avi
[2013/02/20 23:33:44 | 419,588,096 | ---- | M] () -- C:\Users\Federico\Desktop\Criminal.Minds.8x01.Il.Silenziatore.ITA.WEB-DLMux.XviD-UPZ.avi
[2013/02/17 20:56:12 | 461,559,808 | ---- | M] () -- C:\Users\Federico\Desktop\Dexter.7x11.Vedi.quello.che.vedo.io.iTALiAN.HDTVMux.XviD-DarkSideMux.avi
[2013/02/17 15:56:16 | 461,582,336 | ---- | M] () -- C:\Users\Federico\Desktop\Dexter.7x12.L.inizio.della.fine.iTALiAN.HDTVMux.XviD-DarkSideMux.avi
[2013/02/17 09:48:51 | 576,827,392 | ---- | M] () -- C:\Users\Federico\Desktop\The.Walking.Dead.3x09.Fratello.iTALiAN.DLMux.XviD-DarkSideMux.avi
[2013/02/16 19:02:08 | 367,207,320 | ---- | M] () -- C:\Users\Federico\Desktop\The Unit - 2x22 - Intrigo familiare.avi
[2013/02/16 12:46:01 | 366,860,942 | ---- | M] () -- C:\Users\Federico\Desktop\The Unit - 2x23 - Sotto pressione.avi
[2013/02/13 03:49:34 | 003,766,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/02/12 04:32:45 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013/02/11 20:02:04 | 367,348,746 | ---- | M] () -- C:\Users\Federico\Desktop\The Unit - 2x21 - Le tentazioni della CIA.avi
[2013/02/11 17:12:39 | 000,001,229 | ---- | M] () -- C:\Users\Public\Desktop\AOMEI Partition Assistant Home Edition 5.1.2.lnk
[2013/02/11 17:06:30 | 008,173,000 | ---- | M] () -- C:\Users\Federico\Desktop\Programma e videoguida.zip
[2013/02/09 12:34:27 | 002,544,264 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2013/02/09 12:34:27 | 001,189,820 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/02/09 12:34:27 | 000,756,340 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2013/02/09 12:34:27 | 000,652,220 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/02/09 10:40:30 | 461,578,240 | ---- | M] () -- C:\Users\Federico\Desktop\Dexter.7x10...A.ogni.costo.iTALiAN.HDTVMux.XviD-DarkSideMux.avi
[2013/02/05 06:31:35 | 461,498,368 | ---- | M] () -- C:\Users\Federico\Desktop\Dexter.7x09.Il.riscatto.iTALiAN.HDTVMux.XviD-DarkSideMux.avi
[2013/02/03 18:05:48 | 461,447,168 | ---- | M] () -- C:\Users\Federico\Desktop\Dexter.7x08.Argentina.iTALiAN.HDTVMux.XviD-DarkSideMux.avi
[2013/02/02 17:04:28 | 461,535,232 | ---- | M] () -- C:\Users\Federico\Desktop\Dexter.7x07.Chimica.iTALiAN.HDTVMux.XviD-DarkSideMux.avi
[2013/01/30 23:32:56 | 735,107,072 | ---- | M] () -- C:\Users\Federico\Desktop\Step.Up.4.Revolution.2012.iTALiAN.MD.DVDRip.XviD-BmA.avi
[2013/01/17 01:28:58 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

========== Files Created - No Company Name ==========

[2013/03/17 14:00:03 | 296,110,658 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/03/17 12:36:46 | 000,000,270 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2013/03/17 12:36:44 | 000,000,278 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2013/03/17 12:36:25 | 000,001,008 | ---- | C] () -- C:\Users\Public\Desktop\RegClean Pro.lnk
[2013/03/17 12:11:50 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/16 13:01:34 | 000,025,185 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013/03/12 23:03:34 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/12 23:03:33 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/03/09 12:32:19 | 367,204,352 | ---- | C] () -- C:\Users\Federico\Desktop\Criminal.Minds.8x03.Attraverso.lo.specchio.iTALiAN.DLMux.XviD-DarkSideMux.avi
[2013/03/05 20:30:05 | 576,794,624 | ---- | C] () -- C:\Users\Federico\Desktop\The.Walking.Dead.3x11.Giuda.iTALiAN.DLMux.XviD-DarkSideMux.avi
[2013/03/05 06:44:05 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/03/03 19:15:08 | 000,293,889 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013/02/25 22:25:17 | 367,003,648 | ---- | C] () -- C:\Users\Federico\Desktop\Criminal.Minds.8x04.Il.complesso.di.Dio.iTALiAN.DLMux.XviD-DarkSideMux.avi
[2013/02/24 11:04:57 | 576,665,600 | ---- | C] () -- C:\Users\Federico\Desktop\The.Walking.Dead.3x10.Bentornato.a.casa.iTALiAN.DLMux.XviD-DarkSideMux.avi
[2013/02/17 21:53:14 | 419,567,616 | ---- | C] () -- C:\Users\Federico\Desktop\Criminal.Minds.8x02.L.Accordo.ITA.WEB-DLMux.XviD-UPZ.avi
[2013/02/17 11:06:17 | 419,588,096 | ---- | C] () -- C:\Users\Federico\Desktop\Criminal.Minds.8x01.Il.Silenziatore.ITA.WEB-DLMux.XviD-UPZ.avi
[2013/02/16 14:51:45 | 576,827,392 | ---- | C] () -- C:\Users\Federico\Desktop\The.Walking.Dead.3x09.Fratello.iTALiAN.DLMux.XviD-DarkSideMux.avi
[2013/02/16 14:47:38 | 461,582,336 | ---- | C] () -- C:\Users\Federico\Desktop\Dexter.7x12.L.inizio.della.fine.iTALiAN.HDTVMux.XviD-DarkSideMux.avi
[2013/02/16 14:46:22 | 461,559,808 | ---- | C] () -- C:\Users\Federico\Desktop\Dexter.7x11.Vedi.quello.che.vedo.io.iTALiAN.HDTVMux.XviD-DarkSideMux.avi
[2013/02/11 19:01:38 | 370,148,410 | ---- | C] () -- C:\Users\Federico\Desktop\The Unit - 3x02 - Catena di comando.avi
[2013/02/11 19:01:22 | 370,169,660 | ---- | C] () -- C:\Users\Federico\Desktop\The Unit - 3x01 - La mappa.avi
[2013/02/11 17:12:39 | 000,001,229 | ---- | C] () -- C:\Users\Public\Desktop\AOMEI Partition Assistant Home Edition 5.1.2.lnk
[2013/02/11 17:12:35 | 000,012,728 | ---- | C] () -- C:\Windows\System32\ampa.sys
[2013/02/11 17:12:34 | 001,427,384 | ---- | C] () -- C:\Windows\ampa.exe
[2013/02/11 17:03:55 | 008,173,000 | ---- | C] () -- C:\Users\Federico\Desktop\Programma e videoguida.zip
[2013/02/05 22:13:26 | 461,578,240 | ---- | C] () -- C:\Users\Federico\Desktop\Dexter.7x10...A.ogni.costo.iTALiAN.HDTVMux.XviD-DarkSideMux.avi
[2013/02/03 18:56:43 | 461,498,368 | ---- | C] () -- C:\Users\Federico\Desktop\Dexter.7x09.Il.riscatto.iTALiAN.HDTVMux.XviD-DarkSideMux.avi
[2013/02/02 21:44:33 | 461,447,168 | ---- | C] () -- C:\Users\Federico\Desktop\Dexter.7x08.Argentina.iTALiAN.HDTVMux.XviD-DarkSideMux.avi
[2013/01/30 20:35:21 | 461,535,232 | ---- | C] () -- C:\Users\Federico\Desktop\Dexter.7x07.Chimica.iTALiAN.HDTVMux.XviD-DarkSideMux.avi
[2013/01/27 11:30:12 | 366,860,942 | ---- | C] () -- C:\Users\Federico\Desktop\The Unit - 2x23 - Sotto pressione.avi
[2013/01/27 11:30:00 | 367,207,320 | ---- | C] () -- C:\Users\Federico\Desktop\The Unit - 2x22 - Intrigo familiare.avi
[2013/01/27 11:29:50 | 367,348,746 | ---- | C] () -- C:\Users\Federico\Desktop\The Unit - 2x21 - Le tentazioni della CIA.avi
[2013/01/24 22:44:56 | 735,107,072 | ---- | C] () -- C:\Users\Federico\Desktop\Step.Up.4.Revolution.2012.iTALiAN.MD.DVDRip.XviD-BmA.avi
[2013/01/13 17:12:44 | 000,393,256 | ---- | C] () -- C:\Windows\System32\CNQ2414N.DAT
[2013/01/12 14:40:54 | 000,000,000 | ---- | C] () -- C:\Windows\lgfwup.ini
[2012/11/11 13:30:14 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe
[2012/09/27 18:42:41 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2012/07/29 10:41:45 | 000,000,218 | ---- | C] () -- C:\Users\Federico\.recently-used.xbel
[2012/02/14 22:33:44 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012/02/12 16:03:23 | 000,171,321 | ---- | C] () -- C:\Windows\hphins28.dat.temp
[2012/01/28 12:12:40 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012/01/24 14:18:04 | 004,794,880 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2012/01/09 19:45:18 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/12/07 19:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2011/12/05 21:53:24 | 000,000,724 | ---- | C] () -- C:\Windows\hphmdl28.dat.temp
[2011/04/25 10:25:18 | 000,024,064 | ---- | C] () -- C:\Windows\System32\ssj1mlm.dll

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/01/13 17:33:27 | 000,000,000 | ---D | M] -- C:\Users\Federico\AppData\Roaming\canon
[2012/12/29 14:05:59 | 000,000,000 | ---D | M] -- C:\Users\Federico\AppData\Roaming\Canon_Inc_IC
[2012/09/28 21:04:34 | 000,000,000 | ---D | M] -- C:\Users\Federico\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/12/23 13:47:08 | 000,000,000 | ---D | M] -- C:\Users\Federico\AppData\Roaming\ExpressFiles
[2012/07/26 22:27:23 | 000,000,000 | ---D | M] -- C:\Users\Federico\AppData\Roaming\gcstar
[2012/07/29 10:29:12 | 000,000,000 | ---D | M] -- C:\Users\Federico\AppData\Roaming\gtk-2.0
[2012/09/27 18:29:20 | 000,000,000 | ---D | M] -- C:\Users\Federico\AppData\Roaming\Oberon Media
[2012/07/25 14:56:57 | 000,000,000 | ---D | M] -- C:\Users\Federico\AppData\Roaming\Samsung
[2013/03/17 12:36:31 | 000,000,000 | ---D | M] -- C:\Users\Federico\AppData\Roaming\Systweak
[2013/03/16 13:25:40 | 000,000,000 | ---D | M] -- C:\Users\Federico\AppData\Roaming\uTorrent
[2012/02/07 23:13:44 | 000,000,000 | ---D | M] -- C:\Users\Federico\AppData\Roaming\Win7codecs

========== Purity Check ==========



========== Custom Scans ==========

< "%WinDir%\$NtUninstallKB*$." >

========== Alternate Data Streams ==========

@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:700B9342
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:8BBD1F9A
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:706B1D1A
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:7A8EE542

< End of report >

Vai in "Programmi e funzionalità" e disistalla questo programma:
PowerOffer
Fai una pulizia con CCleaner. (registro compreso)

Poi:
Scarica Combofix

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Salvalo sul desktop. (è obbligatorio)

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Doppio click su combofix.exe (se usi Vista o Seven: tasto destro su Combofix.exe e clicca su: "Esegui come Amministratore" )

E' probabile che ti siano inviati messaggi dall'antivirus,(o dallo stesso Combofix) tu ignorali, e prosegui con la scansione.

Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt.
Postalo qui.

Per postare il log:
Collegati ad internet e vai alla pagina WikiSend: http://www.wikisend.com/
Clicca sul bottone "Sfoglia"
Seleziona il file appena salvato
Clicca su Upload file
Dopo qualche secondo, vieni spostato su una nuova pagina con il link in diversi formati:
Download Link / Forum Link
Seleziona Forum Link, copialo e incollalo in un nuovo messaggio per il forum.

e un programma alternativo a combofix?

r16 io provo come mi hai consigliato
stai tranquillo non ti do colpe se succede q.sa di grave
volevo dirti che spesso il pc si riavvia da solo
saluti

eccolo credo di aver fatto bene

ComboFix.txt

scusa ma il combofix che ti ho postato o il programma?

messo combifix sul desktop...devo rifare la scansione?

Se hai difficolta puoi usare OTL: (puoi usarlo anche dopo le eliminazioni di Combofix)

Avvia OTL.

Sotto "Custom Scans\Fixes" copia-incolla questo codice:




Clicca sul pulsante RUN FIX.
Lascia fare la scansione senza interferire.
Posta il log

Qualcosa è rimasto.
Segui le indicazioni per eseguire lo script di OTL che ho postato in precedenza.
Posta il log che rilascia.